rustc fuzzing: Difference between revisions
Jump to navigation
Jump to search
Content added Content deleted
(new page) |
(fix typo) |
||
| Line 9: | Line 9: | ||
* Set <tt>LD_LIBRARY_PATH</tt>: |
* Set <tt>LD_LIBRARY_PATH</tt>: |
||
:<source lang="Bash"> |
:<source lang="Bash"> |
||
LIBRARY_PATH="$(realpath ~/.local/share/afl.rs/rustc-*/afl.rs-*/afl-llvm-rt" |
LIBRARY_PATH="$(realpath ~/.local/share/afl.rs/rustc-*/afl.rs-*/afl-llvm-rt)" |
||
</source> |
</source> |
||
* Change the options used to compile rustc: |
* Change the options used to compile rustc: |
||
Latest revision as of 08:36, 29 January 2020
Here is how to build rustc with AFL instrumentation:
- Install AFL:
cargo install afl
- This will compile AFL and the LLVM plugins needed to build rust with AFL instrumentation.
- Clone https://github.com/rust-lang/rust.
- Set LD_LIBRARY_PATH:
LIBRARY_PATH="$(realpath ~/.local/share/afl.rs/rustc-*/afl.rs-*/afl-llvm-rt)"
- Change the options used to compile rustc:
RUSTFLAGS="-C llvm-args=-sanitizer-coverage-level=3 \ -C llvm-args=-sanitizer-coverage-trace-pc-guard \ -C passes=sancov \ -l afl-llvm-rt \ -L $(realpath ~/.local/share/afl.rs/rustc-*/afl.rs-*/afl-llvm-rt)"
- Build rustc:
./x.py build
- Test that it works:
cargo afl showmap -o trace.txt -m 1024 -- \ build/x86_64-unknown-linux-gnu/stage2/bin/rustc \ --emit asm \ input.rs cat trace.txt
- Clone https://github.com/rust-fuzz/afl.rs. This will give you the AFL version that you can use with the instrumented rustc.