Fix sanitizer build of fuzzer (microsoft#2201)

* Fix sanitizer build of fuzzer Fixes microsoft#1817 Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Fixes Signed-off-by: Dave Thaler <dthaler@microsoft.com> * More fixes Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Disable some build steps for FuzzerDebug Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Update github workflows Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Update verifier to latest Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Fix execution_context_fuzzer build Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Fix bpf2c and samples Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Fix samples compilation Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Fix custom program type sample Signed-off-by: Dave Thaler <dthaler@microsoft.com> --------- Signed-off-by: Dave Thaler <dthaler@microsoft.com>
sd37 · Apr 13, 2023 · 93b7634 · 93b7634
1 parent 35f909d
commit 93b7634
Show file tree

Hide file tree

Showing 54 changed files with 1,567 additions and 98 deletions.
diff --git a/.github/codecov.yml b/.github/codecov.yml
@@ -4,9 +4,9 @@
 codecov:
   notify:
     wait_for_ci: yes
-    after_n_builds: 30 # (reusable-test.yml instances in cicd.yml) * (Debug, Release)
+    after_n_builds: 23 # (reusable-test.yml instances in cicd.yml) * (# configurations per instance)
 comment:
-    after_n_builds: 30 # (reusable-test.yml instances in cicd.yml) * (Debug, Release)
+    after_n_builds: 23 # (reusable-test.yml instances in cicd.yml) * (# configurations per instance)
 coverage:
   status:
     project:

diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -48,6 +48,7 @@ jobs:
       build_msi: true
       build_nuget: true
       build_options: /p:ReleaseJIT='True'
+      configurations: '["Debug", "FuzzerDebug", "Release"]'
 
   # Perform the native-only build.
   regular_native-only:
@@ -65,17 +66,6 @@ jobs:
     with:
       build_artifact: Build-x64-cmake
 
-  # Perform the libfuzzer build.
-  libfuzzer:
-    # Always run this job.
-    if: github.event_name == 'schedule' || github.event_name == 'pull_request' || github.event_name == 'push' || github.event_name == 'merge_group'
-    uses: ./.github/workflows/reusable-build.yml
-    with:
-      build_artifact: Build-x64-fuzzer
-      cxx_flags: /fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div /ZH:SHA_256
-      ld_flags: '"clang_rt.fuzzer_MD-x86_64.lib" "libsancov.lib"'
-      build_options: /p:Fuzzer='True' /t:tests\libfuzzer\execution_context_fuzzer /t:tests\libfuzzer\bpf2c_fuzzer /t:tests\libfuzzer\verifier_fuzzer /t:tests\libfuzzer\core_helper_fuzzer /t:tests\libfuzzer\netebpfext_fuzzer
-
   # Run the unit tests in GitHub.
   unit_tests:
     # Always run this job.
@@ -192,94 +182,101 @@ jobs:
       build_options: /p:AddressSanitizer='True'
 
   bpf2c_fuzzer:
-    needs: libfuzzer
+    needs: regular
     if: github.event_name == 'pull_request' || github.event_name == 'merge_group'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: bpf2c_fuzzer
       test_command: .\bpf2c_fuzzer.exe bpf2c_fuzzer_corpus -use_value_profile=1 -max_total_time=300 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   bpf2c_fuzzer_scheduled:
-    needs: libfuzzer
+    needs: regular
     if: github.event_name == 'schedule'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: bpf2c_fuzzer
       test_command: .\bpf2c_fuzzer.exe bpf2c_fuzzer_corpus -use_value_profile=1 -max_total_time=900 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   execution_context_fuzzer:
-    needs: libfuzzer
+    needs: regular
     # Always run this job.
     if: github.event_name == 'schedule' || github.event_name == 'pull_request' || github.event_name == 'merge_group'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: execution_context_fuzzer
       test_command: .\execution_context_fuzzer.exe execution_context_fuzzer_corpus -use_value_profile=1 -runs=3000 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   # Run the verifier fuzzer.
   verifier_fuzzer:
-    needs: libfuzzer
+    needs: regular
     # Always run this job.
     if: github.event_name == 'pull_request' || github.event_name == 'merge_group'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: verifier_fuzzer
       test_command: .\verifier_fuzzer.exe verifier_corpus -use_value_profile=1 -max_total_time=300 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   verifier_fuzzer_scheduled:
-    needs: libfuzzer
+    needs: regular
     # Always run this job.
     if: github.event_name == 'schedule'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: verifier_fuzzer
       test_command: .\verifier_fuzzer.exe verifier_corpus -use_value_profile=1 -max_total_time=900 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   core_helper_fuzzer:
-    needs: libfuzzer
+    needs: regular
     # Always run this job.
     if: github.event_name == 'schedule' || github.event_name == 'pull_request' || github.event_name == 'merge_group'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: core_helper_fuzzer
       test_command: .\core_helper_fuzzer core_helper_corpus -max_len=139 -runs=1000 -use_value_profile=1 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   netebpfext_fuzzer:
-    needs: libfuzzer
+    needs: regular
     # Always run this job.
     if: github.event_name == 'schedule' || github.event_name == 'pull_request' || github.event_name == 'merge_group'
     uses: ./.github/workflows/reusable-test.yml
     with:
       name: netebpfext_fuzzer
       test_command: .\netebpfext_fuzzer netebpfext_corpus -max_len=12 -runs=1000 -use_value_profile=1 -artifact_prefix=Artifacts\
-      build_artifact: Build-x64-fuzzer
+      build_artifact: Build-x64
       environment: windows-2022
       code_coverage: false
       gather_dumps: true
+      configurations: '["FuzzerDebug"]'
 
   # Run Cilium regression tests in GitHub.
   cilium_tests:

diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml
@@ -34,6 +34,10 @@ on:
       ld_flags:
         required: false
         type: string
+      configurations:
+        required: false
+        type: string
+        default: '["Debug", "Release"]'
 
 permissions:
   contents: read
@@ -45,7 +49,7 @@ jobs:
 
     strategy:
       matrix:
-        configurations: [Debug, Release]
+        configurations: ${{ fromJSON(inputs.configurations) }}
     runs-on: windows-2022
     env:
       # Path to the solution file relative to the root of the project.
@@ -166,12 +170,12 @@ jobs:
       run: copy "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Tools\MSVC\14.34.31933\bin\Hostx64\x64\clang*" .
 
     - name: Download demo repository
-      if: steps.skip_check.outputs.should_skip != 'true'
+      if: steps.skip_check.outputs.should_skip != 'true' && matrix.configurations != 'FuzzerDebug'
       working-directory: ${{env.GITHUB_WORKSPACE}}
       run: Invoke-WebRequest https://github.com/microsoft/ebpf-for-windows-demo/releases/download/v0.0.1/${{env.BUILD_PLATFORM}}-${{env.BUILD_CONFIGURATION}}-cilium-xdp.zip -OutFile x64-${{env.BUILD_CONFIGURATION}}-cilium-xdp.zip
 
     - name: Extract artifacts to build path
-      if: steps.skip_check.outputs.should_skip != 'true'
+      if: steps.skip_check.outputs.should_skip != 'true' && matrix.configurations != 'FuzzerDebug'
       working-directory: ${{env.GITHUB_WORKSPACE}}
       run: |
         cd ${{github.workspace}}/${{env.BUILD_PLATFORM}}/${{env.BUILD_CONFIGURATION}}
@@ -191,15 +195,8 @@ jobs:
         path: ${{github.workspace}}/build-${{ matrix.configurations }}.zip
         retention-days: 5
 
-    - name: Upload the MSI package (Debug)
-      if: inputs.build_msi == true && matrix.configurations == 'Debug'
-      uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
-      with:
-        name: ebpf-for-windows - MSI installer (${{inputs.build_artifact}}_${{env.BUILD_CONFIGURATION}})
-        path: ${{github.workspace}}/${{env.BUILD_PLATFORM}}/${{env.BUILD_CONFIGURATION}}/ebpf-for-windows.msi
-
-    - name: Upload the MSI package (Release)
-      if: inputs.build_msi == true && matrix.configurations == 'Release'
+    - name: Upload the MSI package
+      if: inputs.build_msi == true
       uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
       with:
         name: ebpf-for-windows - MSI installer (${{inputs.build_artifact}}_${{env.BUILD_CONFIGURATION}})

diff --git a/.github/workflows/reusable-test.yml b/.github/workflows/reusable-test.yml
@@ -51,6 +51,10 @@ on:
       leak_detection:
         required: false
         type: boolean
+      configurations:
+        required: false
+        type: string
+        default: '["Debug", "Release"]'
 
 permissions:
   checks: read  # Required by fountainhead/action-wait-for-check to wait for another GitHub check to complete.
@@ -63,7 +67,7 @@ jobs:
 
     strategy:
       matrix:
-        configurations: [Debug, Release]
+        configurations: ${{ fromJSON(inputs.configurations) }}
     runs-on: ${{inputs.environment}}
     env:
       # Configuration type to build.

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -13,6 +13,16 @@ set(CMAKE_SYSTEM_VERSION 10.0.22621.0)
 
 project("ebpf-for-windows")
 
+list(APPEND CMAKE_CONFIGURATION_TYPES FuzzerDebug)
+list(REMOVE_DUPLICATES CMAKE_CONFIGURATION_TYPES)
+set(CMAKE_CONFIGURATION_TYPES "${CMAKE_CONFIGURATION_TYPES}" CACHE STRING
+    "Add the configurations that we need"
+    FORCE)
+set(CMAKE_EXE_LINKER_FLAGS_FUZZERDEBUG "${CMAKE_EXE_LINKER_FLAGS_DEBUG}")
+set(CMAKE_SHARED_LINKER_FLAGS_FUZZERDEBUG "${CMAKE_SHARED_LINKER_FLAGS_DEBUG}")
+set(CMAKE_C_FLAGS_FUZZERDEBUG "${CMAKE_C_FLAGS_DEBUG} /fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div /ZH:SHA_256")
+set(CMAKE_CXX_FLAGS_FUZZERDEBUG "${CMAKE_CXX_FLAGS_DEBUG} /fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div /ZH:SHA_256")
+
 include("cmake/options.cmake")
 include("cmake/settings.cmake")
 include("cmake/git_commit.cmake")
@@ -54,4 +64,4 @@ if(EBPFFORWINDOWS_ENABLE_INSTALL)
     FILES "LICENSE.txt"
     DESTINATION "."
   )
-endif()
+endif()
diff --git a/Directory.Build.props b/Directory.Build.props
@@ -15,18 +15,18 @@
   <PropertyGroup Condition="'$(Configuration)'=='Release'">
     <FuzzerLibs>libsancov.lib;clang_rt.fuzzer_MD-x86_64.lib</FuzzerLibs>
   </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)'=='Debug'">
+  <PropertyGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='FuzzerDebug'">
     <FuzzerLibs>libsancov.lib;clang_rt.fuzzer_MDd-x86_64.lib</FuzzerLibs>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Fuzzer)'=='Release|True'">
     <EnableASAN>true</EnableASAN>
-    <AdditionalOptions>/fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div %(AdditionalOptions)</AdditionalOptions>
+    <AdditionalOptions>/fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div /ZH:SHA_256 %(AdditionalOptions)</AdditionalOptions>
   </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Fuzzer)'=='Debug|True'">
+  <PropertyGroup Condition="'$(Configuration)|$(Fuzzer)'=='Debug|True' Or '$(Configuration)'=='FuzzerDebug'">
     <EnableASAN>true</EnableASAN>
-    <AdditionalOptions>/fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div %(AdditionalOptions)</AdditionalOptions>
+    <AdditionalOptions>/fsanitize-coverage=inline-bool-flag /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div /ZH:SHA_256 %(AdditionalOptions)</AdditionalOptions>
   </PropertyGroup>
-  <PropertyGroup Condition="'$(Fuzzer)'!='True'">
+  <PropertyGroup Condition="'$(Fuzzer)'!='True' And '$(Configuration)'!='FuzzerDebug'">
     <SpectreMitigation>Spectre</SpectreMitigation>
   </PropertyGroup>
   <ItemDefinitionGroup>
@@ -68,7 +68,7 @@
       <LinkTimeCodeGeneration>UseLinkTimeCodeGeneration</LinkTimeCodeGeneration>
     </Link>
   </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'">
+  <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='FuzzerDebug'">
     <ClCompile>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <IntrinsicFunctions>true</IntrinsicFunctions>

diff --git a/docs/Fuzzing.md b/docs/Fuzzing.md
@@ -15,18 +15,31 @@ Download the artifact and the associated build.  For example, if verifier_fuzzer
 
 Copy the crash file from the artifact folder to a separate directory,  *verifier_fuzzer* files including *verifier_fuzzer.pdb*, *verifier_fuzzer.lib*, *verifier_fuzzer.exp*, and *verifier_fuzzer.exe* from debug directory. The C Runtime library, entitled, *ucrtbased.dll*, and address sanitizer files, marked by ASAN need to be included, *clang_rt.asan_dbg_dynamic-x86_64.dll* ,and *clang_rt.asan_dynamic-x86_64.dll*.
 
+### Using the command line
 Run a desired admin CMD locating to the copied files in the new directory, and enter with the following command:
 ```
 windbgx -y SRV*;. -srcpath <your-path-to-ebpf-for-windows> verifier_fuzzer.exe <crash-file-name>
 ```
 A window containing the windbg debugger opens up and enter ```g``` in the command box of windbg. If an access violation indicating ```Access violation - code c0000005 (first chance)``` shows up, please use ```sxi c0000005``` to ignore this error. Please use ```g``` again to see the line that crashes.
 
-An alternative of running an admin CMD is to reproduce a crash to use the local latest build and run
+An alternative is to reproduce a crash to use the local latest build and run
 ```
 verifier_fuzzer.exe <crash-file-name>
 ```
 This method will show the line of crash in the source file.
 
+### Using Visual Studio
+
+From within Visual Studio, you can reproduce the crash as follows:
+
+1. Set the active configuration to FuzzerDebug.
+2. Right click the verifier_fuzzer project and click Properties.
+3. Under Debugging, set Working Directory to: $(OutDir)
+4. Under Debugging, set Command Arguments to: verifier_corpus\<crash-file-name>
+5. Build the solution.
+6. Copy the downloaded <crash-file-name> to the x64\FuzzerDebug\verifier_corpus directory.
+7. Start (with debugging) the verifier_fuzzer from within Visual Studio.
+
 # Regenerating the corpus for execution context fuzzer
 The libfuzzer tests work best if they have an existing
 [corpus](https://releases.llvm.org/11.0.0/docs/LibFuzzer.html#corpus) to work