Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
common/seeds
fuzzer-afl
fuzzer-honggfuzz
fuzzer-libfuzzer
targets
.gitignore
Cargo.toml
README.md
cli.rs

README.md

Fuzz Testing

This directory contains TiKV fuzz test cases as well as a custom CLI utility, fuzz, that builds and runs those tests using one of multiple fuzzers.

Supported fuzzers:

Prerequisites

Honggfuzz

cargo install honggfuzz --version 0.5.45

Note that the version of the cargo plugin installed must be the same as the library linked by the fuzzer-honggfuzz project template, here 0.5.45.

Building honggfuzz test cases with cargo run -p fuzz -- run Honggfuzz <test> requires additional development libraries that will differ from system to system. On a recent Ubuntu system those libraries could be installed with sudo apt install binutils-dev libunwind-dev.

See honggfuzz-rs documentation.

AFL

cargo install afl

For more details, see the fuzz.rs book.

Seeds(optional)

Proper seeds can make fuzzing faster, seed files for a specific target should be placed in the fuzz/common/seeds/{target}/ directory, where target is the fuzz target name.

If no seed file provided for the given target, fuzz/common/seeds/default/ will be used as seeds.

Usage

List Available Fuzz Targets

# In TiKV directory
cargo run --package fuzz -- list-targets

Fuzz Specific Target with a Fuzzer

# In TiKV directory
cargo run --package fuzz -- run [FUZZER] [TARGET]

Valid values for [FUZZER] are "Libfuzzer", "Honggfuzz", and "Afl".

The corpus dir of fuzzing is fuzz/fuzzer-{FUZZER}/corpus-{TARGET} for "Libfuzzer" and "Afl".

You can’t perform that action at this time.