LLVM  8.0.0svn
FuzzerCLI.h
Go to the documentation of this file.
1 //===-- FuzzerCLI.h - Common logic for CLIs of fuzzers ----------*- C++ -*-===//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // Common logic needed to implement LLVM's fuzz targets' CLIs - including LLVM
11 // concepts like cl::opt and libFuzzer concepts like -ignore_remaining_args=1.
12 //
13 //===----------------------------------------------------------------------===//
14 
15 #ifndef LLVM_FUZZMUTATE_FUZZER_CLI_H
16 #define LLVM_FUZZMUTATE_FUZZER_CLI_H
17 
18 #include "llvm/ADT/StringRef.h"
19 #include "llvm/IR/LLVMContext.h"
20 #include "llvm/Support/DataTypes.h"
21 
22 namespace llvm {
23 
24 /// Parse cl::opts from a fuzz target commandline.
25 ///
26 /// This handles all arguments after -ignore_remaining_args=1 as cl::opts.
27 void parseFuzzerCLOpts(int ArgC, char *ArgV[]);
28 
29 /// Handle backend options that are encoded in the executable name.
30 ///
31 /// Parses some common backend options out of a specially crafted executable
32 /// name (argv[0]). For example, a name like llvm-foo-fuzzer--aarch64-gisel
33 /// might set up an AArch64 triple and the Global ISel selector. This should be
34 /// called *before* parseFuzzerCLOpts if calling both.
35 ///
36 /// This is meant to be used for environments like OSS-Fuzz that aren't capable
37 /// of passing in command line arguments in the normal way.
38 void handleExecNameEncodedBEOpts(StringRef ExecName);
39 
40 /// Handle optimizer options which are encoded in the executable name.
41 /// Same semantics as in 'handleExecNameEncodedBEOpts'.
42 void handleExecNameEncodedOptimizerOpts(StringRef ExecName);
43 
44 using FuzzerTestFun = int (*)(const uint8_t *Data, size_t Size);
45 using FuzzerInitFun = int (*)(int *argc, char ***argv);
46 
47 /// Runs a fuzz target on the inputs specified on the command line.
48 ///
49 /// Useful for testing fuzz targets without linking to libFuzzer. Finds inputs
50 /// in the argument list in a libFuzzer compatible way.
51 int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne,
52  FuzzerInitFun Init = [](int *, char ***) { return 0; });
53 
54 /// Fuzzer friendly interface for the llvm bitcode parser.
55 ///
56 /// \param Data Bitcode we are going to parse
57 /// \param Size Size of the 'Data' in bytes
58 /// \return New module or nullptr in case of error
59 std::unique_ptr<Module> parseModule(const uint8_t *Data, size_t Size,
61 
62 /// Fuzzer friendly interface for the llvm bitcode printer.
63 ///
64 /// \param M Module to print
65 /// \param Dest Location to store serialized module
66 /// \param MaxSize Size of the destination buffer
67 /// \return Number of bytes that were written. When module size exceeds MaxSize
68 /// returns 0 and leaves Dest unchanged.
69 size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize);
70 
71 /// Try to parse module and verify it. May output verification errors to the
72 /// errs().
73 /// \return New module or nullptr in case of error.
74 std::unique_ptr<Module> parseAndVerify(const uint8_t *Data, size_t Size,
75  LLVMContext &Context);
76 
77 } // end llvm namespace
78 
79 #endif // LLVM_FUZZMUTATE_FUZZER_CLI_H
LLVMContext & Context
int(*)(int *argc, char ***argv) FuzzerInitFun
Definition: FuzzerCLI.h:45
Compute iterated dominance frontiers using a linear time algorithm.
Definition: AllocatorList.h:24
A Module instance is used to store all the information related to an LLVM module. ...
Definition: Module.h:63
std::unique_ptr< Module > parseAndVerify(const uint8_t *Data, size_t Size, LLVMContext &Context)
Try to parse module and verify it.
Definition: FuzzerCLI.cpp:202
size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize)
Fuzzer friendly interface for the llvm bitcode printer.
Definition: FuzzerCLI.cpp:190
void handleExecNameEncodedBEOpts(StringRef ExecName)
Handle backend options that are encoded in the executable name.
Definition: FuzzerCLI.cpp:39
void parseFuzzerCLOpts(int ArgC, char *ArgV[])
Parse cl::opts from a fuzz target commandline.
Definition: FuzzerCLI.cpp:25
This is an important class for using LLVM in a threaded context.
Definition: LLVMContext.h:69
int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne, FuzzerInitFun Init=[](int *, char ***) { return 0;})
Runs a fuzz target on the inputs specified on the command line.
Definition: FuzzerCLI.cpp:139
int(*)(const uint8_t *Data, size_t Size) FuzzerTestFun
Definition: FuzzerCLI.h:44
std::unique_ptr< Module > parseModule(const uint8_t *Data, size_t Size, LLVMContext &Context)
Fuzzer friendly interface for the llvm bitcode parser.
Definition: FuzzerCLI.cpp:170
constexpr char Size[]
Key for Kernel::Arg::Metadata::mSize.
void handleExecNameEncodedOptimizerOpts(StringRef ExecName)
Handle optimizer options which are encoded in the executable name.
Definition: FuzzerCLI.cpp:75