Skip to content

Commit

Permalink
add notes on how to reproduce crashes
Browse files Browse the repository at this point in the history
  • Loading branch information
@pauldreik
pauldreik authored Apr 28, 2019
1 parent 7dc3e4c commit 89338ca
Showing 1 changed file with 18 additions and 0 deletions.
18 changes: 18 additions & 0 deletions fuzzing/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,21 @@ This macro is the defacto standard for making fuzzing practically possible, see
To do a variety of builds making sure the build system works as intended,
execute ```./build.sh```.

# Reproduce
To reproduce a crash, there are at least two ways.
## Reproduce with a normal build
This will build a normal executable, fed with input from the files given on the command line. This gives an example for the chrono_duration fuzzer:
```sh
./build.sh
cd build-fuzzers-reproduce
bin/fuzzer_chrono_duration ../crashes/chrono_duration/*
```

## Reproduce using libFuzzer
This will build libFuzzer, fed with input from the files given on the command line. The default libFuzzer build uses sanitizers, so this may catch errors not seen in the normal build. This gives an example for the chrono_duration fuzzer:
```sh
./build.sh
cd build-fuzzers-reproduce
export UBSAN_OPTIONS=halt_on_error=1
bin/fuzzer_chrono_duration ../crashes/chrono_duration/*
```

0 comments on commit 89338ca

Please sign in to comment.