[compiler-rt] 98d91ae - Add libFuzzer shared object build output

Matt Morehouse via llvm-commits llvm-commits at lists.llvm.org
Wed Aug 5 09:03:46 PDT 2020 

Author: Matt Morehouse
Date: 2020-08-05T09:03:22-07:00
New Revision: 98d91aecb26a51225242332e73ed454c0f6cac5e

URL: https://github.com/llvm/llvm-project/commit/98d91aecb26a51225242332e73ed454c0f6cac5e
DIFF: https://github.com/llvm/llvm-project/commit/98d91aecb26a51225242332e73ed454c0f6cac5e.diff

LOG: Add libFuzzer shared object build output

This change adds a CMake rule to produce shared object versions of
libFuzzer (no-main). Like the static library versions, these shared
libraries have a copy of libc++ statically linked in. For i386 we don't
link with libc++ since i386 does not support mixing position-
independent and non-position-independent code in the same library.

Patch By: IanPudney

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D84947

Added: 
    

Modified: 
    compiler-rt/lib/fuzzer/CMakeLists.txt
    llvm/docs/LibFuzzer.rst

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/fuzzer/CMakeLists.txt b/compiler-rt/lib/fuzzer/CMakeLists.txt
index b98c27145687..0a9a42052cf9 100644
--- a/compiler-rt/lib/fuzzer/CMakeLists.txt
+++ b/compiler-rt/lib/fuzzer/CMakeLists.txt
@@ -170,7 +170,39 @@ if(OS_NAME MATCHES "Linux|Fuchsia" AND
     partially_link_libcxx(fuzzer_no_main ${LIBCXX_${arch}_PREFIX} ${arch})
     partially_link_libcxx(fuzzer_interceptors ${LIBCXX_${arch}_PREFIX} ${arch})
     partially_link_libcxx(fuzzer ${LIBCXX_${arch}_PREFIX} ${arch})
+    if(NOT ${arch} MATCHES "i386") # i386 unsupported for .so version.
+      add_custom_command(
+        OUTPUT clang_rt.fuzzer_no_main-${arch}.so
+        DEPENDS clang_rt.fuzzer_no_main-${arch}
+       COMMAND ${CMAKE_CXX_COMPILER} ${EMULATION_ARGUMENT} -Wl,--whole-archive -rdynamic "$<TARGET_LINKER_FILE:clang_rt.fuzzer_no_main-${arch}>" -Wl,--no-whole-archive -shared -fPIC -o "$<TARGET_FILE_DIR:clang_rt.fuzzer_no_main-${arch}>/libclang_rt.fuzzer_no_main-${arch}.so"
+        COMMENT "Building clang_rt.fuzzer_no_main-${arch}.so"
+      )
+      get_compiler_rt_install_dir(${arch} install_dir)
+      install(FILES "$<TARGET_FILE_DIR:clang_rt.fuzzer_no_main-${arch}>/libclang_rt.fuzzer_no_main-${arch}.so"
+        DESTINATION ${install_dir}
+      )
+      add_custom_target(
+        clang_rt.fuzzer_no_main-${arch}-so ALL
+        DEPENDS clang_rt.fuzzer_no_main-${arch}.so
+      )
+    endif()
   endforeach()
+else()
+  set(LIBFUZZER_SHARED_LINK_LIBS ${SANITIZER_COMMON_LINK_LIBS})
+  list(APPEND LIBFUZZER_SHARED_LINK_LIBS "-lstdc++")
+  list(APPEND LIBFUZZER_SHARED_LINK_LIBS "-lm")
+  list(APPEND LIBFUZZER_SHARED_LINK_LIBS "-lpthread")
+
+  # If we aren't statically linking libc++ into the fuzzer, we can build the shared object directly
+  add_compiler_rt_runtime(clang_rt.fuzzer_no_main
+    SHARED
+    OS ${FUZZER_SUPPORTED_OS}
+    ARCHS ${FUZZER_SUPPORTED_ARCH}
+    OBJECT_LIBS RTfuzzer
+    CFLAGS ${LIBFUZZER_CFLAGS}
+    LINK_FLAGS ${SANITIZER_COMMON_LINK_FLAGS}
+    LINK_LIBS ${LIBFUZZER_SHARED_LINK_LIBS}
+    PARENT_TARGET fuzzer)
 endif()
 
 if(COMPILER_RT_INCLUDE_TESTS)

diff  --git a/llvm/docs/LibFuzzer.rst b/llvm/docs/LibFuzzer.rst
index 70a3f029c6f3..c498a9a7078a 100644
--- a/llvm/docs/LibFuzzer.rst
+++ b/llvm/docs/LibFuzzer.rst
@@ -620,13 +620,18 @@ really need to access ``argv``/``argc``.
 Using libFuzzer as a library
 ----------------------------
 If the code being fuzzed must provide its own `main`, it's possible to
-invoke libFuzzer as a library. Be sure to pass ``-fsanitize=fuzzer-no-link``
+invoke libFuzzer as a library. Static linking is available on all platforms
+supported by libFuzzer; however, dynamic linking is not available on
+certain platforms (notably 32-bit x86 Linux).
+
+When using libFuzzer as a library, be sure to pass ``-fsanitize=fuzzer-no-link``
 during compilation, and link your binary against the no-main version of
 libFuzzer. On Linux installations, this is typically located at:
 
 .. code-block:: bash
 
   /usr/lib/<llvm-version>/lib/clang/<clang-version>/lib/linux/libclang_rt.fuzzer_no_main-<architecture>.a
+  /usr/lib/<llvm-version>/lib/clang/<clang-version>/lib/linux/libclang_rt.fuzzer_no_main-<architecture>.so
 
 If building libFuzzer from source, this is located at the following path
 in the build output directory:
@@ -634,6 +639,7 @@ in the build output directory:
 .. code-block:: bash
 
   lib/linux/libclang_rt.fuzzer_no_main-<architecture>.a
+  lib/linux/libclang_rt.fuzzer_no_main-<architecture>.so
 
 From here, the code can do whatever setup it requires, and when it's ready
 to start fuzzing, it can call `LLVMFuzzerRunDriver`, passing in the program
@@ -645,8 +651,6 @@ arguments and a callback. This callback is invoked just like
   extern "C" int LLVMFuzzerRunDriver(int *argc, char ***argv,
                     int (*UserCb)(const uint8_t *Data, size_t Size));
 
-
-
 Leaks
 -----

More information about the llvm-commits mailing list