tools/devshell/contrib/fuzz - fuchsia - Git at Google

 #!/bin/bash
 # Copyright 2018 The Fuchsia Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 #### CATEGORY=Run, inspect and debug
 ### run a fuzz test on target a device

 ##
 ## Usage: fx fuzz [options] [command] [command-arguments]
 ##
 ## Options:
 ##   -d, --device   <name>   Connect to device using Fuchsia link-local name.
 ##                           Must be specified if multiple devices are present.
 ##   -f, --foreground        Run in the foreground (default is background).
 ##   -g, --debug             Disable libFuzzer exception handling.
 ##   -n, --no-cipd           Skip steps involving CIPD.
 ##   -o, --output   <dir>    Use the given directory for saving output files.
 ##                           Defaults to the current directory.
 ##   -s, --staging  <dir>    Use the given directory for staging temporary
 ##                           corpus files being transferred on or off of a
 ##                           target device. Defaults to a temporary directory
 ##                           that is removed on completion; use this options to
 ##                           preserve those temporary files on the host.
 ##
 ## Commands:
 ##   help                    Prints this message and exits.
 ##   list    [name]          Lists fuzzers matching 'name' if provided, or all
 ##                           fuzzers.
 ##   corpus  [name]          Lists the corpus instances in CIPD for the named
 ##                           fuzzer.
 ##   fetch   <name> [label]  Retrieves the corpus for the named fuzzer.  If
 ##                           'label' is a directory, installs the corpus from
 ##                           that location.  Otherwise fetches and installs the
 ##                           corpus from CIPD given by 'label', which may
 ##                           either be a CIPD "ref", or a CIPD "tag" of the
 ##                           form "key:value".  If omitted, 'label' defaults to
 ##                           "latest".
 ##   start   <name> [...]    Fetches the latest corpus for a named fuzzer and
 ##                           starts it. Additional arguments are passed to the
 ##                           fuzzer. This is default command if not provided.
 ##   check   <name>          Reports information about the named fuzzer, such as
 ##                           execution status, corpus size, and number of
 ##                           crashes.
 ##   stop    <name>          Stops all instances of the named fuzzer.
 ##   repro   <name> [...]    Runs the named fuzzer on specific inputs. If no
 ##                           additional inputs are provided, uses all previously
 ##                           found crashes.
 ##   merge   <name> [...]    Fetches the latest corpus in CIPD, merges and
 ##                           minimizes it with the corpus on device, and stores
 ##                           the result in CIPD.
 ##   store   <name>          Gathers the current corpus from the target platform
 ##                           and publishes it to CIPD.  The package will be
 ##                           tagged with the current integration revision and
 ##                           referenced as 'latest'.
 ##
 ## Typical workflow is one of three commands:
 ##   fx fuzz <name>        # Fetches the latest corpus and starts the fuzzer
 ##   fx fuzz repro <name>  # Replays any test input artifacts found
 ##   fx fuzz merge <name>  # Merges the current corpus with the latest in CIPD

 source "$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)"/../lib/vars.sh || exit $?

 FUZZING_DIR=${FUCHSIA_DIR}/scripts/fuzzing

 cmd=
 add=0
 for arg in "$@"; do
   shift
   case "$arg" in
     -h)
       cmd="help"
       ;;
     -d|--device)
       arg="--device"
       add=2
       ;;
     -g|--debug)
       arg="--debug"
       add=1
       ;;
     -o|--output)
       arg="--output"
       add=2
       ;;
     -s|--staging)
       arg="--staging"
       add=2
       ;;
     -f|--foreground)
       arg="--foreground"
       add=1
       ;;
     -n|--no-cipd)
       arg="--no-cipd"
       add=1
       ;;
     *)
       if [[ -z "$cmd" ]] && [[ $add -eq 0 ]]; then
         cmd="$arg"
       else
         add=1
       fi
       ;;
   esac
   [[ "$cmd" = "help" ]] && break
   [[ $add -eq 0 ]] && continue
   set -- "$@" "$arg"
   add=$(($add - 1))
 done

 case "$cmd" in
   help)
     fx-command-help
     ;;
   list)
     python ${FUZZING_DIR}/list_fuzzers.py "$@"
     ;;
   corpus)
     python ${FUZZING_DIR}/list_corpora.py "$@"
     ;;
   fetch)
     python ${FUZZING_DIR}/fetch_corpus.py "$@"
     ;;
   start)
     python ${FUZZING_DIR}/start_fuzzer.py "$@"
     ;;
   check)
     python ${FUZZING_DIR}/check_fuzzer.py "$@"
     ;;
   stop)
     python ${FUZZING_DIR}/stop_fuzzer.py "$@"
     ;;
   repro)
     python ${FUZZING_DIR}/repro_units.py "$@"
     ;;
   merge)
     python ${FUZZING_DIR}/merge_corpus.py "$@"
     ;;
   store)
     python ${FUZZING_DIR}/store_corpus.py "$@"
     ;;
   *)
     name="$cmd"
     if python ${FUZZING_DIR}/list_fuzzers.py "$name" ; then
       python ${FUZZING_DIR}/start_fuzzer.py "$name" "$@"
     else
       fx-command-help
     fi
     ;;
 esac
	#!/bin/bash
	# Copyright 2018 The Fuchsia Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	#### CATEGORY=Run, inspect and debug
	### run a fuzz test on target a device

	##
	## Usage: fx fuzz [options] [command] [command-arguments]
	##
	## Options:
	## -d, --device <name> Connect to device using Fuchsia link-local name.
	## Must be specified if multiple devices are present.
	## -f, --foreground Run in the foreground (default is background).
	## -g, --debug Disable libFuzzer exception handling.
	## -n, --no-cipd Skip steps involving CIPD.
	## -o, --output <dir> Use the given directory for saving output files.
	## Defaults to the current directory.
	## -s, --staging <dir> Use the given directory for staging temporary
	## corpus files being transferred on or off of a
	## target device. Defaults to a temporary directory
	## that is removed on completion; use this options to
	## preserve those temporary files on the host.
	##
	## Commands:
	## help Prints this message and exits.
	## list [name] Lists fuzzers matching 'name' if provided, or all
	## fuzzers.
	## corpus [name] Lists the corpus instances in CIPD for the named
	## fuzzer.
	## fetch <name> [label] Retrieves the corpus for the named fuzzer. If
	## 'label' is a directory, installs the corpus from
	## that location. Otherwise fetches and installs the
	## corpus from CIPD given by 'label', which may
	## either be a CIPD "ref", or a CIPD "tag" of the
	## form "key:value". If omitted, 'label' defaults to
	## "latest".
	## start <name> [...] Fetches the latest corpus for a named fuzzer and
	## starts it. Additional arguments are passed to the
	## fuzzer. This is default command if not provided.
	## check <name> Reports information about the named fuzzer, such as
	## execution status, corpus size, and number of
	## crashes.
	## stop <name> Stops all instances of the named fuzzer.
	## repro <name> [...] Runs the named fuzzer on specific inputs. If no
	## additional inputs are provided, uses all previously
	## found crashes.
	## merge <name> [...] Fetches the latest corpus in CIPD, merges and
	## minimizes it with the corpus on device, and stores
	## the result in CIPD.
	## store <name> Gathers the current corpus from the target platform
	## and publishes it to CIPD. The package will be
	## tagged with the current integration revision and
	## referenced as 'latest'.
	##
	## Typical workflow is one of three commands:
	## fx fuzz <name> # Fetches the latest corpus and starts the fuzzer
	## fx fuzz repro <name> # Replays any test input artifacts found
	## fx fuzz merge <name> # Merges the current corpus with the latest in CIPD

	source "$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)"/../lib/vars.sh \|\| exit $?

	FUZZING_DIR=${FUCHSIA_DIR}/scripts/fuzzing

	cmd=
	add=0
	for arg in "$@"; do
	shift
	case "$arg" in
	-h)
	cmd="help"
	;;
	-d\|--device)
	arg="--device"
	add=2
	;;
	-g\|--debug)
	arg="--debug"
	add=1
	;;
	-o\|--output)
	arg="--output"
	add=2
	;;
	-s\|--staging)
	arg="--staging"
	add=2
	;;
	-f\|--foreground)
	arg="--foreground"
	add=1
	;;
	-n\|--no-cipd)
	arg="--no-cipd"
	add=1
	;;
	*)
	if [[ -z "$cmd" ]] && [[ $add -eq 0 ]]; then
	cmd="$arg"
	else
	add=1
	fi
	;;
	esac
	[[ "$cmd" = "help" ]] && break
	[[ $add -eq 0 ]] && continue
	set -- "$@" "$arg"
	add=$(($add - 1))
	done

	case "$cmd" in
	help)
	fx-command-help
	;;
	list)
	python ${FUZZING_DIR}/list_fuzzers.py "$@"
	;;
	corpus)
	python ${FUZZING_DIR}/list_corpora.py "$@"
	;;
	fetch)
	python ${FUZZING_DIR}/fetch_corpus.py "$@"
	;;
	start)
	python ${FUZZING_DIR}/start_fuzzer.py "$@"
	;;
	check)
	python ${FUZZING_DIR}/check_fuzzer.py "$@"
	;;
	stop)
	python ${FUZZING_DIR}/stop_fuzzer.py "$@"
	;;
	repro)
	python ${FUZZING_DIR}/repro_units.py "$@"
	;;
	merge)
	python ${FUZZING_DIR}/merge_corpus.py "$@"
	;;
	store)
	python ${FUZZING_DIR}/store_corpus.py "$@"
	;;
	*)
	name="$cmd"
	if python ${FUZZING_DIR}/list_fuzzers.py "$name" ; then
	python ${FUZZING_DIR}/start_fuzzer.py "$name" "$@"
	else
	fx-command-help
	fi
	;;
	esac