|
121
|
1 //===-- FuzzerCLI.h - Common logic for CLIs of fuzzers ----------*- C++ -*-===//
|
|
|
2 //
|
|
|
3 // The LLVM Compiler Infrastructure
|
|
|
4 //
|
|
|
5 // This file is distributed under the University of Illinois Open Source
|
|
|
6 // License. See LICENSE.TXT for details.
|
|
|
7 //
|
|
|
8 //===----------------------------------------------------------------------===//
|
|
|
9 //
|
|
|
10 // Common logic needed to implement LLVM's fuzz targets' CLIs - including LLVM
|
|
|
11 // concepts like cl::opt and libFuzzer concepts like -ignore_remaining_args=1.
|
|
|
12 //
|
|
|
13 //===----------------------------------------------------------------------===//
|
|
|
14
|
|
|
15 #ifndef LLVM_FUZZMUTATE_FUZZER_CLI_H
|
|
|
16 #define LLVM_FUZZMUTATE_FUZZER_CLI_H
|
|
|
17
|
|
|
18 #include "llvm/ADT/StringRef.h"
|
|
134
|
19 #include "llvm/IR/LLVMContext.h"
|
|
121
|
20 #include "llvm/Support/DataTypes.h"
|
|
|
21
|
|
|
22 namespace llvm {
|
|
|
23
|
|
|
24 /// Parse cl::opts from a fuzz target commandline.
|
|
|
25 ///
|
|
|
26 /// This handles all arguments after -ignore_remaining_args=1 as cl::opts.
|
|
|
27 void parseFuzzerCLOpts(int ArgC, char *ArgV[]);
|
|
|
28
|
|
|
29 /// Handle backend options that are encoded in the executable name.
|
|
|
30 ///
|
|
|
31 /// Parses some common backend options out of a specially crafted executable
|
|
|
32 /// name (argv[0]). For example, a name like llvm-foo-fuzzer--aarch64-gisel
|
|
|
33 /// might set up an AArch64 triple and the Global ISel selector. This should be
|
|
|
34 /// called *before* parseFuzzerCLOpts if calling both.
|
|
|
35 ///
|
|
|
36 /// This is meant to be used for environments like OSS-Fuzz that aren't capable
|
|
|
37 /// of passing in command line arguments in the normal way.
|
|
|
38 void handleExecNameEncodedBEOpts(StringRef ExecName);
|
|
|
39
|
|
134
|
40 /// Handle optimizer options which are encoded in the executable name.
|
|
|
41 /// Same semantics as in 'handleExecNameEncodedBEOpts'.
|
|
|
42 void handleExecNameEncodedOptimizerOpts(StringRef ExecName);
|
|
|
43
|
|
121
|
44 using FuzzerTestFun = int (*)(const uint8_t *Data, size_t Size);
|
|
|
45 using FuzzerInitFun = int (*)(int *argc, char ***argv);
|
|
|
46
|
|
|
47 /// Runs a fuzz target on the inputs specified on the command line.
|
|
|
48 ///
|
|
|
49 /// Useful for testing fuzz targets without linking to libFuzzer. Finds inputs
|
|
|
50 /// in the argument list in a libFuzzer compatible way.
|
|
|
51 int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne,
|
|
|
52 FuzzerInitFun Init = [](int *, char ***) { return 0; });
|
|
|
53
|
|
134
|
54 /// Fuzzer friendly interface for the llvm bitcode parser.
|
|
|
55 ///
|
|
|
56 /// \param Data Bitcode we are going to parse
|
|
|
57 /// \param Size Size of the 'Data' in bytes
|
|
|
58 /// \return New module or nullptr in case of error
|
|
|
59 std::unique_ptr<Module> parseModule(const uint8_t *Data, size_t Size,
|
|
|
60 LLVMContext &Context);
|
|
|
61
|
|
|
62 /// Fuzzer friendly interface for the llvm bitcode printer.
|
|
|
63 ///
|
|
|
64 /// \param M Module to print
|
|
|
65 /// \param Dest Location to store serialized module
|
|
|
66 /// \param MaxSize Size of the destination buffer
|
|
|
67 /// \return Number of bytes that were written. When module size exceeds MaxSize
|
|
|
68 /// returns 0 and leaves Dest unchanged.
|
|
|
69 size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize);
|
|
|
70
|
|
|
71 /// Try to parse module and verify it. May output verification errors to the
|
|
|
72 /// errs().
|
|
|
73 /// \return New module or nullptr in case of error.
|
|
|
74 std::unique_ptr<Module> parseAndVerify(const uint8_t *Data, size_t Size,
|
|
|
75 LLVMContext &Context);
|
|
|
76
|
|
121
|
77 } // end llvm namespace
|
|
|
78
|
|
|
79 #endif // LLVM_FUZZMUTATE_FUZZER_CLI_H
|
