Merge branch 'master' into fix_poppler-build

docs/advanced-topics/fuzz_introspector.md

@@ -85,8 +85,7 @@ The above output gives you directions on how to start a simple webserver using
 ### Generate reports by using public corpora
 
 The following command will generate a Fuzz Introspector report for the `libdwarf` project
-and will extract code coverage based on a corpus created from running the fuzzers for 30
-seconds.
+and will extract code coverage based on the publicly available corpora. 
 
 ```bash
 $ python3 infra/helper.py introspector libdwarf --public-corpora

infra/base-images/base-builder-jvm/Dockerfile

@@ -16,9 +16,49 @@
 
 FROM gcr.io/oss-fuzz-base/base-builder
 
-ENV JAVA_HOME /usr/lib/jvm/java-15-openjdk-amd64
+ENV JAVA_HOME /usr/lib/jvm/java-17-openjdk-amd64
+ENV JAVA_15_HOME /usr/lib/jvm/java-15-openjdk-amd64
 ENV JVM_LD_LIBRARY_PATH $JAVA_HOME/lib/server
 ENV PATH $PATH:$JAVA_HOME/bin
 ENV JAZZER_API_PATH "/usr/local/lib/jazzer_api_deploy.jar"
+ENV JAZZER_JUNIT_PATH "/usr/local/bin/jazzer_junit.jar"
 
-RUN install_java.sh
+RUN install_java.sh
+
+RUN chmod 777 /usr/local/bin && chmod 777 /usr/local/lib
+
+RUN useradd -m jazzer_user
+
+USER jazzer_user
+
+WORKDIR $SRC
+
+RUN git clone https://github.com/CodeIntelligenceTesting/jazzer && \
+    cd jazzer && \
+    git checkout aa376ca3c0255b9cf04e1fc79fcf1fe5c63b2376
+
+WORKDIR $SRC/jazzer
+
+RUN echo "build --java_runtime_version=local_jdk_17" >> .bazelrc \
+    && echo "build --cxxopt=-stdlib=libc++" >> .bazelrc \
+    && echo "build --linkopt=-lc++" >> .bazelrc
+
+RUN bazel build \
+    //src/main/java/com/code_intelligence/jazzer:jazzer_standalone_deploy.jar \
+    //deploy:jazzer-api \
+    //deploy:jazzer-junit \
+    //launcher:jazzer
+
+RUN cp $(bazel cquery --output=files //src/main/java/com/code_intelligence/jazzer:jazzer_standalone_deploy.jar) /usr/local/bin/jazzer_agent_deploy.jar && \
+    cp $(bazel cquery --output=files //launcher:jazzer) /usr/local/bin/jazzer_driver && \
+    cp $(bazel cquery --output=files //deploy:jazzer-api) $JAZZER_API_PATH && \
+    cp $(bazel cquery --output=files //deploy:jazzer-junit) $JAZZER_JUNIT_PATH
+
+USER root
+
+RUN rm -rf /home/jazzer_user/.cache/bazel /home/jazzer_user/.cache/bazelisk && \
+    rm -rf $SRC/jazzer
+
+RUN chmod 755 /usr/local/bin && chmod 755 /usr/local/lib
+
+WORKDIR $SRC

infra/base-images/base-builder/bazel_build_fuzz_tests

@@ -67,7 +67,7 @@ ${BAZEL_TOOL} build "${BAZEL_BUILD_FLAGS[@]}" "${OSS_FUZZ_TESTS[@]}"
 
 echo "Extracting the fuzz test packages in the output directory."
 for oss_fuzz_archive in $(find bazel-bin/ -name "*${BAZEL_PACKAGE_SUFFIX}.tar"); do
-    tar -xvf "${oss_fuzz_archive}" -C "${OUT}"
+    tar --no-same-owner -xvf "${oss_fuzz_archive}" -C "${OUT}"
 done
 
 if [ "$SANITIZER" = "coverage" ]; then

infra/base-images/base-builder/compile

@@ -163,7 +163,7 @@ cp $(which llvm-symbolizer) $OUT/
 
 # Copy Jazzer to $OUT if needed.
 if [ "$FUZZING_LANGUAGE" = "jvm" ]; then
-  cp $(which jazzer_agent_deploy.jar) $(which jazzer_driver) $OUT/
+  cp $(which jazzer_agent_deploy.jar) $(which jazzer_driver) $(which jazzer_junit.jar) $OUT/
   jazzer_driver_with_sanitizer=$OUT/jazzer_driver_with_sanitizer
   if [ "$SANITIZER" = "address" ]; then
     cat > $jazzer_driver_with_sanitizer << 'EOF'

infra/base-images/base-builder/install_java.sh

@@ -15,32 +15,17 @@
 #
 ################################################################################
 
-# Install OpenJDK 15 and trim its size by removing unused components.
+# Install OpenJDK 17 and trim its size by removing unused components. This enables using Jazzer's mutation framework.
 cd /tmp
-curl --silent -L -O https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz && \
+curl --silent -L -O https://download.java.net/java/GA/jdk17.0.2/dfd4a8d0985749f896bed50d7138ee7f/8/GPL/openjdk-17.0.2_linux-x64_bin.tar.gz && \
 mkdir -p $JAVA_HOME
-tar -xz --strip-components=1 -f openjdk-15.0.2_linux-x64_bin.tar.gz --directory $JAVA_HOME && \
-rm -f openjdk-15.0.2_linux-x64_bin.tar.gz
+tar -xz --strip-components=1 -f openjdk-17.0.2_linux-x64_bin.tar.gz --directory $JAVA_HOME && \
+rm -f openjdk-17.0.2_linux-x64_bin.tar.gz
 rm -rf $JAVA_HOME/jmods $JAVA_HOME/lib/src.zip
 
-# Install the latest Jazzer in $OUT.
-# jazzer_api_deploy.jar is required only at build-time, the agent and the
-# drivers are copied to $OUT as they need to be present on the runners.
-cd $SRC/
-git clone https://github.com/CodeIntelligenceTesting/jazzer && \
-cd jazzer && \
-
-# Latest fix followig a depedency issue: (https://github.com/CodeIntelligenceTesting/jazzer/issues/896)
-git checkout 96205feebc7135075ffa48aae3f22e38cae5dc45
-cat << 'EOF' >> .bazelrc
-build --java_runtime_version=local_jdk_15
-build --cxxopt=-stdlib=libc++
-build --linkopt=-lc++
-EOF
-
-bazel build //src/main/java/com/code_intelligence/jazzer:jazzer_standalone_deploy.jar //deploy:jazzer-api //launcher:jazzer
-cp $(bazel cquery --output=files //src/main/java/com/code_intelligence/jazzer:jazzer_standalone_deploy.jar) /usr/local/bin/jazzer_agent_deploy.jar
-cp $(bazel cquery --output=files //launcher:jazzer) /usr/local/bin/jazzer_driver
-cp $(bazel cquery --output=files //deploy:jazzer-api) $JAZZER_API_PATH
-rm -rf ~/.cache/bazel ~/.cache/bazelisk
-rm -rf $SRC/jazzer
+# Install OpenJDK 15 and trim its size by removing unused components. Some projects only run with Java 15.
+curl --silent -L -O https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-x64_bin.tar.gz && \
+mkdir -p $JAVA_15_HOME
+tar -xz --strip-components=1 -f openjdk-15.0.2_linux-x64_bin.tar.gz --directory $JAVA_15_HOME && \
+rm -f openjdk-15.0.2_linux-x64_bin.tar.gz
+rm -rf $JAVA_15_HOME/jmods $JAVA_15_HOME/lib/src.zip

infra/base-images/base-clang/Dockerfile

@@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y wget sudo && \
 RUN apt-get update && apt-get install -y git && \
     git clone https://github.com/ossf/fuzz-introspector.git fuzz-introspector && \
     cd fuzz-introspector && \
-    git checkout cce5c5f8d181ea470db6358ee0f029d957c76e8c && \
+    git checkout b55168b694305e32fa51712dca82d689d7516f38 && \
     git submodule init && \
     git submodule update && \
     apt-get autoremove --purge -y git && \

infra/base-images/base-runner/Dockerfile

@@ -72,7 +72,8 @@ COPY install_go.sh /
 RUN /install_go.sh && rm -rf /install_go.sh /root/.go
 
 # Install OpenJDK 15 and trim its size by removing unused components.
-ENV JAVA_HOME=/usr/lib/jvm/java-15-openjdk-amd64
+ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
+ENV JAVA_15_HOME=/usr/lib/jvm/java-15-openjdk-amd64
 ENV JVM_LD_LIBRARY_PATH=$JAVA_HOME/lib/server
 ENV PATH=$PATH:$JAVA_HOME/bin
 

infra/base-images/base-runner/install_java.sh

@@ -31,9 +31,16 @@ case $(uname -m) in
       ;;
 esac
 
+wget -q https://download.java.net/java/GA/jdk17.0.2/dfd4a8d0985749f896bed50d7138ee7f/8/GPL/openjdk-17.0.2_linux-"$ARCHITECTURE"_bin.tar.gz -O /tmp/openjdk-17.0.2_linux-"$ARCHITECTURE"_bin.tar.gz
 wget -q https://download.java.net/java/GA/jdk15.0.2/0d1cfde4252546c6931946de8db48ee2/7/GPL/openjdk-15.0.2_linux-"$ARCHITECTURE"_bin.tar.gz -O /tmp/openjdk-15.0.2_linux-"$ARCHITECTURE"_bin.tar.gz
 cd /tmp
 mkdir -p $JAVA_HOME
-tar -xz --strip-components=1 -f openjdk-15.0.2_linux-"$ARCHITECTURE"_bin.tar.gz --directory $JAVA_HOME
-rm -f openjdk-15.0.2_linux-"$ARCHITECTURE"_bin.tar.gz
+tar -xz --strip-components=1 -f openjdk-17.0.2_linux-"$ARCHITECTURE"_bin.tar.gz --directory $JAVA_HOME
+rm -f openjdk-17.0.2_linux-"$ARCHITECTURE"_bin.tar.gz
 rm -rf $JAVA_HOME/jmods $JAVA_HOME/lib/src.zip
+
+# Install OpenJDK 15 and trim its size by removing unused components. Some projects only run with Java 15.
+mkdir -p $JAVA_15_HOME
+tar -xz --strip-components=1 -f openjdk-15.0.2_linux-"$ARCHITECTURE"_bin.tar.gz --directory $JAVA_15_HOME
+rm -f openjdk-15.0.2_linux-"$ARCHITECTURE"_bin.tar.gz
+rm -rf $JAVA_15_HOME/jmods $JAVA_15_HOME/lib/src.zip