Index: tools/clang-fuzzer/CMakeLists.txt =================================================================== --- tools/clang-fuzzer/CMakeLists.txt +++ tools/clang-fuzzer/CMakeLists.txt @@ -39,6 +39,9 @@ # Build the protobuf->C++ translation library and driver. add_clang_subdirectory(proto-to-cxx) + + # Build the fuzzer initialization library. + add_clang_subdirectory(fuzzer-initialize) # Build the protobuf fuzzer add_clang_executable(clang-proto-fuzzer @@ -52,6 +55,7 @@ ${PROTOBUF_LIBRARIES} ${LLVM_LIB_FUZZING_ENGINE} clangCXXProto + clangFuzzerInit clangHandleCXX clangProtoToCXX ) Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp =================================================================== --- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp +++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp @@ -17,28 +17,14 @@ #include "cxx_proto.pb.h" #include "handle-cxx/handle_cxx.h" #include "proto-to-cxx/proto_to_cxx.h" - +#include "fuzzer-initialize/fuzzer_initialize.h" #include "src/libfuzzer/libfuzzer_macro.h" #include using namespace clang_fuzzer; -static std::vector CLArgs; - -extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) { - CLArgs.push_back("-O2"); - for (int I = 1; I < *argc; I++) { - if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) { - for (I++; I < *argc; I++) - CLArgs.push_back((*argv)[I]); - break; - } - } - return 0; -} - DEFINE_BINARY_PROTO_FUZZER(const Function& input) { auto S = FunctionToString(input); - HandleCXX(S, CLArgs); + HandleCXX(S, GetCLArgs()); } Index: tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt =================================================================== --- /dev/null +++ tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt @@ -0,0 +1,3 @@ +set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} Support) + +add_clang_library(clangFuzzerInit fuzzer_initialize.cpp) Index: tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h =================================================================== --- /dev/null +++ tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h @@ -0,0 +1,20 @@ +//==-- fuzzer_initialize.h - Fuzz Clang ------------------------------------==// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// +// +// Defines a function that returns the command line arguments for a specific +// call to the fuzz target. +// +//===----------------------------------------------------------------------===// + +#include "src/libfuzzer/libfuzzer_macro.h" + +namespace clang_fuzzer { +const std::vector& GetCLArgs(); +} + Index: tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp =================================================================== --- tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp +++ tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp @@ -1,4 +1,4 @@ -//===-- ExampleClangProtoFuzzer.cpp - Fuzz Clang --------------------------===// +//===-- fuzzer_initialize.cpp - Fuzz Clang --------------------------------===// // // The LLVM Compiler Infrastructure // @@ -8,24 +8,27 @@ //===----------------------------------------------------------------------===// /// /// \file -/// This file implements a function that runs Clang on a single -/// input and uses libprotobuf-mutator to find new inputs. This function is -/// then linked into the Fuzzer library. +/// This file implements two functions: one that returns the command line +/// arguments for a given call to the fuzz target and one that initializes +/// the fuzzer with the correct command line arguments. /// //===----------------------------------------------------------------------===// -#include "cxx_proto.pb.h" -#include "handle-cxx/handle_cxx.h" -#include "proto-to-cxx/proto_to_cxx.h" +#include "fuzzer_initialize.h" -#include "src/libfuzzer/libfuzzer_macro.h" +using namespace clang_fuzzer; -#include -using namespace clang_fuzzer; +namespace clang_fuzzer { static std::vector CLArgs; +const std::vector& GetCLArgs() { + return CLArgs; +} + +} + extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) { CLArgs.push_back("-O2"); for (int I = 1; I < *argc; I++) { @@ -38,7 +41,3 @@ return 0; } -DEFINE_BINARY_PROTO_FUZZER(const Function& input) { - auto S = FunctionToString(input); - HandleCXX(S, CLArgs); -}