Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

native go fuzzing: Integrate engine #7519

Closed
wants to merge 6 commits into from
Closed

native go fuzzing: Integrate engine #7519

wants to merge 6 commits into from

Conversation

AdamKorcz
Copy link
Collaborator

@AdamKorcz AdamKorcz commented Apr 6, 2022
edited
Loading

Integrates the native Go engine.

The following commands are supported:

  1. build_fuzzers
  2. run_fuzzer

To run the demo project:

  1. python3 infra/helper.py build_image test-native-go-fuzzing
  2. python3 infra/helper.py build_fuzzers test-native-go-fuzzing
  3. python3 infra/helper.py run_fuzzer --engine=nativego test-native-go-fuzzing Fuzz

which prints the output:

fuzz: elapsed: 0s, execs: 0 (0/sec)
fuzz: elapsed: 3s, execs: 752138 (250669/sec)                    
fuzz: elapsed: 6s, execs: 1480720 (242889/sec)        
fuzz: elapsed: 9s, execs: 2229426 (249502/sec)                      
fuzz: elapsed: 12s, execs: 2977539 (249442/sec)
fuzz: elapsed: 15s, execs: 3706169 (242813/sec)
fuzz: elapsed: 18s, execs: 4448184 (247321/sec)
...

jonathanmetzman
jonathanmetzman reviewed Apr 6, 2022
View reviewed changes
infra/base-images/base-builder/Dockerfile
@@ -142,6 +142,7 @@ RUN cd $SRC && \
COPY precompile_afl /usr/local/bin/
RUN precompile_afl

RUN apt-get update -y
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You don't want to do this. Because of caching this step can cause the build to fail. You should put the apt-get update in the same step where it is needed.

projects/test-project/Dockerfile Outdated Show resolved Hide resolved
projects/test-project/Dockerfile Outdated Show resolved Hide resolved
projects/test-project/build.sh Outdated Show resolved Hide resolved
projects/test-project/project.yaml Outdated Show resolved Hide resolved
@AdamKorcz AdamKorcz force-pushed the native-go-fuzzing-wip branch 2 times, most recently from c622e7f to c9f2bab Compare April 11, 2022 16:01
@AdamKorcz AdamKorcz force-pushed the native-go-fuzzing-wip branch 2 times, most recently from 3c4c710 to 68dcab3 Compare April 15, 2022 21:38
@AdamKorcz AdamKorcz force-pushed the native-go-fuzzing-wip branch from 68dcab3 to 895f7d8 Compare April 15, 2022 21:49
@AdamKorcz
Copy link
Collaborator Author

@jonathanmetzman IMO this is a good first step to get the Go 1.18 runtime engine integrated. It will need more work which includes:

  • Getting rid of the --engine flag which is required now with run_fuzzer.
  • Support for coverage.

Can this be merged as is at this moment, or do you see any potential for breaking anything in the backend?

@AdamKorcz AdamKorcz mentioned this pull request Apr 21, 2022
Open
@oliverchang
Copy link
Collaborator

Thanks for this PR! Note that there's still a lot of work to do on the ClusterFuzz side, which are pending some required changes to the Go fuzzing implementation itself.

We can merge it in, but it won't actually be usable by users.

@jonathanmetzman jonathanmetzman mentioned this pull request Jul 22, 2022
Closed
@catenacyber catenacyber mentioned this pull request Oct 8, 2022
Merged
@oliverchang oliverchang closed this Aug 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonathanmetzman jonathanmetzman jonathanmetzman left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@AdamKorcz @oliverchang @jonathanmetzman