Most projects have upgraded to 1.19 which is the latest version.
This upgrades Go to 1.19 in the base-image.
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: AdamKorcz <adam@adalogics.com>
This fixes an issue where the `testing.F` is replaced with a new
package; if this was the only usage of `testing` in the file then we end
up with `testing` being an unused import. A workaround for this is to
just always use `testing` via some placeholder variable.
A recent commit allows `Centipede` to add timestamps to its log, which
can be very helpful for debugging.
This PR intends to update `Centipede` to add that commit.
Update `Centipede` to fix [the SegFault when using `AddressSanitizer`
with
`address_space_limit_mb`](https://github.com/google/centipede/issues/166).
Also set `address_space_limit_mb` as the issue has been fixed.
cc @oliverchang
Log the file trying to be opened and the flags (read or write) for
opening the file
Co-authored-by: Oliver Chang <oliverchang@users.noreply.github.com>
* Add Centipede as a fuzzer
* Specify dictionary param of Centipede
* Update docs
* Mark Centipede as experimental
* More accurate description
* Remove garbage
* Simplify code
* Move mkdir to dockerfile
* Add the weak.c trick
* Install deps with Centipede's script & uninstall new deps
* Fix doc
* Reuse libweak_sancov_stubs.so
* Reorganise flags
* format
* Consistent file type
* Reuse the weak references defined in Centipede
* Replace the shared library of weak symbols with a static one
* Correct the place to call mkdir
* Allow 2G of SHM for Centipede
* Create dirs in run_fuzzer
* Keep Centipede up-to-date
* Avoid duplicating Centipede's binary
* The params of Centipede and their explanations
* The engine info of centipede
* Save the target binary (with san) in a subdir of the project
* Set the target (with san) dir in check_build
* Create the target (with san) first to avoid side-effects
* Fic clone
* Fix format
* Add periods
* Fix comments
* Fix dirs
* Fix parameters
* Adding Centipede as a fuzzing engine for Scarecrow
* Add CI support
* Represent sanitizer with a variable
* Remove the unnecessary definition of FUZZER_OUT
* Reorganise binary directories
* format
* A minor note
* Present issues with dirs that alread exist
* Use os.path.join to join path
* Make a function to get the out/ in check build
* Reusing existing flags in .bazel
* Avoid hardcoding sanitizer, set rss_limit_mb=4096, leave address_space_limit_mb disabled
* Better ways to add bazel build options
* A better way to add bazel flags
* Remove redundant --bazelrc
* Better Cohesion
* Avoid code duplication
* Simplify code
* Exit on crash
* Rename execSan to SystemSan.
All of the bug detectors we've built (or plan to build) relate to system
state.
* fix documentation
* fix more documentation
All latest builds seem to be broken with:
```
OpenJDK 64-Bit Server VM warning: Sharing is only supported for boot loader classes because bootstrap classpath has been appended
INFO: Loaded 112 hooks from com.code_intelligence.jazzer.runtime.TraceCmpHooks
INFO: Loaded 4 hooks from com.code_intelligence.jazzer.runtime.TraceDivHooks
INFO: Loaded 2 hooks from com.code_intelligence.jazzer.runtime.TraceIndirHooks
INFO: Loaded 4 hooks from com.code_intelligence.jazzer.runtime.NativeLibHooks
INFO: Loaded 8 hooks from com.code_intelligence.jazzer.sanitizers.Deserialization
INFO: Loaded 5 hooks from com.code_intelligence.jazzer.sanitizers.ExpressionLanguageInjection
INFO: Loaded 70 hooks from com.code_intelligence.jazzer.sanitizers.LdapInjection
INFO: Loaded 46 hooks from com.code_intelligence.jazzer.sanitizers.NamingContextLookup
INFO: Loaded 1 hooks from com.code_intelligence.jazzer.sanitizers.OsCommandInjection
INFO: Loaded 52 hooks from com.code_intelligence.jazzer.sanitizers.ReflectiveCall
INFO: Loaded 8 hooks from com.code_intelligence.jazzer.sanitizers.RegexInjection
Exception in thread "main" java.lang.ExceptionInInitializerError
at com.code_intelligence.jazzer.sanitizers.RegexRoadblocks.<clinit>(RegexRoadblocks.java:72)
at java.base/java.lang.Class.forName0(Native Method)
at java.base/java.lang.Class.forName(Class.java:398)
at com.code_intelligence.jazzer.instrumentor.Hooks$Companion$HooksLoader.loadHooks(Hooks.kt:66)
at com.code_intelligence.jazzer.instrumentor.Hooks$Companion$HooksLoader.load(Hooks.kt:48)
at com.code_intelligence.jazzer.instrumentor.Hooks$Companion.loadHooks(Hooks.kt:42)
at com.code_intelligence.jazzer.agent.Agent.premain(Agent.kt:137)
at com.code_intelligence.jazzer.driver.Driver.start(Driver.java:97)
Caused by: java.lang.NumberFormatException: For input string: "./jazzer_driver"
at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:66)
at java.base/java.lang.Long.parseLong(Long.java:680)
at java.base/java.lang.Integer.parseUnsignedInt(Integer.java:835)
at java.base/java.lang.Integer.parseUnsignedInt(Integer.java:929)
at com.code_intelligence.jazzer.api.Jazzer.getLibFuzzerSeed(Jazzer.java:635)
at com.code_intelligence.jazzer.api.Jazzer.<clinit>(Jazzer.java:38)
... 8 more
```
native go fuzzing: Restrict fuzzer lookup to *.go
Projects containing words starting with Fuzz in non-go
files break compile_native_go_fuzzer with the error:
sed: -e expression #1, char 15: unknown option to 's'
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
Signed-off-by: Paulo Gomes <pjbgf@linux.com>
AdamKorcz