---
configure | 12 ++++++++++--
meson.build | 6 +++++-
tests/qtest/fuzz/meson.build | 5 ++---
3 files changed, 17 insertions(+), 6 deletions(-)
Hi Paolo,
Here I'm trying to specify the linker-script with
add_project_link_arguments. How I'm testing this:
$ CC=clang-10 CXX=clang++-10 ../configure --enable-fuzzing
$ make V=1 "-j$(nproc)" qemu-fuzz-i386
clang++-10 -o qemu-fuzz-i386
qemu-fuzz-i386.p/tests_qtest_fuzz_qtest_wrappers.c.o \
... libblock.fa chardev/libchardev.fa \
-Wl,--start-group tests/qtest/libqos/libqos.a -Wl,--no-whole-archive \
-Wl,-T,/home/alxndr/Development/qemu/tests/qtest/fuzz/fork_fuzz.ld \
... \
-Wl,-rpath-link,/home/alxndr/Development/qemu/build/ -lstdc++ -Wl,--end-group
Maybe if I can get the oss-fuzz LIB_FUZZING_ENGINE
(/usr/lib/libFuzzingEngine.a) into the --start-group, that could also
solve the issue... I'll take another look at exactly what the oss-fuzz
build container does.
-Alex
diff --git a/configure b/configure
index 6ecaff429b..d31b91850c 100755
--- a/configure
+++ b/configure
@@ -6165,7 +6165,7 @@ fi
##########################################
# checks for fuzzer
-if test "$fuzzing" = "yes" ; then
+if test "$fuzzing" = "yes" && test -z "${LIB_FUZZING_ENGINE+xxx}"; then
write_c_fuzzer_skeleton
if compile_prog "$CPU_CFLAGS -Werror -fsanitize=fuzzer" ""; then
have_fuzzer=yes
@@ -7505,7 +7505,14 @@ if test "$have_mlockall" = "yes" ; then
echo "HAVE_MLOCKALL=y" >> $config_host_mak
fi
if test "$fuzzing" = "yes" ; then
- QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
+ # If LIB_FUZZING_ENGINE is set, assume we are running on OSS-Fuzz, and the
+ # needed CFLAGS have already been provided
+ if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then
+ QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
+ FUZZ_LINK_COMMAND="-fsanitize=fuzzer"
+ else
+ FUZZ_LINK_COMMAND="$LIB_FUZZING_ENGINE"
+ fi
fi
if test "$plugins" = "yes" ; then
@@ -7619,6 +7626,7 @@ if test "$libudev" != "no"; then
fi
if test "$fuzzing" != "no"; then
echo "CONFIG_FUZZ=y" >> $config_host_mak
+ echo "FUZZ_LINK_COMMAND=$FUZZ_LINK_COMMAND" >> $config_host_mak
fi
if test "$edk2_blobs" = "yes" ; then
diff --git a/meson.build b/meson.build
index 74f8ea0c2e..3a5205040f 100644
--- a/meson.build
+++ b/meson.build
@@ -35,11 +35,16 @@ add_project_arguments(config_host['QEMU_CFLAGS'].split(),
native: false, language: ['c', 'objc'])
add_project_arguments(config_host['QEMU_CXXFLAGS'].split(),
native: false, language: 'cpp')
+if 'CONFIG_FUZZ' in config_host
+ add_project_link_arguments(['-Wl,-T,' + (meson.current_source_dir() /
'tests/qtest/fuzz/fork_fuzz.ld')],
+ native: false, language: ['c', 'cpp', 'objc'])
+endif
add_project_link_arguments(config_host['QEMU_LDFLAGS'].split(),
native: false, language: ['c', 'cpp', 'objc'])
add_project_arguments(config_host['QEMU_INCLUDES'].split(),
language: ['c', 'cpp', 'objc'])
+
python = import('python').find_installation()
link_language = meson.get_external_property('link_language', 'cpp')
@@ -1019,7 +1024,6 @@ foreach target : target_dirs
'gui': false,
'sources': specific_fuzz.sources(),
'dependencies': specific_fuzz.dependencies(),
- 'link_depends': [files('tests/qtest/fuzz/fork_fuzz.ld')],
}]
endif
else
diff --git a/tests/qtest/fuzz/meson.build b/tests/qtest/fuzz/meson.build
index bb0a3f271d..c0accc8af9 100644
--- a/tests/qtest/fuzz/meson.build
+++ b/tests/qtest/fuzz/meson.build
@@ -9,9 +9,8 @@ specific_fuzz_ss.add(when: 'CONFIG_VIRTIO_SCSI', if_true:
files('virtio_scsi_fuz
# unfortunately declare_dependency does not support link_depends, so
# this will be duplicated in meson.build
fork_fuzz = declare_dependency(
- link_args: ['-fsanitize=fuzzer',
- '-Wl,-T,' + (meson.current_source_dir() / 'fork_fuzz.ld'),
- '-Wl,-wrap,qtest_inb',
+ link_args: config_host['FUZZ_LINK_COMMAND'].split() +
+ ['-Wl,-wrap,qtest_inb',
'-Wl,-wrap,qtest_inw',
'-Wl,-wrap,qtest_inl',
'-Wl,-wrap,qtest_outb',
--
2.28.0
