diff options
Diffstat (limited to 'docs/getting-started/new_project_guide.md')
-rw-r--r-- | docs/getting-started/new_project_guide.md | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/docs/getting-started/new_project_guide.md b/docs/getting-started/new_project_guide.md index 64d4b8029..d2a7d805b 100644 --- a/docs/getting-started/new_project_guide.md +++ b/docs/getting-started/new_project_guide.md @@ -97,6 +97,7 @@ Programming language the project is written in. Values you can specify include: * [`go`]({{ site.baseurl }}//getting-started/new-project-guide/go-lang/) * [`rust`]({{ site.baseurl }}//getting-started/new-project-guide/rust-lang/) * [`python`]({{ site.baseurl }}//getting-started/new-project-guide/python-lang/) +* [`jvm` (Java, Kotlin, Scala and other JVM-based languages)]({{ site.baseurl }}//getting-started/new-project-guide/jvm-lang/) ### primary_contact, auto_ccs {#primary} The primary contact and list of other contacts to be CCed. Each person listed gets access to ClusterFuzz, including crash reports and fuzzer statistics, and are auto-cced on new bugs filed in the OSS-Fuzz @@ -148,7 +149,8 @@ homepage]({{ site.baseurl }}/further-reading/clusterfuzz#web-interface). ### architectures (optional) {#architectures} The list of architectures to fuzz on. ClusterFuzz supports fuzzing on x86_64 (aka x64) by default. -However you can also fuzz using AddressSanitizer and libFuzzer on i386 (aka x86, or 32 bit) by specifying "x86_64" and "i386" in "architectures" like this: +Some projects can benefit from i386 fuzzing. OSS-Fuzz will build and run +AddressSanitizer with libFuzzer on i386 by doing the following: ```yaml architectures: @@ -192,7 +194,6 @@ For most projects, the image is simple: ```docker FROM gcr.io/oss-fuzz-base/base-builder # base image with clang toolchain RUN apt-get update && apt-get install -y ... # install required packages to build your project -RUN go get ... # install dependencies to build your Go project RUN git clone <git_url> <checkout_dir> # checkout all sources needed to build your project WORKDIR <checkout_dir> # current directory for the build script COPY build.sh fuzzer.cc $SRC/ # copy build script and other fuzzer files in src dir @@ -245,6 +246,30 @@ If your project is written in Go, check out the [Integrating a Go project]({{ si alphanumeric characters, underscore(_) or dash(-). Otherwise, they won't run on our infrastructure. 3. Don't remove source code files. They are needed for code coverage. +### Temporarily disabling code instrumentation during builds + +Sometimes not every 3rd party library might be needed to be instrumented or +tools are being compiled that just support the target built. + +If for any reasons part of the build process should not be instrumented +then the following code snippit can be used for this: + +``` +CFLAGS_SAVE="$CFLAGS" +CXXFLAGS_SAVE="$CXXFLAGS" +unset CFLAGS +unset CXXFLAGS +export AFL_NOOPT=1 + +# +# build commands here that should not result in instrumented code. +# + +export CFLAGS="${CFLAGS_SAVE}" +export CXXFLAGS="${CXXFLAGS_SAVE}" +unset AFL_NOOPT +``` + ### build.sh script environment When your build.sh script is executed, the following locations are available within the image: @@ -334,7 +359,8 @@ generated from the previous `run_fuzzer` step in your local corpus directory. $ python infra/helper.py coverage $PROJECT_NAME --fuzz-target=<fuzz_target> --corpus-dir=<path-to-temp-corpus-dir> ``` -Please refer to +You may need to run `python infra/helper.py pull_images` to use the latest +coverage tools. Please refer to [code coverage]({{ site.baseurl }}/advanced-topics/code-coverage/) for detailed information on code coverage generation. @@ -421,7 +447,7 @@ via GitHub. Please include copyright headers for all files checked in to oss-fuzz: ``` -# Copyright 2020 Google LLC +# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. |