organicmaps/libexpat
13
Fork 0
mirror of https://github.com/libexpat/libexpat.git synced 2025-04-05 05:05:00 +00:00
Code Issues 1 Projects Releases Wiki Activity Actions 1
libexpat/.github/workflows/fuzzing.yml
dependabot[bot] 9c7609a007
Actions(deps): Bump actions/upload-artifact from 4.6.1 to 4.6.2 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](4cec3d8aa0...ea165f8d65)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-24 12:45:06 +00:00

173 lines
6.2 KiB
YAML
Raw Permalink Blame History

# __ __ _
# ___\ \/ /_ __ __ _| |_
# / _ \\ /| '_ \ / _` | __|
# | __// \| |_) | (_| | |_
# \___/_/\_\ .__/ \__,_|\__|
# |_| XML parser
#
# Copyright (c) 2024-2025 Sebastian Pipping <sebastian@pipping.org>
# Licensed under the MIT license:
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to permit
# persons to whom the Software is furnished to do so, subject to the
# following conditions:
#
# The above copyright notice and this permission notice shall be included
# in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
# NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
# USE OR OTHER DEALINGS IN THE SOFTWARE.
name: Run fuzzing regression tests
on:
pull_request:
push:
schedule:
- cron: '0 2 * * 5' # Every Friday at 2am
workflow_dispatch:
permissions:
contents: read
jobs:
run_fuzzers:
name: Run fuzzing regression tests
strategy:
fail-fast: false
matrix:
fuzzer:
- xml_parse_fuzzer_UTF-8
- xml_parsebuffer_fuzzer_UTF-16LE
runs-on: ubuntu-24.04
env:
fuzzer: ${{ matrix.fuzzer }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install Clang 19
run: |-
set -x
source /etc/os-release
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
sudo add-apt-repository "deb https://apt.llvm.org/${UBUNTU_CODENAME}/ llvm-toolchain-${UBUNTU_CODENAME}-19 main"
sudo apt-get update # due to new repository
sudo apt-get install --yes --no-install-recommends -V \
clang-19 \
libclang-rt-19-dev \
llvm-19
echo /usr/lib/llvm-19/bin >>"${GITHUB_PATH}"
- name: Install build dependencies
run: |-
set -x
sudo apt-get install --yes --no-install-recommends -V \
autoconf \
automake \
docbook2x \
libtool \
libprotobuf-dev \
lzip \
protobuf-compiler
- name: Turn Git clone into Autotools "make dist" release tarball
run: |-
set -x
pushd expat/
./buildconf.sh
./configure
make dist
popd
tar xf expat/expat-*.tar.xz
rm -R expat/
mv expat-* expat
- name: Build Expat fuzzers
run: |
set -x -o pipefail
type -P clang clang++
clang --version | head -n1
clang++ --version | head -n1
cd expat/
args=(
# Build nothing but fuzzers
-DEXPAT_BUILD_DOCS=OFF
-DEXPAT_BUILD_EXAMPLES=OFF
-DEXPAT_BUILD_FUZZERS=ON
-DEXPAT_BUILD_PKGCONFIG=OFF
-DEXPAT_BUILD_TESTS=OFF
-DEXPAT_BUILD_TOOLS=OFF
# Tune compilation of fuzzers to use Clang with ASan and UBSan
-DCMAKE_C_COMPILER=clang
-DCMAKE_CXX_COMPILER=clang++
-DCMAKE_{C,CXX}_FLAGS='-Wall -Wextra -pedantic -O1 -g -fsanitize=address,undefined -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-common -fprofile-instr-generate -fcoverage-mapping'
-DCMAKE_{EXE,MODULE,SHARED}_LINKER_FLAGS='-g -fsanitize=address,undefined'
-DEXPAT_WARNINGS_AS_ERRORS=ON
)
cmake "${args[@]}" -S . -B build
make -C build VERBOSE=1 -j$(nproc)
./build/fuzz/xml_lpm_fuzzer -help=1
- name: Download and extract Expat fuzzing corpora
run: |-
set -x
cd expat/build/
wget -q -O corpus.zip "https://storage.googleapis.com/expat-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/expat_${fuzzer}/public.zip"
unzip -q -d corpus/ corpus.zip
- name: Run fuzzing regression tests (1 to 5 minutes)
run: |
fuzz_args=(
-jobs=$(nproc)
-print_final_stats=1
-rss_limit_mb=2560 # from OSS-Fuzz
-timeout=25 # from OSS-Fuzz
)
set -x -o pipefail
cd expat/build/
mkdir coverage/
export LLVM_PROFILE_FILE=coverage/expat-%p.profraw
find corpus/ -type f | sort | xargs "fuzz/${fuzzer}" "${fuzz_args[@]}"
- name: Store fuzzing logs of last batch
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.fuzzer }}_${{ github.sha }}_logs_last
path: expat/build/fuzz-*.log
if-no-files-found: error
- name: Render coverage report
run: |
set -x -o pipefail
cd expat/build/
# Merged and convert to a single indexed profile data file
llvm-profdata merge -sparse -o coverage/expat.profdata coverage/expat-*.profraw
# Render report
llvm-cov show fuzz/${fuzzer} -instr-profile=coverage/expat.profdata -show-branches=count -format=html -output-dir=coverage/html/
llvm-cov report fuzz/${fuzzer} -instr-profile=coverage/expat.profdata -show-functions -sources ../lib/ | tee coverage/report_functions.txt
llvm-cov report fuzz/${fuzzer} -instr-profile=coverage/expat.profdata -sources ../lib/ | tee coverage/report_files.txt
- name: Store coverage report
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.fuzzer }}_${{ github.sha }}_coverage
path: expat/build/coverage/
if-no-files-found: error
Reference in a new issue View git blame Copy permalink