diff --git a/CMakeLists.txt b/CMakeLists.txt index e39c1c812..b71d90385 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -54,8 +54,6 @@ OPTION(LIBGIT2_FILENAME "Name of the produced binary" OFF) OPTION(USE_SSH "Link with libssh to enable SSH support" ON) OPTION(USE_HTTPS "Enable HTTPS support. Can be set to a specific backend" ON) OPTION(USE_GSSAPI "Link with libgssapi for SPNEGO auth" OFF) -OPTION(USE_SANITIZER "Enable one of the Sanitizers (requires clang)" OFF) -OPTION(USE_COVERAGE "Enable clang's coverage report (requires clang)" OFF) OPTION(USE_STANDALONE_FUZZERS "Enable standalone fuzzers (compatible with gcc)" OFF) OPTION(VALGRIND "Configure build for valgrind" OFF) OPTION(CURL "Use curl for HTTP if available" ON) @@ -250,20 +248,6 @@ ELSE() # that uses CMAKE_CONFIGURATION_TYPES and not CMAKE_BUILD_TYPE ENDIF() -IF(NOT USE_SANITIZER STREQUAL "OFF") - # Workaround to force linking against -lasan - SET(CMAKE_REQUIRED_FLAGS "-fsanitize=${USE_SANITIZER}") - ADD_C_FLAG(-fsanitize=${USE_SANITIZER}) - UNSET(CMAKE_REQUIRED_FLAGS) - ADD_C_FLAG(-fno-omit-frame-pointer) - ADD_C_FLAG(-fno-optimize-sibling-calls) -ENDIF() - -IF(USE_COVERAGE) - ADD_C_FLAG(-fcoverage-mapping) - ADD_C_FLAG(-fprofile-instr-generate) -ENDIF() - IF(BUILD_FUZZERS AND NOT USE_STANDALONE_FUZZERS) # The actual sanitizer link target will be added when linking the fuzz # targets. diff --git a/docs/fuzzing.md b/docs/fuzzing.md index 9d32f8747..cd825766b 100644 --- a/docs/fuzzing.md +++ b/docs/fuzzing.md @@ -18,10 +18,10 @@ automated fuzz testing. libFuzzer only works with clang. [`undefined`](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html), and [`leak`/`address,leak`](https://clang.llvm.org/docs/LeakSanitizer.html). 3. Create the cmake build environment and configure the build with the - sanitizer chosen: `CC=/usr/bin/clang-6.0 cmake - -DBUILD_CLAR=OFF -DBUILD_FUZZERS=ON -DUSE_SANITIZER=address - -DCMAKE_BUILD_TYPE=RelWithDebInfo ..`. Note that building the fuzzer targets - is incompatible with the tests and examples. + sanitizer chosen: `CC=/usr/bin/clang-6.0 CFLAGS="-fsanitize=address" cmake + -DBUILD_CLAR=OFF -DBUILD_FUZZERS=ON -DCMAKE_BUILD_TYPE=RelWithDebInfo ..`. + Note that building the fuzzer targets is incompatible with the + tests and examples. 4. Build libgit2: `cmake --build .` 5. Exit the cmake build environment: `cd ..` @@ -38,8 +38,8 @@ will write the coverage report. ## Get coverage -In order to get coverage information, you also need to add the -`-DUSE_COVERAGE=ON` flag to `cmake`, and then run the fuzz target with +In order to get coverage information, you need to add the "-fcoverage-mapping" +and "-fprofile-instr-generate CFLAGS, and then run the fuzz target with `-runs=0`. That will produce a file called `default.profraw` (this behavior can be overridden by setting the `LLVM_PROFILE_FILE="yourfile.profraw"` environment variable).