[llvm] r249807 - [libFuzzer] add -artifact_prefix flag
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Thu Oct 8 20:58:00 PDT 2015
Author: kcc
Date: Thu Oct 8 22:57:59 2015
New Revision: 249807
URL: http://llvm.org/viewvc/llvm-project?rev=249807&view=rev
Log:
[libFuzzer] add -artifact_prefix flag
Modified:
llvm/trunk/docs/LibFuzzer.rst
llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
llvm/trunk/lib/Fuzzer/FuzzerFlags.def
llvm/trunk/lib/Fuzzer/FuzzerInternal.h
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
llvm/trunk/lib/Fuzzer/test/fuzzer.test
Modified: llvm/trunk/docs/LibFuzzer.rst
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/docs/LibFuzzer.rst?rev=249807&r1=249806&r2=249807&view=diff
==============================================================================
--- llvm/trunk/docs/LibFuzzer.rst (original)
+++ llvm/trunk/docs/LibFuzzer.rst Thu Oct 8 22:57:59 2015
@@ -71,7 +71,7 @@ The most important flags are::
use_traces 0 Experimental: use instruction traces
only_ascii 0 If 1, generate only ASCII (isprint+isspace) inputs.
test_single_input "" Use specified file content as test input. Test will be run only once. Useful for debugging a particular case.
-
+ artifact_prefix "" Write fuzzing artifacts (crash, timeout, or slow inputs) as $(artifact_prefix)file
For the full list of flags run the fuzzer binary with ``-help=1``.
Modified: llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp?rev=249807&r1=249806&r2=249807&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp Thu Oct 8 22:57:59 2015
@@ -270,6 +270,8 @@ int FuzzerDriver(const std::vector<std::
Options.SyncCommand = Flags.sync_command;
Options.SyncTimeout = Flags.sync_timeout;
Options.ReportSlowUnits = Flags.report_slow_units;
+ if (Flags.artifact_prefix)
+ Options.ArtifactPrefix = Flags.artifact_prefix;
if (Flags.dict)
if (!ParseDictionaryFile(FileToString(Flags.dict), &Options.Dictionary))
return 1;
Modified: llvm/trunk/lib/Fuzzer/FuzzerFlags.def
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerFlags.def?rev=249807&r1=249806&r2=249807&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerFlags.def (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerFlags.def Thu Oct 8 22:57:59 2015
@@ -65,3 +65,6 @@ FUZZER_FLAG_INT(tbm_depth, 5, "Apply at
FUZZER_FLAG_INT(tbm_width, 5, "Apply at most this number of independent"
"trace-based-mutations (tbm)")
FUZZER_FLAG_STRING(test_single_input, "Use specified file as test input.")
+FUZZER_FLAG_STRING(artifact_prefix, "Write fuzzing artifacts (crash, "
+ "timeout, or slow inputs) as "
+ "$(artifact_prefix)file")
Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=249807&r1=249806&r2=249807&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Thu Oct 8 22:57:59 2015
@@ -90,6 +90,7 @@ class Fuzzer {
int TBMWidth = 10;
std::string OutputCorpus;
std::string SyncCommand;
+ std::string ArtifactPrefix = "./";
std::vector<std::string> Tokens;
std::vector<Unit> Dictionary;
};
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=249807&r1=249806&r2=249807&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Thu Oct 8 22:57:59 2015
@@ -236,9 +236,10 @@ void Fuzzer::WriteToOutputCorpus(const U
}
void Fuzzer::WriteUnitToFileWithPrefix(const Unit &U, const char *Prefix) {
- std::string Path = Prefix + Hash(U);
+ std::string Path = Options.ArtifactPrefix + Prefix + Hash(U);
WriteToFile(U, Path);
- Printf("Test unit written to %s\n", Path.c_str());
+ Printf("artifact_prefix='%s'; Test unit written to %s\n",
+ Options.ArtifactPrefix.c_str(), Path.c_str());
if (U.size() <= kMaxUnitSizeToPrint) {
Printf("Base64: ");
PrintFileAsBase64(Path);
Modified: llvm/trunk/lib/Fuzzer/test/fuzzer.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/fuzzer.test?rev=249807&r1=249806&r2=249807&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/fuzzer.test (original)
+++ llvm/trunk/lib/Fuzzer/test/fuzzer.test Thu Oct 8 22:57:59 2015
@@ -5,17 +5,19 @@ RUN: LLVMFuzzer-SimpleTest -test_single_
RUN: not LLVMFuzzer-InfiniteTest -timeout=2 2>&1 | FileCheck %s --check-prefix=InfiniteTest
InfiniteTest: ALARM: working on the last Unit for
-InfiniteTest: Test unit written to timeout-
+InfiniteTest: Test unit written to ./timeout-
RUN: LLVMFuzzer-SimpleCmpTest -max_total_time=1 2>&1 | FileCheck %s --check-prefix=MaxTotalTime
MaxTotalTime: Done {{.*}} runs in {{.}} second(s)
RUN: not LLVMFuzzer-TimeoutTest -timeout=5 2>&1 | FileCheck %s --check-prefix=TimeoutTest
TimeoutTest: ALARM: working on the last Unit for
-TimeoutTest: Test unit written to timeout-
+TimeoutTest: Test unit written to ./timeout-
RUN: not LLVMFuzzer-NullDerefTest 2>&1 | FileCheck %s --check-prefix=NullDerefTest
-NullDerefTest: Test unit written to crash-
+NullDerefTest: Test unit written to ./crash-
+RUN: not LLVMFuzzer-NullDerefTest -artifact_prefix=ZZZ 2>&1 | FileCheck %s --check-prefix=NullDerefTestPrefix
+NullDerefTestPrefix: Test unit written to ZZZcrash-
#not LLVMFuzzer-FullCoverageSetTest -timeout=15 -seed=1 -mutate_depth=2 -use_full_coverage_set=1 2>&1 | FileCheck %s
More information about the llvm-commits
mailing list