From 266976b1633bcea0d017d0f37ac817b0b8af8694 Mon Sep 17 00:00:00 2001
From: Kostya Serebryany <konstantin.s.serebryany@gmail.com>
Date: Thu, 15 Oct 2015 22:15:53 -0700
Subject: [PATCH] add src/tools/ftfuzzer/README

---
 ChangeLog                 |  6 ++++++
 src/tools/ftfuzzer/README | 23 +++++++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 src/tools/ftfuzzer/README

diff --git a/ChangeLog b/ChangeLog
index b63e65733..a71cb866c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2015-10-15  Kostya Serebryany <kcc@google.com>
+
+	[ftfuzzer] Add README.
+
+	* src/tools/ftfuzzer/README: New file.
+
 2015-10-15  Bungeman  <bungeman@gmail.com>
 
 	[bdf] Fix memory leak (#46213).
diff --git a/src/tools/ftfuzzer/README b/src/tools/ftfuzzer/README
new file mode 100644
index 000000000..7248bb7b1
--- /dev/null
+++ b/src/tools/ftfuzzer/README
@@ -0,0 +1,23 @@
+ftfuzzer
+--------
+
+ftfuzzer.cc contains a target function for FreeType fuzzing.
+It can be used with libFuzzer (http://llvm.org/docs/LibFuzzer.html)
+or potentially any other similar fuzzer.
+
+Usage:
+  1. Build libfreetype.a and ftfuzzer.cc using the most recent clang compiler
+     with these flags:
+     -fsanitize-coverage=edge,8bit-counters # for fuzzer coverage feedback
+     -fsanitize=address,signed-integer-overflow,shift  # for bug checking
+  2. Link with libFuzzer (it contains main()).
+  3. Run the fuzzer on some test corpus.
+
+The exact flags and commands may vary.
+There is a continuous fuzzing bot that runs ftfuzzer:
+https://github.com/google/libfuzzer-bot/tree/master/freetype.
+Check the bot confituration for the most current settings.
+
+runinput.cc contains a convenience main() function to run the target function
+on a set of input files. Link it with ftfuzzer.cc and libfreetype.a
+and run like "./a.out my_tests_inputs/*"