1 //===-- FuzzerCLI.h - Common logic for CLIs of fuzzers ----------*- C++ -*-===//
2 //
3 //                     The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // Common logic needed to implement LLVM's fuzz targets' CLIs - including LLVM
11 // concepts like cl::opt and libFuzzer concepts like -ignore_remaining_args=1.
12 //
13 //===----------------------------------------------------------------------===//
14 
15 #ifndef LLVM_FUZZMUTATE_FUZZER_CLI_H
16 #define LLVM_FUZZMUTATE_FUZZER_CLI_H
17 
18 #include "llvm/ADT/StringRef.h"
19 #include "llvm/IR/LLVMContext.h"
20 #include "llvm/Support/DataTypes.h"
21 
22 namespace llvm {
23 
24 /// Parse cl::opts from a fuzz target commandline.
25 ///
26 /// This handles all arguments after -ignore_remaining_args=1 as cl::opts.
27 void parseFuzzerCLOpts(int ArgC, char *ArgV[]);
28 
29 /// Handle backend options that are encoded in the executable name.
30 ///
31 /// Parses some common backend options out of a specially crafted executable
32 /// name (argv[0]). For example, a name like llvm-foo-fuzzer--aarch64-gisel
33 /// might set up an AArch64 triple and the Global ISel selector. This should be
34 /// called *before* parseFuzzerCLOpts if calling both.
35 ///
36 /// This is meant to be used for environments like OSS-Fuzz that aren't capable
37 /// of passing in command line arguments in the normal way.
38 void handleExecNameEncodedBEOpts(StringRef ExecName);
39 
40 /// Handle optimizer options which are encoded in the executable name.
41 /// Same semantics as in 'handleExecNameEncodedBEOpts'.
42 void handleExecNameEncodedOptimizerOpts(StringRef ExecName);
43 
44 using FuzzerTestFun = int (*)(const uint8_t *Data, size_t Size);
45 using FuzzerInitFun = int (*)(int *argc, char ***argv);
46 
47 /// Runs a fuzz target on the inputs specified on the command line.
48 ///
49 /// Useful for testing fuzz targets without linking to libFuzzer. Finds inputs
50 /// in the argument list in a libFuzzer compatible way.
51 int runFuzzerOnInputs(int ArgC, char *ArgV[], FuzzerTestFun TestOne,
52                       FuzzerInitFun Init = [](int *, char ***) { return 0; });
53 
54 /// Fuzzer friendly interface for the llvm bitcode parser.
55 ///
56 /// \param Data Bitcode we are going to parse
57 /// \param Size Size of the 'Data' in bytes
58 /// \return New module or nullptr in case of error
59 std::unique_ptr<Module> parseModule(const uint8_t *Data, size_t Size,
60                                     LLVMContext &Context);
61 
62 /// Fuzzer friendly interface for the llvm bitcode printer.
63 ///
64 /// \param M Module to print
65 /// \param Dest Location to store serialized module
66 /// \param MaxSize Size of the destination buffer
67 /// \return Number of bytes that were written. When module size exceeds MaxSize
68 ///         returns 0 and leaves Dest unchanged.
69 size_t writeModule(const Module &M, uint8_t *Dest, size_t MaxSize);
70 
71 /// Try to parse module and verify it. May output verification errors to the
72 /// errs().
73 /// \return New module or nullptr in case of error.
74 std::unique_ptr<Module> parseAndVerify(const uint8_t *Data, size_t Size,
75                                        LLVMContext &Context);
76 
77 } // end llvm namespace
78 
79 #endif // LLVM_FUZZMUTATE_FUZZER_CLI_H
80