Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(208)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: testing/libfuzzer/reproducing.md

Issue 2288753002: [libfuzzer] Add "Symbolization" and "Debugging" sections to reproducing.md page. (Closed)
Patch Set: Small grammar fix. Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Reproducing ClusterFuzz bugs locally 1 # Reproducing ClusterFuzz bugs locally
2 2
3 ClusterFuzz will report bugs in the bug tracker in the following form: 3 ClusterFuzz will report bugs in the bug tracker in the following form:
4 4
5 ``` 5 ```
6 Detailed report: https://cluster-fuzz.appspot.com/testcase?key=... 6 Detailed report: https://cluster-fuzz.appspot.com/testcase?key=...
7 7
8 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer 8 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer
9 Job Type: libfuzzer_chrome_asan 9 Job Type: libfuzzer_chrome_asan
10 Platform Id: linux 10 Platform Id: linux
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after
79 79
80 ### Reproducing LibFuzzer + UBSan bugs 80 ### Reproducing LibFuzzer + UBSan bugs
81 81
82 ```bash 82 ```bash
83 $ gn gen out/libfuzzer '--args=is_debug=false use_libfuzzer=true is_ubsan_securi ty=true enable_nacl=false proprietary_codecs=true ffmpeg_branding="ChromeOS"' 83 $ gn gen out/libfuzzer '--args=is_debug=false use_libfuzzer=true is_ubsan_securi ty=true enable_nacl=false proprietary_codecs=true ffmpeg_branding="ChromeOS"'
84 $ ninja -C out/libfuzzer $FUZZER_NAME 84 $ ninja -C out/libfuzzer $FUZZER_NAME
85 $ export UBSAN_OPTIONS=halt_on_error=1:print_stacktrace=1 85 $ export UBSAN_OPTIONS=halt_on_error=1:print_stacktrace=1
86 $ out/libfuzzer/$FUZZER_NAME /path/to/repro 86 $ out/libfuzzer/$FUZZER_NAME /path/to/repro
87 ``` 87 ```
88 88
89 ### Symbolization
90
91 Memory tools (ASan, MSan, UBSan) use [llvm-symbolizer] binary from the Clang
92 distribution to symbolize the stack traces. To get a symbolized crash report,
93 make sure `llvm-symbolizer` is in `PATH` or provide it in separate
94 `ASAN_SYMBOLIZER_PATH` environment variable.
95
96 In Chromium repository `llvm-symbolizer` is located in
97 `third_party/llvm-build/Release+Asserts/bin` directory.
98
99 ```bash
100 $ export ASAN_SYMBOLIZER_PATH=/path/to/chromium/src/third_party/llvm-build/Relea se+Asserts/bin/llvm-symbolizer
101 $ out/libfuzzer/$FUZZER_NAME /path/to/repro
102 ```
103
104 The same approach works for `MSAN_SYMBOLIZER_PATH` and `UBSAN_SYMBOLIZER_PATH`.
105
106 Additional information regarding symbolization is available in sanitizers
107 documentation: [AddressSanitizerCallStack].
108
109
110 ### Debugging
111
112 Please look at [AddressSanitizerAndDebugger] page for some tips on debugging of
113 binaries built with ASan.
114
115 If you want gdb to stop after an error has been reported, use:
116
117 * `ASAN_OPTIONS=abort_on_error=1` for binaries built with ASan.
118 * `MSAN_OPTIONS=abort_on_error=1` for binaries built with MSan.
119
120
121
122 [AddressSanitizerAndDebugger]: https://github.com/google/sanitizers/wiki/Address SanitizerAndDebugger
123 [AddressSanitizerCallStack]: https://github.com/google/sanitizers/wiki/AddressSa nitizerCallStack
124 [llvm-symbolizer]: http://llvm.org/docs/CommandGuide/llvm-symbolizer.html
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698