diff options
author | jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com> | 2019-08-19 14:07:33 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-19 14:07:33 -0700 |
commit | 984b792dd9dcabf968e6c0510fddeef2c8557431 (patch) | |
tree | 128a5824d0048d2f3deb7d38e7f2010380c28cd5 /docs/getting-started | |
parent | 5f933a0a7c23e3456a45502d87aa424e32bf82e6 (diff) | |
download | oss-fuzz-984b792dd9dcabf968e6c0510fddeef2c8557431.tar.gz |
Document i386 fuzzing (#2704)
Diffstat (limited to 'docs/getting-started')
-rw-r--r-- | docs/getting-started/new_project_guide.md | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/docs/getting-started/new_project_guide.md b/docs/getting-started/new_project_guide.md index 61bc6ae0d..d0c0315df 100644 --- a/docs/getting-started/new_project_guide.md +++ b/docs/getting-started/new_project_guide.md @@ -77,6 +77,7 @@ This configuration file stores project metadata. The following attributes are su - [primary_contact](#primary) - [auto_ccs](#primary) - [sanitizers](#sanitizers) (optional) +- [architectures](#architectures) (optional) - [help_url](#help_url) (optional) ### homepage @@ -118,7 +119,29 @@ homepage]({{ site.baseurl }}/furthur-reading/clusterfuzz#web-interface). `sanitizers` example: [boringssl](https://github.com/google/oss-fuzz/blob/master/projects/boringssl/project.yaml). -### help_url (optional) +### architectures (optional) {#architectures} +The list of architectures to fuzz on. +ClusterFuzz supports fuzzing on x86_64 (aka x64) by default. +However you can also fuzz using AddressSanitizer and libFuzzer on i386 (aka x86, or 32 bit) by specifying "x86_64" and "i386" in "architectures" like this: + +```yaml +architectures: + - x86_64 + - i386 + ``` + +By fuzzing on i386 you might find bugs that: +* Only occur in architecture-specific source code (e.g. code that contains i386 assembly). +* Exist in architecture-independent source code and which only affects i386 users. +* Exist in architecture-independent source code and which affects users on other 32-bit platforms such as AArch32 (aka 32-bit ARM). + +Note that some bugs which affect x86_64 may be discovered on i386 and filed as such. +On the testcase page of each oss-fuzz issue is a list of other jobs where the crash reproduces, this can let you know if the crash exists on x86_64 as well. + +Fuzzing on i386 is not enabled by default because many projects won't build for i386 without some modification to their OSS-Fuzz build process. +For example, you will need to link against `$LIB_FUZZING_ENGINE` and possibly install i386 dependencies within the x86_64 docker image ([for example](https://github.com/google/oss-fuzz/blob/5b8dcb5d942b3b8bc173b823fb9ddbdca7ec6c99/projects/gdal/build.sh#L18)) to get things working. + +### help_url (optional) {#help_url} A link to a custom help URL that appears in bug reports instead of the default [OSS-Fuzz guide to reproducing crashes]({{ site.baseurl }}/advanced-topics/reproducing/). This can be useful if you assign bugs to members of your project unfamiliar with OSS-Fuzz, or if they should follow a different workflow for |