mirror of
https://github.com/asg017/sqlite-vec.git
synced 2026-04-25 08:46:49 +02:00
b93a669224
The fuzz targets were crashing on macOS 14 with: dyld: weak-def symbol not found '__ZnwmSt19__type_descriptor_t' libFuzzer compiled with LLVM 18 uses typed allocation ABI symbols not present in macOS 14's system libc++. Since DYLD_LIBRARY_PATH cannot override SIP-protected /usr/lib/libc++.1.dylib at runtime, we fix this at link time: - -nostdlib++: suppress implicit system libc++ linking - -L$LLVM/lib/c++ -lc++: explicitly link LLVM's libc++ (which has the symbol) - -Wl,-rpath,$LLVM/lib/c++: embed rpath so dyld finds LLVM's libc++ at runtime Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
163 lines
5.4 KiB
YAML
163 lines
5.4 KiB
YAML
name: "Fuzz"
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
schedule:
|
|
# Nightly at 2am UTC for longer fuzzing sessions
|
|
- cron: "0 2 * * *"
|
|
workflow_dispatch:
|
|
inputs:
|
|
duration:
|
|
description: "Fuzz duration per target (seconds)"
|
|
default: "60"
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
fuzz-linux:
|
|
runs-on: ubuntu-22.04
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install LLVM 18
|
|
run: |
|
|
wget -qO- https://apt.llvm.org/llvm.sh | sudo bash -s -- 18
|
|
echo "FUZZ_CC=clang-18" >> $GITHUB_ENV
|
|
- run: ./scripts/vendor.sh
|
|
- name: Generate sqlite-vec.h
|
|
run: make sqlite-vec.h
|
|
- name: Build fuzz targets
|
|
run: make -C tests/fuzz all FUZZ_CC=$FUZZ_CC FUZZ_LDFLAGS=
|
|
- name: Run fuzz targets
|
|
run: |
|
|
DURATION=${{ github.event.inputs.duration || '60' }}
|
|
EXIT_CODE=0
|
|
for target in tests/fuzz/targets/*; do
|
|
[ -f "$target" ] && [ -x "$target" ] || continue
|
|
name=$(basename "$target")
|
|
echo "::group::Fuzzing $name ($DURATION seconds)"
|
|
corpus="tests/fuzz/corpus/$name"
|
|
mkdir -p "$corpus"
|
|
dict="tests/fuzz/${name//_/-}.dict"
|
|
dict_flag=""
|
|
[ -f "$dict" ] && dict_flag="-dict=$dict"
|
|
if ! ASAN_OPTIONS=detect_leaks=1 "$target" $dict_flag \
|
|
-max_total_time="$DURATION" "$corpus" 2>&1; then
|
|
echo "::error::Fuzz target $name found a crash!"
|
|
EXIT_CODE=1
|
|
fi
|
|
echo "::endgroup::"
|
|
done
|
|
exit $EXIT_CODE
|
|
- name: Upload crash artifacts
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: fuzz-crashes-linux
|
|
path: |
|
|
tests/fuzz/crash-*
|
|
tests/fuzz/leak-*
|
|
tests/fuzz/timeout-*
|
|
|
|
fuzz-macos:
|
|
runs-on: macos-14
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install LLVM 18
|
|
run: brew install llvm@18
|
|
- run: ./scripts/vendor.sh
|
|
- name: Generate sqlite-vec.h
|
|
run: make sqlite-vec.h
|
|
- name: Build fuzz targets
|
|
run: |
|
|
LLVM=/opt/homebrew/opt/llvm@18
|
|
make -C tests/fuzz all \
|
|
FUZZ_CC=$LLVM/bin/clang \
|
|
FUZZ_LDFLAGS="-Wl,-ld_classic -nostdlib++ -L$LLVM/lib/c++ -lc++ -Wl,-rpath,$LLVM/lib/c++"
|
|
- name: Run fuzz targets
|
|
env:
|
|
DYLD_LIBRARY_PATH: "/opt/homebrew/opt/llvm@18/lib/c++:${{ env.DYLD_LIBRARY_PATH }}"
|
|
run: |
|
|
DURATION=${{ github.event.inputs.duration || '60' }}
|
|
EXIT_CODE=0
|
|
for target in tests/fuzz/targets/*; do
|
|
[ -f "$target" ] && [ -x "$target" ] || continue
|
|
name=$(basename "$target")
|
|
echo "::group::Fuzzing $name ($DURATION seconds)"
|
|
corpus="tests/fuzz/corpus/$name"
|
|
mkdir -p "$corpus"
|
|
dict="tests/fuzz/${name//_/-}.dict"
|
|
dict_flag=""
|
|
[ -f "$dict" ] && dict_flag="-dict=$dict"
|
|
if ! "$target" $dict_flag \
|
|
-max_total_time="$DURATION" "$corpus" 2>&1; then
|
|
echo "::error::Fuzz target $name found a crash!"
|
|
EXIT_CODE=1
|
|
fi
|
|
echo "::endgroup::"
|
|
done
|
|
exit $EXIT_CODE
|
|
- name: Upload crash artifacts
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: fuzz-crashes-macos
|
|
path: |
|
|
tests/fuzz/crash-*
|
|
tests/fuzz/leak-*
|
|
tests/fuzz/timeout-*
|
|
|
|
fuzz-windows:
|
|
# Best-effort: libFuzzer works on Windows via LLVM but ASAN/UBSAN
|
|
# support is less reliable. Leak detection is not available.
|
|
runs-on: windows-2022
|
|
continue-on-error: true
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install LLVM
|
|
run: choco install llvm -y
|
|
- run: bash ./scripts/vendor.sh
|
|
shell: bash
|
|
- name: Generate sqlite-vec.h
|
|
shell: bash
|
|
run: make sqlite-vec.h
|
|
- name: Build fuzz targets
|
|
shell: bash
|
|
run: |
|
|
export PATH="/c/Program Files/LLVM/bin:$PATH"
|
|
cd tests/fuzz
|
|
mkdir -p targets
|
|
for src in *.c; do
|
|
name="${src%.c}"
|
|
target_name="${name//-/_}"
|
|
echo "Building $target_name from $src"
|
|
clang -fsanitize=address,fuzzer \
|
|
-I ../../ -I ../../vendor -DSQLITE_CORE -g \
|
|
../../vendor/sqlite3.c ../../sqlite-vec.c \
|
|
"$src" -o "targets/${target_name}.exe" || {
|
|
echo "Warning: failed to build $target_name (best-effort)"
|
|
}
|
|
done
|
|
- name: Run fuzz targets
|
|
shell: bash
|
|
run: |
|
|
export PATH="/c/Program Files/LLVM/bin:$PATH"
|
|
DURATION=${{ github.event.inputs.duration || '60' }}
|
|
for target in tests/fuzz/targets/*.exe; do
|
|
[ -f "$target" ] || continue
|
|
name=$(basename "$target" .exe)
|
|
echo "=== Fuzzing $name ($DURATION seconds) ==="
|
|
corpus="tests/fuzz/corpus/$name"
|
|
mkdir -p "$corpus"
|
|
"$target" -max_total_time="$DURATION" "$corpus" 2>&1 || {
|
|
echo "Warning: $name found an issue or failed"
|
|
}
|
|
done
|
|
- name: Upload crash artifacts
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: fuzz-crashes-windows
|
|
path: |
|
|
tests/fuzz/crash-*
|
|
tests/fuzz/leak-*
|