diff options
author | Pauli <pauli@openssl.org> | 2021-08-27 10:37:35 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-09-02 19:23:32 +1000 |
commit | f92bfddc1d4c4957c57337d7f4192c586cc09a5c (patch) | |
tree | b0512782115535a65f2a7a98d5990b3877e9c7ae /.github | |
parent | 473664aafdff1f60db99929bdd43c2a9b26d14cd (diff) |
CI: add last run-checker fuzzing CIs to Actions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16438)
Diffstat (limited to '.github')
-rw-r--r-- | .github/workflows/fuzz-checker.yml | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/.github/workflows/fuzz-checker.yml b/.github/workflows/fuzz-checker.yml new file mode 100644 index 0000000000..5b784deb10 --- /dev/null +++ b/.github/workflows/fuzz-checker.yml @@ -0,0 +1,61 @@ +name: Fuzz-checker CI + +on: [push] + +jobs: + fuzz-checker: + strategy: + fail-fast: false + matrix: + fuzzy: [ + { + name: AFL, + config: enable-fuzz-afl no-module, + install: afl++-clang, + cc: afl-clang-fast + }, { + name: libFuzzer, + config: enable-fuzz-libfuzzer -DPEDANTIC enable-asan enable-ubsan, + libs: --with-fuzzer-lib=/usr/lib/llvm-12/lib/libFuzzer.a --with-fuzzer-include=/usr/lib/llvm-12/build/lib/clang/12.0.0/include/fuzzer, + install: libfuzzer-12-dev, + cc: clang-12, + linker: clang++-12, + tests: -test_memleak + }, { + name: libFuzzer+, + config: enable-fuzz-libfuzzer -DPEDANTIC enable-asan enable-ubsan -fsanitize-coverage=trace-cmp -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION, + libs: --with-fuzzer-lib=/usr/lib/llvm-12/lib/libFuzzer.a --with-fuzzer-include=/usr/lib/llvm-12/build/lib/clang/12.0.0/include/fuzzer, + extra: enable-fips enable-ec_nistp_64_gcc_128 -fno-sanitize=alignment enable-tls1_3 enable-weak-ssl-ciphers enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg, + install: libfuzzer-12-dev, + cc: clang-12, + linker: clang++-12, + tests: -test_memleak + } + ] + runs-on: ubuntu-latest + steps: + - name: install packages + run: | + sudo apt-get update + sudo apt-get -yq --force-yes install ${{ matrix.fuzzy.install }} + - uses: actions/checkout@v2 + + - name: config + run: | + CC=${{ matrix.fuzzy.cc }} ./config --banner=Configured no-shared \ + ${{ matrix.fuzzy.config }} ${{ matrix.fuzzy.libs }} ${{ matrix.fuzzy.extra }} + + - name: config dump + run: ./configdata.pm --dump + - name: make with explicit linker + if: matrix.fuzzy.linker != '' + run: LDCMD=${{ matrix.fuzzy.linker }} make -s -j4 + - name: make sans explicit linker + if: matrix.fuzzy.linker == '' + run: make -s -j4 + - name: make test restricted + if: matrix.fuzzy.tests != '' + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} TESTS="${{ matrix.fuzzy.tests }}" + - name: make test all + if: matrix.fuzzy.tests == '' + run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |