[compiler-rt] 34ddf0b - Replace fuzzer::FuzzerDriver's INTERFACE marking with new LLVMRunFuzzerDriver.
Matt Morehouse via llvm-commits
llvm-commits at lists.llvm.org
Mon Jul 27 11:38:25 PDT 2020
Author: Matt Morehouse
Date: 2020-07-27T18:38:04Z
New Revision: 34ddf0b2b040918a6c946f589eeaf1d4fef95e7a
URL: https://github.com/llvm/llvm-project/commit/34ddf0b2b040918a6c946f589eeaf1d4fef95e7a
DIFF: https://github.com/llvm/llvm-project/commit/34ddf0b2b040918a6c946f589eeaf1d4fef95e7a.diff
LOG: Replace fuzzer::FuzzerDriver's INTERFACE marking with new LLVMRunFuzzerDriver.
This adds a new extern "C" function that serves the same purpose. This removes the need for external users to depend on internal headers in order to use this feature. It also standardizes the interface in a way that other fuzzing engines will be able to match.
Patch By: IanPudney
Reviewed By: kcc
Differential Revision: https://reviews.llvm.org/D84561
Added:
Modified:
compiler-rt/lib/fuzzer/FuzzerDriver.cpp
llvm/docs/LibFuzzer.rst
Removed:
################################################################################
diff --git a/compiler-rt/lib/fuzzer/FuzzerDriver.cpp b/compiler-rt/lib/fuzzer/FuzzerDriver.cpp
index 00a33a413d2f..8339697396c2 100644
--- a/compiler-rt/lib/fuzzer/FuzzerDriver.cpp
+++ b/compiler-rt/lib/fuzzer/FuzzerDriver.cpp
@@ -858,6 +858,12 @@ int FuzzerDriver(int *argc, char ***argv, UserCallback Callback) {
exit(0); // Don't let F destroy itself.
}
+extern "C" ATTRIBUTE_INTERFACE int
+LLVMFuzzerRunDriver(int *argc, char ***argv,
+ int (*UserCb)(const uint8_t *Data, size_t Size)) {
+ return FuzzerDriver(argc, argv, UserCb);
+}
+
// Storage for global ExternalFunctions object.
ExternalFunctions *EF = nullptr;
diff --git a/llvm/docs/LibFuzzer.rst b/llvm/docs/LibFuzzer.rst
index 4e83955a0546..70a3f029c6f3 100644
--- a/llvm/docs/LibFuzzer.rst
+++ b/llvm/docs/LibFuzzer.rst
@@ -617,6 +617,35 @@ really need to access ``argv``/``argc``.
return 0;
}
+Using libFuzzer as a library
+----------------------------
+If the code being fuzzed must provide its own `main`, it's possible to
+invoke libFuzzer as a library. Be sure to pass ``-fsanitize=fuzzer-no-link``
+during compilation, and link your binary against the no-main version of
+libFuzzer. On Linux installations, this is typically located at:
+
+.. code-block:: bash
+
+ /usr/lib/<llvm-version>/lib/clang/<clang-version>/lib/linux/libclang_rt.fuzzer_no_main-<architecture>.a
+
+If building libFuzzer from source, this is located at the following path
+in the build output directory:
+
+.. code-block:: bash
+
+ lib/linux/libclang_rt.fuzzer_no_main-<architecture>.a
+
+From here, the code can do whatever setup it requires, and when it's ready
+to start fuzzing, it can call `LLVMFuzzerRunDriver`, passing in the program
+arguments and a callback. This callback is invoked just like
+`LLVMFuzzerTestOneInput`, and has the same signature.
+
+.. code-block:: c++
+
+ extern "C" int LLVMFuzzerRunDriver(int *argc, char ***argv,
+ int (*UserCb)(const uint8_t *Data, size_t Size));
+
+
Leaks
-----
More information about the llvm-commits
mailing list