Skip to content

WIP: Initial draft to create a fuzze target

Thierry requested to merge lotharkript/dav1d:fuzzer into master

When compiling the source code, good idea to add: -fsanitize-coverage=edge,trace-pc-guard,indirect-calls,trace-cmp,trace-div,trace-gep

Then until meson knows how to build the target with libLLFuzzer library, you can do it manually by going to the build folder and run:

clang-5.0  -o tools/dav1d_fuzzer -g -fsanitize=address,fuzzer
'tools/tools@@dav1d_fuzzer@exe/dav1d_fuzzer.c.o' -Wl,--no-undefined
-Wl,--as-needed -Wl,-O1 -Wl,--start-group src/libdav1d.so.0.0.1
-Wl,--end-group '-Wl,-rpath,$ORIGIN/../src'
-Wl,-rpath-link,/usr/local/google/home/tfoucu/third_party/lotharkript_dav1d/build/src

then you can run it like this: ./tools/dav1d_fuzzer YOUR_CORPUS

Using this, I already created a crash file, see crash-fc8c16a84995320881aba1eb5aff19b3acf31fca.ivf

Merge request reports