LLVM  10.0.0svn
FuzzerCLI.h
Go to the documentation of this file.
1 //===-- FuzzerCLI.h - Common logic for CLIs of fuzzers ----------*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // Common logic needed to implement LLVM's fuzz targets' CLIs - including LLVM
10 // concepts like cl::opt and libFuzzer concepts like -ignore_remaining_args=1.
11 //
12 //===----------------------------------------------------------------------===//
13 
14 #ifndef LLVM_FUZZMUTATE_FUZZER_CLI_H
15 #define LLVM_FUZZMUTATE_FUZZER_CLI_H
16 
17 #include "llvm/ADT/StringRef.h"
18 #include "llvm/IR/LLVMContext.h"
19 #include "llvm/Support/DataTypes.h"
20 
21 namespace llvm {
22 
23 /// Parse cl::opts from a fuzz target commandline.
24 ///
25 /// This handles all arguments after -ignore_remaining_args=1 as cl::opts.
26 void parseFuzzerCLOpts(int ArgC, char *ArgV[]);
27 
28 /// Handle backend options that are encoded in the executable name.
29 ///
30 /// Parses some common backend options out of a specially crafted executable
31 /// name (argv[0]). For example, a name like llvm-foo-fuzzer--aarch64-gisel
32 /// might set up an AArch64 triple and the Global ISel selector. This should be
33 /// called *before* parseFuzzerCLOpts if calling both.
34 ///
35 /// This is meant to be used for environments like OSS-Fuzz that aren't capable
36 /// of passing in command line arguments in the normal way.
37 void handleExecNameEncodedBEOpts(StringRef ExecName);
38 
39 /// Handle optimizer options which are encoded in the executable name.
40 /// Same semantics as in 'handleExecNameEncodedBEOpts'.
41 void handleExecNameEncodedOptimizerOpts(StringRef ExecName);
42 
43 using FuzzerTestFun = int (*)(const uint8_t *Data, size_t Size);
44 using FuzzerInitFun = int (*)(int *argc, char ***argv);
45 
46 /// Runs a fuzz target on the inputs specified on the command line.
47 ///
48 /// Useful for testing fuzz targets without linking to libFuzzer. Finds inputs
49 /// in the argument list in a libFuzzer compatible way.
50 int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne,
51  FuzzerInitFun Init = [](int *, char ***) { return 0; });
52 
53 /// Fuzzer friendly interface for the llvm bitcode parser.
54 ///
55 /// \param Data Bitcode we are going to parse
56 /// \param Size Size of the 'Data' in bytes
57 /// \return New module or nullptr in case of error
58 std::unique_ptr<Module> parseModule(const uint8_t *Data, size_t Size,
60 
61 /// Fuzzer friendly interface for the llvm bitcode printer.
62 ///
63 /// \param M Module to print
64 /// \param Dest Location to store serialized module
65 /// \param MaxSize Size of the destination buffer
66 /// \return Number of bytes that were written. When module size exceeds MaxSize
67 /// returns 0 and leaves Dest unchanged.
68 size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize);
69 
70 /// Try to parse module and verify it. May output verification errors to the
71 /// errs().
72 /// \return New module or nullptr in case of error.
73 std::unique_ptr<Module> parseAndVerify(const uint8_t *Data, size_t Size,
74  LLVMContext &Context);
75 
76 } // end llvm namespace
77 
78 #endif // LLVM_FUZZMUTATE_FUZZER_CLI_H
LLVMContext & Context
int(*)(int *argc, char ***argv) FuzzerInitFun
Definition: FuzzerCLI.h:44
This class represents lattice values for constants.
Definition: AllocatorList.h:23
A Module instance is used to store all the information related to an LLVM module. ...
Definition: Module.h:65
std::unique_ptr< Module > parseAndVerify(const uint8_t *Data, size_t Size, LLVMContext &Context)
Try to parse module and verify it.
Definition: FuzzerCLI.cpp:201
size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize)
Fuzzer friendly interface for the llvm bitcode printer.
Definition: FuzzerCLI.cpp:189
void handleExecNameEncodedBEOpts(StringRef ExecName)
Handle backend options that are encoded in the executable name.
Definition: FuzzerCLI.cpp:38
void parseFuzzerCLOpts(int ArgC, char *ArgV[])
Parse cl::opts from a fuzz target commandline.
Definition: FuzzerCLI.cpp:24
This is an important class for using LLVM in a threaded context.
Definition: LLVMContext.h:64
int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne, FuzzerInitFun Init=[](int *, char ***) { return 0;})
Runs a fuzz target on the inputs specified on the command line.
Definition: FuzzerCLI.cpp:138
int(*)(const uint8_t *Data, size_t Size) FuzzerTestFun
Definition: FuzzerCLI.h:43
std::unique_ptr< Module > parseModule(const uint8_t *Data, size_t Size, LLVMContext &Context)
Fuzzer friendly interface for the llvm bitcode parser.
Definition: FuzzerCLI.cpp:169
uint32_t Size
Definition: Profile.cpp:46
void handleExecNameEncodedOptimizerOpts(StringRef ExecName)
Handle optimizer options which are encoded in the executable name.
Definition: FuzzerCLI.cpp:74