| Message ID | 20201023150746.107063-17-alxndr@bu.edu |
|---|---|
| State | New |
| Headers | show |
| Series | Add a Generic Virtual Device Fuzzer | expand |
On Friday, 2020-10-23 at 11:07:45 -04, Alexander Bulekov wrote: > Prior to this, fuzzers in the output oss-fuzz directory were exactly > the same executable, with a different name to do argv[0]-based > fuzz-target selection. This is a waste of space, especially since these > binaries can weigh many MB. > > Instead of copying, use hard links, to cut down on wasted space. We need > to place the primary copy of the executable into DEST_DIR, since this is > a separate file-system on oss-fuzz. We should not place it directly into > $DEST_DIR, since oss-fuzz will treat it as an independent fuzzer and try > to run it for fuzzing. Instead, we create a DEST_DIR/bin directory to > store the primary copy. > > Suggested-by: Darren Kenny <darren.kenny@oracle.com> > Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Reviewed-by: Darren Kenny <darren.kenny@oracle.com> > --- > scripts/oss-fuzz/build.sh | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh > index 0c3ca9e06f..0ce2867732 100755 > --- a/scripts/oss-fuzz/build.sh > +++ b/scripts/oss-fuzz/build.sh > @@ -62,6 +62,9 @@ fi > > mkdir -p "$DEST_DIR/lib/" # Copy the shared libraries here > > +mkdir -p "$DEST_DIR/bin/" # Copy executables that shouldn't > + # be treated as fuzzers by oss-fuzz here > + > # Build once to get the list of dynamic lib paths, and copy them over > ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \ > --prefix="$DEST_DIR" --bindir="$DEST_DIR" --datadir="$DEST_DIR/data/" \ > @@ -88,13 +91,16 @@ make "-j$(nproc)" qemu-fuzz-i386 V=1 > # Copy over the datadir > cp -r ../pc-bios/ "$DEST_DIR/pc-bios" > > +cp "./qemu-fuzz-i386" "$DEST_DIR/bin/" > + > # Run the fuzzer with no arguments, to print the help-string and get the list > # of available fuzz-targets. Copy over the qemu-fuzz-i386, naming it according > # to each available fuzz target (See 05509c8e6d fuzz: select fuzz target using > # executable name) > for target in $(./qemu-fuzz-i386 | awk '$1 ~ /\*/ {print $2}'); > do > - cp qemu-fuzz-i386 "$DEST_DIR/qemu-fuzz-i386-target-$target" > + ln "$DEST_DIR/bin/qemu-fuzz-i386" \ > + "$DEST_DIR/qemu-fuzz-i386-target-$target" > done > > echo "Done. The fuzzers are located in $DEST_DIR" > -- > 2.28.0
diff --git a/scripts/oss-fuzz/build.sh b/scripts/oss-fuzz/build.sh index 0c3ca9e06f..0ce2867732 100755 --- a/scripts/oss-fuzz/build.sh +++ b/scripts/oss-fuzz/build.sh @@ -62,6 +62,9 @@ fi mkdir -p "$DEST_DIR/lib/" # Copy the shared libraries here +mkdir -p "$DEST_DIR/bin/" # Copy executables that shouldn't + # be treated as fuzzers by oss-fuzz here + # Build once to get the list of dynamic lib paths, and copy them over ../configure --disable-werror --cc="$CC" --cxx="$CXX" --enable-fuzzing \ --prefix="$DEST_DIR" --bindir="$DEST_DIR" --datadir="$DEST_DIR/data/" \ @@ -88,13 +91,16 @@ make "-j$(nproc)" qemu-fuzz-i386 V=1 # Copy over the datadir cp -r ../pc-bios/ "$DEST_DIR/pc-bios" +cp "./qemu-fuzz-i386" "$DEST_DIR/bin/" + # Run the fuzzer with no arguments, to print the help-string and get the list # of available fuzz-targets. Copy over the qemu-fuzz-i386, naming it according # to each available fuzz target (See 05509c8e6d fuzz: select fuzz target using # executable name) for target in $(./qemu-fuzz-i386 | awk '$1 ~ /\*/ {print $2}'); do - cp qemu-fuzz-i386 "$DEST_DIR/qemu-fuzz-i386-target-$target" + ln "$DEST_DIR/bin/qemu-fuzz-i386" \ + "$DEST_DIR/qemu-fuzz-i386-target-$target" done echo "Done. The fuzzers are located in $DEST_DIR"
Prior to this, fuzzers in the output oss-fuzz directory were exactly the same executable, with a different name to do argv[0]-based fuzz-target selection. This is a waste of space, especially since these binaries can weigh many MB. Instead of copying, use hard links, to cut down on wasted space. We need to place the primary copy of the executable into DEST_DIR, since this is a separate file-system on oss-fuzz. We should not place it directly into $DEST_DIR, since oss-fuzz will treat it as an independent fuzzer and try to run it for fuzzing. Instead, we create a DEST_DIR/bin directory to store the primary copy. Suggested-by: Darren Kenny <darren.kenny@oracle.com> Signed-off-by: Alexander Bulekov <alxndr@bu.edu> --- scripts/oss-fuzz/build.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)