Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(431)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: docs/ipc_fuzzer.md

Issue 1324603002: [Docs] Another round of stylistic fixes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « docs/installazione_su_vmware.md ('k') | docs/kiosk_mode.md » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: docs/ipc_fuzzer.md
diff --git a/docs/ipc_fuzzer.md b/docs/ipc_fuzzer.md
index 17a80c6dd9645f884c0e902d611ce46982a337ba..0ab9ce9f150dc161883015e6d245286ebb0c15de 100644
--- a/docs/ipc_fuzzer.md
+++ b/docs/ipc_fuzzer.md
@@ -1,52 +1,65 @@
-# Introduction
+# IPC Fuzzer
-A chromium IPC fuzzer is under development by aedla and tsepez. The fuzzer lives under `src/tools/ipc_fuzzer/` and is running on ClusterFuzz. A previous version of the fuzzer was a simple bitflipper, which caught around 10 bugs. A new version is doing smarter mutations and generational fuzzing. To do so, each `ParamTraits<Type>` needs a corresponding `FuzzTraits<Type>`. Feel free to contribute.
+A chromium IPC fuzzer is under development by aedla and tsepez. The fuzzer lives
+under `src/tools/ipc_fuzzer/` and is running on ClusterFuzz. A previous version
+of the fuzzer was a simple bitflipper, which caught around 10 bugs. A new
+version is doing smarter mutations and generational fuzzing. To do so, each
+`ParamTraits<Type>` needs a corresponding `FuzzTraits<Type>`. Feel free to
+contribute.
+[TOC]
----
+## Working with the fuzzer
-# Working with the fuzzer
+### Build instructions
-## Build instructions
- * add `enable_ipc_fuzzer=1` to `GYP_DEFINES`
- * build `ipc_fuzzer_all` target
- * component builds are currently broken, sorry
- * Debug builds are broken; only Release mode works.
+* add `enable_ipc_fuzzer=1` to `GYP_DEFINES`
+* build `ipc_fuzzer_all` target
+* component builds are currently broken, sorry
+* Debug builds are broken; only Release mode works.
-## Replaying ipcdumps
- * `tools/ipc_fuzzer/scripts/play_testcase.py path/to/testcase.ipcdump`
- * more help: `tools/ipc_fuzzer/scripts/play_testcase.py -h`
+### Replaying ipcdumps
-## Listing messages in ipcdump
- * `out/`_Build_`/ipc_message_util --dump path/to/testcase.ipcdump`
+* `tools/ipc_fuzzer/scripts/play_testcase.py path/to/testcase.ipcdump`
+* more help: `tools/ipc_fuzzer/scripts/play_testcase.py -h`
-## Updating fuzzers in ClusterFuzz
- * `tools/ipc_fuzzer/scripts/cf_package_builder.py`
- * upload `ipc_fuzzer_mut.zip` and `ipc_fuzzer_gen.zip` under build directory to ClusterFuzz
+### Listing messages in ipcdump
-## Contributing FuzzTraits
- * add them to tools/ipc\_fuzzer/fuzzer/fuzzer.cc
- * thanks!
+* `out/<Build>/ipc_message_util --dump path/to/testcase.ipcdump`
+### Updating fuzzers in ClusterFuzz
----
+* `tools/ipc_fuzzer/scripts/cf_package_builder.py`
+* upload `ipc_fuzzer_mut.zip` and `ipc_fuzzer_gen.zip` under build directory
+ to ClusterFuzz
-# Components
+### Contributing FuzzTraits
-## ipcdump logger
- * add `enable_ipc_fuzzer=1` to `GYP_DEFINES`
- * build `chrome` and `ipc_message_dump` targets
- * run chrome with `--no-sandbox --ipc-dump-directory=/path/to/ipcdump/directory`
- * ipcdumps will be created in this directory for each renderer using the format _pid_.ipcdump
+* add them to `tools/ipc_fuzzer/fuzzer/fuzzer.cc`
+* thanks!
-## ipcdump replay
-Lives under `ipc_fuzzer/replay`. The renderer is replaced with `ipc_fuzzer_replay` using `--renderer-cmd-prefix`. This is done automatically with the `ipc_fuzzer/play_testcase.py` convenience script.
+## Components
-## ipcdump mutator / generator
-Lives under `ipc_fuzzer/fuzzer`. This is the code that runs on ClusterFuzz. It uses `FuzzTraits<Type>` to mutate ipcdumps or generate them out of thin air.
+### ipcdump logger
+* add `enable_ipc_fuzzer=1` to `GYP_DEFINES`
+* build `chrome` and `ipc_message_dump` targets
+* run chrome with
+ `--no-sandbox --ipc-dump-directory=/path/to/ipcdump/directory`
+* ipcdumps will be created in this directory for each renderer using the
+ format `_pid_.ipcdump`
----
+### ipcdump replay
-# Problems, questions, suggestions
-Send them to mbarbella@chromium.org.
+Lives under `ipc_fuzzer/replay`. The renderer is replaced with
+`ipc_fuzzer_replay` using `--renderer-cmd-prefix`. This is done automatically
+with the `ipc_fuzzer/play_testcase.py` convenience script.
+
+### ipcdump mutator / generator
+
+Lives under `ipc_fuzzer/fuzzer`. This is the code that runs on ClusterFuzz. It
+uses `FuzzTraits<Type>` to mutate ipcdumps or generate them out of thin air.
+
+## Problems, questions, suggestions
+
+Send them to mbarbella@chromium.org.
« no previous file with comments | « docs/installazione_su_vmware.md ('k') | docs/kiosk_mode.md » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698