From: Josh Steadmon <steadmon@xxxxxxxxxx> V2 of this series pulls the compiler flags out of the Makefile, to be provided by the user depending on the combination of compiler and fuzzing engine in use. This also makes it more compatible with OSS-Fuzz's build process. Josh Steadmon (2): fuzz: Add basic fuzz testing target. fuzz: Add fuzz testing for packfile indices. .gitignore | 3 +++ Makefile | 33 +++++++++++++++++++++++++++++++++ fuzz-pack-headers.c | 14 ++++++++++++++ fuzz-pack-idx.c | 13 +++++++++++++ packfile.c | 44 +++++++++++++++++++++++++------------------- packfile.h | 13 +++++++++++++ 6 files changed, 101 insertions(+), 19 deletions(-) create mode 100644 fuzz-pack-headers.c create mode 100644 fuzz-pack-idx.c Range-diff against v1: 1: 9456c41798 ! 1: 446d8081b1 fuzz: Add basic fuzz testing target. @@ -32,6 +32,9 @@ +FUZZ_OBJS += fuzz-pack-headers.o + ++# Always build fuzz objects even if not testing, to prevent bit-rot. ++all:: $(FUZZ_OBJS) ++ +FUZZ_PROGRAMS += $(patsubst %.o,%,$(FUZZ_OBJS)) + # Empty... @@ -46,14 +49,13 @@ git.o ifndef NO_CURL @@ - cocciclean: - $(RM) contrib/coccinelle/*.cocci.patch* - --clean: profile-clean coverage-clean cocciclean -+clean: profile-clean coverage-clean cocciclean fuzz-clean - $(RM) *.res - $(RM) $(OBJECTS) $(RM) $(LIB_FILE) $(XDIFF_LIB) $(VCSSVN_LIB) + $(RM) $(ALL_PROGRAMS) $(SCRIPT_LIB) $(BUILT_INS) git$X + $(RM) $(TEST_PROGRAMS) $(NO_INSTALL) ++ $(RM) $(FUZZ_PROGRAMS) + $(RM) -r bin-wrappers $(dep_dirs) + $(RM) -r po/build/ + $(RM) *.pyc *.pyo */*.pyc */*.pyo command-list.h $(ETAGS_TARGET) tags cscope* @@ cover_db_html: cover_db cover -report html -outputdir cover_db_html cover_db @@ -61,24 +63,24 @@ + +### Fuzz testing +# -+.PHONY: fuzz-clean fuzz-objs fuzz-compile -+ -+FUZZ_CFLAGS = $(CFLAGS) -fsanitize-coverage=trace-pc-guard -fsanitize=address -+FUZZ_LDFLAGS = $(FUZZ_CFLAGS) -+ -+ -+fuzz-clean: -+ $(RM) $(FUZZ_PROGRAMS) $(FUZZ_OBJS) -+ -+fuzz-objs: $(FUZZ_OBJS) ++# Building fuzz targets generally requires a special set of compiler flags that ++# are not necessarily appropriate for general builds, and that vary greatly ++# depending on the compiler version used. ++# ++# An example command to build against libFuzzer from LLVM 4.0.0: ++# ++# make CC=clang CXX=clang++ \ ++# CFLAGS="-fsanitize-coverage=trace-pc-guard -fsanitize=address" \ ++# LIB_FUZZING_ENGINE=/usr/lib/llvm-4.0/lib/libFuzzer.a \ ++# fuzz-all ++# ++.PHONY: fuzz-all + -+fuzz-compile: -+ $(MAKE) CC=clang LD=clang CFLAGS="$(FUZZ_CFLAGS)" \ -+ LDFLAGS="$(FUZZ_LDFLAGS)" all fuzz-objs ++$(FUZZ_PROGRAMS): all ++ $(QUIET_LINK)$(CXX) $(CFLAGS) $(LIB_OBJS) $(BUILTIN_OBJS) \ ++ $(XDIFF_OBJS) $(EXTLIBS) git.o $@.o $(LIB_FUZZING_ENGINE) -o $@ + -+$(FUZZ_PROGRAMS): fuzz-compile -+ clang++ $(FUZZ_LDFLAGS) $(LIB_OBJS) $(BUILTIN_OBJS) $(XDIFF_OBJS) \ -+ $(EXTLIBS) git.o $@.o /usr/lib/llvm-4.0/lib/libFuzzer.a -o $@ ++fuzz-all: $(FUZZ_PROGRAMS) diff --git a/fuzz-pack-headers.c b/fuzz-pack-headers.c new file mode 100644 2: 581eb8f817 ! 2: c7b5a03d81 fuzz: Add fuzz testing for packfile indices. @@ -24,23 +24,8 @@ FUZZ_OBJS += fuzz-pack-headers.o +FUZZ_OBJS += fuzz-pack-idx.o - FUZZ_PROGRAMS += $(patsubst %.o,%,$(FUZZ_OBJS)) - -@@ - - ### Fuzz testing - # --.PHONY: fuzz-clean fuzz-objs fuzz-compile -+.PHONY: fuzz-clean fuzz-objs fuzz-compile fuzz-all - - FUZZ_CFLAGS = $(CFLAGS) -fsanitize-coverage=trace-pc-guard -fsanitize=address - FUZZ_LDFLAGS = $(FUZZ_CFLAGS) -@@ - $(FUZZ_PROGRAMS): fuzz-compile - clang++ $(FUZZ_LDFLAGS) $(LIB_OBJS) $(BUILTIN_OBJS) $(XDIFF_OBJS) \ - $(EXTLIBS) git.o $@.o /usr/lib/llvm-4.0/lib/libFuzzer.a -o $@ -+ -+fuzz-all: $(FUZZ_PROGRAMS) + # Always build fuzz objects even if not testing, to prevent bit-rot. + all:: $(FUZZ_OBJS) diff --git a/fuzz-pack-idx.c b/fuzz-pack-idx.c new file mode 100644 -- 2.19.0.605.g01d371f741-goog