sqlite-vec/.github/workflows/fuzz.yaml at d04e2aeda1c986327c969fffec3655929e2adb4c · asg017/sqlite-vec · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: "Fuzz"
on:
  push:
    branches: [main]
  schedule:
    # Nightly at 2am UTC for longer fuzzing sessions
    - cron: "0 2 * * *"
  workflow_dispatch:
    inputs:
      duration:
        description: "Fuzz duration per target (seconds)"
        default: "60"

permissions:
  contents: read

jobs:
  fuzz-linux:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4
      - name: Install LLVM 18
        run: |
          wget -qO- https://apt.llvm.org/llvm.sh | sudo bash -s -- 18
          echo "FUZZ_CC=clang-18" >> $GITHUB_ENV
      - run: ./scripts/vendor.sh
      - name: Generate sqlite-vec.h
        run: make sqlite-vec.h
      - name: Build fuzz targets
        run: make -C tests/fuzz all FUZZ_CC=$FUZZ_CC FUZZ_LDFLAGS=
      - name: Run fuzz targets
        run: |
          DURATION=${{ github.event.inputs.duration || '60' }}
          EXIT_CODE=0
          for target in tests/fuzz/targets/*; do
            [ -f "$target" ] && [ -x "$target" ] || continue
            name=$(basename "$target")
            echo "::group::Fuzzing $name ($DURATION seconds)"
            corpus="tests/fuzz/corpus/$name"
            mkdir -p "$corpus"
            dict="tests/fuzz/${name//_/-}.dict"
            dict_flag=""
            [ -f "$dict" ] && dict_flag="-dict=$dict"
            if ! ASAN_OPTIONS=detect_leaks=1 "$target" $dict_flag \
              -max_total_time="$DURATION" "$corpus" 2>&1; then
              echo "::error::Fuzz target $name found a crash!"
              EXIT_CODE=1
            fi
            echo "::endgroup::"
          done
          exit $EXIT_CODE
      - name: Upload crash artifacts
        if: failure()
        uses: actions/upload-artifact@v4
        with:
          name: fuzz-crashes-linux
          path: |
            crash-*
            leak-*
            timeout-*

  fuzz-macos:
    runs-on: macos-14
    steps:
      - uses: actions/checkout@v4
      # Use Apple's Xcode clang (avoids Homebrew LLVM libc++ ABI issues
      # with __ZnwmSt19__type_descriptor_t on macOS 14).
      - run: ./scripts/vendor.sh
      - name: Generate sqlite-vec.h
        run: make sqlite-vec.h
      - name: Build fuzz targets
        run: |
          SDK=$(xcrun --sdk macosx --show-sdk-path)
          make -C tests/fuzz all \
            FUZZ_CC=$(xcrun -f clang) \
            FUZZ_LDFLAGS="-isysroot $SDK"
      - name: Run fuzz targets
        run: |
          DURATION=${{ github.event.inputs.duration || '60' }}
          EXIT_CODE=0
          for target in tests/fuzz/targets/*; do
            [ -f "$target" ] && [ -x "$target" ] || continue
            name=$(basename "$target")
            echo "::group::Fuzzing $name ($DURATION seconds)"
            corpus="tests/fuzz/corpus/$name"
            mkdir -p "$corpus"
            dict="tests/fuzz/${name//_/-}.dict"
            dict_flag=""
            [ -f "$dict" ] && dict_flag="-dict=$dict"
            if ! "$target" $dict_flag \
              -max_total_time="$DURATION" "$corpus" 2>&1; then
              echo "::error::Fuzz target $name found a crash!"
              EXIT_CODE=1
            fi
            echo "::endgroup::"
          done
          exit $EXIT_CODE
      - name: Upload crash artifacts
        if: failure()
        uses: actions/upload-artifact@v4
        with:
          name: fuzz-crashes-macos
          path: |
            crash-*
            leak-*
            timeout-*

  fuzz-windows:
    # Best-effort: libFuzzer works on Windows via LLVM but ASAN/UBSAN
    # support is less reliable. Leak detection is not available.
    runs-on: windows-2022
    continue-on-error: true
    steps:
      - uses: actions/checkout@v4
      - name: Install LLVM
        run: choco install llvm -y
      - run: bash ./scripts/vendor.sh
        shell: bash
      - name: Generate sqlite-vec.h
        shell: bash
        run: make sqlite-vec.h
      - name: Build fuzz targets
        shell: bash
        run: |
          export PATH="/c/Program Files/LLVM/bin:$PATH"
          cd tests/fuzz
          mkdir -p targets
          for src in *.c; do
            name="${src%.c}"
            target_name="${name//-/_}"
            echo "Building $target_name from $src"
            clang -fsanitize=address,fuzzer \
              -I ../../ -I ../../vendor -DSQLITE_CORE -g \
              ../../vendor/sqlite3.c ../../sqlite-vec.c \
              "$src" -o "targets/${target_name}.exe" || {
              echo "Warning: failed to build $target_name (best-effort)"
            }
          done
      - name: Run fuzz targets
        shell: bash
        run: |
          export PATH="/c/Program Files/LLVM/bin:$PATH"
          DURATION=${{ github.event.inputs.duration || '60' }}
          for target in tests/fuzz/targets/*.exe; do
            [ -f "$target" ] || continue
            name=$(basename "$target" .exe)
            echo "=== Fuzzing $name ($DURATION seconds) ==="
            corpus="tests/fuzz/corpus/$name"
            mkdir -p "$corpus"
            "$target" -max_total_time="$DURATION" "$corpus" 2>&1 || {
              echo "Warning: $name found an issue or failed"
            }
          done
      - name: Upload crash artifacts
        if: failure()
        uses: actions/upload-artifact@v4
        with:
          name: fuzz-crashes-windows
          path: |
            tests/fuzz/crash-*
            tests/fuzz/leak-*