Commit graph

11 commits

Author SHA1 Message Date
Treehugger Robot
959a3ffbda Merge "Fuzz corpus entries should not go in a subdirectory." 2019-10-16 21:09:59 +00:00
Mitch Phillips
302f964aa0 Do not link libc++.so statically on device.
If fuzzer coverage sanitized shared libraries are not deployed - we shouldn't
break users during dynamic link time. I need to think more about how we
should solve this problem in earnest, but for now let's just disable
static linkage of libc++ on device.

Bug: 142671952
Test: Cherrypick ag/9550833 and ag/9544155, make and run the fuzz target
there.

Change-Id: I39dfd6ba314e7a610ef3f0b30f35383a5e3a1e4b
2019-10-14 18:35:17 -07:00
Mitch Phillips
641575ad41 Fuzz corpus entries should not go in a subdirectory.
Corpus files called 'FOO' incorrectly go into a subdirectory in the
exported zipfile, e.g.:
my_fuzzer/corpus/FOO/FOO

This patch removes that extra, unnecessary intermediate directory,
e.g.:
my_fuzzer/corpus/FOO

Bug: 142432347
Test: m fuzz && unzip -l out/soong/fuzz-host-x86_64.zip
Change-Id: Id23d4dd2d8322a8ad0234f8acb6878ea4dc3c6e4
2019-10-09 17:34:42 -07:00
Mitch Phillips
a0a5e19140 Move fuzz phony to be make-defined, and add to dist.
Add the fuzz packages to dist. This requires that the phony for 'make'
be define in make itself, rather than in Soong. See comments on other
patch in topic for more information.

Bug: 141026328
Test: m fuzz dist

Change-Id: I4cd476adcfa42e4b40911c4a32427a7b00c67cc3
2019-09-30 10:36:11 -07:00
Mitch Phillips
d3254b4899 Add 'make fuzz' build rule.
Adds the `make fuzz` build rule. This offers a few features on top of
`make haiku`:
 1. Identifies all fuzz targets through the build system, rather than
 having to maintain a golden file.
 2. Packages now exist in out/soong/ and are packaged on a per-architecture
 basis. Packages also now contain fuzzer seed corpus && dictionary.
 3. This gives us further extension options:
  - Packaging shared libraries for shared library fuzzing.
  - Presubmit tests for fuzzing. Each fuzz target could be made into a
  regression test by adding the crash testcase to the corpus. We can
  also ensure that example_fuzzer finds a bug with an ASan report as a
  presubmit smoke test.

Bug: 141026328
Test: m fuzz && unzip -l out/soong/fuzz-$ARCH.zip

Change-Id: I7aaad616d6b194a3beaf908241a9817df9dfdce1
2019-09-24 20:48:00 -07:00
Mitch Phillips
4e4ab8a141 Add corpus and dictionary properties to cc_fuzz.
Adds the corpus and dictionary properties to the cc_fuzz target.
Propagates these entries to the makefile backend via LOCAL_FUZZ_DATA, in
a similar manner to LOCAL_TEST_DATA.

Bug: 141026328
Test: m example_fuzzer, fuzz target should have adjacent corpus/dict
files.

Change-Id: If5add5a597cc479f4e084bdafbd0fc175cfd6321
2019-09-18 18:55:27 -07:00
Mitch Phillips
4de896e1ef Add i386 host fuzzing support w/ cc_fuzz.
Adds the host fuzzing support back for 32-bit x86 targets, now that the
toolchain has been updated to export this library.

Bug: 133261679
Test: `m example_fuzzer` on a 32-bit target/cross
Change-Id: I28285d531a53eebd28c9e1b733035be48696b48f
2019-09-05 13:34:44 -07:00
Mitch Phillips
d0bd16d9d1 [cc_fuzz] Statically link libcxx.
Statically links libcxx in order to not require shared library
deployment during packing of fuzz targets.

Test: m example_fuzzer && ldd $ANDROID_HOST_OUT/fuzz/example_fuzzer.
Note that the ldd results don't include libc++.so.
Bug: 139880425

Change-Id: I86d1945768de53217d54cb762392c20714494416
2019-08-23 11:27:08 -07:00
Alex Light
71123ec1bc Disable linux_bionic fuzzers
fuzzers require linking to libclang_rt which does not support
linux_bionic. Therefore always disable this target.

Test: ./art/tools/build_linux_bionic_tests.sh
Bug: 138307504
Bug: 118058804
Change-Id: I12816f302d32d5ee846f90c62814744ae35c49bb
2019-07-24 21:13:05 +00:00
Colin Cross
eec9b286b0 Disable cc_fuzz darwin host modules
The fuzzer runtime is not present for darwin host modules, disable
cc_fuzz modules when targeting darwin.

Test: m on darwin
Change-Id: I9da319e00e36c3e0a5912329de7890a6409f1a55
2019-07-18 16:23:45 -07:00
Mitch Phillips
da9a463794 Add the cc_fuzz target.
Adds the cc_fuzz target via a cc_fuzz module. Also implements the
libclang runtime interface for the x86 toolchain to allow host-built
fuzzers.

Bug: 133261679
Bug: 137398545

Test: Build a fuzzer (with all topic patches), notice that you now
have a host-built fuzzer :)

Change-Id: I7fa069603415f40b3f12a002c253fca6e2aa1988
2019-07-16 16:30:53 -07:00