CodeIntelligenceTesting
diff --git a/‎.bazelrc
+7-1 b/‎.bazelrc
+7-1
diff --git a/‎.github/BUILD.bazel
-26 b/‎.github/BUILD.bazel
-26
diff --git a/‎.github/workflows/oss-fuzz.yml
+2-2 b/‎.github/workflows/oss-fuzz.yml
+2-2
diff --git a/‎.github/workflows/release.yml
+1-1 b/‎.github/workflows/release.yml
+1-1
diff --git a/‎.github/workflows/run-all-tests.yml
+25-6 b/‎.github/workflows/run-all-tests.yml
+25-6
diff --git a/‎BUILD.bazel
-10 b/‎BUILD.bazel
-10
diff --git a/‎README.md
+8-3 b/‎README.md
+8-3
diff --git a/‎WORKSPACE.bazel
-6 b/‎WORKSPACE.bazel
-6
diff --git a/‎bazel/fuzz_target.bzl
+2-4 b/‎bazel/fuzz_target.bzl
+2-4
diff --git a/‎bazel/tools/java/com/code_intelligence/jazzer/tools/FuzzTargetTestWrapper.java
+5-3 b/‎bazel/tools/java/com/code_intelligence/jazzer/tools/FuzzTargetTestWrapper.java
+5-3
diff --git a/‎driver/src/main/java/com/code_intelligence/jazzer/BUILD.bazel
+6-1 b/‎driver/src/main/java/com/code_intelligence/jazzer/BUILD.bazel
+6-1
@@ -7,6 +7,9 @@ build -c opt
 
 # C/C++
 common --repo_env=CC=clang
+# We want stock LLVM to be configured on macOS rather than Xcode's Apple Clang
+# toolchain.
+common --repo_env=BAZEL_USE_CPP_ONLY_TOOLCHAIN=1
 build --incompatible_enable_cc_toolchain_resolution
 # Requires a relatively modern clang.
 build:ci --features=layering_check
@@ -31,11 +34,14 @@ run:windows --noincompatible_strict_action_env
 build:macos --extra_toolchains=//:java_non_prebuilt_definition
 build:macos --java_runtime_version=11
 build:macos --tool_java_runtime_version=11
+# Allow Jazzer to find LLVM rather than Apple clang. The former is not
+# contained in the default PATH set by Bazel.
+test:macos --test_env=PATH
+run:macos --test_env=PATH
 
 # Toolchain
 # Since the toolchain is conditional on OS and architecture, set it on the particular GitHub Action.
 build:toolchain --repo_env=BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1
-build:toolchain --//third_party:toolchain
 
 # Forward debug variables to tests
 test --test_env=JAZZER_AUTOFUZZ_DEBUG
 
@@ -23,8 +23,8 @@ jobs:
 
       - name: Build Jazzer
         # Keep in sync with https://github.com/google/oss-fuzz/blob/221b39181a372ff16c0c813c5963a08aa58f19e2/infra/base-images/base-builder/install_java.sh#L33.
-        run: bazel build --java_runtime_version=local_jdk_15 -c opt --cxxopt="-stdlib=libc++" --linkopt=-lc++ //agent:jazzer_agent_deploy.jar //launcher:jazzer //launcher:jazzer_asan //launcher:jazzer_ubsan //agent:jazzer_api_deploy.jar
+        run: bazel build --java_runtime_version=local_jdk_15 -c opt --cxxopt="-stdlib=libc++" --linkopt=-lc++ //agent:jazzer_agent_deploy.jar //launcher:jazzer //agent:jazzer_api_deploy.jar
 
       - name: Test Jazzer build
         # Keep in sync with https://github.com/google/oss-fuzz/blob/221b39181a372ff16c0c813c5963a08aa58f19e2/infra/base-images/base-builder/install_java.sh#L35-L36.
-        run: "test -f bazel-bin/agent/jazzer_agent_deploy.jar && test -f bazel-bin/launcher/jazzer && test -f bazel-bin/launcher/jazzer_asan && test -f bazel-bin/launcher/jazzer_ubsan && test -f bazel-bin/agent/jazzer_api_deploy.jar"
+        run: "test -f bazel-bin/agent/jazzer_agent_deploy.jar && test -f bazel-bin/launcher/jazzer && test -f bazel-bin/agent/jazzer_api_deploy.jar"
@@ -16,7 +16,7 @@ jobs:
             bazel_args: "--config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-linux"
           - os: macos-11
             arch: "macos-x86_64"
-            bazel_args: "--config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-darwin --xcode_version_config=//.github:host_xcodes"
+            bazel_args: "--config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-darwin"
           - os: windows-2019
             arch: "windows"
             bazel_args: ""
 
@@ -14,16 +14,17 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-20.04, macos-11, windows-2019]
+        os: [ubuntu-20.04, macos-12, windows-2019]
         jdk: [8, 17]
         include:
           - os: ubuntu-20.04
             arch: "linux"
             cache: "/home/runner/.cache/bazel-disk"
-          - os: macos-11
+          - os: macos-12
             arch: "macos-x86_64"
-            # Always use the toolchain as UBSan produces linker errors with Apple LLVM 13.
-            bazel_args: "--config=toolchain --extra_toolchains=@llvm_toolchain//:cc-toolchain-x86_64-darwin --xcode_version_config=//.github:host_xcodes"
+            # Inherit CC from the environment so that LLVM clang is picked over Apple clang.
+            # Also work around https://github.com/bazelbuild/bazel/issues/13944#issuecomment-1271745466.
+            bazel_args: "--repo_env=CC --features=-layering_check"
             cache: "/private/var/tmp/bazel-disk"
           - os: windows-2019
             arch: "windows"
@@ -33,10 +34,17 @@ jobs:
       - uses: actions/checkout@v2
 
       - name: Set up JDK
-        uses: actions/setup-java@v1
+        uses: actions/setup-java@v3
         with:
+          distribution: zulu
           java-version: ${{ matrix.jdk }}
 
+      # The java binary has the necessary entitlements to allow tests to pass, but that requires
+      # user interaction (clicking through Gatekeeper warnings) that we can't simulate in CI.
+      - name: Remove codesign signature on java binary
+        if: contains(matrix.os, 'mac')
+        run: codesign --remove-signature "$JAVA_HOME"/bin/java
+
       - name: Set up MSYS2 to work around bazelbuild/bazel#15919
         if: contains(matrix.os, 'windows')
         shell: cmd
@@ -55,11 +63,22 @@ jobs:
         run: .github/scripts/echoBuildBuddyConfig.sh ${{ secrets.BUILDBUDDY_API_KEY }} >> $GITHUB_ENV
         shell: bash
 
+      - name: Set CC to LLVM clang on macOS
+        if: contains(matrix.os, 'mac')
+        run: |
+          export CC="$(brew --prefix llvm@14)/bin/clang"
+          which "$CC"
+          "$CC" --version
+          "$CC" -print-resource-dir
+          "$CC" --print-file-name libclang_rt.asan_osx_dynamic.dylib
+          echo "CC=$CC" >> $GITHUB_ENV
+        shell: bash
+
       - name: Build
         run: bazelisk build ${{env.BUILD_BUDDY_CONFIG}} --java_runtime_version=local_jdk_${{ matrix.jdk }} --disk_cache=${{ matrix.cache }} ${{ matrix.bazel_args }} //...
 
       - name: Test
-        run: bazelisk test ${{env.BUILD_BUDDY_CONFIG}} --java_runtime_version=local_jdk_${{ matrix.jdk }} --disk_cache=${{ matrix.cache }} ${{ matrix.bazel_args }} //...
+        run: bazelisk test ${{env.BUILD_BUDDY_CONFIG}} --java_runtime_version=local_jdk_${{ matrix.jdk }} --disk_cache=${{ matrix.cache }} ${{ matrix.bazel_args }} --test_tag_filters=-no-${{ matrix.arch }}-jdk${{ matrix.jdk }} //...
 
       - name: Upload test logs
         if: always()
 
@@ -45,16 +45,6 @@ alias(
     actual = "//launcher:jazzer",
 )
 
-alias(
-    name = "jazzer_asan",
-    actual = "//launcher:jazzer_asan",
-)
-
-alias(
-    name = "jazzer_ubsan",
-    actual = "//launcher:jazzer_ubsan",
-)
-
 exports_files([
     "jazzer-api.pom",
 ])
 
@@ -14,7 +14,7 @@ native libraries.
 
 Jazzer currently supports the following platforms:
 * Linux x86_64
-* macOS 10.15+ x86_64 (experimental support for arm64)
+* macOS 12+ x86_64 & arm64
 * Windows x86_64
 
 ## News: Jazzer available in OSS-Fuzz
@@ -504,9 +504,14 @@ the native libraries. The required compilation flags for native libraries are as
  - *AddressSanitizer*: `-fsanitize=fuzzer-no-link,address`
  - *UndefinedBehaviorSanitizer*: `-fsanitize=fuzzer-no-link,undefined` (add `-fno-sanitize-recover=all` to crash on UBSan reports)
 
-Then, use the appropriate launcher `//:jazzer_asan` or `//:jazzer_ubsan`.
+Then, start Jazzer with `--asan` and/or `--ubsan` to automatically preload the sanitizer runtimes.
+Jazzer defaults to using the runtimes associated with `clang` on the `PATH`.
+If you used a different compiler to compile the native libraries, specify it with `CC` to override this default.
 
-**Note:** Sanitizers other than AddressSanitizer and UndefinedBehaviorSanitizer are not yet supported.
+**Note:** On macOS, you may see Gatekeeper warnings when using `--asan` and/or `--ubsan` since these flags cause the
+native sanitizer libraries to be preloaded into the codesigned `java` executable via `DYLD_INSERT_LIBRARIES`.
+
+Sanitizers other than AddressSanitizer and UndefinedBehaviorSanitizer are not yet supported.
 Furthermore, due to the nature of the JVM's GC, LeakSanitizer reports too many false positives to be useful and is thus disabled.
 
 The fuzz targets `ExampleFuzzerWithNativeASan` and `ExampleFuzzerWithNativeUBSan` in the `examples/` directory contain
 
@@ -24,12 +24,6 @@ filegroup(
 
 http_archive(
     name = "com_grail_bazel_toolchain",
-    patches = [
-        # There is no static runtime library for ASan on macOS, so when using
-        # the toolchain in the CI, we have to explicitly depend on the dylib and
-        # add it to the runfiles for clang/ld.
-        "//third_party:bazel-toolchain-export-dynamic-macos-asan.patch",
-    ],
     sha256 = "da607faed78c4cb5a5637ef74a36fdd2286f85ca5192222c4664efec2d529bb8",
     strip_prefix = "bazel-toolchain-0.6.3",
     urls = ["https://github.com/grailbio/bazel-toolchain/archive/refs/tags/0.6.3.tar.gz"],
 
@@ -27,6 +27,7 @@ def java_fuzz_target_test(
         size = None,
         timeout = None,
         env = None,
+        env_inherit = None,
         verify_crash_input = True,
         verify_crash_reproducer = True,
         # Superset of the findings the fuzzer is expected to find. Since fuzzing runs are not
@@ -61,10 +62,6 @@ def java_fuzz_target_test(
 
     if launcher_variant == "native":
         driver = "//launcher:jazzer"
-    elif launcher_variant == "address":
-        driver = "//launcher:jazzer_asan"
-    elif launcher_variant == "undefined":
-        driver = "//launcher:jazzer_ubsan"
     elif launcher_variant == "java":
         driver = target_name
     else:
@@ -106,6 +103,7 @@ def java_fuzz_target_test(
             driver,
         ] + data + ([hook_jar] if hook_jar else []),
         env = env,
+        env_inherit = env_inherit,
         main_class = "com.code_intelligence.jazzer.tools.FuzzTargetTestWrapper",
         use_testrunner = False,
         tags = tags,
 
@@ -34,7 +34,6 @@
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.List;
-import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
@@ -91,9 +90,12 @@ public static void main(String[] args) {
     }
 
     ProcessBuilder processBuilder = new ProcessBuilder();
-    Map<String, String> environment = processBuilder.environment();
     // Ensure that Jazzer can find its runfiles.
-    environment.putAll(runfiles.getEnvVars());
+    processBuilder.environment().putAll(runfiles.getEnvVars());
+    // Ensure that sanitizers behave consistently across OSes and use a dedicated exit code to make
+    // them distinguishable from unexpected crashes.
+    processBuilder.environment().put("ASAN_OPTIONS", "abort_on_error=0:exitcode=76");
+    processBuilder.environment().put("UBSAN_OPTIONS", "abort_on_error=0:exitcode=76");
 
     // Crashes will be available as test outputs. These are cleared on the next run,
     // so this is only useful for examples.
 
@@ -1,4 +1,5 @@
 load("@bazel_skylib//rules:write_file.bzl", "write_file")
+load("@fmeum_rules_jni//jni:defs.bzl", "java_jni_library")
 load("//:maven.bzl", "JAZZER_VERSION")
 
 java_binary(
@@ -7,9 +8,13 @@ java_binary(
     runtime_deps = [":jazzer_lib"],
 )
 
-java_library(
+java_jni_library(
     name = "jazzer_lib",
     srcs = ["Jazzer.java"],
+    native_libs = select({
+        "@platforms//os:windows": [],
+        "//conditions:default": ["//driver/src/main/native/com/code_intelligence/jazzer:jazzer_preload"],
+    }),
     visibility = ["//visibility:public"],
     deps = ["//driver/src/main/java/com/code_intelligence/jazzer/driver"],
 )