1# Building and running fuzzers 2 3In order to build fuzzers, you need the GN arg `use_libfuzzer=true`. It's also 4recommended to build with `is_asan=true` to catch additional problems. Building 5and running then might look like: 6```bash 7 gn gen out/libfuzzer --args="use_libfuzzer=true is_asan=true is_debug=false" 8 ninja -C out/libfuzzer some_fuzz_target 9 out/libfuzzer/some_fuzz_target <args> <corpus_dir> [additional corpus dirs] 10``` 11 12The arguments to the fuzzer binary should be whatever is listed in the GN target 13description (e.g. `-max_len=1500`). These arguments may be automatically 14scraped by Chromium's ClusterFuzz tool when it runs fuzzers, but they are not 15built into the target. You can also look at the file 16`out/libfuzzer/some_fuzz_target.options` for what arguments should be used. The 17`corpus_dir` is listed as `seed_corpus` in the GN definition of the fuzzer 18target. 19 20