Add -fsanitize=fuzzer-no-link flag to the driver.

The flag will perform instrumentation necessary to the fuzzing, but will NOT link libLLVMFuzzer.a library. Necessary when modifying CFLAGS for projects which may produce executables as well as a fuzzable target. Differential Revision: https://reviews.llvm.org/D36600 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@310733 91177308-0d34-0410-b5e6-96231b3b80d8
robertodr · Aug 11, 2017 · 078b7e8 · 078b7e8
1 parent 58f8240
commit 078b7e8
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 2 deletions.
diff --git a/include/clang/Basic/Sanitizers.def b/include/clang/Basic/Sanitizers.def
@@ -50,6 +50,9 @@ SANITIZER("memory", Memory)
 // libFuzzer
 SANITIZER("fuzzer", Fuzzer)
 
+// libFuzzer-required instrumentation, no linking.
+SANITIZER("fuzzer-no-link", FuzzerNoLink)
+
 // ThreadSanitizer
 SANITIZER("thread", Thread)
 

diff --git a/lib/Driver/SanitizerArgs.cpp b/lib/Driver/SanitizerArgs.cpp
@@ -32,7 +32,7 @@ enum : SanitizerMask {
   RequiresPIE = DataFlow,
   NeedsUnwindTables = Address | Thread | Memory | DataFlow,
   SupportsCoverage = Address | KernelAddress | Memory | Leak | Undefined |
-                     Integer | Nullability | DataFlow | Fuzzer,
+                     Integer | Nullability | DataFlow | Fuzzer | FuzzerNoLink,
   RecoverableByDefault = Undefined | Integer | Nullability,
   Unrecoverable = Unreachable | Return,
   LegacyFsanitizeRecoverMask = Undefined | Integer,
@@ -286,8 +286,11 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
       Add &= ~InvalidTrappingKinds;
       Add &= Supported;
 
-      // Enable coverage if the fuzzing flag is set.
       if (Add & Fuzzer)
+        Add |= FuzzerNoLink;
+
+      // Enable coverage if the fuzzing flag is set.
+      if (Add & FuzzerNoLink)
         CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
                             CoverageTraceCmp | CoveragePCTable;
 

diff --git a/lib/Driver/ToolChains/Darwin.cpp b/lib/Driver/ToolChains/Darwin.cpp
@@ -2018,6 +2018,7 @@ SanitizerMask Darwin::getSupportedSanitizers() const {
   Res |= SanitizerKind::Address;
   Res |= SanitizerKind::Leak;
   Res |= SanitizerKind::Fuzzer;
+  Res |= SanitizerKind::FuzzerNoLink;
   if (isTargetMacOS()) {
     if (!isMacosxVersionLT(10, 9))
       Res |= SanitizerKind::Vptr;

diff --git a/lib/Driver/ToolChains/Linux.cpp b/lib/Driver/ToolChains/Linux.cpp
@@ -828,6 +828,7 @@ SanitizerMask Linux::getSupportedSanitizers() const {
   SanitizerMask Res = ToolChain::getSupportedSanitizers();
   Res |= SanitizerKind::Address;
   Res |= SanitizerKind::Fuzzer;
+  Res |= SanitizerKind::FuzzerNoLink;
   Res |= SanitizerKind::KernelAddress;
   Res |= SanitizerKind::Vptr;
   Res |= SanitizerKind::SafeStack;

diff --git a/test/Driver/fuzzer.c b/test/Driver/fuzzer.c
@@ -21,6 +21,11 @@
 // RUN: %clang -fsanitize=fuzzer %s -shared -o %t.so -### 2>&1 | FileCheck --check-prefixes=CHECK-NOLIB-SO %s
 // CHECK-NOLIB-SO-NOT: libLLVMFuzzer.a
 
+// Check that we don't link in libFuzzer when compiling with -fsanitize=fuzzer-no-link.
+// RUN: %clang -fsanitize=fuzzer-no-link %s -target x86_64-apple-darwin14 -### 2>&1 | FileCheck --check-prefixes=CHECK-NOLIB,CHECK-COV %s
+// CHECK-NOLIB-NOT: libLLVMFuzzer.a
+// CHECK-COV: -fsanitize-coverage-trace-pc-guard
+
 // RUN: %clang -fsanitize=fuzzer -fsanitize-coverage=trace-pc %s -### 2>&1 | FileCheck --check-prefixes=CHECK-MSG %s
 // CHECK-MSG-NOT: argument unused during compilation