qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/3] fuzz: Add support for custom fuzzing library

From: Paolo Bonzini
Subject: Re: [PATCH 2/3] fuzz: Add support for custom fuzzing library
Date: Wed, 2 Sep 2020 17:48:31 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 
On 02/09/20 16:37, Alexander Bulekov wrote:
> On oss-fuzz, we must use the LIB_FUZZING_ENGINE and CFLAGS environment
> variables, rather than -fsanitize=fuzzer. With this change, when
> LIB_FUZZING_ENGINE is set, the --enable-fuzzing configure option will
> use that environment variable during the linking stage, rather than
> -fsanitize=fuzzer
> 
> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> ---
>  configure                    | 12 ++++++++++--
>  tests/qtest/fuzz/meson.build |  4 ++--
>  2 files changed, 12 insertions(+), 4 deletions(-)
> 
> diff --git a/configure b/configure
> index 6ecaff429b..4182a88e75 100755
> --- a/configure
> +++ b/configure
> @@ -6165,7 +6165,7 @@ fi
>  
>  ##########################################
>  # checks for fuzzer
> -if test "$fuzzing" = "yes" ; then
> +if test "$fuzzing" = "yes" && test -z "${LIB_FUZZING_ENGINE+xxx}"; then
>    write_c_fuzzer_skeleton
>    if compile_prog "$CPU_CFLAGS -Werror -fsanitize=fuzzer" ""; then
>      have_fuzzer=yes
> @@ -7505,7 +7505,14 @@ if test "$have_mlockall" = "yes" ; then
>    echo "HAVE_MLOCKALL=y" >> $config_host_mak
>  fi
>  if test "$fuzzing" = "yes" ; then
> -  QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
> +  # If LIB_FUZZING_ENGINE is set, assume we are running on OSS-Fuzz, and the
> +  # needed CFLAGS have already been provided
> +  if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then
> +    QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
> +    FUZZ_LINK_COMMAND="-fsanitize=fuzzer"
> +  else
> +    FUZZ_LINK_COMMAND="$LIB_FUZZING_ENGINE"
> +  fi
>  fi

Can you name this FUZZ_EXE_LDFLAGS?

>  if test "$plugins" = "yes" ; then
> @@ -7620,6 +7627,7 @@ fi
>  if test "$fuzzing" != "no"; then
>      echo "CONFIG_FUZZ=y" >> $config_host_mak
>  fi
> +echo "FUZZ_LINK_COMMAND=$FUZZ_LINK_COMMAND" >> $config_host_mak
>  
>  if test "$edk2_blobs" = "yes" ; then
>    echo "DECOMPRESS_EDK2_BLOBS=y" >> $config_host_mak
> diff --git a/tests/qtest/fuzz/meson.build b/tests/qtest/fuzz/meson.build
> index 3432c3e7c3..59a630802a 100644
> --- a/tests/qtest/fuzz/meson.build
> +++ b/tests/qtest/fuzz/meson.build
> @@ -9,8 +9,8 @@ specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_SCSI', if_true: 
> files('virtio_scsi_fuz
>  # unfortunately declare_dependency does not support link_depends, so
>  # this will be duplicated in meson.build

Also for patch 1: the comment is now obsolete.

Paolo

>  fork_fuzz = declare_dependency(
> -  link_args: ['-fsanitize=fuzzer',
> -              '-Wl,-wrap,qtest_inb',
> +  link_args: config_host['FUZZ_LINK_COMMAND'].split() +
> +             ['-Wl,-wrap,qtest_inb',
>                '-Wl,-wrap,qtest_inw',
>                '-Wl,-wrap,qtest_inl',
>                '-Wl,-wrap,qtest_outb',
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]