aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexander Bulekov <alxndr@bu.edu>2020-09-02 13:36:51 -0400
committerPaolo Bonzini <pbonzini@redhat.com>2020-09-08 11:43:16 +0200
commit54c9e41d47daa38219a53311cbc1c4e602709aee (patch)
tree14c154585749976c6b8d634df442777b04576e14
parentc46f76d15869be27e5c9420f6a1733c3cfafc1a1 (diff)
downloadqemu-54c9e41d47daa38219a53311cbc1c4e602709aee.zip
qemu-54c9e41d47daa38219a53311cbc1c4e602709aee.tar.gz
qemu-54c9e41d47daa38219a53311cbc1c4e602709aee.tar.bz2
fuzz: Add support for custom fuzzing library
On oss-fuzz, we must use the LIB_FUZZING_ENGINE and CFLAGS environment variables, rather than -fsanitize=fuzzer. With this change, when LIB_FUZZING_ENGINE is set, the --enable-fuzzing configure option will use that environment variable during the linking stage, rather than -fsanitize=fuzzer Signed-off-by: Alexander Bulekov <alxndr@bu.edu> Message-Id: <20200902173652.307222-3-alxndr@bu.edu> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-rwxr-xr-xconfigure12
-rw-r--r--tests/qtest/fuzz/meson.build4
2 files changed, 12 insertions, 4 deletions
diff --git a/configure b/configure
index ba8c6e6..53723ac 100755
--- a/configure
+++ b/configure
@@ -6048,7 +6048,7 @@ fi
##########################################
# checks for fuzzer
-if test "$fuzzing" = "yes" ; then
+if test "$fuzzing" = "yes" && test -z "${LIB_FUZZING_ENGINE+xxx}"; then
write_c_fuzzer_skeleton
if compile_prog "$CPU_CFLAGS -Werror -fsanitize=fuzzer" ""; then
have_fuzzer=yes
@@ -7354,7 +7354,14 @@ if test "$have_mlockall" = "yes" ; then
echo "HAVE_MLOCKALL=y" >> $config_host_mak
fi
if test "$fuzzing" = "yes" ; then
- QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
+ # If LIB_FUZZING_ENGINE is set, assume we are running on OSS-Fuzz, and the
+ # needed CFLAGS have already been provided
+ if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then
+ QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
+ FUZZ_EXE_LDFLAGS="-fsanitize=fuzzer"
+ else
+ FUZZ_EXE_LDFLAGS="$LIB_FUZZING_ENGINE"
+ fi
fi
if test "$plugins" = "yes" ; then
@@ -7455,6 +7462,7 @@ fi
if test "$fuzzing" != "no"; then
echo "CONFIG_FUZZ=y" >> $config_host_mak
fi
+echo "FUZZ_EXE_LDFLAGS=$FUZZ_EXE_LDFLAGS" >> $config_host_mak
if test "$edk2_blobs" = "yes" ; then
echo "DECOMPRESS_EDK2_BLOBS=y" >> $config_host_mak
diff --git a/tests/qtest/fuzz/meson.build b/tests/qtest/fuzz/meson.build
index bcc3938..b31ace7 100644
--- a/tests/qtest/fuzz/meson.build
+++ b/tests/qtest/fuzz/meson.build
@@ -7,8 +7,8 @@ specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_NET', if_true: files('virtio_net_fuzz.
specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_SCSI', if_true: files('virtio_scsi_fuzz.c'))
fork_fuzz = declare_dependency(
- link_args: ['-fsanitize=fuzzer',
- '-Wl,-wrap,qtest_inb',
+ link_args: config_host['FUZZ_EXE_LDFLAGS'].split() +
+ ['-Wl,-wrap,qtest_inb',
'-Wl,-wrap,qtest_inw',
'-Wl,-wrap,qtest_inl',
'-Wl,-wrap,qtest_outb',