1#!/bin/bash -eu
2# Copyright 2020 Google Inc.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16################################################################################
17
18## Copied from envoy
19
20export CFLAGS="$CFLAGS"
21export CXXFLAGS="$CXXFLAGS"
22
23FUZZER_DICTIONARIES="\
24"
25
26# Copy $CFLAGS and $CXXFLAGS into Bazel command-line flags, for both
27# compilation and linking.
28#
29# Some flags, such as `-stdlib=libc++`, generate warnings if used on a C source
30# file. Since the build runs with `-Werror` this will cause it to break, so we
31# use `--conlyopt` and `--cxxopt` instead of `--copt`.
32#
33declare -r EXTRA_BAZEL_FLAGS="$(
34for f in ${CFLAGS}; do
35  echo "--conlyopt=${f}" "--linkopt=${f}"
36done
37for f in ${CXXFLAGS}; do
38  echo "--cxxopt=${f}" "--linkopt=${f}"
39done
40
41if [ "$SANITIZER" = "undefined" ]
42then
43  # Bazel uses clang to link binary, which does not link clang_rt ubsan library for C++ automatically.
44  # See issue: https://github.com/bazelbuild/bazel/issues/8777
45  echo "--linkopt=\"$(find $(llvm-config --libdir) -name libclang_rt.ubsan_standalone_cxx-x86_64.a | head -1)\""
46elif [ "$SANITIZER" = "address" ]
47then
48  echo "--copt -D__SANITIZE_ADDRESS__" "--copt -DADDRESS_SANITIZER=1"
49fi
50)"
51
52declare BAZEL_BUILD_TARGETS=""
53declare BAZEL_CORPUS_TARGETS=""
54declare FILTERED_FUZZER_TARGETS=""
55for t in $(bazel query 'src/...' --output label | grep '_fuzz_test$')
56do
57  declare TAGGED=$(bazel query "attr('tags', 'no_fuzz', ${t})")
58  if [ -z "${TAGGED}" ]
59  then
60    BASE_PATH=${t//://}
61    BASE_PATH=${BASE_PATH#"//"}
62    FILTERED_FUZZER_TARGETS+="${BASE_PATH} "
63    BAZEL_BUILD_TARGETS+="${t}_driverless "
64    BAZEL_CORPUS_TARGETS+="${t}_corpus_tar "
65  fi
66done
67
68# Build driverless libraries.
69# Benchmark about 3 GB per CPU (10 threads for 28.8 GB RAM)
70# TODO(nareddyt): Remove deprecation warnings when Envoy and deps moves to C++17
71bazel build --verbose_failures --dynamic_mode=off --spawn_strategy=sandboxed \
72  --local_cpu_resources=HOST_CPUS*0.32 \
73  --genrule_strategy=standalone --strip=never \
74  --copt=-fno-sanitize=vptr --linkopt=-fno-sanitize=vptr \
75  --define tcmalloc=disabled --define signal_trace=disabled \
76  --define ENVOY_CONFIG_ASAN=1 \
77  --define force_libcpp=enabled --build_tag_filters=-no_asan \
78  --linkopt=-lc++ --linkopt=-pthread ${EXTRA_BAZEL_FLAGS} \
79  ${BAZEL_BUILD_TARGETS[*]} ${BAZEL_CORPUS_TARGETS[*]}
80
81# Profiling with coverage requires that we resolve+copy all Bazel symlinks and
82# also remap everything under proc/self/cwd to correspond to Bazel build paths.
83if [ "$SANITIZER" = "coverage" ]
84then
85  # The build invoker looks for sources in $SRC, but it turns out that we need
86  # to not be buried under src/, paths are expected at out/proc/self/cwd by
87  # the profiler.
88  declare -r REMAP_PATH="${OUT}/proc/self/cwd"
89  mkdir -p "${REMAP_PATH}"
90
91  rsync -av "${SRC}"/esp-v2/src "${REMAP_PATH}"
92  # Remove filesystem loop manually.
93  rm -rf "${SRC}"/esp-v2/bazel-esp-v2/external/esp-v2
94  # Clean up symlinks with a missing referrant.
95  find "${SRC}"/esp-v2/bazel-esp-v2/external -follow -type l -ls -delete || echo "Symlink cleanup soft fail"
96  rsync -avLk "${SRC}"/esp-v2/bazel-esp-v2/external "${REMAP_PATH}"
97  # For .h, and some generated artifacts, we need bazel-out/. Need to heavily
98  # filter out the build objects from bazel-out/. Also need to resolve symlinks,
99  # since they don't make sense outside the build container.
100  declare -r RSYNC_FILTER_ARGS=("--include" "*.h" "--include" "*.cc" "--include" \
101    "*.hpp" "--include" "*.cpp" "--include" "*.c" "--include" "*/" "--exclude" "*")
102  rsync -avLk "${RSYNC_FILTER_ARGS[@]}" "${SRC}"/esp-v2/bazel-out "${REMAP_PATH}"
103  rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" "${HOME}" "${OUT}"
104  # Some low-level libraries are built located /tmp.
105  # But ESPv2 engineeers don't really look at them.
106  # rsync -avLkR "${RSYNC_FILTER_ARGS[@]}" /tmp "${OUT}"
107fi
108
109# Copy out test driverless binaries from bazel-bin/.
110for t in ${FILTERED_FUZZER_TARGETS}
111do
112  TARGET_BASE="$(expr "$t" : '.*/\(.*\)_fuzz_test')"
113  TARGET_DRIVERLESS=bazel-bin/"${t}"_driverless
114  echo "Copying fuzzer $t"
115  cp "${TARGET_DRIVERLESS}" "${OUT}"/"${TARGET_BASE}"_fuzz_test
116done
117
118# Zip up related test corpuses.
119# TODO(nareddyt): just use the .tar directly when
120# https://github.com/google/oss-fuzz/issues/1918 is fixed.
121CORPUS_UNTAR_PATH="${PWD}"/_tmp_corpus
122for t in ${FILTERED_FUZZER_TARGETS}
123do
124  echo "Extracting and zipping fuzzer $t corpus"
125  rm -rf "${CORPUS_UNTAR_PATH}"
126  mkdir -p "${CORPUS_UNTAR_PATH}"
127  tar -C "${CORPUS_UNTAR_PATH}" -xvf bazel-bin/"${t}"_corpus_tar.tar
128  TARGET_BASE="$(expr "$t" : '.*/\(.*\)_fuzz_test')"
129  # There may be *.dict files in this folder that need to be moved into the OUT dir.
130  find "${CORPUS_UNTAR_PATH}" -type f -name *.dict -exec mv -n {} "${OUT}"/ \;
131  zip "${OUT}/${TARGET_BASE}"_fuzz_test_seed_corpus.zip \
132    "${CORPUS_UNTAR_PATH}"/*
133done
134rm -rf "${CORPUS_UNTAR_PATH}"
135
136# Copy dictionaries and options files to $OUT/
137for d in $FUZZER_DICTIONARIES; do
138  cp "$d" "${OUT}"/
139done
140
141# Cleanup bazel- symlinks to avoid oss-fuzz trying to copy out of the build
142# cache.
143rm -f bazel-*
144