mirror of
https://github.com/apple/swift.git
synced 2025-12-14 20:36:38 +01:00
e40d762b88
`-sanitize=fuzzer` no longer requires a development snapshot, it's been part of the compiler for a good while now.
39 lines
1.1 KiB
Markdown
39 lines
1.1 KiB
Markdown
# libFuzzer Integration
|
|
|
|
Swift has built-in `libFuzzer` integration. In order to use it on a file
|
|
`myfile.swift`, define an entry point fuzzing function with a
|
|
`@_cdecl("LLVMFuzzerTestOneInput")` annotation:
|
|
|
|
```swift
|
|
@_cdecl("LLVMFuzzerTestOneInput")
|
|
public func test(_ start: UnsafeRawPointer, _ count: Int) -> CInt {
|
|
let bytes = UnsafeRawBufferPointer(start: start, count: count)
|
|
// TODO: Test the code using the provided bytes.
|
|
return 0
|
|
}
|
|
```
|
|
|
|
To compile it, use the `-sanitize=fuzzer` flag to link `libFuzzer`
|
|
and enable code coverage information; and the `-parse-as-library` flag
|
|
to omit the `main` symbol, so that the fuzzer entry point can be used:
|
|
|
|
```bash
|
|
% swiftc -sanitize=fuzzer -parse-as-library myfile.swift
|
|
```
|
|
|
|
`libFuzzer` can be combined with other sanitizers:
|
|
|
|
```bash
|
|
% swiftc -sanitize=fuzzer,address -parse-as-library myfile.swift
|
|
```
|
|
|
|
Finally, launch the fuzzing process:
|
|
|
|
```bash
|
|
% ./myfile
|
|
```
|
|
|
|
Refer to the official `libFuzzer` documentation at
|
|
<https://llvm.org/docs/LibFuzzer.html#options>
|
|
for a description of the fuzzer's command line options.
|