flextool
1.0.0
一個完全開源的,有力的解決方案,用於修改和生成C ++源代碼。減少C ++項目中的樣板代碼量。
主項目頁面:https://blockspacer.github.io/flex_docs/
在Ubuntu 20.04.2 Lts上進行了測試。
可能會在其他經過少量修改的平台上工作。
為了添加依賴項遙控器列表,請鍵入以下命令:
cmake -E time conan config install conan/remotes/
# OR:
# cmake -E time conan config install conan/remotes_disabled_ssl/ 安裝指南
柯南包
注意:使用LLVM構建使用可能需要幾個小時。
下面的命令使用--profile clang12_compiler12_compiler 。
示例柯南個人資料~/.conan/profiles/clang :
[ settings ]
# We are building in Ubuntu Linux
os_build=Linux
os=Linux
arch_build=x86_64
arch=x86_64
compiler=clang
compiler.version=10
compiler.libcxx=libstdc++11
[ env ]
CC=/usr/bin/clang-10
CXX=/usr/bin/clang++-10
[ build_requires ]
cmake_installer/3.15.5@conan/stable創建Clang12_compiler配置文件:
[settings]
# We are building in Ubuntu Linux
os_build=Linux
os=Linux
arch_build=x86_64
arch=x86_64
compiler=clang
compiler.version=12
compiler.libcxx=libstdc++11
compiler.cppstd=17
llvm_9:build_type=Release
[env]
CC=/usr/bin/clang-12
CXX=/usr/bin/clang++-12
[build_requires]
cmake_installer/3.15.5@conan/stable在創建Conan配置文件之前,請參見:https://docs.conan.io/en/latest/using_packages/using_profiles.html。
我們使用.cmake腳本下載和安裝柯南軟件包。
git clone https://github.com/blockspacer/conan_github_downloader.git ~ /conan_github_downloader
cmake
-DSCRIPT_PATH= " $PWD /get_conan_dependencies.cmake "
-DENABLE_CLING=TRUE
-DENABLE_LLVM=TRUE
-DENABLE_LLVM_INSTALLER=FALSE
-DEXTRA_CONAN_OPTS= " --profile;clang12_compiler
;-s;build_type=Debug
;-s;cling_conan:build_type=Release
;-s;llvm_12:build_type=Release
;--build;missing "
-P ~ /conan_github_downloader/conan_github_downloader.cmake
# clean build cache
conan remove " * " --build --force如果要將Flextool及其插件安裝在單個命令中,請將提供的選項更改為tools/buildConanThirdparty.cmake 。
注意: tools/buildConanThirdparty.cmake將執行完整的重建;可能需要幾個小時。
下面的命令使用--profile clang12_compiler12_compiler 。在創建Conan配置文件之前,請參見:https://docs.conan.io/en/latest/using_packages/using_profiles.html。
我們使用buildConanThirdparty.cmake腳本下載和安裝Conan軟件包。
注意:set -DENABLE_CLING=FALSE如果您已經使用tools/buildConanThirdparty.cmake安裝了固定。
git clone https://github.com/blockspacer/conan_github_downloader.git ~ /conan_github_downloader
cmake
-DSCRIPT_PATH= " $PWD /get_conan_dependencies.cmake "
-DENABLE_CLING=TRUE
-DENABLE_LLVM=TRUE
-DENABLE_LLVM_INSTALLER=FALSE
-DENABLE_FLEXTOOL=TRUE
-DENABLE_BASIS_PLUGIN_HELPER=TRUE
-DENABLE_FLEX_REFLECT_PLUGIN=TRUE
-DENABLE_SQUARETS=TRUE
-DENABLE_FLEX_SQUARETS_PLUGIN=TRUE
-DENABLE_FLEX_PIMPL_PLUGIN=TRUE
-DENABLE_FLEX_TYPECLASS_PLUGIN=TRUE
-DENABLE_FLEX_META_PLUGIN=TRUE
-DENABLE_FLEX_META_DEMO=TRUE
-DEXTRA_CONAN_OPTS= " --profile;clang12_compiler
;-s;build_type=Debug
;-s;cling_conan:build_type=Release
;-s;llvm_12:build_type=Release
;--build;missing "
-P ~ /conan_github_downloader/conan_github_downloader.cmake
# clean build cache
conan remove " * " --build --force在下面使用命令重新構建Flextool(必須單獨安裝插件)。
下面的命令使用--profile clang12_compiler12_compiler 。在創建Conan配置文件之前,請參見:https://docs.conan.io/en/latest/using_packages/using_profiles.html
export VERBOSE=1
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
# NOTE: change `build_type=Debug` to `build_type=Release` in production
# NOTE: use --build=missing if you got error `ERROR: Missing prebuilt package`
cmake -E time
conan create . conan/stable
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
--profile clang12_compiler
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
# clean build cache
conan remove " * " --build --forcecompile_commands.json不兼容使用Flextool時禁用編譯數據庫的生成。
如果使用CMAKE,請將CMAKE_EXPORT_COMPILE_COMMANDS設置為FALSE 。
如果compile_commands.json存在於構建文件夾(或父文件夾)中,則Flextool可能會失敗。
由於Flexferrum的autoprogrammer ,該項目是可能的。
有關Flexferrum在媒體中的autoprogrammer的文章:
find . -type f -name " *_buildflags.h " -exec rm {} ;
find . -type f -name " *_buildflags.tmp " -exec rm {} ;
(rm -rf local_build || true)
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
export PKG_NAME=flextool/master@conan/stable
(CONAN_REVISIONS_ENABLED=1
conan remove --force $PKG_NAME || true)
# NOTE: use --build=missing if you got error `ERROR: Missing prebuilt package`
cmake -E time
conan install .
--install-folder local_build
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_12:build_type=Release
-o openssl:shared=True
-e basis:enable_tests=True
-o chromium_base:shared=True
-e chromium_base:enable_tests=True
-o perfetto:is_hermetic_clang=False
--profile clang12_compiler
-e flexlib:enable_tests=True
-o flexlib:shared=False
-o perfetto:is_hermetic_clang=False
-o flexlib:enable_cling=True
-e flextool:enable_tests=True
-o flextool:enable_cling=True
(rm local_build/CMakeCache.txt || true)
cmake -E time
conan source .
--source-folder .
--install-folder local_build
# You can use `cmake --build . -- -j14` on second run.
cmake -E time
conan build .
--build-folder local_build
--source-folder .
--install-folder local_build
conan package .
--build-folder local_build
--package-folder local_build/package_dir
--source-folder .
--install-folder local_build
cmake -E time
conan export-pkg . conan/stable
--package-folder local_build/package_dir
-s build_type=Debug
--force
-s cling_conan:build_type=Release
-s llvm_12:build_type=Release
-o openssl:shared=True
-e basis:enable_tests=True
-o chromium_base:shared=True
-e chromium_base:enable_tests=True
-o perfetto:is_hermetic_clang=False
--profile clang12_compiler
-e flexlib:enable_tests=True
-o flexlib:shared=False
-o perfetto:is_hermetic_clang=False
-o flexlib:enable_cling=True
-e flextool:enable_tests=True
-o flextool:enable_cling=True
cmake -E time
conan test test_package
flextool/master@conan/stable
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_12:build_type=Release
-o openssl:shared=True
-e basis:enable_tests=True
-o chromium_base:shared=True
-e chromium_base:enable_tests=True
-o perfetto:is_hermetic_clang=False
--profile clang12_compiler
-e flexlib:enable_tests=True
-o flexlib:shared=False
-o perfetto:is_hermetic_clang=False
-o flexlib:enable_cling=True
-e flextool:enable_tests=True
-o flextool:enable_cling=True借助可編輯的包裝,您可以告訴柯南在哪裡可以找到當地工作目錄中的標題和工件。無需運行conan create或conan export-pkg 。
有關詳細信息,請參見:https://docs.conan.io/en/latest/developing_packages/editable_packages.html
在本地建造:
export VERBOSE=1
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
cmake -E time
conan install .
--install-folder local_build
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
--profile clang12_compiler
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
cmake -E time
conan source .
--source-folder local_build
--install-folder local_build
conan build .
--build-folder local_build
--source-folder local_build
--install-folder local_build
conan package .
--build-folder local_build
--package-folder local_build/package_dir
--source-folder local_build
--install-folder local_build將軟件包設置為可編輯模式:
conan editable add local_build/package_dir
flextool/master@conan/stable請注意,對conanfile.py進行了修改以通過self.in_local_cache檢測本地構建。
在文件夾local_build中的更改源後(源軟件包文件夾中的運行命令):
conan build .
--build-folder local_build
--source-folder local_build
--install-folder local_build
conan package .
--build-folder local_build
--package-folder local_build/package_dir
--source-folder local_build
--install-folder local_build
建立您的測試項目。
為了恢復可編輯模式,只需使用以下方式刪除鏈接:
conan editable remove
flextool/master@conan/stable允許一次建立多個項目;它只是創建CMakeLists.txt ,並用add_subdirectory指向每個軟件包文件夾。
注意:您可以像往常一樣在IDE中打開工作區(基於CMAKE的項目(將構建目錄轉換為WorksPaceProject路徑)!
有關詳細信息,請參見:https://docs.conan.io/en/latest/developing_packages/workspaces.html
例如,我們希望同時構建Flextool和Flexlib(Flextool需要Flexlib)。
# change ~ to desired build folder
cd ~
# Replace paths to yours!
# Make sure each project in NOT in editable mode!
cat << EOF > ~/conanws.yml
editables:
flexlib/master@conan/stable:
path: /......../flexlib
flextool/master@conan/stable:
path: /......../flextool
layout: layout_flex
workspace_generator: cmake
root:
- flextool/master@conan/stable
EOF
cat << EOF > ~/layout_flex
# This helps to define the location of CMakeLists.txt within package
[source_folder]
.
# This defines where the conanbuildinfo.cmake will be written to
[build_folder]
build/{{settings.build_type}}
EOF mkdir build_flex
cd build_flex
cat << EOF > CMakeLists.txt
cmake_minimum_required(VERSION 3.0)
project(WorkspaceProject)
include( $ {CMAKE_BINARY_DIR}/conanworkspace.cmake)
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flexlib_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flextool_SRC}/cmake")
conan_workspace_subdirectories()
add_dependencies(flextool flexlib)
EOF
# must contain `include(${CMAKE_BINARY_DIR}/conanworkspace.cmake)` without slash `` (slash added for bash cat command)
cat CMakeLists.txt
# combines options from all projects
conan workspace install
../conanws.yml
--profile=clang
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
-o openssl:shared=True
-o chromium_base:shared=True
-e basis:enable_tests=True
-e abseil:enable_llvm_tools=True
-o chromium_base:use_alloc_shim=True
-o chromium_tcmalloc:use_alloc_shim=True
-o perfetto:is_hermetic_clang=False
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
-o flexlib:shared=False
-o flexlib:enable_clang_from_conan=False
-e flexlib:enable_tests=True構建到由conan workspace install創建的文件夾:
# NOTE: change `build_type=Debug` to `build_type=Release` in production
export build_type=Debug
# optional
# remove old CMakeCache
(rm CMakeCache.txt || true)
# configure via cmake
cmake -E time cmake .
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DENABLE_TESTS=TRUE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=ON
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE= ${build_type}
# remove generated files
# change paths to yours
# rm ~/flex_typeclass_plugin/build/Debug/*generated*
# build code
cmake -E time cmake --build .
--config ${build_type}
-- -j8
# run unit tests for flexlib
cmake -E time cmake --build .
--config ${build_type}
--target flexlib_run_all_tests
# run unit tests for flextool
cmake -E time cmake --build .
--config ${build_type}
--target flextool_run_all_tests工作區允許快速更改現有源文件。
我們使用self.in_local_cache檢測柯南可編輯模式:
# Local build
# see https://docs.conan.io/en/latest/developing_packages/editable_packages.html
if not self . in_local_cache :
self . copy ( "conanfile.py" , dst = "." , keep_path = False )確保所有目標都具有全球獨特的名稱。
例如:您無法在每個項目中都有一個具有相同名稱的目標,例如“測試”。您可以通過將特定於項目的前綴添加到每個目標的名稱中來解決該問題,例如“ $ {root_project_name} -test_main_gtest”。
因為CMAKE_BINARY_DIR將指向conan workspace install創建的文件夾,請確保您更喜歡CMAKE_CURRENT_BINARY_DIR而不是CMAKE_BINARY_DIR等。
安裝之前:插件需要預先構建的Flextool(在同一工作區中)。您必須在沒有插件的情況下構建工作區;只有這樣,您才能使用插件重新構建它。
將插件添加到YML文件:
editables :
chromium_base/master@conan/stable :
path : /........./chromium_base
basis/master@conan/stable :
path : /........./basis
flex_support_headers/master@conan/stable :
path : /........./flex_support_headers
flexlib/master@conan/stable :
path : /........./flexlib
flextool/master@conan/stable :
path : /........./flextool
flex_reflect_plugin/master@conan/stable :
path : /........./flex_reflect_plugin
squarets/master@conan/stable :
path : /........./squarets
flex_squarets_plugin/master@conan/stable :
path : /........./flex_squarets_plugin
flex_typeclass_plugin/master@conan/stable :
path : /........./flex_typeclass_plugin
flex_pimpl_plugin/master@conan/stable :
path : /........./flex_pimpl_plugin
flex_meta_plugin/master@conan/stable :
path : /........./flex_meta_plugin
flex_meta_demo/master@conan/stable :
path : /........./flex_meta_demo
layout : layout_flex
workspace_generator : cmake
root :
- flex_reflect_plugin/master@conan/stable
- squarets/master@conan/stable
- flex_squarets_plugin/master@conan/stable
- flex_typeclass_plugin/master@conan/stable
- flex_pimpl_plugin/master@conan/stable
- flex_meta_plugin/master@conan/stable
- flex_meta_demo/master@conan/stable在CMakeLists.txt中使用add_dependencies :
mkdir build_flex
cd build_flex
cat << EOF > CMakeLists.txt
cmake_minimum_required(VERSION 3.0)
project(WorkspaceProject)
include( $ {CMAKE_BINARY_DIR}/conanworkspace.cmake)
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_chromium_base_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_basis_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_support_headers_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flexlib_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_reflect_plugin_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_squarets_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_squarets_plugin_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_typeclass_plugin_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_meta_plugin_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_meta_demo_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flex_pimpl_plugin_SRC}/cmake")
list(PREPEND CMAKE_MODULE_PATH " $ {PACKAGE_flextool_SRC}/cmake")
conan_workspace_subdirectories()
add_dependencies(basis chromium_base-static)
add_dependencies(flexlib basis)
add_dependencies(flextool flexlib basis flex_support_headers)
add_dependencies(flex_reflect_plugin flextool)
add_dependencies(flex_squarets_plugin squarets)
add_dependencies(flex_squarets_plugin flextool)
add_dependencies(flex_pimpl_plugin flextool)
add_dependencies(flex_pimpl_plugin flex_reflect_plugin)
add_dependencies(flex_pimpl_plugin flex_squarets_plugin)
add_dependencies(flex_typeclass_plugin flextool)
add_dependencies(flex_typeclass_plugin flex_squarets_plugin)
add_dependencies(flex_meta_demo flex_meta_plugin)
add_dependencies(flex_meta_demo flex_typeclass_plugin)
add_dependencies(flex_meta_demo flex_pimpl_plugin)
add_dependencies(flex_meta_demo flex_squarets_plugin)
EOF將插件選項添加到conan workspace install :
# combines options from all projects
conan workspace install
../conanws.yml
--profile=clang
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
-e basis:enable_tests=True
-o openssl:shared=True
-o chromium_base:shared=True
-o chromium_base:use_alloc_shim=True
-o perfetto:is_hermetic_clang=False
-o chromium_tcmalloc:use_alloc_shim=True
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
-o flexlib:shared=False
-o flexlib:enable_clang_from_conan=False
-e flexlib:enable_tests=True
-o flex_reflect_plugin:shared=True
-o flex_reflect_plugin:enable_clang_from_conan=False
-e flex_reflect_plugin:enable_tests=True
-o squarets:shared=False
-o squarets:enable_clang_from_conan=False
-e squarets:enable_tests=True
-o flex_squarets_plugin:shared=False
-o flex_squarets_plugin:enable_clang_from_conan=False
-e flex_squarets_plugin:enable_tests=True
-o flex_meta_plugin:shared=False
-o flex_meta_plugin:enable_clang_from_conan=False
-e flex_meta_plugin:enable_tests=True
-o flex_typeclass_plugin:shared=False
-o flex_typeclass_plugin:enable_clang_from_conan=False
-e flex_typeclass_plugin:enable_tests=True
-o flex_pimpl_plugin:shared=False
-o flex_pimpl_plugin:enable_clang_from_conan=False
-e flex_pimpl_plugin:enable_tests=True
-o flex_meta_demo:enable_clang_from_conan=False
-e flex_meta_demo:enable_tests=True構建和測試工作區:
# NOTE: change `build_type=Debug` to `build_type=Release` in production
export build_type=Debug
# optional
# remove old CMakeCache
(rm CMakeCache.txt || true)
# configure via cmake
cmake -E time cmake .
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DENABLE_TESTS=TRUE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=ON
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE= ${build_type}
# remove generated files
# change paths to yours
# rm ~/flex_typeclass_plugin/build/Debug/*generated*
# build code
cmake -E time cmake --build .
--config ${build_type}
-- -j8
# run unit tests for flexlib
cmake -E time cmake --build .
--config ${build_type}
--target flexlib_run_all_tests
# run unit tests for flextool
cmake -E time cmake --build .
--config ${build_type}
--target flextool_run_all_tests
# run unit tests for flex_reflect_plugin
cmake -E time cmake --build .
--config ${build_type}
--target flex_reflect_plugin_run_all_tests
# run unit tests for squarets
cmake -E time cmake --build .
--config ${build_type}
--target squarets_run_all_tests
# run unit tests for flex_squarets_plugin
cmake -E time cmake --build .
--config ${build_type}
--target flex_squarets_plugin_run_all_tests
# run unit tests for flex_squarets_plugin
cmake -E time cmake --build .
--config ${build_type}
--target flex_meta_plugin_run_all_tests
# run unit tests for flex_squarets_plugin
cmake -E time cmake --build .
--config ${build_type}
--target flex_typeclass_plugin_run_all_tests
# run unit tests for flex_squarets_plugin
cmake -E time cmake --build .
--config ${build_type}
--target flex_pimpl_plugin_run_all_tests
# run unit tests for flex_squarets_plugin
cmake -E time cmake --build .
--config ${build_type}
--target flex_meta_demo_run_all_tests確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True 。
通過柯南安裝cppcheck:
cd /tmp
git clone -b testing/1.90 https://github.com/bincrafters/conan-cppcheck_installer.git
cd conan-cppcheck_installer
export VERBOSE=1
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
# NOTE: change `build_type=Debug` to `build_type=Release` in production
# NOTE: use --build=missing if you got error `ERROR: Missing prebuilt package`
cmake -E time
conan create . conan/stable
-s build_type=Release
# clean build cache
conan remove " * " --build --force用法(使用-DENABLE_CPPCHECK=ON運行cmake):
# creates local build in separate folder and runs cmake targets
# NOTE: -DCLEAN_OLD="OFF" to keep generated html report
cmake -DCPPCHECK= " ON " -DCLEAN_OLD= " OFF " -P tools/run_tool.cmake # `index.html` must exist
# find $PWD -name index.html打開“ index.html”以查看結果。
提供單個上下文來管理和運行多個腳本的桌面應用程序。
簡化了本地開發環境的設置;這避免了打開許多殼終端。
您可以在package.json或plugin/vue-cli-plugin/ui.js中添加自定義命令:
# Before: Install Latest Node.js and NPM
# see https://tecadmin.net/install-latest-nodejs-npm-on-ubuntu/
node --version
npm --version通過NPM構建您的項目:
npm installsudo npm install -g @vue/cli
sudo vue ui --dev --port 8061打開http://localhost:8061/ 。
導入項目目錄。
選擇Tasks ,例如構建/測試...
任務可以在package.json中更改。
注意:我們僅將package.json用於任務。柯南由名為conanfile.txt的文件控制。
有用的鏈接:
我們使用.gdbinit添加“ add-auto-load-saf-path”。
有關.gdbinit的更多詳細信息,請閱讀:https://metricpanda.com/tips-for-productive-debugging-with-gdb
有關gdb的更多詳細信息,請閱讀:http://www.yolinux.com/tutorials/gdb-commands.html
GDB調試會話可以像這樣自動化:
# see https://gist.github.com/williballenthin/8bd6e29ad8504b9cb308039f675ee889
gdb
-ex " run "
-ex " set pagination off "
-ex " bt "
-ex " set confirm off "
-ex " quit "
--args
${APP_EXE}
${APP_CMD_ARGS} 確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True 。
有關詳細信息,請參見:
安裝Valgrind:
sudo apt install valgrind # Ubuntu, Debian, etc.
# OR
sudo yum install valgrind # RHEL, CentOS, Fedora, etc.注意:確保設置use_alloc_shim=False和enable_valgrind=True (請參見下文)。
通過cmake運行valgrind:
export VERBOSE=1
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
# NOTE: set `use_alloc_shim=False` and `enable_valgrind=True` for valgrind support
cmake -E time
conan install .
--install-folder local_build_valgrind
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
--profile clang12_compiler
-o flextool:enable_valgrind=True
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
-e abseil:enable_llvm_tools=True
-o chromium_base:enable_valgrind=True
-e chromium_base:enable_llvm_tools=True
-o chromium_base:use_alloc_shim=False
-o perfetto:is_hermetic_clang=False
-o basis:enable_valgrind=True
-e basis:enable_llvm_tools=True
-o flexlib:enable_valgrind=True
-e flexlib:enable_llvm_tools=True
-o flexlib:enable_clang_from_conan=False
-o chromium_tcmalloc:use_alloc_shim=False
--build chromium_base
--build chromium_tcmalloc
--build basis
--build flexlib
cd ~ /flextool
# see section about `conan editable mode`
cd local_build_valgrind
# optional
# remove old CMakeCache
(rm CMakeCache.txt || true)
# remove old build artifacts
rm -rf flextool
rm -rf bin
find . -iname ' *.o ' -exec rm {} ;
find . -iname ' *.a ' -exec rm {} ;
find . -iname ' *.dll ' -exec rm {} ;
find . -iname ' *.lib ' -exec rm {} ;
# NOTE: -DENABLE_VALGRIND=ON
cmake ..
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DENABLE_VALGRIND=ON
-DENABLE_TESTS=TRUE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=ON
-DENABLE_VALGRIND_TESTS=TRUE
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE=Debug
# NOTE: to run some tests under valgrind
# use `-DENABLE_VALGRIND_TESTS=TRUE`
cmake -E time cmake --build .
--target flextool-gmock_run_valgrind
# Cmake will print valgrind command that was executed.
# You can copy executed command and add custom command-line arguments:
# --gtest_filter=ToolsSanityTest.DISABLED_ValgrindTest
# --gtest_also_run_disabled_tests
# search for valgrind log file
find $PWD -name * valgrind * .log要查找洩漏,您可以在日誌文件中definitely lost 。
注意:您可以在cmake/valgrind.cfg中添加valgrind抑制。
注意:使用調試標誌編譯程序,以在Valgrind下運行。
注意:使用valgrind --tool=helgrind檢測潛在的死鎖和數據競賽。
注意:使用valgrind --tool=massif --massif-out-file=massif_file --stacks=true以測量堆的大小。另請參閱:https://kde.org/applications/development/org.kde.massif-visalizer
有關詳細信息,請參見:https://stackoverflow.com/a/44989219
TODO:嘗試使用Valgrind和Clang構建10 https://stackoverflow.com/questions/40509986/valgrind-reporting-mismist-free-delete-delete-delete
TODO:Valgrind可能不支持Chromium Base,FixMe。並刪除gtest_no_suite
確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True
安裝clang-tidy:
sudo apt-get install clang-tidy # Ubuntu, Debian, etc.
# OR
sudo yum install clang-tidy # RHEL, CentOS, Fedora, etc.用法(使用-DENABLE_CLANG_TIDY=ON運行cmake):
# creates local build in separate folder and runs cmake targets
cmake -DCLANG_TIDY= " ON " -DCLEAN_OLD= " ON " -P tools/run_tool.cmake確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True
有關詳細信息,請參見:https://chromium.googlesource.com/chromium/src.git/ +/master/docs/clang_static_analyzer.md and https://clang-analyzer.llvm.lvm.gm.gm.org/scan-build.html.html.html
該程序CCC-Analyzer的作用就像是假編譯器,將其命令線論點轉發給編譯器以執行常規編譯並clang曲以執行靜態分析。
運行配置通常會生成具有編譯器硬有線路徑的makefiles,並且通過通過掃描構建運行配置,該路徑設置為CCC-Analyzer。
# must exist
ccc-analyzer -v
# must exist
c++-analyzer -v
# must exist
scan-build -v
export VERBOSE=1
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
cmake -E time
conan install .
--install-folder local_build_scan_build
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
--profile clang12_compiler
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
cmake -E time
conan source .
--source-folder local_build_scan_build
--install-folder local_build_scan_build
# see section about `conan editable mode`
cd local_build_scan_build
# NOTE: change `build_type=Debug` to `build_type=Release` in production
export build_type=Debug
# optional
# remove old CMakeCache
(rm CMakeCache.txt || true)
# NOTE: changed CMAKE_C_COMPILER to ccc-analyzer (!!!)
# configure via cmake
scan-build
--use-cc=clang-10
--use-c++=clang++-10
-o ./scanbuildout/
cmake ..
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DCMAKE_C_COMPILER=ccc-analyzer
-DCMAKE_CXX_COMPILER=c++-analyzer
-DENABLE_TESTS=FALSE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=OFF
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE= ${build_type}
# remove old build artifacts
(make clean || true)
rm -rf bin
# NOTE: requires project configured in debug build
# disable other static analyzers
# run from build directory
scan-build
-maxloop 8
-enable-checker alpha.security.taint.TaintPropagation
-enable-checker alpha.core.BoolAssignment
-enable-checker alpha.core.CastSize
-enable-checker alpha.core.DynamicTypeChecker
-enable-checker alpha.core.FixedAddr
-enable-checker alpha.core.IdenticalExpr
-enable-checker alpha.core.PointerArithm
-enable-checker alpha.core.PointerSub
-enable-checker alpha.core.SizeofPtr
-enable-checker alpha.core.TestAfterDivZero
-enable-checker alpha.deadcode.UnreachableCode
-enable-checker alpha.security.ArrayBoundV2
-enable-checker alpha.security.MallocOverflow
-enable-checker alpha.security.ReturnPtrRange
-enable-checker alpha.unix.PthreadLock
-enable-checker alpha.unix.Stream
-enable-checker alpha.unix.cstring.BufferOverlap
-enable-checker alpha.unix.cstring.NotNullTerminated
-enable-checker alpha.unix.cstring.OutOfBounds
-enable-checker nullability.NullableDereferenced
-enable-checker optin.performance.Padding
-enable-checker security.insecureAPI.rand
-enable-checker security.insecureAPI.strcpy
--use-cc=clang-10
--use-c++=clang++-10
-o ./scanbuildout/
make
-j8打開產生的scanbuildout/...../index.html文件
確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True
有關詳細信息,請參見:https://github.com/myint/cppclean
安裝:
pip install --index-url=https://pypi.python.org/simple/ --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org --upgrade cppclean用法(使用-DENABLE_CPPCLEAN=ON運行cmake):
# creates local build in separate folder and runs cmake targets
cmake -DCPPCLEAN= " ON " -DCLEAN_OLD= " ON " -P tools/run_tool.cmake注意:cppclean要求文件編碼為: UTF-8 without BOM (ASCII)
確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True
包括您使用的內容(IWYU)是一個旨在優化的項目。
它將計算所需的標頭,並添加 /刪除均應適當。
有關詳細信息,請參見:https://include-what-you-use.org/
用法(使用-DENABLE_IWYU=ON運行cmake):
# creates local build in separate folder and runs cmake targets
cmake -DIWYU= " ON " -DCLEAN_OLD= " ON " -P tools/run_tool.cmake CodeStyle:使用// IWYU pragma: associated 。
注意:閱讀有關IWYU PRAGMAS:https://github.com/include-what-you-use/include-what-what-you-use/blob/blob/master/master/docs/iwyupragmas.md
注意:請勿使用“ bit/”或“/delect/*”包含“ bits/”或
有關詳細信息,請參見:
使用-DUSE_CCACHE=ON
gcc -v
export CC=gcc
export CXX=g++
# NOTE: -DUSE_CCACHE=ON
cmake ..
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DUSE_CCACHE=ON
-DENABLE_TESTS=FALSE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=OFF
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE=Debug有關詳細信息,請參見:https://www.virag.si/2015/07/use-ccace-with-cmake-for-for-faster-compilation/
為了充分利用CCACHE,請將類似的內容放入: ~/.ccache/ccache.conf :
max_size = 50.0G # or whatever cache size you prefer; default is 5G; 0 means unlimited
base_dir = /home/yourname # or wherever you keep your source files注意:CCACHE需要在不同的存儲庫 /路徑上共享同一文件的緩存編譯所必需的base_dir ;它只會對base_dir下的路徑進行此操作。因此,此選項是有效地使用git工作室的CCACHE(如下所述)。
您不得將base_dir設置為“/”,也不能將包含系統標頭的任何地方(根據CCACHE文檔)。
安裝:
sudo apt-get install ccache
# On OS X use homebrew:
# brew install ccache
ccache --version使用-DUSE_LD_GOLD=ON
gcc -v
export CC=gcc
export CXX=g++
# NOTE: -DUSE_LD_GOLD=ON
cmake ..
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DUSE_LD_GOLD=ON
-DENABLE_TESTS=FALSE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=OFF
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE=Debug有關詳細信息,請參見:https://cristianadam.eu/20170709/speeding-up-cmake/
注意:默認情況下沒有螺紋,使用“ - enable-threads”配置
注意:默認情況下螺紋可能比黃金快
確保使用-e flextool使用Debug構建-e flextool:enable_llvm_tools=True
有關詳細信息,請參見:https://oclint-docs.readthedocs.io/en/stable/devel/codingstandards.html
安裝:
cd ~
wget --no-check-certificate https://github.com/oclint/oclint/releases/download/v0.13.1/oclint-0.13.1-x86_64-linux-4.4.0-112-generic.tar.gz
# mirror 1: http://github.strcpy.cn/oclint/oclint/releases/download/v0.13.1/oclint-0.13.1-x86_64-linux-4.4.0-112-generic.tar.gz
# mirror 2: http://archives.oclint.org/releases/0.8/oclint-0.8.1-x86_64-linux-3.13.0-35-generic.tar.gz
tar -xzvf oclint-0.13.1-x86_64-linux-4.4.0-112-generic.tar.gz
rm -rf oclint-0.13.1-x86_64-linux-4.4.0-112-generic.tar.gz
export OCLINT_HOME= ~ /oclint-0.13.1
export PATH= $OCLINT_HOME /bin: $PATH
oclint -version用法(使用-DENABLE_OCLINT=ON運行cmake):
# NOTE: -DCLEAN_OLD="OFF" to keep generated html report
# creates local build in separate folder and runs cmake targets
cmake -DOCLINT= " ON " -DCLEAN_OLD= " OFF " -P tools/run_tool.cmake # `report.html` must exist
# find $PWD -name report.htmlOpen Report Report.html
參見Oclint教程:http://docs.oclint.org/en/stable/intro/tutorial.html
請參閱以下網址:https://oclint-docs.readthedocs.io/en/stable/rules/列表
注意:您可以抑制Oclint警告http://docs.oclint.org/en/stable/howto/suppress.html#oclint-comment
有關詳細信息,請參見:https://clang.llvm.org/docs/clangformat.html
用法(使用-DENABLE_CLANG_FORMAT=ON運行cmake):
# creates local build in separate folder and runs cmake targets
cmake -DCLANG_FORMAT= " ON " -DCLEAN_OLD= " ON " -P tools/run_tool.cmake我們使用.clang-format文件。有關詳細信息,請參見:https://clang.llvm.org/docs/clangformatstyleoptions.html
注意:我們使用DisableFormat ,因此Clang-Format只會更改基於SortIncludes的順序。
不幸的是, clang-format不夠配置,因此只能用於排序。請參閱:https://stackoverflow.com/a/32191189
我們使用不穩定的Bacause Clang-Format和Astyle不支持很多選擇。
有關詳細信息,請參見:https://patrickhenson.com/2018/06/07/uncrustify-configuration.html
安裝:
cd ~
git clone https://github.com/uncrustify/uncrustify.git
cd uncrustify
mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
cmake --build .
export UNCRUSTIFY_HOME= ~ /uncrustify/build
export PATH= $UNCRUSTIFY_HOME : $PATH
# OR sudo make install
uncrustify --version用法(使用-DENABLE_UNCRUSTIFY=ON運行cmake):
# creates local build in separate folder and runs cmake targets
cmake -DUNCRUSTIFY= " ON " -DCLEAN_OLD= " ON " -P tools/run_tool.cmake我們使用uncrustify.cfg文件。有關詳細信息,請參見:https://patrickhenson.com/2018/06/07/uncrustify-configuration.html
要獲取所有可用選項的列表,請使用:
uncrustify --show-config不穩定具有許多可配置的選項。您可能還需要通用縮進GUI(在Konstantin的答復中)來配置它:http://universalindent.sourceforge.net/
使用包含/* *INDENT-OFF* */和/* *INDENT-ON* */以禁用源文件部分的處理。
請參閱uncrustify.cfg的disable_processing_cmt :
# Specify the marker used in comments to disable processing of part of the
# file.
# The comment should be used alone in one line.
#
# Default: *INDENT-OFF*
disable_processing_cmt = " *INDENT-OFF* " # string
# Specify the marker used in comments to (re)enable processing in a file.
# The comment should be used alone in one line.
#
# Default: *INDENT-ON*
enable_processing_cmt = " *INDENT-ON* " # string您可以與IDE集成uncrustify :
請參閱https://github.com/blockspacer/llvm_9_installer#how-to-us-sanitizers
需要enable_llvm_tools=True , compile_with_llvm_tools=True ,and llvm_tools:build_type=Release :
-s llvm_tools:build_type=Release
-e flextool:enable_llvm_tools=True
-e flextool:compile_with_llvm_tools=True
-o llvm_tools:include_what_you_use=True
...enable_llvm_tools從柯南安裝clang 10compile_with_llvm_tools設置使用conan所需的CMAKE變量運行conan install或使用以下方式conan create
# OR create conan profile https://docs.conan.io/en/latest/reference/profiles.html
-s compiler=clang
-s compiler.version=10
-s compiler.libcxx=libc++注意:更改編譯器可能需要重建所有DEP( --build=missing )。
例如,在本地構建的情況下:
export CC= $( find ~ /.conan/data/llvm_tools/master/conan/stable/package/ -path " *bin/clang " | head -n 1 )
export CXX= $( find ~ /.conan/data/llvm_tools/master/conan/stable/package/ -path " *bin/clang++ " | head -n 1 )
export VERBOSE=1
export CONAN_REVISIONS_ENABLED=1
export CONAN_VERBOSE_TRACEBACK=1
export CONAN_PRINT_RUN_COMMANDS=1
export CONAN_LOGGING_LEVEL=10
# NOTE: NO `--profile` argument cause we use `CXX` env. var
# NOTE: you may want to re-build `cling_conan` with clang 10
cmake -E time
conan install .
--install-folder local_build_clang_10
-s build_type=Debug
-s cling_conan:build_type=Release
-s llvm_tools:build_type=Release
--build missing
--build cascade
-s cling_conan:compiler=clang
-s cling_conan:compiler.version=10
-s cling_conan:compiler.libcxx=libstdc++11
-o llvm_tools:include_what_you_use=True
-s llvm_tools:compiler=clang
-s llvm_tools:compiler.version=10
-s llvm_tools:compiler.libcxx=libstdc++11
-e flextool:enable_tests=True
-e flextool:enable_llvm_tools=True
-e flextool:compile_with_llvm_tools=True
-e boost:enable_llvm_tools=True
-e boost:compile_with_llvm_tools=True
-s compiler=clang
-s compiler.version=10
-s compiler.libcxx=libc++
cmake -E time
conan source .
--source-folder local_build_clang_10
--install-folder local_build_clang_10
# remove old CMakeCache
(rm local_build_clang_10/CMakeCache.txt || true)
# see section about `conan editable mode`
conan build .
--build-folder local_build_clang_10
--source-folder local_build_clang_10
--install-folder local_build_clang_10執行檢查:
# check that `libcpp` symbol exists
nm -an EXECUTABLE_PATH | grep libcpp
# list linked dynamic libs
ldd EXECUTABLE_PATH MCSS_ROOT_DIR_FOR_DOCS必須指向m.css來源,如下:
cd ~
git clone https://github.com/mosra/m.css.git
pip3 install jinja2 Pygments
sudo apt install
texlive-base
texlive-latex-extra
texlive-fonts-extra
texlive-fonts-recommended
sudo apt-get install doxygen
sudo apt install python3-pip
# /usr/bin/python must point to python3
/usr/bin/python --version
# NOTE: switch to python3 for doxygen or use -DPYTHON_EXECUTABLE=/usr/bin/python3
alias python= ' /usr/bin/python3 '
# You may need sudo here
pip3 install jinja2 Pygments
sudo apt install
texlive-base
texlive-latex-extra
texlive-fonts-extra
texlive-fonts-recommended使用'-target doxydoc'和-DBUILD_DOXY_DOC=ON cmake build
cd ~ /flextool
# see section about `conan editable mode`
cd local_build_clang_10
# optional
# remove old CMakeCache
(rm CMakeCache.txt || true)
# remove old build artifacts
rm -rf flextool
rm -rf bin
find . -iname ' *.o ' -exec rm {} ;
find . -iname ' *.a ' -exec rm {} ;
find . -iname ' *.dll ' -exec rm {} ;
find . -iname ' *.lib ' -exec rm {} ;
# remove old build docs
rm -rf doc-mcss
rm -rf docs
cmake -E make_directory " doc-mcss "
# NOTE: you can change python version like so: -DPYTHON_EXECUTABLE=/usr/bin/python3
cmake ..
-DCMAKE_VERBOSE_MAKEFILE=TRUE
-DMCSS_ROOT_DIR_FOR_DOCS= $HOME /m.css
-DPYTHON_EXECUTABLE=/usr/bin/python3
-DENABLE_TESTS=TRUE
-DBASE_NEED_GEN_BUILD_DATE=FALSE
-DENABLE_DOCTEST=ON
-DBUILD_DOXY_DOC=ON
-DBUILD_SHARED_LIBS=FALSE
-DCONAN_AUTO_INSTALL=OFF
-DCMAKE_BUILD_TYPE=Debug
-DDOXY_ROOT_DIR= $PWD /doc-mcss
-DDOXY_DOC_COMMON_IMG_PATH= $PWD /..
-DPROJECT_SOURCES_DIR_FOR_DOCS= $PWD /../src
cmake -E time cmake --build .
--target doxyDoc_notheme
cmake -E time cmake --build .
--target doxyDoc
# Use to find index.html
find $PWD -name * .html打開doxydoc/html/index.html
注意:文檔命名空間/docs/namespaces.dox
注意:輸出中根本不存在文件,目錄和符號
使用的評論樣式:
/ **
* @brief Path utils
*
* Example usage:
*
* @code{.cpp}
* const ::fs::path workdir = storage::getThisBinaryDirectoryPath ();
* @endcode
** /看:
有關詳細信息,請參見:https://afl-1.readthedocs.io/en/latest/index.html
注意:更喜歡github.com/google/afl或aflplus.plus,而不是從lcamtuf.coredump.cx/afl更新AFL
模糊是黑匣子軟件測試技術。
模糊包括以自動化的方式使用畸形/半故障數據注入發現實現錯誤。
Fuzzer試圖修改輸入,以便它可以達到程序代碼的盡可能多的行。
因此,模糊允許在正常使用中發現很難達到的代碼路徑中發現漏洞。
使用以下命令安裝 +編譯源代碼:
# optional
# sudo apt-get update
# optional
# sudo apt-get -y install autoconf automake bison build-essential
ca-certificates llvm-dev libtool libtool-bin
libglib2.0-dev make nasm wget
# Tested with clang 10 and gcc 7
sudo apt-get -y install clang-10 g++-7 gcc-7
export CXX=g++-7
export CC=gcc-7
export PATH=/usr/bin/: $PATH
$CC -v
# llvm-config binary that coresponds to the same clang you are using to compile
export LLVM_CONFIG=/usr/bin/llvm-config-10
$LLVM_CONFIG --cxxflags
cd ~
git clone -b v2.56b https://github.com/google/AFL.git --recursive
# NOTE: original AFL not updated since November 2017,
# so prefer `google/AFL.git` to `lcamtuf.coredump.cx/afl`
# wget http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz
# tar -xf afl-latest.tgz
# rm afl-latest.tgz
# cd afl*
cd AFL
make
# build llvm using the sample compiler as afl code uses
# see https://groups.google.com/forum/#!topic/afl-users/1WqZpGXvYY0
make
-C llvm_mode
LLVM_CONFIG= $LLVM_CONFIG
CC=clang-10
CXX=clang++-10
#
# optional
# cd qemu_mode
# ./build_qemu_support.sh
# cd ..
#
make
-C libdislocator
make
-C libtokencap
sudo make install
# OR add to PATH via export PATH=$PATH:...
# do not forget to reset CC and LLVM_CONFIG
unset CXX
unset CC
unset LLVM_CONFIG我們使用AFL編譯器編譯代碼: -DCMAKE_C_COMPILER=afl-clang-fast , -DCMAKE_CXX_COMPILER=afl-clang-fast++和-DCMAKE_LINKER=afl-clang-fast 。
驗證二進製文件是否使用AFL編譯器: nm BINARY_PATH | grep afl
使用一些消毒劑構建應用程序並啟用了調試信息:( -DENABLE_ASAN=ON等):
注意:使用地址消毒劑時,有一些事情要考慮。即使ASAN發現違反內存訪問權限,也不會自動崩潰應用程序。使用自動模糊工具時,這是一個問題,因為他們通常嘗試通過檢查返回代碼來檢測Segfaults。但是,當環境變量發生錯誤之前,我們可以將Asan迫使Asan崩潰軟件: export ASAN_OPTIONS='abort_on_error=1'
注意:禁用自定義內存分配功能。這可以隱藏內存訪問錯誤並阻止檢測內存訪問錯誤。
# see https://afl-1.readthedocs.io/en/latest/instrumenting.html
# Setting AFL_HARDEN automatically adds code hardening options
# when invoking the downstream compiler.
# This includes -D_FORTIFY_SOURCE=2 and -fstack-protector-all.
# NOTE: _FORTIFY_SOURCE not compatible with ASAN
# export AFL_HARDEN=1
# see https://aflplus.plus/docs/env_variables/
export AFL_EXIT_WHEN_DONE=1
# By default, the wrapper appends -O3 to optimize builds.
export AFL_DONT_OPTIMIZE=1
# or AFL_USE_MSAN, etc.
# READ https://aflplus.plus/docs/notes_for_asan/
NOTE: if you run several slaves only one should run the
# target compiled with ASAN (and UBSAN, CFISAN),
# the others should run the target with no sanitizers compiled in.
export AFL_USE_UBSAN=1
export AFL_USE_ASAN=1
# AFL_PRELOAD causes AFL to set LD_PRELOAD for the target binary
# without disrupting the afl-fuzz process itself.
# This is useful, among other things, for bootstrapping libdislocator.so.
# see __AFL_LOOP
# export AFL_PERSISTENT=1
# make sure you compile app with `-fsanitize=address` or `-fsanitize=memory` etc.注意:使用AFL_DONT_OPTIMIZE=1 ;閱讀:http://moyix.blogspot.com/2016/07/fuzzing-with-afl-afl-is-an-art.html
有關詳細信息,請參見:與AFL一起使用Asan
在模糊程序之前,我們可能需要切換到root用戶以安排core_pattern。登錄為root並鍵入以下命令:
# see https://afl-1.readthedocs.io/en/latest/tips.html#check-os-configuration
sudo su
# disable core dumps and CPU frequency scaling on your system (AFL will warn you if you should do this)
echo core > /proc/sys/kernel/core_pattern
# afl-fuzz will usually complain that you should change your `CPUFREQ` settings to performance because the automatic frequency scaling by the Linux kernel doesn't work well with afl.
echo performance | tee /sys/devices/system/cpu/cpu * /cpufreq/scaling_governor
exit注意:請勿使用root訪問運行fuzzer
注意:為絨毛獲得紮實的環境;切勿在低配置的虛擬機上運行模糊器。
afl-fuzz用於運行AFL。實際語法如下:
# see https://afl-1.readthedocs.io/en/latest/fuzzing.html#fuzzing-binaries
# -i is a directory of files to use as fuzz input "seeds"
# -o is a directory to write the results (including inputs that provoke crashes or hangs)
# -m is the memory allowed to use. Example: -m500
# You can use -m none to disable memory limit
# -t is the maximum time that a run is allowed to take before being declared a "hang"
# Timeout of 10 seconds: -t 10000
# @@ is fuzzer input file name
# if you skip @@ it will pass the fuzzed file on the standard input
AFL_PERSISTENT=1 afl-fuzz -i [TESTCASE DIR] -o [RESULT_DIR] [TARGET_BINARY] [BINARY_PARAMS] @@
# Example 1: runs `tar` with arguments `xfJ @@ -C fuzz-garbage/ --force-local`
# where @@ is fuzzer input file name
./afl-1.56b/afl-fuzz -i fuzz-input/ -o fuzz-state/ -t 10000 ~ /tar-1.28/src/tar xfJ @@ -C fuzz-garbage/ --force-local
# Example 2: server is dual core, so we can run one AFL instance per core
AFL_PERSISTENT=1 afl-fuzz -i inputs -o multi_sync -M master ./fuzz_capstone
# In another terminal
AFL_PERSISTENT=1 afl-fuzz -i inputs -o multi_sync -S slave1 ./fuzz_capstone要了解AFL狀態屏幕,請閱讀:https://afl-1.readthedocs.io/en/latest/user_guide.html#status-screen
注意:如果total paths保持在1,則可能設置了錯誤。
注意:優先-m none 。我們使用地址固定器;這為陰影內存繪製了很多頁面,因此我們必須刪除內存限制才能啟動並運行它。
注意:使用-m none ,您的模糊軟件實際上可能會由於您的模糊樣本而嘗試分配和使用大量內存。這可能會導致系統中隨機崩潰。您不應該做任何重要的工作。
注意:您可以嘗試ASAN_OPTIONS=hard_rss_limit_mb=2000以避免-m none 。請參閱:https://countuponsecurity.com/category/fuzzing/
您可以編寫將使用afl-fuzz運行的自定義二進製文件。它可能要包裝您要測試的功能:
// harness is simply a C program that makes use of certain methods from
// a library, allowing you to indirectly fuzz it
# include < cstdio >
# include < cstdlib >
# include < string >
# include < iostream >
# include < ifstream >
int main ( int argc, char *argv[]) {
{
// init resources here
if (argc > 1 ) {
std::ifstream fin;
fin. open (argv[ 1 ]);
parse (fin); // custom logic
} else {
// / note requires AFL_PERSISTENT=1
// __AFL_LOOP is the way that we have to tell AFL
// that we want persistent mode.
// Each fuzzing iteration,
// instead of to fork and re-execute the target with a different input,
// is just an execution of this loop.
// Force AFL to run 1000 times,
// with 1000 different inputs fed to the library.
// After that, the process is restarted by AFL.
// This ensures we regularly replace the process to avoid memory leaks.
// see https://toastedcornflakes.github.io/articles/fuzzing_capstone_with_afl.html
while ( __AFL_LOOP ( 1000 )) {
parse (std::cin); // custom logic
}
}
// free resources here
return 0 ;
}注意:__afl_loop()允許AFL通過某些內存巫術在過程中執行二進製文件的模糊,而不是為我們要測試的每個新測試櫃啟動一個新過程。需要AFL_PERSISTENT=1 。
默認情況下,AFL分叉每次測試不同輸入時的過程。我們可以控制AFL在程序的單個實例中運行多個模糊案例,而不是為每個測試示例重新恢復程序狀態。這將減少在內核空間中花費的時間並提高模糊速度。這稱為afl_persistent模式。我們可以通過在我們的測試安全帶中包括__AFL_LOOP(1000)宏來做到這一點。
注意:您可能對__afl_init感興趣;有關詳細信息,請參見:https://robertheaton.com/2019/07/08/how-to-to-write-an-afl-wrapper-for-any-language/
讓模糊器運行幾個小時或幾天,因為它會根據所提供的測試案例生成最大的代碼執行路徑。
在AFL統計屏幕的整體結果中in the section停止發出ctrl+c' observing總路徑and UNIQ崩潰。
創建詞典,以佔據二進製程序中的所有常數和字符串,並將其添加到字典中。請參閱腳本代碼:http://moyix.blogspot.com/2016/07/fuzzing-with-afl-afl-is-an-ar-art.html
#! /bin/bash
# see http://moyix.blogspot.com/2016/07/fuzzing-with-afl-is-an-art.html
objdump -d " ${1} " | grep -Eo ' $0x[0-9a-f]+ ' | cut -c 2- | sort -u | while read const ; do echo $const | python -c ' import sys, struct; sys.stdout.write("".join(struct.pack("<I" if len(l) <= 11 else "<Q", int(l,0)) for l in sys.stdin.readlines())) ' > testcases/ $const ; done
i=0 ; strings " ${1} " | while read line ; do echo -n " $line " > testcases/string_ ${i} ; i=$[ $i + 1 ] ; done您需要在詞典/readme.dictionaries中討論的兩種格式之一中創建字典,然後通過命令行中的-x選項將fuzzer指向它。閱讀:https://afl-1.readthedocs.io/en/latest/fuzzing.html#fuzzing-binaries and https://github.com/mirrorer/afl/afl/afl/afl/blob/master/master/master/dictionaries/readme.dictionaries.dictionaries.dictionaries.dictionaries.dictionaries
您也可以使用libtokencap創建字典;請參閱:https://github.com/mirrorer/afl/blob/master/libtokencap/readme.tokencap
我們可以找到導致results文件夾中崩潰的測試用例。導航到文件夾results時,我們觀察到很少生成文件夾。
注意:保持輸入數據文件較小; 1 kb以下是理想的。
使用afl-cmin最小化輸入數據文件的數量。
使用afl-tmin最大程度地減少每個輸入數據文件(刪除不影響所需代碼路徑的任何字節)。
使用afl-ptmin並行運行afl-tmin 。有關詳細信息,請參見:https://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-job-from-start-toart-toart-toar to-finish/
要重現發現的崩潰,您可以使用crashwalk (是GDB插件),請參見:https://ritcsec.wordpress.com/2018/05/05/10/vulnerability-discovery-by-fuzzing/
apt-get install gdb golang
mkdir src
cd src
git clone https://github.com/jfoote/exploitable.git
cd && mkdir go
export GOPATH= ~ /go
# crashwalk installed in $GOPATH/bin/
go get -u github.com/bnagy/crashwalk/cmd/...
# USAGE
~ /go/bin/cwtriage -root syncdir/fuzzer1/crashes/ -match id -- ~ /parse @@當您無法重現AFL-Fuzz發現的崩潰時,最有可能的原因是您沒有設置與工具使用的相同內存限制。閱讀:https://afl-1.readthedocs.io/en/latest/fuzzing.html#fuzzing-binaries
注意:您可以使用afl-cov來量化二進制中可用代碼路徑的操作程度。有關詳細信息,請參見:https://foxglovesecurity.com/2016/03/15/fuzzing-workflows-a-fuzz-job-job-from-start-toart-toart-toar to-finish/
注意:將AFL的工作目錄放在RAM磁盤上,您可能會獲得一些額外的速度,並避免同時磨損磁盤。有關詳細信息,請參見:https://bananamafia.dev/post/gb-fuzz/
# Fuzzing involves billions of reads and writes to the filesystem (!!!)
# Use RAMdisks for input since, we don't want to destroy harddrives
# Make a 1GB ramdisk file from which AFL can read input
sudo mkdir -p /mnt/inputfiles
sudo chown -R $USER : $( id -gn $USER ) /mnt/inputfiles
sudo mount -t tmpfs -o size=1024M tmpfs /mnt/inputfiles/注意: -fvisibility-inlines-hidden Flag可能會破壞AFL儀器
AFL在experimental/crash_triage/triage_crashes.sh中提供崩潰探索腳本
運行時,Triage腳本將循環瀏覽/out/crashes目錄中的每個崩潰文件,並將結果崩潰數據打印到屏幕上。
triage_crashes用法: ./triage_crashes.sh ~/targets/out/ ~/targets/target-app/target-app_binary有關詳細信息,請參見:https://research.aurainfosec.io/hunting-for-bugs-101/
注意:帶有AFL的儀器僅僅是您實際上想立即強調測試的圖書館,一次是一個。讓程序在整個系統範圍內使用非啟發式圖書館,以獲取您實際上不想模糊的任何功能。
注意:您可以通過-C啟用crash exploration mode ;請參閱:https://lcamtuf.blogspot.com/2014/11/afl-fuzz-crash-crash-ecploration-mode.html
注意:AFL通過檢查由於信號(sigsegv,sigabrt等)而死亡的第一個產卵過程來檢測故障。為這些信號安裝自定義處理程序的程序可能需要評論相關的代碼。
有關詳細信息,請參見:
Libfuzzer是LLVM編譯器基礎架構項目的一部分,並與Clang編譯器一起內置。
然後,可以通過在鏈接階段傳遞-fsanitize=fuzzer將libfuzzer鏈接到所需的驅動程序。
注意: -fsanitize=fuzzer鏈接。
注意:在大多數情況下,您可能需要將libfuzzer與adversySanitizer(ASAN),UndefinedBehaviorSanitizer(UBSAN)或兩者相結合。您也可以使用內存齊射器(MSAN)構建,但支持是實驗性的: -fsanitize=undefined,address,fuzzer 。
可執行人員反複調用以下功能:
extern " C " int LLVMFuzzerTestOneInput ( const uint8_t *Data, size_t Size ) {
// DoStuffWithYourAPI(Data, Size);
return 0 ;
}使用-fsanitize=address,fuzzer 。請注意,您可以更改消毒劑(地址,內存,線程等)。
注意:如果您懷疑目標內存洩漏,則應使用-runs=N或-max_total_time=N運行libfuzzer。如果您的目標有巨大的洩漏,您最終將用盡RAM。為了保護您的機器免受OOM死亡的侵害,您可能會使用: ASAN_OPTIONS=hard_rss_limit_mb=2000 (帶adversionSanitizer)。
libfuzzer需要種子語料庫。有關詳細信息,請參見:https://github.com/google/fuzzing/blob/master/tutorial/libfuzzertutorial.md
有關詳細信息,請參見:
Clang支持線程安全註釋(Guarded_by)
-Wthread-safety-analysisbase/thread_annotations.h https://github.com/chromium/chromium/chromium/blob/master/base/base/thread_annotations.h有關詳細信息,請參閱:Clang FAS對消毒劑的一流支持。在文檔中查看有關MSAN,ASAN,TSAN等的詳細信息。
Clang可以通過終身配置文件來構建:
-Wlifetime有關詳細信息,請參閱:所有開源組件均在其關聯的開源許可下使用。
使用的開源組件:
請參閱許可證文件
麻省理工學院許可證
有關許可證的全部內容,請參見許可證。
基於Google Chromium項目的開源項目。
這不是Google產品。
部分版權(C)Google Inc.
請參閱許可證文件。
