From 84ea9561f73a4a3b20563fe40bbb99da3006f75e Mon Sep 17 00:00:00 2001 From: Fabian Meumertzheim Date: Mon, 28 Jun 2021 15:33:38 +0200 Subject: [PATCH] [infra] Add support for rules_fuzzing's java_fuzz_test macro (#5960) * [infra] Add support for rules_fuzzing's java_fuzz_test macro * [infra] Update bazelisk for rolling release support * [infra] Fix C++ stdlib mixing for uninstrumented Bazel targets The build script for Bazel rules_fuzzing tests did not set the C++ stdlib for uninstrumented C++ binaries, which thus use the system libstdc++ instead of the libc++ built from source. * [rules_fuzzing] Add test project for rules_fuzzing's java_fuzz_test --- infra/base-images/base-builder/Dockerfile | 2 +- .../base-builder/bazel_build_fuzz_tests | 10 ++++++- .../bazel-rules-fuzzing-test-java/Dockerfile | 21 +++++++++++++++ .../bazel-rules-fuzzing-test-java/build.sh | 27 +++++++++++++++++++ .../project.yaml | 13 +++++++++ 5 files changed, 71 insertions(+), 2 deletions(-) create mode 100644 projects/bazel-rules-fuzzing-test-java/Dockerfile create mode 100644 projects/bazel-rules-fuzzing-test-java/build.sh create mode 100644 projects/bazel-rules-fuzzing-test-java/project.yaml diff --git a/infra/base-images/base-builder/Dockerfile b/infra/base-images/base-builder/Dockerfile index 9d0661ccf..2ce4c8c89 100644 --- a/infra/base-images/base-builder/Dockerfile +++ b/infra/base-images/base-builder/Dockerfile @@ -97,7 +97,7 @@ RUN rustup component add rust-src --toolchain nightly ENV OSSFUZZ_RUSTPATH /rust # Install Bazel through Bazelisk, which automatically fetches the latest Bazel version. -ENV BAZELISK_VERSION 1.7.4 +ENV BAZELISK_VERSION 1.9.0 RUN curl -L https://github.com/bazelbuild/bazelisk/releases/download/v$BAZELISK_VERSION/bazelisk-linux-amd64 -o /usr/local/bin/bazel && \ chmod +x /usr/local/bin/bazel diff --git a/infra/base-images/base-builder/bazel_build_fuzz_tests b/infra/base-images/base-builder/bazel_build_fuzz_tests index d843d75f6..dca79f3f2 100755 --- a/infra/base-images/base-builder/bazel_build_fuzz_tests +++ b/infra/base-images/base-builder/bazel_build_fuzz_tests @@ -22,10 +22,17 @@ : "${BAZEL_TOOL:=bazel}" : "${BAZEL_EXTRA_BUILD_FLAGS:=}" +if [ "$FUZZING_LANGUAGE" = "jvm" ]; then + BAZEL_LANGUAGE=java +else + BAZEL_LANGUAGE=cc +fi + if [[ -z "${BAZEL_FUZZ_TEST_QUERY:-}" ]]; then BAZEL_FUZZ_TEST_QUERY=" let all_fuzz_tests = attr(tags, \"${BAZEL_FUZZ_TEST_TAG}\", \"//...\") in - \$all_fuzz_tests - attr(tags, \"${BAZEL_FUZZ_TEST_EXCLUDE_TAG}\", \$all_fuzz_tests) + let lang_fuzz_tests = attr(generator_function, \"^${BAZEL_LANGUAGE}_fuzz_test\$\", \$all_fuzz_tests) in + \$lang_fuzz_tests - attr(tags, \"${BAZEL_FUZZ_TEST_EXCLUDE_TAG}\", \$lang_fuzz_tests) " fi @@ -45,6 +52,7 @@ declare -r BAZEL_BUILD_FLAGS=( "--@rules_fuzzing//fuzzing:cc_engine=@rules_fuzzing_oss_fuzz//:oss_fuzz_engine" \ "--@rules_fuzzing//fuzzing:cc_engine_instrumentation=oss-fuzz" \ "--@rules_fuzzing//fuzzing:cc_engine_sanitizer=none" \ + "--cxxopt=-stdlib=libc++" \ "--linkopt=-lc++" \ "--action_env=CC=${CC}" "--action_env=CXX=${CXX}" \ ${BAZEL_EXTRA_BUILD_FLAGS[*]} diff --git a/projects/bazel-rules-fuzzing-test-java/Dockerfile b/projects/bazel-rules-fuzzing-test-java/Dockerfile new file mode 100644 index 000000000..c007f5aa8 --- /dev/null +++ b/projects/bazel-rules-fuzzing-test-java/Dockerfile @@ -0,0 +1,21 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder + +RUN git clone https://github.com/bazelbuild/rules_fuzzing.git +WORKDIR $SRC/rules_fuzzing/ +COPY build.sh $SRC/ diff --git a/projects/bazel-rules-fuzzing-test-java/build.sh b/projects/bazel-rules-fuzzing-test-java/build.sh new file mode 100644 index 000000000..4698ebd92 --- /dev/null +++ b/projects/bazel-rules-fuzzing-test-java/build.sh @@ -0,0 +1,27 @@ +#!/bin/bash -eu +# +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +# Due to https://github.com/bazelbuild/bazel/issues/11128, affecting Bazel 4.0 +# or earlier, we cannot use the "@rules_fuzzing//" prefix for the label-typed +# cc_engine configuration flag when fuzzing directly the rules_fuzzing workspace. +# +# This is NOT needed for any other Bazel repository that depends on +# rules_fuzzing. +export BAZEL_EXTRA_BUILD_FLAGS="--//fuzzing:cc_engine=@rules_fuzzing_oss_fuzz//:oss_fuzz_engine" + +bazel_build_fuzz_tests diff --git a/projects/bazel-rules-fuzzing-test-java/project.yaml b/projects/bazel-rules-fuzzing-test-java/project.yaml new file mode 100644 index 000000000..888c37f86 --- /dev/null +++ b/projects/bazel-rules-fuzzing-test-java/project.yaml @@ -0,0 +1,13 @@ +homepage: "https://github.com/bazelbuild/rules_fuzzing" +language: jvm +primary_contact: "test@example.com" + +fuzzing_engines: + - libfuzzer + +sanitizers: + - address + - undefined + +# This is a test project. +disabled: true