From e6bf9d47f4073ed8e9d3c3ec7caa67c66a6bd338 Mon Sep 17 00:00:00 2001 From: Alan Jowett Date: Mon, 28 Oct 2024 17:58:07 -0700 Subject: [PATCH] Increase runtime (#592) * Run for 2 hours Signed-off-by: Alan Jowett * Only run regression for pull requests Signed-off-by: Alan Jowett * Fix CLI option Signed-off-by: Alan Jowett * Fix typo Signed-off-by: Alan Jowett * PR feedback Signed-off-by: Alan Jowett --------- Signed-off-by: Alan Jowett Co-authored-by: Alan Jowett --- .github/workflows/fuzzing.yml | 27 +++++++++++++++++++++------ .github/workflows/main.yml | 2 ++ external/ebpf-verifier | 2 +- 3 files changed, 24 insertions(+), 7 deletions(-) diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index 04a3a6fc1..35f4d9d2e 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -11,6 +11,12 @@ on: - cron: '00 21 * * *' workflow_dispatch: # Run manually workflow_call: + inputs: + regression_test: + description: 'Run the fuzzer over the corpus as a regression test.' + required: false + default: false + type: boolean jobs: build-posix: @@ -220,23 +226,32 @@ jobs: if: matrix.platform == 'ubuntu-24.04' run: chmod a+x ubpf_fuzzer + # If this is a workflow call, run ubpf_fuzzer over each file in the corpus as a regression test. + - name: Run fuzzing regression + if: inputs.regression_test == true + run: | + ./ubpf_fuzzer -merge=1 fuzz/corpus new_corpus + + # If this is a scheduled run or a manual run, run ubpf_fuzzer to attempt to find new crashes. Runs for 2 hours. - name: Run fuzzing - if: matrix.platform == 'ubuntu-24.04' + if: matrix.platform == 'ubuntu-24.04' && inputs.regression_test != true run: | ls - UBPF_FUZZER_CONSTRAINT_CHECK=1 ./ubpf_fuzzer new_corpus -artifact_prefix=artifacts/ -use_value_profile=1 -max_total_time=300 -dict=dictionary.txt + UBPF_FUZZER_CONSTRAINT_CHECK=1 ./ubpf_fuzzer new_corpus -artifact_prefix=artifacts/ -use_value_profile=1 -max_total_time=7200 -dict=dictionary.txt -jobs=1024 + # If this is a scheduled run or a manual run, run ubpf_fuzzer to attempt to find new crashes. Runs for 2 hours. - name: Run fuzzing - if: matrix.platform == 'windows-latest' + if: matrix.platform == 'windows-latest' && inputs.regression_test != true run: | ls - ./ubpf_fuzzer new_corpus -artifact_prefix=artifacts/ -use_value_profile=1 -max_total_time=300 + ./ubpf_fuzzer new_corpus -artifact_prefix=artifacts/ -use_value_profile=1 -max_total_time=7200 -jobs=1024 + # Merge the new corpus into the existing corpus and push the changes to the repository. - name: Merge corpus into fuzz/corpus - if: ${{ github.event_name == 'schedule' }} + if: inputs.regression_test != true run: | - git pull ./ubpf_fuzzer -merge=1 fuzz/corpus new_corpus + git pull git add fuzz/corpus git config --global user.email 'ubpf@users.noreply.github.com' git config --global user.name 'Github Action' diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c439bed65..1f7c90928 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -342,6 +342,8 @@ jobs: fuzzing: uses: ./.github/workflows/fuzzing.yml + with: + regression_test: ${{ github.event_name == 'pull_request' || github.event_name == 'schedule' }} # Disabled until https://github.com/iovisor/ubpf/issues/155 is resolved. # linux_debug_arm64_sanitizers: diff --git a/external/ebpf-verifier b/external/ebpf-verifier index 6150934fd..85dfbd2b8 160000 --- a/external/ebpf-verifier +++ b/external/ebpf-verifier @@ -1 +1 @@ -Subproject commit 6150934fd85bf47beb83c59970acfb30fcc19a64 +Subproject commit 85dfbd2b8c18f8a6462baaea26cf9ea5dead9699