infra: enable introspector for Rust

Signed-off-by: David Korczynski <[email protected]>
google · Dec 16, 2024 · 86a8f48 · 86a8f48
1 parent 57fe447
commit 86a8f48
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 6 deletions.
diff --git a/infra/base-images/base-builder/compile b/infra/base-images/base-builder/compile
@@ -21,6 +21,9 @@ sysctl -w vm.mmap_rnd_bits=28
 
 OSS_FUZZ_ON_DEMAND="${OSS_FUZZ_ON_DEMAND:-0}"
 
+# Used for Rust introspector builds
+RUST_SANITIZER=$SANITIZER
+
 if [ "$FUZZING_LANGUAGE" = "jvm" ]; then
   if [ "$FUZZING_ENGINE" != "libfuzzer" ] && [ "$FUZZING_ENGINE" != "wycheproof" ]; then
     echo "ERROR: JVM projects can be fuzzed with libFuzzer or tested with wycheproof engines only."
@@ -36,6 +39,15 @@ if [ "$FUZZING_LANGUAGE" = "jvm" ]; then
   fi
 fi
 
+if [ "$FUZZING_LANGUAGE" = "rust" ]; then
+  if [ "$SANITIZER" = "introspector" ]; then
+    # introspector sanitizer flag will cause cargo build to fail. Rremove it
+    # temporarily, RUST_SANITIZER will hold the original sanitizer.
+    export SANITIZER=address
+  fi
+fi
+
+
 if [ "$FUZZING_LANGUAGE" = "javascript" ]; then
   if [ "$FUZZING_ENGINE" != "libfuzzer" ]; then
     echo "ERROR: JavaScript projects can be fuzzed with libFuzzer engine only."
@@ -111,7 +123,9 @@ fi
 # use RUSTFLAGS.
 # FIXME: Support code coverage once support is in.
 # See https://github.com/rust-lang/rust/issues/34701.
-if [ "$SANITIZER" != "undefined" ] && [ "$SANITIZER" != "coverage" ] && [ "$SANITIZER" != "none" ] && [ "$ARCHITECTURE" != 'i386' ]; then
+if [ "$RUST_SANITIZER" == "introspector" ]; then
+  export RUSTFLAGS="-Cdebuginfo=2 -Cforce-frame-pointers"
+elif [ "$SANITIZER" != "undefined" ] && [ "$SANITIZER" != "coverage" ] && [ "$SANITIZER" != "none" ] && [ "$ARCHITECTURE" != 'i386' ]; then
   export RUSTFLAGS="--cfg fuzzing -Zsanitizer=${SANITIZER} -Cdebuginfo=1 -Cforce-frame-pointers"
 else
   export RUSTFLAGS="--cfg fuzzing -Cdebuginfo=1 -Cforce-frame-pointers"
@@ -188,7 +202,7 @@ EOF
   export CXXFLAGS="$CXXFLAGS -fno-sanitize=leak"
 fi
 
-if [ "$SANITIZER" = "introspector" ]; then
+if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ]; then
   export AR=llvm-ar
   export NM=llvm-nm
   export RANLIB=llvm-ranlib
@@ -210,10 +224,24 @@ if [ "$SANITIZER" = "introspector" ]; then
 
   apt-get install -y libjpeg-dev zlib1g-dev libyaml-dev
   python3 -m pip install --upgrade pip setuptools
-  python3 -m pip install cxxfilt pyyaml beautifulsoup4 lxml soupsieve
+  python3 -m pip install cxxfilt pyyaml beautifulsoup4 lxml soupsieve rust-demangler
   python3 -m pip install --prefer-binary matplotlib
 
-  python3 /fuzz-introspector/src/main.py light
+  # Install Fuzz-Introspector
+  pushd /fuzz-introspector/src
+  python3 -m pip install .
+  popd
+
+  if [ "$FUZZING_LANGUAGE" = "python" ]; then
+    python3 /fuzz-introspector/src/main.py light --language=python
+  elif [ "$FUZZING_LANGUAGE" = "jvm" ]; then
+    python3 /fuzz-introspector/src/main.py light --language=jvm
+  elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
+    python3 /fuzz-introspector/src/main.py light --language=rust
+  else
+    python3 /fuzz-introspector/src/main.py light
+  fi
+
   rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
 fi
 
@@ -280,7 +308,7 @@ else
   fi
 fi
 
-if [ "$SANITIZER" = "introspector" ]; then
+if [ "$SANITIZER" = "introspector" ] || [ "$RUST_SANITIZER" = "introspector" ]; then
   unset CXXFLAGS
   unset CFLAGS
   export G_ANALYTICS_TAG="G-8WTFM1Y62J"
@@ -295,6 +323,21 @@ if [ "$SANITIZER" = "introspector" ]; then
     mkdir -p $SRC/my-fi-data
     find $OUT/ -name *.data -exec mv {} $SRC/my-fi-data/ \;
     find $OUT/ -name *.data.yaml -exec mv {} $SRC/my-fi-data/ \;
+  elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
+    echo "GOING rust route"
+
+    # Run the rust frontend
+    pushd /fuzz-introspector/frontends/rust/rust_function_analyser
+    cargo run -- $SRC
+
+    # Move files temporarily to fix workflow of other languages.
+    mkdir -p $SRC/my-fi-data
+    find ./ -name "*.data" -exec mv {} $SRC/my-fi-data/ \;
+    find ./ -name "*.data.yaml" -exec mv {} $SRC/my-fi-data/ \;
+    popd
+
+    # Restore the sanitizer flag for rust
+    export SANITIZER="introspector"
   fi
 
   mkdir -p $SRC/inspector
@@ -335,6 +378,12 @@ if [ "$SANITIZER" = "introspector" ]; then
     REPORT_ARGS="$REPORT_ARGS --language=jvm"
     python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
     rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
+  elif [ "$FUZZING_LANGUAGE" = "rust" ]; then
+    echo "GOING rust route"
+    REPORT_ARGS="$REPORT_ARGS --target_dir=$SRC/inspector"
+    REPORT_ARGS="$REPORT_ARGS --language=rust"
+    python3 /fuzz-introspector/src/main.py report $REPORT_ARGS
+    rsync -avu --delete "$SRC/inspector/" "$OUT/inspector"
   else
     # C/C++
 

diff --git a/infra/base-images/base-clang/Dockerfile b/infra/base-images/base-clang/Dockerfile
@@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y wget sudo && \
 RUN apt-get update && apt-get install -y git && \
     git clone https://github.com/ossf/fuzz-introspector.git fuzz-introspector && \
     cd fuzz-introspector && \
-    git checkout 5924aea8bcfe1fbdac9dc815adff91d3ee51f52b && \
+    git checkout 74917384c5a4e368d900862b4bd3d16ce3fe5dd8 && \
     git submodule init && \
     git submodule update && \
     apt-get autoremove --purge -y git && \