Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reland "[infra] Update Jazzer to v0.17.1" (#10537)" #10538

Merged
merged 1 commit into from
Jun 26, 2023
Merged

Reland "[infra] Update Jazzer to v0.17.1" (#10537)" #10538

merged 1 commit into from
Jun 26, 2023

Conversation

jonathanmetzman
Copy link
Contributor

This reverts commit cac7ccd.

@jonathanmetzman
Copy link
Contributor Author

/gcbrun trial_build.py jvm --sanitizer coverage address undefined

@jonathanmetzman
Copy link
Contributor Author

CC @fmeum

@fmeum
Copy link
Contributor

fmeum commented Jun 14, 2023

@jonathanmetzman The current failure looks like a flake (network issue), could you retrigger it?

@jonathanmetzman
Copy link
Contributor Author

/gcbrun trial_build.py jvm --sanitizer coverage address undefined

@jonathanmetzman
Copy link
Contributor Author

Failures:

xnio-api fuzzing
struts fuzzing
jxls fuzzing
httpcomponents-core fuzzing
jose4j coverage
hdrhistogram fuzzing
closure-compiler fuzzing
apache-axis2 fuzzing
jose4j coverage
jackson-dataformat-xml coverage
jackson-dataformats-text coverage
httpcomponents-client coverage
bc-java coverage

@fmeum
Copy link
Contributor

fmeum commented Jun 15, 2023

@jonathanmetzman Does this list only include projects that build successfully on main?

@DavidKorczynski
Copy link
Collaborator

A number of them are failing, but not all e.g. bc-java. See here https://introspector.oss-fuzz.com/indexing-overview where you can search for "jvm" in the table -- which should give a nice overview on which currently fail coverage on master

@jonathanmetzman
Copy link
Contributor Author

@jonathanmetzman Does this list only include projects that build successfully on main?

It's supposed to. It's also from yesterday. I usually look at https://oss-fuzz-build-logs.storage.googleapis.com/index.html to tall

@DavidKorczynski
Copy link
Collaborator

It's supposed to.

of the above list closure-compiler, struts and jxls are failing in coverage builds on master -- and they've not had a successful coverage build yet as reported by https://oss-fuzz-build-logs.storage.googleapis.com/index.html

@fmeum
Copy link
Contributor

fmeum commented Jun 16, 2023
edited
Loading

I tested the listed projects locally:

  • xnio-api: passes
  • jose4j: passes
  • struts: fails in apt-get, seems unrelated
  • jxls: has a regular finding in check_build
  • hdrhistogram: has a regular finding in check_build
  • closure-compiler: failure is expected as rules_fuzzing will need to be updated to account for this Jazzer update. Since it runs OSS-Fuzz in CI, I can only do this after merging this PR. I have a draft PR ready with the update.
  • apache-axi2 and httpcomponents-core trigger the new SSRF bug detector in check_build. I allowlisted the host and port they attempt to connect to, which gets check_build to pass with [java] Allowlist SSRF detector false positives #10550.

The coverage build failures I either couldn't reproduce or they seemed unrelated.

@jonathanmetzman Could you merge #10550 into the reland PR?

Should I look into fixing any of the remaining issues? Especially with the regular findings during check_build I lack knowledge of the projects to determine how to best ignore them without rendering the fuzzer less effective.

@jonathanmetzman jonathanmetzman merged commit e5d26b1 into master Jun 26, 2023
@jonathanmetzman jonathanmetzman deleted the reland-java branch June 26, 2023 22:35
This was referenced Jun 29, 2023
Merged
Merged
jonathanmetzman pushed a commit that referenced this pull request Jul 6, 2023
@DavidKorczynski
infra: compile: fix jvm introspector builds (#10623)
fa5ec3a 
Ref:
#10481 (comment)

Java projects are currently failing Fuzz Introspector following
#10538

```bash
Step #6 - "compile-libfuzzer-introspector-x86_64": ---------------------------------------------------------------
Step #6 - "compile-libfuzzer-introspector-x86_64": chmod: cannot access '/workspace/out/libfuzzer-introspector-x86_64/jazzer_driver_with_sanitizer': No such file or directory
Step #6 - "compile-libfuzzer-introspector-x86_64": ********************************************************************************
```

There is a missing "introspector" conditional in
https://github.com/google/oss-fuzz/blob/6922c8c1ac27c9a459ce41201991e296a6bace54/infra/base-images/base-builder/compile#L152-L171

This causes line 171 to fail.

It may be convenient to search for "jvm" in the table here
https://introspector.oss-fuzz.com/indexing-overview which will show the
introspector build status is red for all.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jonathanmetzman @fmeum @DavidKorczynski