If fuzzer coverage sanitized shared libraries are not deployed - we shouldn't
break users during dynamic link time. I need to think more about how we
should solve this problem in earnest, but for now let's just disable
static linkage of libc++ on device.
Bug: 142671952
Test: Cherrypick ag/9550833 and ag/9544155, make and run the fuzz target
there.
Change-Id: I39dfd6ba314e7a610ef3f0b30f35383a5e3a1e4b
Corpus files called 'FOO' incorrectly go into a subdirectory in the
exported zipfile, e.g.:
my_fuzzer/corpus/FOO/FOO
This patch removes that extra, unnecessary intermediate directory,
e.g.:
my_fuzzer/corpus/FOO
Bug: 142432347
Test: m fuzz && unzip -l out/soong/fuzz-host-x86_64.zip
Change-Id: Id23d4dd2d8322a8ad0234f8acb6878ea4dc3c6e4
Add the fuzz packages to dist. This requires that the phony for 'make'
be define in make itself, rather than in Soong. See comments on other
patch in topic for more information.
Bug: 141026328
Test: m fuzz dist
Change-Id: I4cd476adcfa42e4b40911c4a32427a7b00c67cc3
Adds the `make fuzz` build rule. This offers a few features on top of
`make haiku`:
1. Identifies all fuzz targets through the build system, rather than
having to maintain a golden file.
2. Packages now exist in out/soong/ and are packaged on a per-architecture
basis. Packages also now contain fuzzer seed corpus && dictionary.
3. This gives us further extension options:
- Packaging shared libraries for shared library fuzzing.
- Presubmit tests for fuzzing. Each fuzz target could be made into a
regression test by adding the crash testcase to the corpus. We can
also ensure that example_fuzzer finds a bug with an ASan report as a
presubmit smoke test.
Bug: 141026328
Test: m fuzz && unzip -l out/soong/fuzz-$ARCH.zip
Change-Id: I7aaad616d6b194a3beaf908241a9817df9dfdce1
Adds the corpus and dictionary properties to the cc_fuzz target.
Propagates these entries to the makefile backend via LOCAL_FUZZ_DATA, in
a similar manner to LOCAL_TEST_DATA.
Bug: 141026328
Test: m example_fuzzer, fuzz target should have adjacent corpus/dict
files.
Change-Id: If5add5a597cc479f4e084bdafbd0fc175cfd6321
Adds the host fuzzing support back for 32-bit x86 targets, now that the
toolchain has been updated to export this library.
Bug: 133261679
Test: `m example_fuzzer` on a 32-bit target/cross
Change-Id: I28285d531a53eebd28c9e1b733035be48696b48f
Statically links libcxx in order to not require shared library
deployment during packing of fuzz targets.
Test: m example_fuzzer && ldd $ANDROID_HOST_OUT/fuzz/example_fuzzer.
Note that the ldd results don't include libc++.so.
Bug: 139880425
Change-Id: I86d1945768de53217d54cb762392c20714494416
fuzzers require linking to libclang_rt which does not support
linux_bionic. Therefore always disable this target.
Test: ./art/tools/build_linux_bionic_tests.sh
Bug: 138307504
Bug: 118058804
Change-Id: I12816f302d32d5ee846f90c62814744ae35c49bb
The fuzzer runtime is not present for darwin host modules, disable
cc_fuzz modules when targeting darwin.
Test: m on darwin
Change-Id: I9da319e00e36c3e0a5912329de7890a6409f1a55
Adds the cc_fuzz target via a cc_fuzz module. Also implements the
libclang runtime interface for the x86 toolchain to allow host-built
fuzzers.
Bug: 133261679
Bug: 137398545
Test: Build a fuzzer (with all topic patches), notice that you now
have a host-built fuzzer :)
Change-Id: I7fa069603415f40b3f12a002c253fca6e2aa1988