sandbox: Add libfuzzer integration Add an implementation of LLVMFuzzerTestOneInput() that starts the sandbox on a secondary thread and exposes a function to synchronize the generation of fuzzing inputs with their consumption by the sandbox. Signed-off-by: Andrew Scull <ascull@google.com> Reviewed-by: Simon Glass <sjg@chromium.org>

commit: 2b40f80d7742c66d29d48515529591b75e5adaae [log] [tgz]
author: Andrew Scull <ascull@google.com> Mon May 30 10:00:11 2022 +0000
committer: Tom Rini <trini@konsulko.com> Thu Jun 23 12:58:18 2022 -0400
tree: ea68ecbb377e9e69aa3a7974b01e2313318e3e5c
parent: ca5d1374ac3e2f30c397d6e235c7fae89ed5a42d [diff] [blame]
diff --git a/arch/sandbox/config.mk b/arch/sandbox/config.mk
index 4106032..3e2c7f9 100644
--- a/arch/sandbox/config.mk
+++ b/arch/sandbox/config.mk

@@ -19,6 +19,9 @@
 ifdef CONFIG_ASAN
 SANITIZERS	+= -fsanitize=address
 endif
+ifdef CONFIG_FUZZ
+SANITIZERS	+= -fsanitize=fuzzer
+endif
 KBUILD_CFLAGS	+= $(SANITIZERS)
 
 cmd_u-boot__ = $(CC) -o $@ -Wl,-T u-boot.lds $(u-boot-init) \
commit	2b40f80d7742c66d29d48515529591b75e5adaae	[log] [tgz]
author	Andrew Scull <ascull@google.com>	Mon May 30 10:00:11 2022 +0000
committer	Tom Rini <trini@konsulko.com>	Thu Jun 23 12:58:18 2022 -0400
tree	ea68ecbb377e9e69aa3a7974b01e2313318e3e5c
parent	ca5d1374ac3e2f30c397d6e235c7fae89ed5a42d [diff] [blame]