diff options
author | Nikita Popov <nikita.ppv@gmail.com> | 2021-09-22 14:33:06 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-09-22 13:33:06 +0100 |
commit | f0441f995c0712e717b66788e8253bbf0db35bc0 (patch) | |
tree | 701ecd03751288e6204f5eeef1842d774875f33f /projects/php | |
parent | 547f1b61cd99543843f8de23e40b97a15dfa79e8 (diff) |
[php] Add function-jit fuzzer (#6507)
Diffstat (limited to 'projects/php')
-rwxr-xr-x | projects/php/build.sh | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/projects/php/build.sh b/projects/php/build.sh index d082e260..acda9b42 100755 --- a/projects/php/build.sh +++ b/projects/php/build.sh @@ -28,6 +28,9 @@ export ONIG_LIBS="-L$PWD/oniguruma/src/.libs -l:libonig.a" export CFLAGS="$CFLAGS -fno-sanitize=object-size" export CXXFLAGS="$CXXFLAGS -fno-sanitize=object-size" +# Disable JIT profitability checks. +export CFLAGS="$CFLAGS -DPROFITABILITY_CHECKS=0" + # Make sure the right assembly files are picked BUILD_FLAG="" if [ "$ARCHITECTURE" = "i386" ]; then @@ -43,6 +46,7 @@ fi --enable-fuzzer \ --enable-exif \ --enable-mbstring \ + --enable-opcache \ --without-pcre-jit \ --disable-phpdbg \ --disable-cgi \ @@ -67,6 +71,18 @@ php-fuzz-execute" for fuzzerName in $FUZZERS; do cp sapi/fuzzer/$fuzzerName $OUT/ done + +# The JIT fuzzer is fundamentally incompatible with memory sanitizer, +# as that would require the JIT to emit msan instrumentation itself. +# In practice it is currently also incompatible with ubsan. +if [ "$SANITIZER" != "memory" ] && [ "$SANITIZER" != "undefined" ]; then + cp sapi/fuzzer/php-fuzz-function-jit $OUT/ + + # Copy opcache.so extension, which does not support static linking. + mkdir -p $OUT/modules + cp modules/opcache.so $OUT/modules +fi + # copy corpora from source for fuzzerName in `ls sapi/fuzzer/corpus`; do zip -j $OUT/php-fuzz-${fuzzerName}_seed_corpus.zip sapi/fuzzer/corpus/${fuzzerName}/* |