This is a collection of quite useful scripts that expand the possibilities for building software with CMake, by making some things easier and otherwise adding new build types
- Sanitizer Builds sanitizers.cmake
- Code Coverage code-coverage.cmake
- AFL Fuzzing Instrumentation afl-fuzzing.cmake
- Compiler Options compiler-options.cmake
- Dependency Graph dependency-graph.cmake
- GLSL Shader File Targeted Compilationglsl-shaders.cmake
- Doxygen doxygen.cmake
- Prepare the Catch Test Framework prepare-catch.cmake
- Tools tools.cmake
- Formatting formatting.cmake
- Link Time Optimization / Interprocedural Optimization link-time-optimization.cmake
Sanitizer Builds sanitizers.cmake
Sanitizers are tools that perform checks during a program’s runtime and returns issues, and as such, along with unit testing, code coverage and static analysis, is another tool to add to the programmers toolbox. And of course, like the previous tools, are tragically simple to add into any project using CMake, allowing any project and developer to quickly and easily use.
A quick rundown of the tools available, and what they do:
- LeakSanitizer detects memory leaks, or issues where memory is allocated and never deallocated, causing programs to slowly consume more and more memory, eventually leading to a crash.
- AddressSanitizer is a fast memory error detector. It is useful for detecting most issues dealing with memory, such as:
- Out of bounds accesses to heap, stack, global
- Use after free
- Use after return
- Use after scope
- Double-free, invalid free
- Memory leaks (using LeakSanitizer)
 
- ThreadSanitizer detects data races for multi-threaded code.
- UndefinedBehaviourSanitizer detects the use of various features of C/C++ that are explicitly listed as resulting in undefined behaviour. Most notably:
- Using misaligned or null pointer.
- Signed integer overflow
- Conversion to, from, or between floating-point types which would overflow the destination
- Division by zero
- Unreachable code
 
- MemorySanitizer detects uninitialized reads.
- Control Flow Integrity is designed to detect certain forms of undefined behaviour that can potentially allow attackers to subvert the program's control flow.
The most basic way to enable sanitizers is to simply call add_sanitizer_support with the desired sanitizer names, whereupon it will check for the availability and compatability of the combined flags and apply to following compile targets:
# apply address and leak sanitizers
add_sanitizer_support(address leak)
# future targets will be compiled with '-fsanitize=address -fsanitize=leak'Compile options on a per-sanitizer basis can be accomplished by calling set_sanitizer_options before with the name of the sanitizer and desired compile options:
# set custom options that will be applies with that specific sanitizer
set_sanitizer_options(address -fno-omit-frame-pointer)
add_sanitizer_support(address leak)
# future targets will be compiled with '-fsanitize=address -fno-omit-frame-pointer -fsanitize=leak'Per-sanitizer compile options can also be set by setting the named SANITIZER_${SANITIZER_NAME}_OPTIONS variable before, either in script or via the command line.
# CMake called from command line as `cmake -S . -B build -D SANITIZER_ADDRESS_OPTION='-fno-omit-frame-pointer'`
add_sanitizer_support(address)
# future targets will be compiled with '-fsanitize=address -fno-omit-frame-pointer' 
# despite no call to `set_sanitizer_options`To prevent custom sanitizer options from external source being overwritten, the DEFAULT option can be used, so that the flags are only used if none have been set previously:
# command line has options set via command-line: `cmake -S . -B build -D SANITIZER_ADDRESS_OPTION='-fno-omit-frame-pointer'`
# attempt to set custom options that will not apply since the variable already exists
# and `DEFAULT` option is passed in.
set_sanitizer_options(address DEFAULT -some-other-flag)
add_sanitizer_support(address)
# future targets will be compiled with '-fsanitize=address -fno-omit-frame-pointer'Different sets of options used with the sanitizer can be accomplished by defining the sanitizer serparately with the call to set_sanitizer_option:
# Despite both using the 'memory' sanitizer, which specific set of flags can be chosen
# when calling `add_sanitizer_support` with either 'memory' or 'memorywithorigins'
set_sanitizer_options(memory DEFAULT -fno-omit-frame-pointer)
set_sanitizer_options(memorywithorigins DEFAULT
                      SANITIZER memory
                      -fno-omit-frame-pointer 
                      -fsanitize-memory-track-origins)Code Coverage code-coverage.cmake
In computer science, test coverage is a measure used to describe the degree to which the source code of a program is executed when a particular test suite runs. A program with high test coverage, measured as a percentage, has had more of its source code executed during testing, which suggests it has a lower chance of containing undetected software bugs compared to a program with low test coverage. Many different metrics can be used to calculate test coverage; some of the most basic are the percentage of program subroutines and the percentage of program statements called during execution of the test suite.
Code coverage is the detailing of, during the execution of a binary, which regions, functions, or lines of code are actually executed. This can be used in a number of ways, from figuring out areas that automated testing is lacking or not touching, to giving a user an instrumented binary to determine which areas of code are used most/least to determine which areas to focus on. Although this does come with the caveat that coverage is no guarantee of good testing, just of what code has been.
Coverage here is supported on both GCC and Clang. GCC requires the lcov program, and Clang requires llvm-cov and llvm-profdata, often provided with the llvm toolchain.
To enable, turn on the CODE_COVERAGE variable.
Targets added (executables only):
- ccov-run-${TARGET_NAME} : Re-runs the executable, collecting fresh coverage data
- ccov-html-${TARGET_NAME} : Generates HTML code coverage report for the associated named target.
- ccov-${TARGET_NAME} : Generates HTML code coverage report for the associated named target. (same as ccov-html-${TARGET_NAME})
- ccov-html : Generates HTML code coverage report for every target added with 'AUTO' parameter.
- ccov : Generates HTML code coverage report for every target added with 'AUTO' parameter. (same as ccov-html)
LLVM-based coverage targets added (executables only):
- ccov-report-${TARGET_NAME} : Prints to command line summary per-file coverage information.
- ccov-export-${TARGET_NAME} : Exports the coverage report to a JSON file.
- ccov-show-${TARGET_NAME} : Prints to command line detailed per-line coverage information.
- ccov-report : Generates HTML code coverage report for every target added with 'AUTO' parameter.
Targets added:
- ccov-all-run : Re-runs all tagged executables, collecting fresh coverage data
- ccov-all-html : Generates an HTML report of all tagged executable coverage data merged into one
- ccov-all : Generates an HTML report of all tagged executable coverage data merged into one (same as ccov-all-html)
LLVM-based coverage targets added:
- ccov-all-report : Generates an HTML report of all tagged executable coverage data merged into one and displays it in the CLI
- ccov-all-export : Exports coverage data in JSON format for use in CI environments or similar
GCC-based coverage targets added:
- ccov-all-capture : Generates an all-merged.info file, for use with coverage dashboards (e.g. codecov.io, coveralls).
To enable any code coverage instrumentation/targets, the single CMake option of CODE_COVERAGE needs to be set to 'ON', either by GUI, ccmake, or on the command line ie -DCODE_COVERAGE=ON.
From this point, there are two primary methods for adding instrumentation to targets:
- A blanket instrumentation by calling add_code_coverage(), where all targets in that directory and all subdirectories are automatically instrumented.
- Per-target instrumentation by calling target_code_coverage(<TARGET_NAME>), where the target is given and thus only that target is instrumented and executables have ccov* targets created. This applies to both libraries and executables.
- Automatically add coverage for each target with -DCCOV_TARGETS_HOOK=ONand-DCCOV_TARGETS_HOOK_ARGS=...for default values, requiresadd_code_coverage()or similar.
To add coverage targets, such as calling make ccov to generate the actual coverage information for perusal or consumption, call target_code_coverage(<TARGET_NAME>) on an executable target.
NOTE: For more options, please check the documentation for each function in the code-coverage.cmake file.
In this case, the coverage information reported will will be that of the theLib library target and theExe executable.
add_code_coverage() # Adds instrumentation to all targets
add_library(theLib lib.cpp)
add_executable(theExe main.cpp)
target_link_libraries(theExe PRIVATE theLib)
target_code_coverage(theExe) # As an executable target, adds the 'ccov-theExe' target (instrumentation already added via global anyways) for generating code coverage reports.
add_library(theLib lib.cpp)
target_code_coverage(theLib) # As a library target, adds coverage instrumentation but no targets.
add_executable(theExe main.cpp)
target_link_libraries(theExe PRIVATE theLib)
target_code_coverage(theExe) # As an executable target, adds the 'ccov-theExe' target and instrumentation for generating code coverage reports.
add_executable(theExe main.cpp non_covered.cpp)
target_code_coverage(theExe EXCLUDE non_covered.cpp) # As an executable target, the reports will exclude the non_covered.cpp file.
# Adds the 'ccov-all' target set and sets it to exclude a specific 
# file and all files in test/ folders.
add_code_coverage_all_targets(
  EXCLUDE non_covered.cpp
  LCOV_EXCLUDE test/*
  LLVM_EXCLUDE test/.*)
add_executable(theExe main.cpp non_covered.cpp)
# As an executable target, adds to the 'ccov' and ccov-all' targets, and
# the reports will exclude the non-covered.cpp file, and any files in a test/ folder.
target_code_coverage(theExe AUTO ALL 
  EXCLUDE non_covered.cpp  # a file path which applies to both backends
  LCOV_EXCLUDE test/*   # the GCC/lcov backend excludes by glob
  LLVM_EXCLUDE test/.*  # the clang/LLVM backend exclude by regext
  )
# this could be as well command line argument
set(CCOV_TARGETS_HOOK ON) # enable 'add_executable' and 'add_library' hooks
set(CCOV_TARGETS_HOOK_ARGS ALL AUTO) # set default arguments for coverage
add_code_coverage() # Adds instrumentation to all targets
add_library(theLib lib.cpp) # ccov-theLib target will be add
add_executable(theExe main.cpp) # ccov-theExe target will be add
target_link_libraries(theExe PRIVATE theLib)
AFL Fuzzing Instrumentation afl-fuzzing.cmake
American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also useful for seeding other, more labor- or resource-intensive testing regimes down the road.
NOTE: This actually works based off the still-developed daughter project AFL++.
To enable the use of AFL instrumentation, this file needs to be included into the CMake scripts at any point before any of the compilers are setup by CMake, typically at/before the first call to project(), or any part before compiler detection/validation occurs. This is since CMake does not support changing the compiler after it has been set:
cmake_minimum_required(VERSION 3.4)
include(cmake/afl-fuzzing.cmake)
project(Example C CXX)
Using -DAFL=ON will search for and switch to the AFL++ compiler wrappers that will instrument builds, or error if it cannot.
Using -DAFL_MODE=<MODE> will attempt to use the specified  instrumentation type, see here. Options are:
- LTO
- LLVM
- GCC-PLUGIN
- CLANG
- GCC
Using -DAFL_ENV_OPTIONS=<...;...> allows adding any number of AFL++'s instrumentation enabled via environment variables, and these will be prefixed to the build calls (see afl-cc -hh).
As an example, a CMake configuration such as this:
cmake .. -DAFL_MODE=LTO -DAFL_ENV_OPTIONS=AFL_LLVM_THREADSAFE_INST=1;AFL_LLVM_LAF_ALL=1
would result in build commands such as this:
AFL_LLVM_THREADSAFE_INST=1 AFL_LLVM_LAF_ALL=1 afl-clang-lto --afl-lto <...>
Compiler Options compiler-options.cmake
Allows for easy use of some pre-made compiler options for the major compilers.
Using -DENABLE_ALL_WARNINGS=ON will enable almost all of the warnings available for a compiler:
| Compiler | Options | 
|---|---|
| MSVC | /W4 | 
| GCC | -Wall -Wextra | 
| Clang | -Wall -Wextra | 
Using -DENABLE_EFFECTIVE_CXX=ON adds the -Weffc++ for both GCC and clang.
Using -DGENERATE_DEPENDENCY_DATA=ON generates .d files along with regular object files on a per-source file basis on GCC/Clang compilers. These files contains the list of all header files used during compilation of that compilation unit.
Dependency Graph dependency-graph.cmake
CMake, with the dot application available, will build a visual representation of the library/executable dependencies, like so:

The type of output of dot to produce. Can be whatever dot itself supports (eg. png, ps, pdf).
If specified, add this generated target to be a dependency of the more general dep-graph target.
The name to give the doc target. (Default: doc-${PROJECT_NAME})
The directory to place the generated output
GLSL Shader File Targeted Compilationglsl-shaders.cmake
This function acts much like the 'target_sources' function, as in raw GLSL shader files can be passed in and will be compiled using 'glslangValidator', provided it is available, where the compiled files will be located where the sources files are but with the '.spv' suffix appended.
The first argument is the target that the files are associated with, and will be compiled as if it were a source file for it. All provided shaders are also only recompiled if the source shader file has been modified since the last compilation.
When calling make vk_lib the shaders will also be compiled with the library's .c files.
add_library(vk_lib lib.c, shader_manager.c)
target_glsl_shaders(vk_lib
    PRIVATE test.vert test.frag
    COMPILE_OPTIONS --target-env vulkan1.1)
Name of the target the shader files are associated with and to be compiled for.
When the following shader files are added to a target, they are done so as 'INTERFACE' type files
When the following shader files are added to a target, they are done so as 'PUBLIC' type files
When the following shader files are added to a target, they are done so as 'PRIVATE' type files
These are other options passed straight to the 'glslangValidator' call with the source shader file
Doxygen doxygen.cmake
Builds doxygen documentation with a default 'Doxyfile.in' or with a specified one, and can make the results installable (under the doc install target)
This can only be used once per project, as each target generated is as doc-${PROJECT_NAME} unless TARGET_NAME is specified.
If specified, adds this generated target to be a dependency of the more general doc target.
Adds the generated documentation to the generic install target, under the documentation installation group.
If set, then will process the found Doxyfile through the CMAKE configure_file function for macro replacements before using it. (@ONLY)
The name to give the doc target. (Default: doc-${PROJECT_NAME})
The directory to place the generated output. (Default: ${CMAKE_CURRENT_BINARY_DIR}/doc)
The path to install the documenttation under. (if not specified, defaults to 'share/${PROJECT_NAME})
The given doxygen file to use/process. (Defaults to'${CMAKE_CURRENT_SOURCE_DIR}/Doxyfile')
Prepare the Catch Test Framework prepare-catch.cmake
DEPRECATED: Catch now has good CMake integration available natively, so this is no longer required and will be dropped in a future release.
The included prepare_catch function contained within attempts to add the infrastructure necessary for automatically adding C/C++ tests using the Catch2 library, including either an interface or pre-compiled 'catch' target library.
It first attempts to find the header on the local machine, and failing that, clones the single header variant for use. It does make the determination between pre-C++11 and will use Catch1.X rather than Catch2 (when cloned), automatically or forced.. Adds a subdirectory of tests/ if it exists from the macro's calling location.
If this option is specified, then generates the 'catch' target as a library with catch already pre-compiled as part of the library. Otherwise acts just an interface library for the header location.
Force the use of Catch1.X, rather than auto-detecting the C++ version in use.
Force cloning of Catch, rather than attempting to use a locally-found variant.
Tools tools.cmake
The three tools in this are used via two provided functions each, for example for clang-tidy:
add_executable(big_test)
clang_tidy()
# Sources provided here are run with clang-tidy with no options
add_executable(test2 main2.cpp)
target_sources(big_test test2.c test2.cpp)
clang_tidy(-header-filter='${CMAKE_SOURCE_DIR}/*')
# Sources provided here are run with clang-tidy with the header-filter options provided to it from above
add_execuable(test1 main1.cpp)
target_sources(big_test test1.c test1.cpp)
reset_clang_tidy()
# Sources provided here are not run with clang-tidy at all
add_executable(test3 main3.cpp)
target_sources(big_test test3.c test3.cpp)
clang_tidy()
# Sources provided here are run with clang-tidy with no options
add_executable(test4 main4.cpp)
target_sources(big_test test4.c test4.cpp)
clang-tidy is a clang-based C++ “linter” tool. Its purpose is to provide an extensible framework for diagnosing and fixing typical programming errors, like style violations, interface misuse, or bugs that can be deduced via static analysis. clang-tidy is modular and provides a convenient interface for writing new checks.
To use, add the clang_tidy() macro, with the arguments being the options passed to the clang-tidy call in the form of clang-tidy ${ARGS}. The settings used with clang-tidy can be changed by calling clang_tidy() macro again. It can be turned off by calling the reset_clang_tidy() macro.
"Include what you use" means this: for every symbol (type, function variable, or macro) that you use in foo.cc, either foo.cc or foo.h should #include a .h file that exports the declaration of that symbol. The include-what-you-use tool is a program that can be built with the clang libraries in order to analyze #includes of source files to find include-what-you-use violations, and suggest fixes for them.
The main goal of include-what-you-use is to remove superfluous #includes. It does this both by figuring out what #includes are not actually needed for this file (for both .cc and .h files), and replacing #includes with forward-declares when possible.
To use, add the include_what_you_use() macro, with the arguments being the options passed to the include_what_you_use call in the form of include-what-you-use ${ARGS}. The settings used with include-what-you-use can be changed by calling include_what_you_use() macro again. It can be turned off by calling the reset_include_what_you_use() macro.
Cppcheck is a static analysis tool for C/C++ code. It provides unique code analysis to detect bugs and focuses on detecting undefined behaviour and dangerous coding constructs. The goal is to have very few false positives. Cppcheck is designed to be able to analyze your C/C++ code even if it has non-standard syntax (common in embedded projects).
To use, add the cppcheck() macro, with the arguments being the options passed to the cppcheck call in the form of cppcheck ${ARGS}. The settings used with iwyu can be changed by calling cppcheck() macro again. It can be turned off by calling the reset_cppcheck() macro.
Formatting formatting.cmake
Allows to automatically perform code formatting using the clang-format program, by calling an easy-to-use target ala make format. It requires a target name, and the list of files to format. As well, if the target name is the name of another target, then all files associated with that target will be added, and the target name changed to be format_<TARGET>. As well, any targets otherwise listed with the files will also have their files imported for formatting.
file(GLOB_RECURSE ALL_CODE_FILES
    ${PROJECT_SOURCE_DIR}/src/*.[ch]pp
    ${PROJECT_SOURCE_DIR}/src/*.[ch]
    ${PROJECT_SOURCE_DIR}/include/*.[h]pp
    ${PROJECT_SOURCE_DIR}/include/*.[h]
    ${PROJECT_SOURCE_DIR}/example/*.[ch]pp
    ${PROJECT_SOURCE_DIR}/example/*.[ch]
)
clang_format(TARGET_NAME ${ALL_CODE_FILES})
Similar to the clang-format above, creates a target cmake-format when the cmake_format(<FILES>) function is defined in CMake scripts, and any  passed in will be formatted by the cmake-format program, if it is found.
file(GLOB_RECURSE CMAKE_FILES
    CMakeLists.txt
)
cmake_format(TARGET_NAME ${CMAKE_FILES})
Link Time Optimization / Interprocedural Optimization link-time-optimization.cmake
There are two callable objects here, link_time_optimization which applies LTO/IPO for all following targets, and target_link_time_optimization which applies it to a specified target.
Doesn't work with GCC.
If this is passed in, CMake configuration will fail with an error if LTO/IPO is not supported
