The current run_fuzzer will fail when multiple libfuzzer options are
specificed in a .options file. Currently, if there are multiple options
then none of the options will be used, but rather an issue about a
"binary operator expected" will occur. One implication of this is that
check_build fails to use it and may, therefore, report erroneously. This
fixes it by enabling the use of zero, one and many libfuzzer options.
* infra: fix python coverage
The python coverage has not started working on oss-fuzz.com yet. This is
an effort to fix this.
* add logs and stats files
* log stderr too
Both the JaCoCo .exec file and the XML report are very useful for
automated analysis of coverage data and IDE integration, so serve them
just like the HTML report.
* update afl++ commit id
* update afl++ commit id
* fix for afl++
* attempt fix for curl
* allow easy reproducable afl++ builds
* new commit id
* fixes
* another afl++ commit increase
* not a relevant update, but why not
* two afl++ fixes
* add debug script
* update commit id (not relevant though)
* add wget
* update afl++ commit id
* just afl++ doc updates, but maybe this results in some attention
* ignore afl++ fuzz setup problems during building
* update afl++ commit id
* fix laf-intel implementation
* ensure fuzz tests are running without issues for afl++
* update afl++ commit id
* coverage: introduces llvm-cov-rel
Cf https://github.com/google/oss-fuzz/issues/6268
Latest clang-14 and clang-13 used by rust or swift have a slightly
different profraw file format
llvm-cov-rel is tool that will update the profraw file produced
by clang-13 to one readable by clang-14 llvm-cov tools
* Suricata as a rust project
* rust coverage: remaps every rust subdirectory in fuzz
So that projects not using default fuzz_targets subdir
get the good remap, and hence the good coverage report
While installing `libxext-dev` in `base-runner` makes it available for local fuzzing via `infra/helper.py run_fuzzer`, it is not installed in the image used by ClusterFuzz to run fuzz targets. Fuzz targets that rely on any JDK system dependency rather have to install it manually using the method described in https://google.github.io/oss-fuzz/further-reading/fuzzer-environment/#runtime-dependencies.
By removing this package from `base-runner`, a failure to do so will already be detected via a local `check_build` rather than only during fuzzer execution on ClusterFuzz.
1. Make coverage script accept an env var that controls where the generated report is written to. Use this in generate_coverage_report.
2. Rename CoverageGetter to OSSFuzzCoverage
3. Make affected_fuzz_targets get coverage object from clusterfuzz_deployment.
4. Add stubbed FilesystemCoverage class that will be used by non-OSS-Fuzz users.
5. Make ClusterFuzzLite able to return coverage object by downloading old coverage report and returning a FilesystemCoverage object.
6. Add stub to ClusterFuzzLite for uploading coverage.
Related: #6054
* [CIFuzz] Allow run_fuzzers to use a preexisting corpus.
Also improve comment in cifuzz-base/Dockerfile.
* improve comment
* Fix run_fuzzers
Add --cache option to helper.py's build_image command which
uses the docker image cache when building and use this in
ci/build.py.
Change build_image_impl's argument no_cache to cache for clarity.
Eliminate default argument cache in build_fuzzers_impl since no users
use it.
* [infra][jvm] Add Jazzer UBSan support
* [java-example] Reenable and plant UB
* [docs] Mention support for Java UBSan in docs
Also adds a link to the java-example build.sh to the docs.
1. Moving the _create_config and create_config functions from build_fuzzers_test.py and run_fuzzers_test.py into test_helpers.py (which is now part of cifuzz instead of infra) and share code between them.
2. Rename artifacts_dir to crashes_dir in run_fuzzers.py. "artifacts" is ambiguous.
3. Make some small changes to pytest.ini to improve debugging.
* Exclude Jazzer classes from coverage reports
* Generate file-level coverage data for Java
Adds per-file coverage information to llvm-cov style *.json files for
Java targets.
This provides full CI Fuzz support for "jvm" projects.
For proper support of Bazel's runfiles tree, a shell script wrapper is
also needed for C++ targets, see
https://github.com/bazelbuild/rules_fuzzing/pull/149.
This commit allows shell script fuzz targets for all languages. This
also helps to consolidate the various fuzz target checks in OSS-Fuzz
by removing a dependence on fuzzing_language.
* [infra] Make `targets_list` detect JVM/Python targets
`targets_list` should not detect `jazzer_driver` and `jazzer_driver_asan` as fuzz targets, but should consider shell scripts that contain `LLVMFuzzerTestOneInput`.
@inferno-chromium This should fix https://github.com/google/oss-fuzz/pull/5770#issuecomment-841851786.
* Fix
Builds of base-runner fail as the Chromium coverage helper script has a
transitive dependency on MarkupSafe, which as of version 2.0 requires
additional python packaging tools to be installed.
This commit installs python3-setuptools and wheels, which fixes the
build.
* Filter non-fuzz target binaries in coverage script
* Filter non-fuzz target binaries in helper.py
* Fix fuzz target executable bit check in helper.py
Python and JVM fuzz target executables created via the docs template
set the exectuable via `chmod u+x` as the root user, which means that
os.access checks in infra/helper.py don't see the exectuable bit if
not run as root locally.
With this commit, the check now looks for any of the three exectuable
bits.
Coverage is collected by running the fuzz targets with the JaCoCo agent
in Jazzer's no instrumentation mode.
Since JaCoCo does not support llvm-cov style coverage reports, a simple
Python helper creates it using the information contained in the JaCoCo
XML report.
As the Java build process does not maintain a mapping between source
files and build artifacts and JaCoCo needs to be passed the root folder
of the package tree, we use the Maven directory layout convention to
heuristically detect these roots.
Navidem