add src/tools/ftfuzzer/README

2015-10-15 22:15:53 -07:00 · 2015-10-15 22:15:53 -07:00 · 266976b163
parent 65d8980491
commit 266976b163
2 changed files with 29 additions and 0 deletions
--- a/6
+++ b/6
@ -1,3 +1,9 @@
+2015-10-15  Kostya Serebryany <kcc@google.com>
+
+	[ftfuzzer] Add README.
+
+	* src/tools/ftfuzzer/README: New file.
+
 2015-10-15  Bungeman  <bungeman@gmail.com>

 	[bdf] Fix memory leak (#46213).
--- a/src/tools/ftfuzzer/README
+++ b/src/tools/ftfuzzer/README
@ -0,0 +1,23 @@
+ftfuzzer
+--------
+
+ftfuzzer.cc contains a target function for FreeType fuzzing.
+It can be used with libFuzzer (http://llvm.org/docs/LibFuzzer.html)
+or potentially any other similar fuzzer.
+
+Usage:
+  1. Build libfreetype.a and ftfuzzer.cc using the most recent clang compiler
+     with these flags:
+     -fsanitize-coverage=edge,8bit-counters # for fuzzer coverage feedback
+     -fsanitize=address,signed-integer-overflow,shift  # for bug checking
+  2. Link with libFuzzer (it contains main()).
+  3. Run the fuzzer on some test corpus.
+
+The exact flags and commands may vary.
+There is a continuous fuzzing bot that runs ftfuzzer:
+https://github.com/google/libfuzzer-bot/tree/master/freetype.
+Check the bot confituration for the most current settings.
+
+runinput.cc contains a convenience main() function to run the target function
+on a set of input files. Link it with ftfuzzer.cc and libfreetype.a
+and run like "./a.out my_tests_inputs/*"