2017-08-23 21:17:03 +00:00
|
|
|
#!/bin/bash -eux
|
|
|
|
#
|
|
|
|
# Copyright 2017 Google Inc.
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
#
|
|
|
|
################################################################################
|
|
|
|
|
2017-10-12 23:20:00 +00:00
|
|
|
readonly FUZZERS=( \
|
|
|
|
clang-fuzzer \
|
|
|
|
clang-format-fuzzer \
|
2019-10-21 22:11:15 +00:00
|
|
|
clang-objc-fuzzer \
|
2017-10-26 16:47:16 +00:00
|
|
|
clangd-fuzzer \
|
2019-01-07 17:50:13 +00:00
|
|
|
llvm-itanium-demangle-fuzzer \
|
|
|
|
llvm-microsoft-demangle-fuzzer \
|
2017-10-12 23:20:00 +00:00
|
|
|
llvm-dwarfdump-fuzzer \
|
|
|
|
llvm-isel-fuzzer \
|
2017-10-17 18:38:21 +00:00
|
|
|
llvm-special-case-list-fuzzer \
|
2017-11-13 22:43:56 +00:00
|
|
|
llvm-opt-fuzzer \
|
2017-10-12 23:20:00 +00:00
|
|
|
)
|
|
|
|
case $SANITIZER in
|
|
|
|
address) LLVM_SANITIZER="Address" ;;
|
|
|
|
undefined) LLVM_SANITIZER="Undefined" ;;
|
|
|
|
memory) LLVM_SANITIZER="MemoryWithOrigins" ;;
|
|
|
|
*) LLVM_SANITIZER="" ;;
|
|
|
|
esac
|
2019-04-29 14:35:29 +00:00
|
|
|
case "${LIB_FUZZING_ENGINE}" in
|
|
|
|
-fsanitize=fuzzer) CMAKE_FUZZING_CONFIG="-DLLVM_USE_SANITIZE_COVERAGE=ON" ;;
|
|
|
|
*) CMAKE_FUZZING_CONFIG="-DLLVM_LIB_FUZZING_ENGINE=${LIB_FUZZING_ENGINE}" ;;
|
|
|
|
esac
|
2017-08-23 21:17:03 +00:00
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
LLVM=llvm-project/llvm
|
|
|
|
|
2017-10-12 23:20:00 +00:00
|
|
|
mkdir build
|
|
|
|
cd build
|
2019-12-13 19:24:18 +00:00
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
cmake -GNinja -DCMAKE_BUILD_TYPE=Release ../$LLVM \
|
2019-12-13 19:24:18 +00:00
|
|
|
-DLLVM_ENABLE_PROJECTS="clang;libcxx;libcxxabi;compiler-rt;lld;clang-tools-extra" \
|
2017-08-23 21:17:03 +00:00
|
|
|
-DLLVM_ENABLE_ASSERTIONS=ON \
|
2017-10-12 23:20:00 +00:00
|
|
|
-DCMAKE_C_COMPILER="${CC}" \
|
|
|
|
-DCMAKE_CXX_COMPILER="${CXX}" \
|
|
|
|
-DCMAKE_C_FLAGS="${CFLAGS}" \
|
|
|
|
-DCMAKE_CXX_FLAGS="${CXXFLAGS}" \
|
2019-04-29 14:35:29 +00:00
|
|
|
"${CMAKE_FUZZING_CONFIG}" \
|
2017-12-19 20:47:30 +00:00
|
|
|
-DLLVM_NO_DEAD_STRIP=ON \
|
2018-04-13 04:51:04 +00:00
|
|
|
-DLLVM_USE_SANITIZER="${LLVM_SANITIZER}" \
|
|
|
|
-DLLVM_EXPERIMENTAL_TARGETS_TO_BUILD=WebAssembly
|
2017-10-12 23:20:00 +00:00
|
|
|
for fuzzer in "${FUZZERS[@]}"; do
|
2017-08-29 01:45:58 +00:00
|
|
|
ninja $fuzzer
|
|
|
|
cp bin/$fuzzer $OUT
|
|
|
|
done
|
2017-12-18 15:25:06 +00:00
|
|
|
ninja llvm-as
|
2017-10-12 05:13:23 +00:00
|
|
|
|
2017-10-12 23:20:00 +00:00
|
|
|
# isel-fuzzer encodes its default flags in the name.
|
2017-10-16 21:02:49 +00:00
|
|
|
cp $OUT/llvm-isel-fuzzer $OUT/llvm-isel-fuzzer--aarch64-O2
|
2017-10-17 02:56:11 +00:00
|
|
|
cp $OUT/llvm-isel-fuzzer $OUT/llvm-isel-fuzzer--x86_64-O2
|
2018-04-13 04:51:04 +00:00
|
|
|
cp $OUT/llvm-isel-fuzzer $OUT/llvm-isel-fuzzer--wasm32-O2
|
2017-10-13 00:40:47 +00:00
|
|
|
mv $OUT/llvm-isel-fuzzer $OUT/llvm-isel-fuzzer--aarch64-gisel
|
2018-02-19 15:58:35 +00:00
|
|
|
|
2017-11-13 22:43:56 +00:00
|
|
|
# Same for llvm-opt-fuzzer
|
2018-01-24 19:04:24 +00:00
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-earlycse
|
2018-01-26 15:35:53 +00:00
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-simplifycfg
|
2018-02-05 15:53:27 +00:00
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-gvn
|
2018-02-07 15:42:16 +00:00
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-sccp
|
2018-02-19 15:58:35 +00:00
|
|
|
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-loop_predication
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-guard_widening
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-loop_vectorize
|
|
|
|
|
2018-02-21 15:30:39 +00:00
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-loop_rotate
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-loop_unswitch
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-loop_unroll
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-licm
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-indvars
|
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-strength_reduce
|
|
|
|
|
2018-03-20 14:38:33 +00:00
|
|
|
cp $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-irce
|
|
|
|
|
2017-11-13 22:43:56 +00:00
|
|
|
mv $OUT/llvm-opt-fuzzer $OUT/llvm-opt-fuzzer--x86_64-instcombine
|
2017-12-18 15:25:06 +00:00
|
|
|
|
|
|
|
# Build corpus for the llvm-opt-fuzzer
|
|
|
|
function build_corpus {
|
|
|
|
local lit_path="${1}"
|
|
|
|
local fuzzer_name="${2}"
|
|
|
|
|
|
|
|
[[ -e "${WORK}/corpus-tmp" ]] && rm -r "${WORK}/corpus-tmp"
|
|
|
|
mkdir "${WORK}/corpus-tmp"
|
|
|
|
|
|
|
|
cd "${SRC}"
|
|
|
|
|
|
|
|
# Compile all lit tests into bitcode. Ignore possible llvm-as failures.
|
|
|
|
find "${lit_path}" -name "*.ll" -print0 |
|
|
|
|
xargs -t -i -0 -n1 sh -c "build/bin/llvm-as "{}" || true"
|
|
|
|
|
|
|
|
# Move freshly created bitcode into temp directory.
|
|
|
|
find "${lit_path}" -name "*.bc" -print0 |
|
|
|
|
xargs -t -i -0 -n1 mv "{}" "${WORK}/corpus-tmp"
|
|
|
|
|
|
|
|
# Archive the corpus.
|
|
|
|
zip -j "${OUT}/${fuzzer_name}_seed_corpus.zip" "${WORK}"/corpus-tmp/*
|
|
|
|
|
|
|
|
rm -r "${WORK}/corpus-tmp"
|
2018-01-17 15:55:14 +00:00
|
|
|
|
|
|
|
echo -e "[libfuzzer]\nmax_len = 0" > "${OUT}"/"${fuzzer_name}".options
|
2017-12-18 15:25:06 +00:00
|
|
|
}
|
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
build_corpus "$LLVM/test/Transforms/InstCombine/" "llvm-opt-fuzzer--x86_64-instcombine"
|
|
|
|
build_corpus "$LLVM/test/Transforms/EarlyCSE/" "llvm-opt-fuzzer--x86_64-earlycse"
|
|
|
|
build_corpus "$LLVM/test/Transforms/SimplifyCFG/" "llvm-opt-fuzzer--x86_64-simplifycfg"
|
|
|
|
build_corpus "$LLVM/test/Transforms/GVN/" "llvm-opt-fuzzer--x86_64-gvn"
|
|
|
|
build_corpus "$LLVM/test/Transforms/SCCP/" "llvm-opt-fuzzer--x86_64-sccp"
|
2018-02-19 15:58:35 +00:00
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
build_corpus "$LLVM/test/Transforms/LoopPredication/" "llvm-opt-fuzzer--x86_64-loop_predication"
|
|
|
|
build_corpus "$LLVM/test/Transforms/GuardWidening/" "llvm-opt-fuzzer--x86_64-guard_widening"
|
|
|
|
build_corpus "$LLVM/test/Transforms/LoopVectorize/" "llvm-opt-fuzzer--x86_64-loop_vectorize"
|
2018-02-21 15:30:39 +00:00
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
build_corpus "$LLVM/test/Transforms/LoopRotate/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-loop_rotate"
|
|
|
|
build_corpus "$LLVM/test/Transforms/LoopUnswitch/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-loop_unswitch"
|
|
|
|
build_corpus "$LLVM/test/Transforms/LoopUnroll/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-loop_unroll"
|
|
|
|
build_corpus "$LLVM/test/Transforms/LICM/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-licm"
|
|
|
|
build_corpus "$LLVM/test/Transforms/IndVarSimplify/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-indvars"
|
|
|
|
build_corpus "$LLVM/test/Transforms/LoopStrengthReduce/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-strength_reduce"
|
2018-03-20 14:38:33 +00:00
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
build_corpus "$LLVM/test/Transforms/IRCE/" "llvm-opt-fuzzer--x86_64-llvm-opt-fuzzer--x86_64-irce"
|
2019-02-01 14:40:08 +00:00
|
|
|
|
2019-12-18 00:33:08 +00:00
|
|
|
zip -j "${OUT}/clang-objc-fuzzer_seed_corpus.zip" $SRC/$LLVM/../clang/tools/clang-fuzzer/corpus_examples/objc/*
|
|
|
|
zip -j "${OUT}/clangd-fuzzer_seed_corpus.zip" $SRC/$LLVM/../clang-tools-extra/clangd/test/*
|