[sledge] Add a harness for lionhead fuzzers

Summary:
This diff introduces a `-lib-fuzz` flag to `buck link`, which links in a
simple main that calls the LLVMFuzzerTestOneInput function, which is the
entry point of libFuzzer fuzzer.

Reviewed By: jberdine, jvillard

Differential Revision: D15821512

fbshipit-source-id: cff731ed3
master
Timotej Kapus 6 years ago committed by Facebook Github Bot
parent 696731523d
commit 1614f78f6d

@ -17,8 +17,11 @@ LIBCXXABI=$(ROOT)/llvm/projects/libcxxabi
cxxabi.bc : cxxabi.cpp cxxabi.bc : cxxabi.cpp
$(LLVM)/bin/clang --sysroot=/usr $(CLANG_ARGS) -I$(LLVM)/include/c++/v1 -I$(LIBCXXABI)/include -I$(LIBCXXABI)/src -c -emit-llvm cxxabi.cpp $(LLVM)/bin/clang --sysroot=/usr $(CLANG_ARGS) -I$(LLVM)/include/c++/v1 -I$(LIBCXXABI)/include -I$(LIBCXXABI)/src -c -emit-llvm cxxabi.cpp
lib_fuzzer_main.bc : lib_fuzzer_main.c
$(LLVM)/bin/clang $(CLANG_ARGS) -c -emit-llvm -o $@ $<
clean: clean:
rm cxxabi.bc rm -f cxxabi.bc lib_fuzzer_main.bc
fmt: fmt:
clang-format -i *.h *.c *.cpp clang-format -i *.h *.c *.cpp

@ -17,9 +17,15 @@ Jbuild_plugin.V1.send
(deps cxxabi.cpp Makefile llair_intrinsics.h) (deps cxxabi.cpp Makefile llair_intrinsics.h)
(action (run make ROOT=../../.. cxxabi.bc))) (action (run make ROOT=../../.. cxxabi.bc)))
(rule
(targets lib_fuzzer_main.bc)
(deps lib_fuzzer_main.c Makefile)
(action (run make ROOT=../../.. lib_fuzzer_main.bc)))
(rule (rule
(targets model.ml) (targets model.ml)
(deps cxxabi.bc) (deps cxxabi.bc lib_fuzzer_main.bc)
(action (run ocaml-crunch -m plain -e bc -o model.ml .))) (action (run ocaml-crunch -m plain -e bc -o model.ml .)))
(library (library

@ -0,0 +1,17 @@
/*
* Copyright (c) Facebook, Inc. and its affiliates.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*/
#include <stdint.h>
#include <stdlib.h>
int LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size);
int _llair_main() {
size_t Size = 13;
uint8_t Data[Size];
return LLVMFuzzerTestOneInput(Data, Size);
}

@ -130,16 +130,20 @@ let bitcode_files_of ~target =
List.map ~f:(make_absolute (Lazy.force buck_root)) modules List.map ~f:(make_absolute (Lazy.force buck_root)) modules
(* link and optimize the modules *) (* link and optimize the modules *)
let llvm_link_opt ~output modules = let llvm_link_opt ~lib_fuzzer_harness ~output modules =
let context = context () in let context = context () in
let modules = if lib_fuzzer_harness then "-" :: modules else modules in
let open Process in let open Process in
eval ~context eval ~context
( run ( ( if lib_fuzzer_harness then
(Lazy.force llvm_bin ^ "llvm-link") echo ~n:() (Option.value_exn (Model.read "/lib_fuzzer_main.bc"))
( "-internalize" else return () )
:: ( "-internalize-public-api-list=" |- run
^ String.concat ~sep:"," (Config.find_list "entry_points") ) (Lazy.force llvm_bin ^ "llvm-link")
:: "-o=-" :: modules ) ( "-internalize"
:: ( "-internalize-public-api-list="
^ String.concat ~sep:"," (Config.find_list "entry_points") )
:: "-o=-" :: modules )
|- run |- run
(Lazy.force llvm_bin ^ "opt") (Lazy.force llvm_bin ^ "opt")
["-o=" ^ output; "-globaldce"; "-globalopt"] ) ["-o=" ^ output; "-globaldce"; "-globalopt"] )
@ -199,8 +203,12 @@ let main ~(command : unit Command.basic_command) ~analyze =
and output = and output =
flag "output" (required abs_path_arg) flag "output" (required abs_path_arg)
~doc:"<file> write linked output to <file>" ~doc:"<file> write linked output to <file>"
and lib_fuzzer_harness =
flag "lib-fuzzer" no_arg
~doc:"add a harness for lib fuzzer binaries"
in in
fun () -> llvm_link_opt ~output (bitcode_files_of ~target) fun () ->
llvm_link_opt ~lib_fuzzer_harness ~output (bitcode_files_of ~target)
in in
command ~summary ~readme param command ~summary ~readme param
in in

Loading…
Cancel
Save