Fix All Deep Source Shell Issues and Go Issues (#8661)

* most issues resolved * fuzz wrapper fixes * more deepsource * more shell * export * shell * combine func params, fix go deep source issues Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com>
2024-12-22 03:30:35 +00:00 · 2021-03-24 14:57:27 -05:00 · 2021-03-24 14:57:27 -05:00 · 82f25bacf2
commit 82f25bacf2
parent b2d9f9a2d8
17 changed files with 75 additions and 77 deletions
--- a/bazel.sh
+++ b/bazel.sh
@ -6,6 +6,6 @@

 env -i \
 PATH=/usr/bin:/bin \
- HOME=$HOME \
- GOOGLE_APPLICATION_CREDENTIALS=$GOOGLE_APPLICATION_CREDENTIALS \
+ HOME="$HOME" \
+ GOOGLE_APPLICATION_CREDENTIALS="$GOOGLE_APPLICATION_CREDENTIALS" \
 bazel "$@"
--- a/beacon-chain/node/node.go
+++ b/beacon-chain/node/node.go
@ -364,11 +364,7 @@ func (b *BeaconNode) startDB(cliCtx *cli.Context) error {
 		}
 	}

-	if err := b.db.EnsureEmbeddedGenesis(b.ctx); err != nil {
-		return err
-	}
-
-	return nil
+	return b.db.EnsureEmbeddedGenesis(b.ctx)
 }

 func (b *BeaconNode) startStateGen() {
--- a/beacon-chain/rpc/beacon/validators_stream.go
+++ b/beacon-chain/rpc/beacon/validators_stream.go
@ -330,7 +330,7 @@ func (is *infostream) generateValidatorInfo(pubKey []byte, validator iface.ReadO

 // generatePendingValidatorInfo generates the validator info for a pending (or unknown) key.
 func (is *infostream) generatePendingValidatorInfo(info *ethpb.ValidatorInfo) (*ethpb.ValidatorInfo, error) {
-	key := fmt.Sprintf("%s", info.PublicKey)
+	key := string(info.PublicKey)
 	var deposit *eth1Deposit
 	is.eth1DepositsMutex.Lock()
 	if fetchedDeposit, exists := is.eth1Deposits.Get(key); exists {
--- a/prysm.sh
+++ b/prysm.sh
@ -98,7 +98,7 @@ if [[ "$arch" == "armv7l" ]]; then
    exit 1
 fi

-mkdir -p $wrapper_dir
+mkdir -p "$wrapper_dir"

 function get_prysm_version() {
    if [[ -n ${USE_PRYSM_VERSION:-} ]]; then
@ -134,14 +134,14 @@ function verify() {

    color "37" "Verifying binary integrity."

-    gpg --list-keys $PRYLABS_SIGNING_KEY >/dev/null 2>&1 || curl --silent https://prysmaticlabs.com/releases/pgp_keys.asc | gpg --import
+    gpg --list-keys "$PRYLABS_SIGNING_KEY" >/dev/null 2>&1 || curl --silent https://prysmaticlabs.com/releases/pgp_keys.asc | gpg --import
    (
-        cd $wrapper_dir
+        cd "$wrapper_dir"
 	$checkSum -c "${file}.sha256" || failed_verification
    )
    (
-        cd $wrapper_dir
-        gpg -u $PRYLABS_SIGNING_KEY --verify "${file}.sig" $file || failed_verification
+        cd "$wrapper_dir"
+        gpg -u "$PRYLABS_SIGNING_KEY" --verify "${file}.sig" "$file" || failed_verification
    )

    color "32;1" "Verified ${file} has been signed by Prysmatic Labs."
@ -174,10 +174,10 @@ if [[ $1 == beacon-chain ]]; then
    if [[ ! -x $BEACON_CHAIN_REAL ]]; then
        color "34" "Downloading beacon chain@${prysm_version} to ${BEACON_CHAIN_REAL} (${reason})"
        file=beacon-chain-${prysm_version}-${system}-${arch}
-        curl -L "https://prysmaticlabs.com/releases/${file}" -o $BEACON_CHAIN_REAL
+        curl -L "https://prysmaticlabs.com/releases/${file}" -o "$BEACON_CHAIN_REAL"
        curl --silent -L "https://prysmaticlabs.com/releases/${file}.sha256" -o "${wrapper_dir}/${file}.sha256"
        curl --silent -L "https://prysmaticlabs.com/releases/${file}.sig" -o "${wrapper_dir}/${file}.sig"
-        chmod +x $BEACON_CHAIN_REAL
+        chmod +x "$BEACON_CHAIN_REAL"
    else
        color "37" "Beacon chain is up to date."
    fi
@ -188,10 +188,10 @@ if [[ $1 == validator ]]; then
        color "34" "Downloading validator@${prysm_version} to ${VALIDATOR_REAL} (${reason})"

        file=validator-${prysm_version}-${system}-${arch}
-        curl -L "https://prysmaticlabs.com/releases/${file}" -o $VALIDATOR_REAL
+        curl -L "https://prysmaticlabs.com/releases/${file}" -o "$VALIDATOR_REAL"
        curl --silent -L "https://prysmaticlabs.com/releases/${file}.sha256" -o "${wrapper_dir}/${file}.sha256"
        curl --silent -L "https://prysmaticlabs.com/releases/${file}.sig" -o "${wrapper_dir}/${file}.sig"
-        chmod +x $VALIDATOR_REAL
+        chmod +x "$VALIDATOR_REAL"
    else
        color "37" "Validator is up to date."
    fi
@ -202,10 +202,10 @@ if [[ $1 == slasher ]]; then
        color "34" "Downloading slasher@${prysm_version} to ${SLASHER_REAL} (${reason})"

        file=slasher-${prysm_version}-${system}-${arch}
-        curl -L "https://prysmaticlabs.com/releases/${file}" -o $SLASHER_REAL
+        curl -L "https://prysmaticlabs.com/releases/${file}" -o "$SLASHER_REAL"
        curl --silent -L "https://prysmaticlabs.com/releases/${file}.sha256" -o "${wrapper_dir}/${file}.sha256"
        curl --silent -L "https://prysmaticlabs.com/releases/${file}.sig" -o "${wrapper_dir}/${file}.sig"
-        chmod +x $SLASHER_REAL
+        chmod +x "$SLASHER_REAL"
    else
        color "37" "Slasher is up to date."
    fi
@ -233,7 +233,7 @@ slasher)
    ;;
 esac

-verify $process
+verify "$process"

 if [[ "$#" -gt 1 ]] && [[ $2 == --download-only ]]; then
    color "37" "Only download operation is requested, done."
--- a/scripts/check-todo.sh
+++ b/scripts/check-todo.sh
@ -1,24 +1,23 @@
 #!/bin/bash

 # Continuous integration script to check that TODOs are in the correct format
-OUTPUT="$(grep -PrinH '(?<!context\.)todo(?!\(#{0,1}\d+\))' --include \*.go --exclude *site_data.go --exclude *mainnet_config.go *)";
+OUTPUT="$(grep -PrinH '(?<!context\.)todo(?!\(#{0,1}\d+\))' --include ./**/*.go --exclude ./*site_data.go --exclude ./*mainnet_config.go)";
 if [ "$OUTPUT" != "" ] ;
-then 
+then
    echo "Invalid TODOs found. Failing." >&2;
    echo "$OUTPUT" >&2;
    exit 1;
-fi 
+fi

-
-while read -r line ; do     
-linenum=$(expr $line : '^\([0-9]*:\)')
+while read -r line ; do
+linenum=$(expr "$line" : '^\([0-9]*:\)')
 issueNum=${line//$linenum}
-issueState=$(curl https://api.github.com/repos/prysmaticlabs/prysm/issues/$issueNum | grep -o '"state":"closed"');
+issueState=$(curl https://api.github.com/repos/prysmaticlabs/prysm/issues/"$issueNum" | grep -o '"state":"closed"');

 if [ "$issueState" != "" ];
-then 
+then
    echo "Issue referenced has already been closed" >&2;
    echo "Issue Number: $issueNum" >&2;
    exit 1;
 fi
-done < <(grep -PrinH -o -h '(?<!context\.)todo\(#{0,1}\K(\d+)' --include \*.go *)
+done < <(grep -PrinH -o -h '(?<!context\.)todo\(#{0,1}\K(\d+)' --include ./*.go)
--- a/scripts/ci-coverage.sh
+++ b/scripts/ci-coverage.sh
@ -4,7 +4,7 @@
 ./bazel.sh --bazelrc=.buildkite-bazelrc coverage --config=remote-cache --features=norace --test_tag_filters="-race_on" --nocache_test_results -k  //...

 # Collect all coverage results into a single file (for deepsource).
-find $(./bazel.sh --bazelrc=.buildkite-bazelrc info bazel-testlogs) -iname coverage.dat | xargs -t -rd '\n' ./bazel.sh --bazelrc=.buildkite-bazelrc run //tools/gocovmerge:gocovmerge -- > /tmp/cover.out
+find "$(./bazel.sh --bazelrc=.buildkite-bazelrc info bazel-testlogs)" -iname coverage.dat -print0 | xargs -t -rd '\n' -0 ./bazel.sh --bazelrc=.buildkite-bazelrc run //tools/gocovmerge:gocovmerge -- > /tmp/cover.out

 # Download deepsource CLI
 curl https://deepsource.io/cli | sh
@ -13,4 +13,4 @@ curl https://deepsource.io/cli | sh
 ./bin/deepsource report --analyzer test-coverage --key go --value-file /tmp/cover.out

 # Upload to codecov (requires CODECOV_TOKEN environment variable)
-bash <(curl -s https://codecov.io/bash) -s $(./bazel.sh info bazel-testlogs) -f '**/coverage.dat'
+bash <(curl -s https://codecov.io/bash) -s "$(./bazel.sh info bazel-testlogs)" -f '**/coverage.dat'
--- a/scripts/common.sh
+++ b/scripts/common.sh
@ -27,6 +27,6 @@ if [ "$system" == "darwin" ]; then
        color 31 "Make sure that GNU 'findutils' package is installed: brew install findutils"
        exit 1
    else
-        findutil="gfind"
+        export findutil="gfind"  # skipcq: SH-2034
    fi
 fi
--- a/scripts/coverage.sh
+++ b/scripts/coverage.sh
@ -7,10 +7,10 @@ set -e
 echo "" > coverage.txt

 for d in $(go list ./... | grep -v vendor); do
-    if [[ ${skip_coverage[*]} =~ "$d" ]]; then
+    if [[ ${skip_coverage[*]} =~ $d ]]; then
        continue
    fi
-    go test -coverprofile=profile.out -covermode=atomic $d
+    go test -coverprofile=profile.out -covermode=atomic "$d"
    if [ -f profile.out ]; then
        cat profile.out >> coverage.txt
        rm profile.out
--- a/scripts/update-go-pbs.sh
+++ b/scripts/update-go-pbs.sh
@ -1,5 +1,5 @@
 #!/bin/bash
-. $(dirname "$0")/common.sh
+. "$(dirname "$0")"/common.sh

 # Script to copy pb.go files from bazel build folder to appropriate location.
 # Bazel builds to bazel-bin/... folder, script copies them back to original folder where .proto is.
@ -9,14 +9,14 @@ bazel build //proto/...
 file_list=()
 while IFS= read -d $'\0' -r file; do
    file_list=("${file_list[@]}" "$file")
-done < <($findutil -L $(bazel info bazel-bin)/proto -type f -regextype sed -regex ".*pb\.\(gw\.\)\?go$" -print0)
+done < <($findutil -L "$(bazel info bazel-bin)"/proto -type f -regextype sed -regex ".*pb\.\(gw\.\)\?go$" -print0)

 arraylength=${#file_list[@]}
 searchstring="prysmaticlabs/prysm/"

 # Copy pb.go files from bazel-bin to original folder where .proto is.
 for ((i = 0; i < arraylength; i++)); do
-    color "34" $destination
+    color "34" "$destination"
    destination=${file_list[i]#*$searchstring}
    chmod 755 "$destination"
    cp -R -L "${file_list[i]}" "$destination"
--- a/scripts/update-go-ssz.sh
+++ b/scripts/update-go-ssz.sh
@ -1,5 +1,5 @@
 #!/bin/bash
-. $(dirname "$0")/common.sh
+. "$(dirname "$0")"/common.sh

 # Script to copy ssz.go files from bazel build folder to appropriate location.
 # Bazel builds to bazel-bin/... folder, script copies them back to original folder where target is.
@ -10,7 +10,7 @@ bazel query 'kind(ssz_gen_marshal, //proto/...) union kind(ssz_gen_marshal, //fu
 file_list=()
 while IFS= read -d $'\0' -r file; do
    file_list=("${file_list[@]}" "$file")
-done < <($findutil -L $(bazel info bazel-bin)/ -type f -regextype sed -regex ".*ssz\.go$" -print0)
+done < <($findutil -L "$(bazel info bazel-bin)"/ -type f -regextype sed -regex ".*ssz\.go$" -print0)

 arraylength=${#file_list[@]}
 searchstring="/bin/"
@ -18,7 +18,7 @@ searchstring="/bin/"
 # Copy ssz.go files from bazel-bin to original folder where the target is located.
 for ((i = 0; i < arraylength; i++)); do
    destination=${file_list[i]#*$searchstring}
-    color "34" $destination
+    color "34" "$destination"
    chmod 755 "$destination"
    cp -R -L "${file_list[i]}" "$destination"
 done
--- a/scripts/update-mockgen.sh
+++ b/scripts/update-mockgen.sh
@ -17,8 +17,8 @@ for ((i = 0; i < ${#mocks[@]}; i++)); do
    file=${mocks[i]% *};
    interfaces=${mocks[i]#* };
    echo "generating $file for interfaces: $interfaces";
-    GO11MODULE=on mockgen -package=mock -destination=$file github.com/prysmaticlabs/ethereumapis/eth/v1alpha1 $interfaces
-    GO11MODULE=on mockgen -package=mock -destination=$file github.com/prysmaticlabs/prysm/proto/validator/accounts/v2 $interfaces
+    GO11MODULE=on mockgen -package=mock -destination="$file" github.com/prysmaticlabs/ethereumapis/eth/v1alpha1 "$interfaces"
+    GO11MODULE=on mockgen -package=mock -destination="$file" github.com/prysmaticlabs/prysm/proto/validator/accounts/v2 "$interfaces"
 done

 goimports -w "$mock_path/."
--- a/scripts/upload-github-release-asset.sh
+++ b/scripts/upload-github-release-asset.sh
@ -22,7 +22,8 @@

 # Check dependencies.
 set -e
-xargs=$(which gxargs || which xargs)
+# skipcq: SH-2034
+export xargs=$(which gxargs || which xargs)

 # Validate settings.
 [ "$TRACE" ] && set -x
@ -38,29 +39,31 @@ GH_API="https://api.github.com"
 GH_REPO="$GH_API/repos/$owner/$repo"
 GH_TAGS="$GH_REPO/releases/tags/$tag"
 AUTH="Authorization: token $github_api_token"
-WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
-CURL_ARGS="-LJO#"
+# skipcq: SH-2034
+export WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
+# skipcq: SH-2034
+export CURL_ARGS="-LJO#"

 if [[ "$tag" == 'LATEST' ]]; then
  GH_TAGS="$GH_REPO/releases/latest"
 fi

 # Validate token.
-curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token or network issue!";  exit 1; }
+curl -o /dev/null -sH "$AUTH" "$GH_REPO" || { echo "Error: Invalid repo, token or network issue!";  exit 1; }

 # Read asset tags.
-response=$(curl -sH "$AUTH" $GH_TAGS)
+response=$(curl -sH "$AUTH" "$GH_TAGS")

 # Get ID of the asset based on given filename.
-eval $(echo "$response" | grep -m 1 "id.:" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')
+eval "$(echo "$response" | grep -m 1 "id.:" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')"
 [ "$id" ] || { echo "Error: Failed to get release id for tag: $tag"; echo "$response" | awk 'length($0)<100' >&2; exit 1; }

 # Upload asset
 echo "Uploading asset... "

 # Construct url
-GH_ASSET="https://uploads.github.com/repos/$owner/$repo/releases/$id/assets?name=$(basename $filename)"
+GH_ASSET="https://uploads.github.com/repos/$owner/$repo/releases/$id/assets?name=$(basename "$filename")"

-echo $GH_ASSET
+echo "$GH_ASSET"

-curl "$GITHUB_OAUTH_BASIC" --data-binary @"$filename" -H "Authorization: token $github_api_token" -H "Content-Type: application/octet-stream" $GH_ASSET
+curl "$GITHUB_OAUTH_BASIC" --data-binary @"$filename" -H "Authorization: token $github_api_token" -H "Content-Type: application/octet-stream" "$GH_ASSET"
--- a/scripts/upload_fuzzers.sh
+++ b/scripts/upload_fuzzers.sh
@ -10,6 +10,6 @@ bazel build --config=fuzz \
  //fuzz:ssz_encoder_attestations_test_libfuzzer_bundle 

 # Upload bundles with date timestamps in the filename.
-gsutil cp bazel-bin/fuzz/block_fuzz_test_libfuzzer_bundle.zip gs://builds.prysmaticlabs.appspot.com/libfuzzer_asan_blocks/fuzzer-build-$(date +%Y%m%d%H%M).zip
-gsutil cp bazel-bin/fuzz/state_fuzz_test_libfuzzer_bundle.zip gs://builds.prysmaticlabs.appspot.com/libfuzzer_asan_state/fuzzer-build-$(date +%Y%m%d%H%M).zip
-gsutil cp bazel-bin/fuzz/ssz_encoder_attestations_test_libfuzzer_bundle.zip gs://builds.prysmaticlabs.appspot.com/libfuzzer_asan_ssz_encoder_attestations/fuzzer-build-$(date +%Y%m%d%H%M).zip
+gsutil cp bazel-bin/fuzz/block_fuzz_test_libfuzzer_bundle.zip gs://builds.prysmaticlabs.appspot.com/libfuzzer_asan_blocks/fuzzer-build-"$(date +%Y%m%d%H%M)".zip
+gsutil cp bazel-bin/fuzz/state_fuzz_test_libfuzzer_bundle.zip gs://builds.prysmaticlabs.appspot.com/libfuzzer_asan_state/fuzzer-build-"$(date +%Y%m%d%H%M)".zip
+gsutil cp bazel-bin/fuzz/ssz_encoder_attestations_test_libfuzzer_bundle.zip gs://builds.prysmaticlabs.appspot.com/libfuzzer_asan_ssz_encoder_attestations/fuzzer-build-"$(date +%Y%m%d%H%M)".zip
--- a/scripts/workspace_status.sh
+++ b/scripts/workspace_status.sh
@ -2,7 +2,7 @@

 # Note: The STABLE_ prefix will force a relink when the value changes when using rules_go x_defs.

-echo STABLE_GIT_COMMIT $(git rev-parse HEAD)
-echo DATE $(date --rfc-3339=seconds --utc)
-echo DOCKER_TAG $(git rev-parse --abbrev-ref HEAD)-$(git rev-parse --short=6 HEAD)
-echo STABLE_GIT_TAG $(git describe --tags $(git rev-list --tags --max-count=1))
+echo STABLE_GIT_COMMIT "$(git rev-parse HEAD)"
+echo DATE "$(date --rfc-3339=seconds --utc)"
+echo DOCKER_TAG "$(git rev-parse --abbrev-ref HEAD)-$(git rev-parse --short=6 HEAD)"
+echo STABLE_GIT_TAG "$(git describe --tags "$(git rev-list --tags --max-count=1)")"
--- a/tools/cross-toolchain/install_clang_cross10.sh
+++ b/tools/cross-toolchain/install_clang_cross10.sh
@ -1,23 +1,23 @@
 #!/bin/sh

 set -eu
-curl -L https://github.com/llvm/llvm-project/releases/download/llvmorg-${INSTALL_LLVM_VERSION}/clang+llvm-${INSTALL_LLVM_VERSION}-x86_64-linux-gnu-ubuntu-18.04.tar.xz \
-    -o clang+llvm-${INSTALL_LLVM_VERSION}-x86_64-linux-gnu-ubuntu-18.04.tar.xz
-tar xf clang+llvm-${INSTALL_LLVM_VERSION}-x86_64-linux-gnu-ubuntu-18.04.tar.xz --strip-components=1 -C /usr
-rm -f clang+llvm-${INSTALL_LLVM_VERSION}-x86_64-linux-gnu-ubuntu-18.04.tar.xz
+curl -L https://github.com/llvm/llvm-project/releases/download/llvmorg-"${INSTALL_LLVM_VERSION}"/clang+llvm-"${INSTALL_LLVM_VERSION}"-x86_64-linux-gnu-ubuntu-18.04.tar.xz \
+    -o clang+llvm-"${INSTALL_LLVM_VERSION}"-x86_64-linux-gnu-ubuntu-18.04.tar.xz
+tar xf clang+llvm-"${INSTALL_LLVM_VERSION}"-x86_64-linux-gnu-ubuntu-18.04.tar.xz --strip-components=1 -C /usr
+rm -f clang+llvm-"${INSTALL_LLVM_VERSION}"-x86_64-linux-gnu-ubuntu-18.04.tar.xz
 # arm64
-curl -L https://github.com/llvm/llvm-project/releases/download/llvmorg-${INSTALL_LLVM_VERSION}/clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu.tar.xz \
-    -o clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu.tar.xz
-tar xf clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu.tar.xz
-rm -f clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu.tar.xz
+curl -L https://github.com/llvm/llvm-project/releases/download/llvmorg-"${INSTALL_LLVM_VERSION}"/clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu.tar.xz \
+    -o clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu.tar.xz
+tar xf clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu.tar.xz
+rm -f clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu.tar.xz
 mkdir -p /usr/aarch64-linux-gnu/lib/clang/10.0.0
 mkdir -p /usr/aarch64-linux-gnu/include/c++
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/include/c++/v1 /usr/aarch64-linux-gnu/include/c++/
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/clang/10.0.0/include /usr/aarch64-linux-gnu/lib/clang/10.0.0
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/libc++.a /usr/aarch64-linux-gnu/lib/
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/libc++abi.a /usr/aarch64-linux-gnu/lib/
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/libunwind.a /usr/aarch64-linux-gnu/lib/
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/clang/10.0.0/lib/linux/libclang_rt.builtins-aarch64.a /usr/lib/clang/10.0.0/lib/linux/
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/clang/10.0.0/lib/linux/clang_rt.crtbegin-aarch64.o /usr/lib/clang/10.0.0/lib/linux/
-mv /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu/lib/clang/10.0.0/lib/linux/clang_rt.crtend-aarch64.o /usr/lib/clang/10.0.0/lib/linux/
-rm -rf /clang+llvm-${INSTALL_LLVM_VERSION}-aarch64-linux-gnu
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/include/c++/v1 /usr/aarch64-linux-gnu/include/c++/
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/clang/10.0.0/include /usr/aarch64-linux-gnu/lib/clang/10.0.0
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/libc++.a /usr/aarch64-linux-gnu/lib/
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/libc++abi.a /usr/aarch64-linux-gnu/lib/
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/libunwind.a /usr/aarch64-linux-gnu/lib/
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/clang/10.0.0/lib/linux/libclang_rt.builtins-aarch64.a /usr/lib/clang/10.0.0/lib/linux/
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/clang/10.0.0/lib/linux/clang_rt.crtbegin-aarch64.o /usr/lib/clang/10.0.0/lib/linux/
+mv /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu/lib/clang/10.0.0/lib/linux/clang_rt.crtend-aarch64.o /usr/lib/clang/10.0.0/lib/linux/
+rm -rf /clang+llvm-"${INSTALL_LLVM_VERSION}"-aarch64-linux-gnu
--- a/tools/fuzz_wrapper.sh
+++ b/tools/fuzz_wrapper.sh
@ -5,4 +5,4 @@ set -e
 # A wrapper for libfuzz tests that sets test undeclared outputs directory as the first corpus
 # which libfuzz will write to and the artifact prefix to write any crashes.

-$1 $TEST_UNDECLARED_OUTPUTS_DIR ${@:2} -artifact_prefix=$TEST_UNDECLARED_OUTPUTS_DIR/
+$1 "$TEST_UNDECLARED_OUTPUTS_DIR" "${@:2}" -artifact_prefix="$TEST_UNDECLARED_OUTPUTS_DIR"/
--- a/validator/db/kv/prune_attester_protection_test.go
+++ b/validator/db/kv/prune_attester_protection_test.go
@ -153,7 +153,7 @@ func checkAttestingHistoryAfterPruning(
 	t testing.TB,
 	validatorDB *Store,
 	pubKey [48]byte,
-	startEpoch types.Epoch,
+	startEpoch,
 	numEpochs types.Epoch,
 	shouldBePruned bool,
 ) error {