Jazzer has the following dependencies when being built from source:
.bazelversion
--repo_env=CC=gcc
, but is not tested)It is recommended to use Bazelisk to automatically download and install Bazel. Simply download the release binary for your OS and architecture and ensure that it is available in the PATH
. The instructions below will assume that this binary is called bazel
- Bazelisk is a thin wrapper around the actual Bazel binary and can be used interchangeably.
Assuming the dependencies are installed, build Jazzer from source and run it as follows:
$ git clone https://github.com/CodeIntelligenceTesting/jazzer $ cd jazzer # Note the double dash used to pass <arguments> to Jazzer rather than Bazel. $ bazel run //:jazzer -- <arguments>
You can also build your own version of the release binaries:
$ bazel build //:jazzer_release ... INFO: Found 1 target... Target //:jazzer_release up-to-date: bazel-bin/jazzer_release.tar.gz ...
The build may fail with the clang shipped with Xcode. In that case, install LLVM clang via brew install llvm
and set CC
to the path of LLVM clang.
clang-cl
is required to build Jazzer on Windows.
To run the tests, execute the following command:
$ bazel test //...
Run ./format.sh
to format all source files in the way enforced by the “Check formatting” CI job. See check-formatting.yml for how to obtain the particular versions of the required formatting tools.
Requires an accounts on Sonatype with access to the com.code-intelligence
group as well as a YubiKey with the signing key.
Update JAZZER_VERSION
in maven.bzl
.
Create a tag for the release.
Push the tag to the private fork at https://github.com/CodeIntelligenceTesting/jazzer-trusted.
Trigger the “Release” GitHub Actions workflow for the tag in jazzer-trusted
. This builds release archives for GitHub as well as the multi-architecture jar for the com.code-intelligence:jazzer
Maven artifact. Using jazzer-trusted
is unfortunately required as there is no safe way to add a private runner to a public repository and there are no public macOS M1 runners.
Create a GitHub release and upload the contents of the jazzer_releases
artifact from the workflow run.
Check out the tag locally and, with the YubiKey plugged in, run bazel run //deploy
with the following environment variables to upload the Maven artifacts:
JAZZER_JAR_PATH
: local path of the multi-architecture jazzer.jar
contained in the jazzer
artifact of the “Release” workflowJAVA_HOME
: path to a JDK 8MAVEN_USER
: username on https://oss.sonatype.orgMAVEN_PASSWORD
: password on https://oss.sonatype.orgThe YubiKey blinks repeatedly and needs a touch to confirm each individual signature.
Log into https://oss.sonatype.org, select both staging repositories and “Close” them. Wait and refresh, then select them again and “Release” them.
Locally, with Docker credentials available, run docker/push_all.sh
to build and push the cifuzz/jazzer
and cifuzz/jazzer-autofuzz
Docker images.
Javadocs are hosted at https://codeintelligencetesting.github.io/jazzer-docs, which is populated from https://github.com/CodeIntelligenceTesting/jazzer-docs.
To update the docs after a release with API changes, follow these steps to get properly linked cross-references:
jazzer-docs
.bazel build --//deploy:linked_javadoc //deploy:jazzer-api-docs
and unpack the jar into the jazzer-api
subdirectory of jazzer-docs
.bazel build --//deploy:linked_javadoc //deploy:jazzer-docs
and unpack the jar into the jazzer
subdirectory of jazzer-docs
.bazel build --//deploy:linked_javadoc //deploy:jazzer-junit-docs
and unpack the jar into the jazzer-junit
subdirectory of jazzer-docs
.