diff options
| author |  Kostya Serebryany <konstantin.s.serebryany@gmail.com> | 2017-01-24 17:54:52 -0800 |
|---|---|---|
| committer |  Oliver Chang <oliverchang@users.noreply.github.com> | 2017-01-24 17:54:52 -0800 |
| commit | 8f2c76afd549b918f34794edd81876acd15408e5 (patch) | |
| tree | a9686f40620909c1af66923427481abf8eb9d5cb | |
| parent | eb014b7706b7c2eb155deee06d54a40b6c02ad56 (diff) | |
better build system description (#315)
| -rw-r--r-- | docs/ideal_integration.md | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/docs/ideal_integration.md b/docs/ideal_integration.md index 613dda59..9cb370d3 100644 --- a/docs/ideal_integration.md +++ b/docs/ideal_integration.md @@ -72,24 +72,26 @@ The syntax is described [here](http://libfuzzer.info/#dictionaries). ## Build support A plethora of different build systems exist in the open-source world. -And the less OSS-Fuzz knows about them, the better it can scale. +And the less OSS-Fuzz knows about them, the better it can scale. An ideal build integration for OSS-Fuzz would look like this: -* For every fuzz target `foo` in the project, there is a build rule that builds `foo_fuzzer.a`, -an archive that contains the fuzzing entry point (`LLVMFuzzerTestOneInput`) -and all the code it depends on, but not the `main()` function. +* For every fuzz target `foo` in the project, there is a build rule that builds `foo_fuzzer`, +a binary that contains the fuzzing entry point (`LLVMFuzzerTestOneInput`) +and all the code it depends on, and that uses the `main()` function from `$LIB_FUZZING_ENGINE` +(env var [provided](new_project_guide.md) by OSS-Fuzz environment). * The build system supports changing the compiler and passing extra compiler -flags so that the build command for a `foo_fuzzer.a` looks similar to this: +flags so that the build command for a `foo_fuzzer` looks similar to this: ```bash -$ CC="clang $FUZZER_FLAGS" CXX="clang++ $FUZZER_FLAGS" make_or_whatever_other_command foo_fuzzer.a +# Assume the following env vars are set: +# CC, CXX, CFLAGS, CXXFLAGS, LIB_FUZZING_ENGINE +$ make_or_whatever_other_command foo_fuzzer ``` -In this case, linking the target with e.g. libFuzzer will look like "clang++ libFuzzer.a foo_fuzzer.a ". -This will allow to have minimal OSS-Fuzz specific configuration and thus be more robust. +This will allow to have minimal OSS-Fuzz-specific configuration and thus be more robust. -There is no point in hardcoding the exact compiler flags in the build system because they -a) may change and b) are different depending on the fuzzing engine and the sanitizer being used. +There is no point in hardcoding the exact compiler flags in the build system because they +a) may change and b) are different depending on the fuzzing engine and the sanitizer being used. ## Not a project member? |