1//===-- FuzzerCLI.h - Common logic for CLIs of fuzzers ----------*- C++ -*-===// 2// 3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4// See https://llvm.org/LICENSE.txt for license information. 5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6// 7//===----------------------------------------------------------------------===// 8// 9// Common logic needed to implement LLVM's fuzz targets' CLIs - including LLVM 10// concepts like cl::opt and libFuzzer concepts like -ignore_remaining_args=1. 11// 12//===----------------------------------------------------------------------===// 13 14#ifndef LLVM_FUZZMUTATE_FUZZER_CLI_H 15#define LLVM_FUZZMUTATE_FUZZER_CLI_H 16 17#include "llvm/ADT/StringRef.h" 18#include "llvm/IR/LLVMContext.h" 19#include "llvm/Support/DataTypes.h" 20 21namespace llvm { 22 23/// Parse cl::opts from a fuzz target commandline. 24/// 25/// This handles all arguments after -ignore_remaining_args=1 as cl::opts. 26void parseFuzzerCLOpts(int ArgC, char *ArgV[]); 27 28/// Handle backend options that are encoded in the executable name. 29/// 30/// Parses some common backend options out of a specially crafted executable 31/// name (argv[0]). For example, a name like llvm-foo-fuzzer--aarch64-gisel 32/// might set up an AArch64 triple and the Global ISel selector. This should be 33/// called *before* parseFuzzerCLOpts if calling both. 34/// 35/// This is meant to be used for environments like OSS-Fuzz that aren't capable 36/// of passing in command line arguments in the normal way. 37void handleExecNameEncodedBEOpts(StringRef ExecName); 38 39/// Handle optimizer options which are encoded in the executable name. 40/// Same semantics as in 'handleExecNameEncodedBEOpts'. 41void handleExecNameEncodedOptimizerOpts(StringRef ExecName); 42 43using FuzzerTestFun = int (*)(const uint8_t *Data, size_t Size); 44using FuzzerInitFun = int (*)(int *argc, char ***argv); 45 46/// Runs a fuzz target on the inputs specified on the command line. 47/// 48/// Useful for testing fuzz targets without linking to libFuzzer. Finds inputs 49/// in the argument list in a libFuzzer compatible way. 50int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne, 51 FuzzerInitFun Init = [](int *, char ***) { return 0; }); 52 53/// Fuzzer friendly interface for the llvm bitcode parser. 54/// 55/// \param Data Bitcode we are going to parse 56/// \param Size Size of the 'Data' in bytes 57/// \return New module or nullptr in case of error 58std::unique_ptr<Module> parseModule(const uint8_t *Data, size_t Size, 59 LLVMContext &Context); 60 61/// Fuzzer friendly interface for the llvm bitcode printer. 62/// 63/// \param M Module to print 64/// \param Dest Location to store serialized module 65/// \param MaxSize Size of the destination buffer 66/// \return Number of bytes that were written. When module size exceeds MaxSize 67/// returns 0 and leaves Dest unchanged. 68size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize); 69 70/// Try to parse module and verify it. May output verification errors to the 71/// errs(). 72/// \return New module or nullptr in case of error. 73std::unique_ptr<Module> parseAndVerify(const uint8_t *Data, size_t Size, 74 LLVMContext &Context); 75 76} // end llvm namespace 77 78#endif // LLVM_FUZZMUTATE_FUZZER_CLI_H 79