Merge branch 'master' into fix-inspector-copy

google · Dec 5, 2024 · d827001 · d827001
2 parents a530ad3 + 8bc2e0b
commit d827001
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 37 deletions.
diff --git a/infra/base-images/base-builder/precompile_honggfuzz b/infra/base-images/base-builder/precompile_honggfuzz
@@ -26,7 +26,7 @@ PACKAGES=(
     zlib1g-dev
     pkg-config)
 
-apt-get install -y ${PACKAGES[@]}
+apt-get update && apt-get install -y ${PACKAGES[@]}
 
 pushd $SRC/honggfuzz > /dev/null
 make clean

diff --git a/infra/base-images/base-runner/coverage b/infra/base-images/base-runner/coverage
@@ -434,46 +434,27 @@ elif [[ $FUZZING_LANGUAGE == "jvm" ]]; then
   java -jar /opt/jacoco-cli.jar merge $DUMPS_DIR/*.exec \
       --destfile $jacoco_merged_exec
 
-  # Merge .class files from the individual targets.
+  # Prepare classes directory for jacoco process
   classes_dir=$DUMPS_DIR/classes
   mkdir $classes_dir
-  for fuzz_target in $FUZZ_TARGETS; do
-    # Continue if not a fuzz target.
-    if [[ $FUZZING_ENGINE != "none" ]]; then
-      grep "LLVMFuzzerTestOneInput" $fuzz_target > /dev/null 2>&1 || continue
+
+  # Only copy class files found in $OUT/$SRC to ensure they are
+  # lively compiled from the project, avoiding inclusion of
+  # dependency classes. This also includes the fuzzer classes.
+  find "$OUT/$SRC" -type f -name "*.class" | while read -r class_file; do
+    # Skip module-info.class
+    if [[ "$(basename "$class_file")" == "module-info.class" ]]; then
+        continue
     fi
-    cp -r $DUMPS_DIR/${fuzz_target}_classes/* $classes_dir/
-  done
 
-  # Dump classes in jar file to dump directory. This action includes all
-  # the classes of the project that are not executed by the fuzzers to
-  # the dump directory. Duplicate classes in the dump directory will be
-  # overwritten. We need to do this to include all possible classes in
-  # the coverage report and avoid duplicate classes from different jar
-  # files which jacoco fails to handle.
-  for jar_file in $(ls $OUT/*.jar)
-  do
-    if [[ $jar_file != $OUT/jazzer* ]]
-    then
-      tempdir=$(mktemp -d)
-      cd $tempdir && jar xvf $jar_file && cd -
-      cp -r $tempdir/* $classes_dir/
-      rm -r $tempdir
+    # Use javap to extract the fully qualified name of the class and copy it to $classes_dir
+    fqn=$(javap -verbose "$class_file" 2>/dev/null | grep "this_class:" | grep -oP '(?<=// ).*')
+    if [ -n "$fqn" ]; then
+      mkdir -p $classes_dir/$(dirname $fqn)
+      cp $class_file $classes_dir/$fqn.class
     fi
   done
 
-  # Clean up files that can create duplicate class names which breaks Jacoco.
-  # Remove META-INF folder because some jar may store duplications of the same
-  # class file in the META-INF for other java versions.
-  find $classes_dir -name "META-INF" | xargs rm -rf
-  # Remove all files that are not a java class because some jar may contain
-  # Kotlin class which has the same name as a java class and Jacoco fail to
-  # distinguish them.
-  find $classes_dir -type f -not -name "*.class" | xargs rm -f
-  # Remove all class files which have a dot in their file name which are normally
-  # used to name a duplication of the legitimate class file.
-  find $classes_dir/*/ -type f -name "*.*.class" | xargs rm -f
-
   # Heuristically determine source directories based on Maven structure.
   # Always include the $SRC root as it likely contains the fuzzer sources.
   sourcefiles_args=(--sourcefiles $OUT/$SRC)

diff --git a/projects/fluxcd/project.yaml b/projects/fluxcd/project.yaml
@@ -7,7 +7,8 @@ auto_ccs :
   - "[email protected]"
   - "[email protected]"
   - "[email protected]"
-  - "[email protected]"
+  - "[email protected]"
+  - "[email protected]"
 language: go
 fuzzing_engines:
   - libfuzzer

diff --git a/projects/typst/Dockerfile b/projects/typst/Dockerfile
@@ -16,7 +16,7 @@
 
 FROM gcr.io/oss-fuzz-base/base-builder-rust
 
-RUN rustup toolchain install nightly-2023-09-13
+RUN rustup toolchain install nightly-2024-10-29
 RUN git clone --depth 1 https://github.com/typst/typst.git typst
 WORKDIR typst
 COPY build.sh $SRC/
diff --git a/projects/typst/build.sh b/projects/typst/build.sh
@@ -20,7 +20,7 @@ cd tests/fuzz
 # Typst has a large API and as a result, will often fail to build on nightly,
 # due to bugs in rustc. Because of this we are pinning the nightly version
 # to a specific version.
-cargo +nightly-2023-09-13 fuzz build -O --debug-assertions
+cargo +nightly-2024-10-29 fuzz build -O --debug-assertions
 
 FUZZ_TARGET_OUTPUT_DIR=$SRC/typst/target/x86_64-unknown-linux-gnu/release 
 for f in src/*.rs