summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-02-27 08:38:14 -0500
committerNick Mathewson <nickm@torproject.org>2017-02-27 08:38:14 -0500
commitb6efd77ec4f891ddaaeafa1c74c45454dde2fdd8 (patch)
tree202d090d2c02f02b5f319220a3fad9e1cf9e8230
parent619771f60bde6b69eeaad4efbd844705ec5bcb83 (diff)
parent4d3310932a86aae731688ac30568f7cfb301dc35 (diff)
downloadtor-b6efd77ec4f891ddaaeafa1c74c45454dde2fdd8.tar.gz
tor-b6efd77ec4f891ddaaeafa1c74c45454dde2fdd8.zip
Merge remote-tracking branch 'public/bug21472_030' into maint-0.3.0
-rw-r--r--changes/bug214723
-rw-r--r--doc/HACKING/Fuzzing.md12
2 files changed, 9 insertions, 6 deletions
diff --git a/changes/bug21472 b/changes/bug21472
new file mode 100644
index 0000000000..f31ec9157e
--- /dev/null
+++ b/changes/bug21472
@@ -0,0 +1,3 @@
+ o Documentation:
+ - Small fixes to the fuzzing documentation. Closes ticket
+ 21472.
diff --git a/doc/HACKING/Fuzzing.md b/doc/HACKING/Fuzzing.md
index 16b0b6b000..2039d6a4c0 100644
--- a/doc/HACKING/Fuzzing.md
+++ b/doc/HACKING/Fuzzing.md
@@ -64,14 +64,14 @@ To Build:
make
cd ../tor
PATH=$PATH:../afl/ CC="../afl/afl-gcc" ./configure --enable-expensive-hardening
- AFL_HARDEN=1 make clean fuzz
+ AFL_HARDEN=1 make clean fuzzers
To Find The ASAN Memory Limit: (64-bit only)
-On 64-bit platforms, afl needs to know how much memory ASAN uses.
-Or, you can configure tor without --enable-expensive-hardening, then use
- make fuzz
-to run the generated test cases through an ASAN-enabled fuzz-http.
+On 64-bit platforms, afl needs to know how much memory ASAN uses,
+because ASAN tends to allocate a ridiculous amount of virtual memory,
+and then not actually use it.
+
Read afl/docs/notes_for_asan.txt for more details.
Download recidivm from http://jwilk.net/software/recidivm
@@ -80,7 +80,7 @@ Read afl/docs/notes_for_asan.txt for more details.
tar xvzf recidivm*.tar.gz
cd recidivm*
make
- /path/to/recidivm -v src/test/fuzz_dir
+ /path/to/recidivm -v src/test/fuzz/fuzz-http
Use the final "ok" figure as the input to -m when calling afl-fuzz
(Normally, recidivm would output a figure automatically, but in some cases,
the fuzzing harness will hang when the memory limit is too small.)