LLVM  6.0.0svn
Classes | Namespaces | Macros | Functions | Variables
FuzzerDriver.cpp File Reference
#include "FuzzerCorpus.h"
#include "FuzzerIO.h"
#include "FuzzerInterface.h"
#include "FuzzerInternal.h"
#include "FuzzerMutate.h"
#include "FuzzerRandom.h"
#include "FuzzerShmem.h"
#include "FuzzerTracePC.h"
#include <algorithm>
#include <atomic>
#include <chrono>
#include <cstdlib>
#include <cstring>
#include <mutex>
#include <string>
#include <thread>
#include "FuzzerFlags.def"
Include dependency graph for FuzzerDriver.cpp:

Go to the source code of this file.

Classes

struct  fuzzer::FlagDescription
 

Namespaces

 fuzzer
 

Macros

#define FUZZER_DEPRECATED_FLAG(Name)
 
#define FUZZER_FLAG_INT(Name, Default, Description)   int Name;
 
#define FUZZER_FLAG_UNSIGNED(Name, Default, Description)   unsigned int Name;
 
#define FUZZER_FLAG_STRING(Name, Description)   const char *Name;
 
#define FUZZER_DEPRECATED_FLAG(Name)   {#Name, "Deprecated; don't use", 0, nullptr, nullptr, nullptr},
 
#define FUZZER_FLAG_INT(Name, Default, Description)   {#Name, Description, Default, &Flags.Name, nullptr, nullptr},
 
#define FUZZER_FLAG_UNSIGNED(Name, Default, Description)
 
#define FUZZER_FLAG_STRING(Name, Description)   {#Name, Description, 0, nullptr, &Flags.Name, nullptr},
 

Functions

 __attribute__ ((used)) void __libfuzzer_is_present()
 
static void fuzzer::PrintHelp ()
 
static const charfuzzer::FlagValue (const char *Param, const char *Name)
 
static long fuzzer::MyStol (const char *Str)
 
static bool fuzzer::ParseOneFlag (const char *Param)
 
static void fuzzer::ParseFlags (const std::vector< std::string > &Args)
 
static void fuzzer::PulseThread ()
 
static void fuzzer::WorkerThread (const std::string &Cmd, std::atomic< unsigned > *Counter, unsigned NumJobs, std::atomic< bool > *HasErrors)
 
std::string fuzzer::CloneArgsWithoutX (const std::vector< std::string > &Args, const char *X1, const char *X2)
 
static int fuzzer::RunInMultipleProcesses (const std::vector< std::string > &Args, unsigned NumWorkers, unsigned NumJobs)
 
static void fuzzer::RssThread (Fuzzer *F, size_t RssLimitMb)
 
static void fuzzer::StartRssThread (Fuzzer *F, size_t RssLimitMb)
 
int fuzzer::RunOneTest (Fuzzer *F, const char *InputFilePath, size_t MaxLen)
 
static bool fuzzer::AllInputsAreFiles ()
 
static std::string fuzzer::GetDedupTokenFromFile (const std::string &Path)
 
int fuzzer::CleanseCrashInput (const std::vector< std::string > &Args, const FuzzingOptions &Options)
 
int fuzzer::MinimizeCrashInput (const std::vector< std::string > &Args, const FuzzingOptions &Options)
 
int fuzzer::MinimizeCrashInputInternalStep (Fuzzer *F, InputCorpus *Corpus)
 
int fuzzer::AnalyzeDictionary (Fuzzer *F, const std::vector< Unit > &Dict, UnitVector &Corpus)
 
int fuzzer::FuzzerDriver (int *argc, char ***argv, UserCallback Callback)
 

Variables

struct {
   Maximum length of the test input   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If   fuzzer::positive
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer   fuzzer::Experimental:" " save coverage summary to a given file." " Used with -merge=1")FUZZER_FLAG_STRING(load_coverage_summary
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with   fuzzer::runs
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with tries to cleanse the provided crash input to make it contain fewer original bytes Use with exact_artifact_path to specify the output Experimental Use value profile to guide fuzzing Number of jobs to run If   fuzzer::jobs
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with tries to cleanse the provided crash input to make it contain fewer original bytes Use with exact_artifact_path to specify the output Experimental Use value profile to guide fuzzing Number of jobs to run If Reload the main corpus every< N > seconds to get new units discovered by other processes   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with tries to cleanse the provided crash input to make it contain fewer original bytes Use with exact_artifact_path to specify the output Experimental Use value profile to guide fuzzing Number of jobs to run If Reload the main corpus every< N > seconds to get new units discovered by other processes disabled   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with tries to cleanse the provided crash input to make it contain fewer original bytes Use with exact_artifact_path to specify the output Experimental Use value profile to guide fuzzing Number of jobs to run If Reload the main corpus every< N > seconds to get new units discovered by other processes disabled generate only Write fuzzing Write the single artifact on   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with tries to cleanse the provided crash input to make it contain fewer original bytes Use with exact_artifact_path to specify the output Experimental Use value profile to guide fuzzing Number of jobs to run If Reload the main corpus every< N > seconds to get new units discovered by other processes disabled generate only Write fuzzing Write the single artifact on print statistics on corpus elements at exit   fuzzer::If
 
   Maximum length of the test input libFuzzer tries to guess a good value based on the corpus and reports it always prefer smaller inputs during the corpus shuffle When libFuzzer itself reports a bug this exit code will be used If indicates the maximal total time in seconds to run the fuzzer minimizes the provided crash input Use with tries to cleanse the provided crash input to make it contain fewer original bytes Use with exact_artifact_path to specify the output Experimental Use value profile to guide fuzzing Number of jobs to run If Reload the main corpus every< N > seconds to get new units discovered by other processes disabled generate only Write fuzzing Write the single artifact on print statistics on corpus elements at exit dump coverage information as a sancov file at exit To be deprecated   fuzzer::If
 
fuzzer::Flags
 
static const FlagDescription fuzzer::FlagDescriptions []
 
static const size_t fuzzer::kNumFlags
 
static std::vector< std::string > * fuzzer::Inputs
 
static std::string * fuzzer::ProgName
 
static std::mutex fuzzer::Mu
 

Macro Definition Documentation

◆ FUZZER_DEPRECATED_FLAG [1/2]

#define FUZZER_DEPRECATED_FLAG (   Name)

Definition at line 46 of file FuzzerDriver.cpp.

◆ FUZZER_DEPRECATED_FLAG [2/2]

#define FUZZER_DEPRECATED_FLAG (   Name)    {#Name, "Deprecated; don't use", 0, nullptr, nullptr, nullptr},

Definition at line 46 of file FuzzerDriver.cpp.

◆ FUZZER_FLAG_INT [1/2]

#define FUZZER_FLAG_INT (   Name,
  Default,
  Description 
)    int Name;

Definition at line 47 of file FuzzerDriver.cpp.

◆ FUZZER_FLAG_INT [2/2]

#define FUZZER_FLAG_INT (   Name,
  Default,
  Description 
)    {#Name, Description, Default, &Flags.Name, nullptr, nullptr},

Definition at line 47 of file FuzzerDriver.cpp.

◆ FUZZER_FLAG_STRING [1/2]

#define FUZZER_FLAG_STRING (   Name,
  Description 
)    const char *Name;

Definition at line 49 of file FuzzerDriver.cpp.

◆ FUZZER_FLAG_STRING [2/2]

#define FUZZER_FLAG_STRING (   Name,
  Description 
)    {#Name, Description, 0, nullptr, &Flags.Name, nullptr},

Definition at line 49 of file FuzzerDriver.cpp.

◆ FUZZER_FLAG_UNSIGNED [1/2]

#define FUZZER_FLAG_UNSIGNED (   Name,
  Default,
  Description 
)    unsigned int Name;

Definition at line 48 of file FuzzerDriver.cpp.

◆ FUZZER_FLAG_UNSIGNED [2/2]

#define FUZZER_FLAG_UNSIGNED (   Name,
  Default,
  Description 
)
Value:
{#Name, Description, static_cast<int>(Default), \
nullptr, nullptr, &Flags.Name},
struct fuzzer::@319 Flags

Definition at line 48 of file FuzzerDriver.cpp.

Function Documentation

◆ __attribute__()

__attribute__ ( (used)  )

Definition at line 31 of file FuzzerDriver.cpp.