1#!/bin/sh 2# 3# Creates fuzzer builds of various kinds 4# - reproduce mode (no fuzzing, just enables replaying data through the fuzzers) 5# - oss-fuzz emulated mode (makes sure a simulated invocation by oss-fuzz works) 6# - libFuzzer build (you will need clang) 7# - afl build (you will need afl) 8# 9# 10# Copyright (c) 2019 Paul Dreik 11# 12# License: see LICENSE.rst in the fmt root directory 13 14set -e 15me=$(basename $0) 16root=$(readlink -f "$(dirname "$0")/../..") 17 18 19echo $me: root=$root 20 21here=$(pwd) 22 23CXXFLAGSALL="-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION= -g" 24CMAKEFLAGSALL="$root -GNinja -DCMAKE_BUILD_TYPE=Debug -DFMT_DOC=Off -DFMT_TEST=Off -DFMT_FUZZ=On -DCMAKE_CXX_STANDARD=17" 25 26#builds the fuzzers as one would do if using afl or just making 27#binaries for reproducing. 28builddir=$here/build-fuzzers-reproduce 29mkdir -p $builddir 30cd $builddir 31CXX="ccache g++" CXXFLAGS="$CXXFLAGSALL" cmake \ 32$CMAKEFLAGSALL 33cmake --build $builddir 34 35#for performance analysis of the fuzzers 36builddir=$here/build-fuzzers-perfanalysis 37mkdir -p $builddir 38cd $builddir 39CXX="ccache g++" CXXFLAGS="$CXXFLAGSALL -g" cmake \ 40$CMAKEFLAGSALL \ 41-DFMT_FUZZ_LINKMAIN=On \ 42-DCMAKE_BUILD_TYPE=Release 43 44cmake --build $builddir 45 46#builds the fuzzers as oss-fuzz does 47builddir=$here/build-fuzzers-ossfuzz 48mkdir -p $builddir 49cd $builddir 50CXX="clang++" \ 51CXXFLAGS="$CXXFLAGSALL -fsanitize=fuzzer-no-link" cmake \ 52cmake $CMAKEFLAGSALL \ 53-DFMT_FUZZ_LINKMAIN=Off \ 54-DFMT_FUZZ_LDFLAGS="-fsanitize=fuzzer" 55 56cmake --build $builddir 57 58 59#builds fuzzers for local fuzzing with libfuzzer with asan+usan 60builddir=$here/build-fuzzers-libfuzzer 61mkdir -p $builddir 62cd $builddir 63CXX="clang++" \ 64CXXFLAGS="$CXXFLAGSALL -fsanitize=fuzzer-no-link,address,undefined" cmake \ 65cmake $CMAKEFLAGSALL \ 66-DFMT_FUZZ_LINKMAIN=Off \ 67-DFMT_FUZZ_LDFLAGS="-fsanitize=fuzzer" 68 69cmake --build $builddir 70 71#builds fuzzers for local fuzzing with libfuzzer with asan only 72builddir=$here/build-fuzzers-libfuzzer-addr 73mkdir -p $builddir 74cd $builddir 75CXX="clang++" \ 76CXXFLAGS="$CXXFLAGSALL -fsanitize=fuzzer-no-link,undefined" cmake \ 77cmake $CMAKEFLAGSALL \ 78-DFMT_FUZZ_LINKMAIN=Off \ 79-DFMT_FUZZ_LDFLAGS="-fsanitize=fuzzer" 80 81cmake --build $builddir 82 83#builds a fast fuzzer for making coverage fast 84builddir=$here/build-fuzzers-fast 85mkdir -p $builddir 86cd $builddir 87CXX="clang++" \ 88CXXFLAGS="$CXXFLAGSALL -fsanitize=fuzzer-no-link -O3" cmake \ 89cmake $CMAKEFLAGSALL \ 90-DFMT_FUZZ_LINKMAIN=Off \ 91-DFMT_FUZZ_LDFLAGS="-fsanitize=fuzzer" \ 92 -DCMAKE_BUILD_TYPE=Release 93 94cmake --build $builddir 95 96 97#builds fuzzers for local fuzzing with afl 98builddir=$here/build-fuzzers-afl 99mkdir -p $builddir 100cd $builddir 101CXX="afl-g++" \ 102CXXFLAGS="$CXXFLAGSALL -fsanitize=address,undefined" \ 103cmake $CMAKEFLAGSALL \ 104-DFMT_FUZZ_LINKMAIN=On 105 106cmake --build $builddir 107 108 109echo $me: all good 110 111