| Andrew Scull | 5e1ddfa | 2018-08-14 10:06:54 +0100 | [diff] [blame] | 1 | //===-- FuzzerCLI.h - Common logic for CLIs of fuzzers ----------*- C++ -*-===// |
| 2 | // |
| 3 | // The LLVM Compiler Infrastructure |
| 4 | // |
| 5 | // This file is distributed under the University of Illinois Open Source |
| 6 | // License. See LICENSE.TXT for details. |
| 7 | // |
| 8 | //===----------------------------------------------------------------------===// |
| 9 | // |
| 10 | // Common logic needed to implement LLVM's fuzz targets' CLIs - including LLVM |
| 11 | // concepts like cl::opt and libFuzzer concepts like -ignore_remaining_args=1. |
| 12 | // |
| 13 | //===----------------------------------------------------------------------===// |
| 14 | |
| 15 | #ifndef LLVM_FUZZMUTATE_FUZZER_CLI_H |
| 16 | #define LLVM_FUZZMUTATE_FUZZER_CLI_H |
| 17 | |
| 18 | #include "llvm/ADT/StringRef.h" |
| 19 | #include "llvm/IR/LLVMContext.h" |
| 20 | #include "llvm/Support/DataTypes.h" |
| 21 | |
| 22 | namespace llvm { |
| 23 | |
| 24 | /// Parse cl::opts from a fuzz target commandline. |
| 25 | /// |
| 26 | /// This handles all arguments after -ignore_remaining_args=1 as cl::opts. |
| 27 | void parseFuzzerCLOpts(int ArgC, char *ArgV[]); |
| 28 | |
| 29 | /// Handle backend options that are encoded in the executable name. |
| 30 | /// |
| 31 | /// Parses some common backend options out of a specially crafted executable |
| 32 | /// name (argv[0]). For example, a name like llvm-foo-fuzzer--aarch64-gisel |
| 33 | /// might set up an AArch64 triple and the Global ISel selector. This should be |
| 34 | /// called *before* parseFuzzerCLOpts if calling both. |
| 35 | /// |
| 36 | /// This is meant to be used for environments like OSS-Fuzz that aren't capable |
| 37 | /// of passing in command line arguments in the normal way. |
| 38 | void handleExecNameEncodedBEOpts(StringRef ExecName); |
| 39 | |
| 40 | /// Handle optimizer options which are encoded in the executable name. |
| 41 | /// Same semantics as in 'handleExecNameEncodedBEOpts'. |
| 42 | void handleExecNameEncodedOptimizerOpts(StringRef ExecName); |
| 43 | |
| 44 | using FuzzerTestFun = int (*)(const uint8_t *Data, size_t Size); |
| 45 | using FuzzerInitFun = int (*)(int *argc, char ***argv); |
| 46 | |
| 47 | /// Runs a fuzz target on the inputs specified on the command line. |
| 48 | /// |
| 49 | /// Useful for testing fuzz targets without linking to libFuzzer. Finds inputs |
| 50 | /// in the argument list in a libFuzzer compatible way. |
| 51 | int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne, |
| 52 | FuzzerInitFun Init = [](int *, char ***) { return 0; }); |
| 53 | |
| 54 | /// Fuzzer friendly interface for the llvm bitcode parser. |
| 55 | /// |
| 56 | /// \param Data Bitcode we are going to parse |
| 57 | /// \param Size Size of the 'Data' in bytes |
| 58 | /// \return New module or nullptr in case of error |
| 59 | std::unique_ptr<Module> parseModule(const uint8_t *Data, size_t Size, |
| 60 | LLVMContext &Context); |
| 61 | |
| 62 | /// Fuzzer friendly interface for the llvm bitcode printer. |
| 63 | /// |
| 64 | /// \param M Module to print |
| 65 | /// \param Dest Location to store serialized module |
| 66 | /// \param MaxSize Size of the destination buffer |
| 67 | /// \return Number of bytes that were written. When module size exceeds MaxSize |
| 68 | /// returns 0 and leaves Dest unchanged. |
| 69 | size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize); |
| 70 | |
| 71 | /// Try to parse module and verify it. May output verification errors to the |
| 72 | /// errs(). |
| 73 | /// \return New module or nullptr in case of error. |
| 74 | std::unique_ptr<Module> parseAndVerify(const uint8_t *Data, size_t Size, |
| 75 | LLVMContext &Context); |
| 76 | |
| 77 | } // end llvm namespace |
| 78 | |
| 79 | #endif // LLVM_FUZZMUTATE_FUZZER_CLI_H |