Mercurial > hg > CbC > CbC_llvm
comparison docs/FuzzingLLVM.rst @ 148:63bd29f05246
merged
| author | Shinji KONO <kono@ie.u-ryukyu.ac.jp> |
|---|---|
| date | Wed, 14 Aug 2019 19:46:37 +0900 |
| parents | c2174574ed3a |
| children |
comparison
equal
deleted
inserted
replaced
| 146:3fc4d5c3e21e | 148:63bd29f05246 |
|---|---|
| 8 | 8 |
| 9 Introduction | 9 Introduction |
| 10 ============ | 10 ============ |
| 11 | 11 |
| 12 The LLVM tree includes a number of fuzzers for various components. These are | 12 The LLVM tree includes a number of fuzzers for various components. These are |
| 13 built on top of :doc:`LibFuzzer <LibFuzzer>`. | 13 built on top of :doc:`LibFuzzer <LibFuzzer>`. In order to build and run these |
| 14 fuzzers, see :ref:`building-fuzzers`. | |
| 14 | 15 |
| 15 | 16 |
| 16 Available Fuzzers | 17 Available Fuzzers |
| 17 ================= | 18 ================= |
| 18 | 19 |
| 107 | 108 |
| 108 It receives optimzation pipeline and runs it for each fuzzer input. | 109 It receives optimzation pipeline and runs it for each fuzzer input. |
| 109 | 110 |
| 110 Interface of this fuzzer almost directly mirrors ``llvm-isel-fuzzer``. Both | 111 Interface of this fuzzer almost directly mirrors ``llvm-isel-fuzzer``. Both |
| 111 ``mtriple`` and ``passes`` arguments are required. Passes are specified in a | 112 ``mtriple`` and ``passes`` arguments are required. Passes are specified in a |
| 112 format suitable for the new pass manager. | 113 format suitable for the new pass manager. You can find some documentation about |
| 114 this format in the doxygen for ``PassBuilder::parsePassPipeline``. | |
| 113 | 115 |
| 114 .. code-block:: shell | 116 .. code-block:: shell |
| 115 | 117 |
| 116 % bin/llvm-opt-fuzzer <corpus-dir> -ignore_remaining_args=1 -mtriple x86_64 -passes instcombine | 118 % bin/llvm-opt-fuzzer <corpus-dir> -ignore_remaining_args=1 -mtriple x86_64 -passes instcombine |
| 117 | 119 |
| 233 ``-DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On``. | 235 ``-DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On``. |
| 234 | 236 |
| 235 .. note:: If you have ``compiler-rt`` checked out in an LLVM tree when building | 237 .. note:: If you have ``compiler-rt`` checked out in an LLVM tree when building |
| 236 with sanitizers, you'll want to specify ``-DLLVM_BUILD_RUNTIME=Off`` | 238 with sanitizers, you'll want to specify ``-DLLVM_BUILD_RUNTIME=Off`` |
| 237 to avoid building the sanitizers themselves with sanitizers enabled. | 239 to avoid building the sanitizers themselves with sanitizers enabled. |
| 240 | |
| 241 .. note:: You may run into issues if you build with BFD ld, which is the | |
| 242 default linker on many unix systems. These issues are being tracked | |
| 243 in https://llvm.org/PR34636. | |
| 238 | 244 |
| 239 Continuously Running and Finding Bugs | 245 Continuously Running and Finding Bugs |
| 240 ------------------------------------- | 246 ------------------------------------- |
| 241 | 247 |
| 242 There used to be a public buildbot running LLVM fuzzers continuously, and while | 248 There used to be a public buildbot running LLVM fuzzers continuously, and while |