[build] fix fuzz build mode macro and test runs#10322
[build] fix fuzz build mode macro and test runs#10322htuch merged 2 commits intoenvoyproxy:masterfrom
Conversation
Signed-off-by: Asra Ali <asraa@google.com>
|
@asraa how come RE2 behaves differently under fuzzing #defines than normally? |
|
While I think this is horrible, |
test/common/router/BUILD
Outdated
|
|
||
| envoy_cc_test( | ||
| name = "config_impl_test", | ||
| copts = ["-UFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"], |
There was a problem hiding this comment.
How would this end up being defined normally?
There was a problem hiding this comment.
Hmm, it's probably redundant. If this copt gets overrides by a CLI to define it, then yeah, it's not needed.
There was a problem hiding this comment.
hmm... is there a way to explicitly undefine it so that even if someone passes in a --copt=-DFUZZING_... to build a fuzz target, that the test would be executed with the macro undefined? researching bazel... but wondering if you know
There was a problem hiding this comment.
I'm not familiar with a way to do that, unless we wrap the test in a shell scrip that squashes it.
There was a problem hiding this comment.
Honestly I'm going to make that change in this PR now and test against the OSS-Fuzz build. I feel pretty hesitant removing the fuzzing build macro from our OSS-Fuzz script.
Signed-off-by: Asra Ali <asraa@google.com>
Adds back FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION macro to CLI. This is the actual fix for #10322, after nocopts was a dead end from RE2 issue google/re2#272. Now when running real unit tests in fuzzing mode, we ignore the test result since we aren't testing for functionality. (config_impl_test doesn't need to succeed for route_fuzz_test to build). Risk Level: Low Testing: Testing fuzz mode fuzzers and regression style fuzzers locally Signed-off-by: Asra Ali <asraa@google.com>
I'm seeing a failure in OSS-Fuzz build, as well as fuzz CI tool #10289 due to fuzzing build macro
FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION.Basically, PR #10050 introduced regex rewrites that are tested in
config_impl_test, which is executed to create the corpus forroute_fuzz_test. Fuzz builds are built with theFUZZING_BUILD_MODE...macro, and the RE2 library that does the regex rewrites in the test only does single replacements in fuzzing mode rather than the global replacement in the tests, so the test fails, and the fuzz build fails.This change defined
FUZZING_BUILD_MODE...only for fuzzing build rules.RE OSS-Fuzz builds, this is odd. Bazel CLI flags take precedence, so I'm not sure what to do when we build in that environment. I can't seem to
#undefin the tests, but I need to come up with some solution.I don't like manually removing the CLI flag in our build script, but maybe? https://github.com/google/oss-fuzz/blob/66e0e379395d3a3ee741b08f4d306e1ed71c4003/infra/base-images/base-clang/DockerfileTesting:
bazel build //test/common/router:route_fuzz_test_with_libfuzzer --config=asan-fuzzerSigned-off-by: Asra Ali asraa@google.com