Re: [RFC PATCH v3 2/2] ci: enable fuzzing for arm64

Mon, 12 May 2025 12:10:22 -0700 


Hi Stefano,


Stefano Stabellini <sstabell...@kernel.org> writes:

> On Wed, 7 May 2025, Volodymyr Babchuk wrote:

>>  alpine-3.18-gcc-debug-arm64:
>> +  extends: .gcc-arm64-build-debug
>> +  variables:
>> +    CONTAINER: alpine:3.18-arm64v8
>> +    EXTRA_XEN_CONFIG: |
>> +      CONFIG_UBSAN=y
>> +      CONFIG_UBSAN_FATAL=
>
> The diff is strange and I might be wrong, but it looks like this should
> be CONFIG_UBSAN_FATAL=y

Yes, looks like a mistake from my side.

>
>> +alpine-3.18-gcc-fuzzing-arm64:
>>    extends: .gcc-arm64-build-debug
>>    variables:
>>      CONTAINER: alpine:3.18-arm64v8
>>      EXTRA_XEN_CONFIG: |
>>        CONFIG_UBSAN=y
>>        CONFIG_UBSAN_FATAL=y
>> +      CONFIG_FUZZING=y
>> +      CONFIG_FUZZER_LIBAFL_QEMU=y
>> +      CONFIG_FUZZER_PASS_BLOCKING=y
>>  
>>  alpine-3.18-gcc-arm64-randconfig:
>>    extends: .gcc-arm64-build
>> diff --git a/automation/gitlab-ci/test.yaml b/automation/gitlab-ci/test.yaml
>> index a603d4039a..bb8670026f 100644
>> --- a/automation/gitlab-ci/test.yaml
>> +++ b/automation/gitlab-ci/test.yaml
>> @@ -197,6 +197,30 @@
>>    tags:
>>      - qubes-hw11
>>  
>> +.fuzzer-arm:
>> +  stage: test
>> +  image: xentroops/xen-fuzzer:v1
>> +  variables:
>> +    HARNESS: hypercall
>> +    FUZZING_TIME: 600
>> +  rules:
>> +  - if: $SELECTED_JOBS_ONLY && $CI_JOB_NAME =~ $SELECTED_JOBS_ONLY
>> +  - if: $SELECTED_JOBS_ONLY
>> +    when: never
>> +  - when: on_success
>> +  script:
>> +    - cd /root/
>> +    - ./xen_fuzzer -t ${FUZZING_TIME} run ${CI_PROJECT_DIR}/binaries/xen 
>> test-mmu64le-arm-${HARNESS}-fuzzer 2>&1 | tee 
>> ${CI_PROJECT_DIR}/fuzzer-${HARNESS}.log
>
> Can you run it from outside the directory, like this?
>
> /root/xen_fuzzer -t ...
>

Well, right now it is looking for some QEMU files, like firmware image,
relatively to ${CWD}. It is possible to provide the full QEMU
command line along with -L option and then we will be able to run
it from anywhere, but, IMO, it is easier to just change directory.


>> +  after_script:
>> +    - cd ${CI_PROJECT_DIR}
>> +    - mv /root/crashes .
>
> Also here you could probably do:
>
> mv /root/crashes ${CI_PROJECT_DIR}
>

Yes, agree.


-- 
WBR, Volodymyr

Reply via email to