diff --git a/Meta/Lagom/CMakeLists.txt b/Meta/Lagom/CMakeLists.txt index 7a11fbcb30a..c98f73456f7 100644 --- a/Meta/Lagom/CMakeLists.txt +++ b/Meta/Lagom/CMakeLists.txt @@ -31,6 +31,10 @@ if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang") set(LINKER_FLAGS "${LINKER_FLAGS} -fsanitize=fuzzer") endif() + set(ORIGINAL_CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS}") + set(ORIGINAL_CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS}") + set(ORIGINAL_CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS}") + set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${LINKER_FLAGS}") set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} ${LINKER_FLAGS}") set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} ${LINKER_FLAGS}") diff --git a/Meta/Lagom/Fuzzers/CMakeLists.txt b/Meta/Lagom/Fuzzers/CMakeLists.txt index dddbe3e521b..9fe96e001d0 100644 --- a/Meta/Lagom/Fuzzers/CMakeLists.txt +++ b/Meta/Lagom/Fuzzers/CMakeLists.txt @@ -34,10 +34,11 @@ add_simple_fuzzer(FuzzShell) add_simple_fuzzer(FuzzTTF) add_simple_fuzzer(FuzzURL) -if (NOT ENABLE_OSS_FUZZ AND NOT ENABLE_FUZZER_SANITIZER) +if (NOT ENABLE_OSS_FUZZ) +set(CMAKE_EXE_LINKER_FLAGS "${ORIGINAL_CMAKE_EXE_LINKER_FLAGS} -fsanitize=address") +set(CMAKE_SHARED_LINKER_FLAGS "${ORIGINAL_CMAKE_SHARED_LINKER_FLAGS} -fsanitize=address") +set(CMAKE_MODULE_LINKER_FLAGS "${ORIGINAL_CMAKE_MODULE_LINKER_FLAGS} -fsanitize=address") add_executable(FuzzilliJs FuzzilliJs.cpp) -# FIXME: For some reason, these option overrides are ignored and FuzzilliJs gets treated -# as a regular fuzzer. Once fixed, please remove the "AND NOT ENABLE_FUZZER_SANITIZER" above. target_compile_options(FuzzilliJs PRIVATE $<$:-g -O1 -fsanitize-coverage=trace-pc-guard> ) diff --git a/Meta/Lagom/Fuzzers/FuzzilliJs.cpp b/Meta/Lagom/Fuzzers/FuzzilliJs.cpp index 74f8a894f90..952d8641ad5 100644 --- a/Meta/Lagom/Fuzzers/FuzzilliJs.cpp +++ b/Meta/Lagom/Fuzzers/FuzzilliJs.cpp @@ -40,7 +40,10 @@ #include #include +#include +#include #include +#include // // BEGIN FUZZING CODE diff --git a/Meta/Lagom/Fuzzers/add-serenity-support-to-fuzzilli.patch b/Meta/Lagom/Fuzzers/add-serenity-support-to-fuzzilli.patch index a36902dfbbe..a10e7caea48 100644 --- a/Meta/Lagom/Fuzzers/add-serenity-support-to-fuzzilli.patch +++ b/Meta/Lagom/Fuzzers/add-serenity-support-to-fuzzilli.patch @@ -1,8 +1,8 @@ diff --git a/Sources/FuzzilliCli/Profiles/Profile.swift b/Sources/FuzzilliCli/Profiles/Profile.swift -index 6d8a795..a506d41 100644 +index 900b4e2..c916e84 100644 --- a/Sources/FuzzilliCli/Profiles/Profile.swift +++ b/Sources/FuzzilliCli/Profiles/Profile.swift -@@ -32,6 +32,33 @@ struct Profile { +@@ -33,6 +33,35 @@ struct Profile { let additionalBuiltins: [String: Type] } @@ -25,6 +25,8 @@ index 6d8a795..a506d41 100644 + crashTests: ["fuzzilli('FUZZILLI_CRASH', 0)", "fuzzilli('FUZZILLI_CRASH', 1)"], + + additionalCodeGenerators: WeightedList([]), ++ ++ additionalProgramTemplates: WeightedList([]), + + disabledCodeGenerators: [], + @@ -36,7 +38,7 @@ index 6d8a795..a506d41 100644 let profiles = [ "qjs": qjsProfile, "jsc": jscProfile, -@@ -39,4 +66,5 @@ let profiles = [ +@@ -40,4 +69,5 @@ let profiles = [ "v8": v8Profile, "duktape": duktapeProfile, "jerryscript": jerryscriptProfile,