FuzzGen icon indicating copy to clipboard operation
FuzzGen copied to clipboard

Published 20 hours ago verified publisher icon HexHive

Clarification on Build Instructions

Open Juvojic opened this issue 4 years ago • 3 comments

Thanks a lot for the project. Next to closed-source FUDGE: Fuzz Driver Generation at Scale, this seems to be the only project for creating Fuzzing Drivers out of a library today. However, the build instructions seem a bit unclear and in reversed order to me. I try to provide a step-by-step solution. Please correct me where I'm wrong.

Clone Fuzzgen

  1. git clone https://github.com/HexHive/FuzzGen

Build LLVM-6.0.0 (Taken from #19 and modified)

  1. git clone https://github.com/llvm/llvm-project
  2. cd llvm-project
  3. git checkout llvmorg-6.0.0
  4. cp -r FuzzGen/src/preprocessor/ llvm-project/clang/tools/fuzzgen/ (The Readme said $LLVM_SRC/tools/clang/tools but there is no tools directory in llvm-project/)
  5. Open llvm-project/clang/tools/CMakeLists.txt and add add_clang_subdirectory(fuzzgen) (anywhere in the code or preferably at the end?)
  6. mkdir build
  7. cd build
  8. cmake -DLLVM_ENABLE_PROJECTS=clang -DLLVM_PARALLEL_LINK_JOBS=1 -DLLVM_USE_LINKER=gold -DCMAKE_BUILD_TYPE=Release -G "Unix Makefiles" ../llvm (setting parallel link jobs to 1 and using the gold linker are optional but supposedly easier for the RAM and shouldn't use as much swap memory)
  9. cmake --build . (may take several hours to complete - 5-6 h in my case; setting the build type to Release should speed up the process a bit, though)

Build FuzzGen (Taken from the Readme and modified) (1. FuzzGen has already been cloned beforehand) 2. sudo apt-get install libboost-all-dev 3. export LLVM_DIR=/llvm-project/build (not really optional, right?; targeting other versions will fail later on; is it necessary to specify the exact build directory, that had been created while building LLVM-6.0.0?) 4. cd FuzzGen 5. mkdir build 6. cd build 7. cmake .. 8. make -j$(nproc)

Is adjusting the MACROS in src/compose.h even necessary when only planning to work with the Debian-mode?

Juvojic avatar Jan 28 '21 13:01 Juvojic

FWIW, I tried with the above but ran into a compilation error while compiling the fuzzgen clang tool on 6.0.0. Instead, I used git tag llvmorg-6.0.1.

irwincong avatar Jul 22 '21 14:07 irwincong

The AOSP portion of the README.md is also outdated. It mentions using showcommand to find where the clang and clang++ python wrapper scripts are located. After Android7.0, I think, you want to use:

for VERBOSELOG in $(ls -1 ./out/verbose*.gz); do \
  gzip -cd $VERBOSELOG | grep clang;
done

irwincong avatar Aug 13 '21 15:08 irwincong

Can fuzzgen be used for c/c++ programs on linux systems? Because I saw that there are Generage Fuzzers for Debian but there is no specific operation description.

amie0 avatar Jun 29 '23 07:06 amie0