- Point `compile` to the right `fuzz-introspector` location (since it's no longer checked out in $SRC).
- Rename build tag to "introspector" to be more consistent with other
tags.
- Fix bad merge in deploy.sh script.
- Add introspector setup to project sync.
- Enable more logging for project sync cron.
In https://github.com/google/oss-fuzz/pull/6322 compile was synced
with the version in base-builder. However, base-builder's compile
assumes that rust and go are installed. This change makes it possible
to run compile without those installed.
This is done in anticipation of the upgrade to Ubuntu 20.04 which wont support this.
We'll do this first so we can handle any breakages caused by this step before needing to handle breakages
caused by the upgrade. However, there shouldn't be any breakages due to #6281, but there may be some projects
we overlooked.
The only exception to this is libcxx.
Related: #6180.
* Update fuzzers to new Atheris version
* Pin new atheris version
* Change = to ==
* Change path where Atheris fuzzers ld_preload from
* Update hypothesis fuzzer to work with new atheris
* Set version to 2.0.1
* Switch to Atheris 2.0.4
* Correct spelling of pygments_fuzzer decorator
* instrument yaml_reader
* Change to latest Atheris
* Set atheris version to 2.0.6
* [infra][jvm] Add Jazzer UBSan support
* [java-example] Reenable and plant UB
* [docs] Mention support for Java UBSan in docs
Also adds a link to the java-example build.sh to the docs.
Coverage is collected by running the fuzz targets with the JaCoCo agent
in Jazzer's no instrumentation mode.
Since JaCoCo does not support llvm-cov style coverage reports, a simple
Python helper creates it using the information contained in the JaCoCo
XML report.
As the Java build process does not maintain a mapping between source
files and build artifacts and JaCoCo needs to be passed the root folder
of the package tree, we use the Maven directory layout convention to
heuristically detect these roots.
compile, bad_build_check, and presubmit.py require small tweaks to
support JVM fuzz targets, most of which are similar to those required
for Python. The following additional changes are required:
* Since the Jazzer driver binary already links in libFuzzer, it should
not be built as a static library.
* It is not clear how to do architecture checks as JVM fuzz targets can
load their native dependencies dynamically at runtime. For now, the
check is disabled.
* The Jazzer binaries are moved into $OUT and need to be skipped over in
find_fuzz_targets.
Jazzer is built from HEAD using Bazel and the clang toolchain provided
by base-clang. While it could be built with OpenJDK 8, which is
available as a package, JVM fuzz targets should not be forced to be
compatible with Java 8. For this reason, the official binary release of
OpenJDK 15 is pulled into both base-builder and base-runner and set as
JAVA_HOME. It is trimmed down in size by removing src.zip and the jmods
directory.
Jazzer consists of the following four components:
* The API (`jazzer_api_deploy.jar`), which is required for fuzz targets
that use FuzzedDataProvider or custom method hooks, is made available
in /usr/local/lib in base-builder.
* The driver (`jazzer_driver`), which links in libFuzzer and is reused
across fuzz targets. Since it is used to run fuzz targets, it is
included into base-runner.
* The ASanified driver (`jazzer_driver_asan`), which is obtained from
`jazzer_driver` by linking in ASan.
* The agent (`jazzer_agent_deploy.jar`), which bundles the runtime
instrumentation agent with the Jazzer API. It is loaded by the driver
and thus also included into base-runner.
The changes to the infra scripts required by JVM fuzz targets will be
submitted as a separate PR.
* Simplify rust project setup.
- Add rust and cargo-fuzz in base builder.
- Set RUSTC_BOOSTRAP to make ASan available.
- Set RUSTFLAGS and C,CXXFLAGS properly.
* [infra] Add support for dataflow builds to the helper script and build check (#1632).
* Update travis config file.
* Address self-review comments and specify dataflow sanitizer for zstd as well.
* Fix fuzzing_engines in project.yaml
* Fix bad build check for DFSan.
* Use "hasattr" in helper.py to check the sanitizer argument.
* Address more review comments.
* Remove DataFlow config from zstd.
* fix a typo
Navidem