• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#                          __  __            _
2#                       ___\ \/ /_ __   __ _| |_
3#                      / _ \\  /| '_ \ / _` | __|
4#                     |  __//  \| |_) | (_| | |_
5#                      \___/_/\_\ .__/ \__,_|\__|
6#                               |_| XML parser
7#
8# Copyright (c) 2024 Sebastian Pipping <sebastian@pipping.org>
9# Licensed under the MIT license:
10#
11# Permission is  hereby granted,  free of charge,  to any  person obtaining
12# a  copy  of  this  software   and  associated  documentation  files  (the
13# "Software"),  to  deal in  the  Software  without restriction,  including
14# without  limitation the  rights  to use,  copy,  modify, merge,  publish,
15# distribute, sublicense, and/or sell copies of the Software, and to permit
16# persons  to whom  the Software  is  furnished to  do so,  subject to  the
17# following conditions:
18#
19# The above copyright  notice and this permission notice  shall be included
20# in all copies or substantial portions of the Software.
21#
22# THE  SOFTWARE  IS  PROVIDED  "AS  IS",  WITHOUT  WARRANTY  OF  ANY  KIND,
23# EXPRESS  OR IMPLIED,  INCLUDING  BUT  NOT LIMITED  TO  THE WARRANTIES  OF
24# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
25# NO EVENT SHALL THE AUTHORS OR  COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
26# DAMAGES OR  OTHER LIABILITY, WHETHER  IN AN  ACTION OF CONTRACT,  TORT OR
27# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
28# USE OR OTHER DEALINGS IN THE SOFTWARE.
29
30name: Run fuzzing regression tests
31
32on:
33  pull_request:
34  push:
35  schedule:
36    - cron: '0 2 * * 5'  # Every Friday at 2am
37  workflow_dispatch:
38
39permissions:
40  contents: read
41
42jobs:
43  run_fuzzers:
44    name: Run fuzzing regression tests
45    runs-on: ubuntu-22.04
46    steps:
47    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
48
49    - name: Install Clang 19
50      run: |-
51        set -x
52        source /etc/os-release
53        wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
54        sudo add-apt-repository "deb https://apt.llvm.org/${UBUNTU_CODENAME}/ llvm-toolchain-${UBUNTU_CODENAME}-19 main"
55        sudo apt-get update  # due to new repository
56        sudo apt-get install --yes --no-install-recommends -V \
57            clang-19 \
58            libclang-rt-19-dev \
59            llvm-19
60        echo /usr/lib/llvm-19/bin >>"${GITHUB_PATH}"
61
62    - name: Build Expat fuzzers
63      run: |
64        set -x -o pipefail
65
66        type -P clang clang++
67        clang --version | head -n1
68        clang++ --version | head -n1
69
70        cd expat/
71        args=(
72            # Build nothing but fuzzers
73            -DEXPAT_BUILD_DOCS=OFF
74            -DEXPAT_BUILD_EXAMPLES=OFF
75            -DEXPAT_BUILD_FUZZERS=ON
76            -DEXPAT_BUILD_PKGCONFIG=OFF
77            -DEXPAT_BUILD_TESTS=OFF
78            -DEXPAT_BUILD_TOOLS=OFF
79
80            # Tune compilation of fuzzers to use Clang with ASan and UBSan
81            -DCMAKE_C_COMPILER=clang
82            -DCMAKE_C_FLAGS='-Wall -Wextra -pedantic -O1 -g -fsanitize=address,undefined -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-common'
83            -DCMAKE_{EXE,MODULE,SHARED}_LINKER_FLAGS='-g -fsanitize=address,undefined'
84            -DEXPAT_WARNINGS_AS_ERRORS=ON
85        )
86        cmake "${args[@]}" -S . -B build
87        make -C build VERBOSE=1 -j$(nproc)
88
89    - name: Download and extract Expat fuzzing corpora
90      run: |-
91        set -x
92        cd expat/build/
93
94        wget -q -O expat_corpus_UTF-8.zip    https://storage.googleapis.com/expat-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/expat_xml_parse_fuzzer_UTF-8/public.zip
95        wget -q -O expat_corpus_UTF-16LE.zip https://storage.googleapis.com/expat-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/expat_xml_parse_fuzzer_UTF-16LE/public.zip
96
97        unzip -q -d corpus_UTF-8    expat_corpus_UTF-8.zip
98        unzip -q -d corpus_UTF-16LE expat_corpus_UTF-16LE.zip
99
100    - name: Run fuzzing regression tests (10+ minutes)
101      run: |
102        fuzz_args=(
103            -jobs=$(nproc)
104            -print_final_stats=1
105            -rss_limit_mb=2560  # from oss-fuzz
106            -timeout=25         # from oss-fuzz
107        )
108
109        set -x -o pipefail
110        cd expat/build/
111
112        #           vvvvv
113        find corpus_UTF-8/ -type f | sort | xargs \
114            fuzz/xml_parse_fuzzer_UTF-8 "${fuzz_args[@]}"
115        #                         ^^^^^
116        #           vvvvvvvv
117        find corpus_UTF-16LE/ -type f | sort | xargs \
118            fuzz/xml_parsebuffer_fuzzer_UTF-16LE "${fuzz_args[@]}"
119        #                 ^^^^^^        ^^^^^^^^
120
121    - name: Store crashing test units
122      if: ${{ failure() }}
123      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882  # v4.4.3
124      with:
125        name: expat_fuzzing_trouble_${{ github.sha }}
126        path: expat/build/*-????????????????????????????????????????
127