-
Notifications
You must be signed in to change notification settings - Fork 2.7k
Add project to fuzz PyPy3 #15355
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
StanFromIreland
wants to merge
41
commits into
google:master
Choose a base branch
from
StanFromIreland:pypy3
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+109
−0
Open
Add project to fuzz PyPy3 #15355
Changes from all commits
Commits
Show all changes
41 commits
Select commit
Hold shift + click to select a range
7e932d0
Add pypy3 fuzzer
StanFromIreland c15ad50
fix branch
StanFromIreland 730e5c9
use pypy
StanFromIreland a952f0a
fix flags
StanFromIreland 8fa887f
fix flags again
StanFromIreland 670b1dd
fix flags again * 2
StanFromIreland 8b915a0
fix install
StanFromIreland d417eb6
Build fuzzers with clang
StanFromIreland 0eea691
try some symlinks
StanFromIreland 262e337
fix that symlink:-/
StanFromIreland 24da6ef
fix paths
StanFromIreland 0739b57
link directly against the .so
StanFromIreland 22b40a3
link during fuzzer build too
StanFromIreland 7194bb7
Add libs
StanFromIreland 4ce00a3
Copy libpypy3-c.so to OUT
StanFromIreland 01091a9
actually instrument
StanFromIreland d9fd7f7
!fixup that last one
StanFromIreland 799c2f7
Work around RPython
StanFromIreland 3b8fb3d
Try w ``-shared-libsan`
StanFromIreland 99ef0a5
ubsan_standalone to path
StanFromIreland fd373b5
another workaround
StanFromIreland 4f31f7e
less rebuilding
StanFromIreland 98113a4
Empty CFLAGS for Packaging
StanFromIreland ee06722
install a 'lil more
StanFromIreland 960a700
`build_cffi_fuzz.py` uses gcc
StanFromIreland 8c7a6c0
instrument the fuzzer itself
StanFromIreland 9a40d37
unlimit stack for ASAN builds
StanFromIreland 57336df
unlimit stack for ASAN builds
StanFromIreland 6a3e6be
set ulimit and link statically
StanFromIreland 9505c72
yay! circular dependencies :-(
StanFromIreland 49dfef2
fixup. still trying to hit that 168
StanFromIreland fc025ec
revert that
StanFromIreland 8e5b2d7
tidy up now that all works
StanFromIreland 9e3fc74
Add Matti
StanFromIreland b7ae55a
Add licenses
StanFromIreland b2c01f8
Remove me
StanFromIreland eaaa53a
Update to LLC
StanFromIreland d7a7d7f
Fix cov; add Carl :-)
StanFromIreland c466480
David's review, we support all engines anyway
StanFromIreland e785a47
Use the `lldebug` make target
StanFromIreland 61966cc
Merge branch 'master' into pypy3
StanFromIreland File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| # Copyright 2026 Google LLC | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| ################################################################################ | ||
|
|
||
|
|
||
| FROM gcr.io/oss-fuzz-base/base-builder | ||
|
|
||
| RUN apt-get update && \ | ||
| apt-get install -y gcc make libffi-dev pkg-config \ | ||
| zlib1g-dev libbz2-dev libsqlite3-dev libncurses5-dev \ | ||
| libexpat1-dev libssl-dev libgdbm-dev tk-dev libgc-dev \ | ||
| liblzma-dev libncursesw5-dev \ | ||
| pypy | ||
|
|
||
| RUN git clone --depth 1 --branch py3.11 https://github.com/pypy/pypy.git pypy | ||
| RUN git clone --depth 1 --branch main https://github.com/StanFromIreland/pypy-fuzz.git | ||
| WORKDIR pypy | ||
| COPY build.sh $SRC/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| #!/bin/bash -eu | ||
| # Copyright 2026 Google LLC | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| ################################################################################ | ||
|
|
||
| case $SANITIZER in | ||
| address) SAN=-fsanitize=address ;; | ||
| undefined) SAN=-fsanitize=undefined ;; | ||
| *) SAN="" ;; | ||
| esac | ||
|
|
||
| CFLAGS=$(echo "$CFLAGS" | sed 's/-f[no-]*sanitize[^ ]*//g') | ||
|
|
||
| cd $SRC/pypy/pypy/goal | ||
| CC=clang pypy ../../rpython/bin/rpython --opt=2 --shared --source | ||
|
|
||
| BUILD_DIR=$(dirname $(find /tmp/usession-py3.11-* -name 'Makefile' | head -1)) | ||
| make lldebug -j$(nproc) -C $BUILD_DIR "CC=clang $SAN" | ||
| cp $BUILD_DIR/pypy3*-c $BUILD_DIR/libpypy3*-c.so . | ||
| ln -sf libpypy3.11-c.so libpypy3-c.so | ||
|
|
||
| export LD_LIBRARY_PATH=$SRC/pypy/pypy/goal | ||
| PYPY=$SRC/pypy/pypy/goal/pypy3.11-c | ||
|
|
||
| # Build fuzz targets | ||
| cd $SRC/pypy-fuzz | ||
| while read -r name; do | ||
| CC=clang CFLAGS="$SAN" LDSHARED="clang -shared $SAN" $PYPY build_cffi_fuzz.py "$name" | ||
| clang $SAN $CFLAGS -fsanitize=fuzzer-no-link fuzzer_stub.c ./_pypy_fuzz_${name}.so \ | ||
| -L$SRC/pypy/pypy/goal -lpypy3-c -Wl,-rpath,'$ORIGIN' \ | ||
| $LIB_FUZZING_ENGINE -rdynamic -ldl -o fuzzer-${name} | ||
|
|
||
| cp fuzzer-${name} _pypy_fuzz_${name}.so fuzz_${name}.py $OUT/ | ||
| if [ -d "corp-${name}" ]; then | ||
| zip -j "$OUT/fuzzer-${name}_seed_corpus.zip" corp-${name}/* | ||
| fi | ||
| if [ -f "dictionaries/fuzzer-${name}.dict" ]; then | ||
| cp "dictionaries/fuzzer-${name}.dict" "$OUT/" | ||
| fi | ||
| done < fuzz_targets.txt | ||
|
|
||
| cp $SRC/pypy/pypy/goal/libpypy3.11-c.so $OUT/libpypy3-c.so | ||
| cp ubsan_suppressions.txt $OUT/ | ||
| cp -R $SRC/pypy/lib-python $OUT/ | ||
| cp -R $SRC/pypy/lib_pypy $OUT/ | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| homepage: "https://pypy.org/" | ||
| language: c | ||
| main_repo: "https://github.com/pypy/pypy" | ||
| auto_ccs: | ||
| - "stanulbrych@gmail.com" | ||
| - "matti.picus@gmail.com" | ||
| - "cfbolz@gmail.com" | ||
| sanitizers: | ||
| - undefined | ||
|
StanFromIreland marked this conversation as resolved.
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| #!/bin/bash | ||
| # Copyright 2026 Google LLC | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| ################################################################################ |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.