summaryrefslogtreecommitdiffstats
path: root/js/src/fuzz-tests/README
diff options
context:
space:
mode:
Diffstat (limited to 'js/src/fuzz-tests/README')
-rw-r--r--js/src/fuzz-tests/README31
1 files changed, 31 insertions, 0 deletions
diff --git a/js/src/fuzz-tests/README b/js/src/fuzz-tests/README
new file mode 100644
index 0000000000..2c98c1ffa2
--- /dev/null
+++ b/js/src/fuzz-tests/README
@@ -0,0 +1,31 @@
+# JS Fuzzing Interface
+
+This directory contains fuzzing targets that implement the unified fuzzing
+interface to be used with libFuzzer or AFL.
+
+## Building the fuzzing targets
+
+To include this directory in your JS build, you need to build with Clang
+and the --enable-fuzzing flag enabled. The build system will automatically
+detect if you are building with afl-clang-fast for AFL or regular Clang
+for libFuzzer.
+
+## Running a fuzzing target
+
+To run a particular target with libFuzzer, use:
+
+ cd $OBJDIR/dist/bin
+ FUZZER=YourTargetName ./fuzz-tests
+
+To run with AFL, use something like
+
+ cd $OBJDIR/dist/bin
+ FUZZER=YourTargetName MOZ_FUZZ_TESTFILE=input \
+ afl-fuzz <regular AFL options> -f input ./fuzz-tests
+
+
+## Writing a fuzzing target
+
+1. Check testExample.cpp for a target skeleton with comments.
+
+2. Add your own .cpp file to UNIFIED_SOURCES in moz.build
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-27 04:21:48 +0000