[llvm] r251069 - [libFuzzer] remove the deprecated 'tokens' feature
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Fri Oct 23 14:10:39 PDT 2015
On Fri, Oct 23, 2015 at 1:59 PM, Sean Silva <chisophugis at gmail.com> wrote:
> Sorry I haven't been keeping up to date. The replacement for this feature
> is to use a user-supplied mutator?
> http://llvm.org/docs/LibFuzzer.html#user-supplied-mutators
>
No, AFL-style dictionaries:
http://llvm.org/docs/LibFuzzer.html#dictionaries
>
> On Thu, Oct 22, 2015 at 2:48 PM, Kostya Serebryany via llvm-commits <
> llvm-commits at lists.llvm.org> wrote:
>
>> Author: kcc
>> Date: Thu Oct 22 16:48:09 2015
>> New Revision: 251069
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=251069&view=rev
>> Log:
>> [libFuzzer] remove the deprecated 'tokens' feature
>>
>> Removed:
>> llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp
>> Modified:
>> llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
>> llvm/trunk/lib/Fuzzer/FuzzerFlags.def
>> llvm/trunk/lib/Fuzzer/FuzzerInternal.h
>> llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
>> llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
>> llvm/trunk/lib/Fuzzer/test/fuzzer.test
>>
>> Modified: llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp?rev=251069&r1=251068&r2=251069&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp (original)
>> +++ llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp Thu Oct 22 16:48:09 2015
>> @@ -182,26 +182,6 @@ static int RunInMultipleProcesses(const
>> return HasErrors ? 1 : 0;
>> }
>>
>> -std::vector<std::string> ReadTokensFile(const char *TokensFilePath) {
>> - if (!TokensFilePath) return {};
>> - std::string TokensFileContents = FileToString(TokensFilePath);
>> - std::istringstream ISS(TokensFileContents);
>> - std::vector<std::string> Res =
>> {std::istream_iterator<std::string>{ISS},
>> - std::istream_iterator<std::string>{}};
>> - Res.push_back(" ");
>> - Res.push_back("\t");
>> - Res.push_back("\n");
>> - return Res;
>> -}
>> -
>> -int ApplyTokens(const Fuzzer &F, const char *InputFilePath) {
>> - Unit U = FileToVector(InputFilePath);
>> - auto T = F.SubstituteTokens(U);
>> - T.push_back(0);
>> - Printf("%s", T.data());
>> - return 0;
>> -}
>> -
>> int RunOneTest(Fuzzer *F, const char *InputFilePath) {
>> Unit U = FileToVector(InputFilePath);
>> F->ExecuteCallback(U);
>> @@ -258,7 +238,6 @@ int FuzzerDriver(const std::vector<std::
>> Options.ShuffleAtStartUp = Flags.shuffle;
>> Options.PreferSmallDuringInitialShuffle =
>> Flags.prefer_small_during_initial_shuffle;
>> - Options.Tokens = ReadTokensFile(Flags.deprecated_tokens);
>> Options.Reload = Flags.reload;
>> Options.OnlyASCII = Flags.only_ascii;
>> Options.TBMDepth = Flags.tbm_depth;
>> @@ -282,9 +261,6 @@ int FuzzerDriver(const std::vector<std::
>>
>> Fuzzer F(USF, Options);
>>
>> - if (Flags.apply_tokens)
>> - return ApplyTokens(F, Flags.apply_tokens);
>> -
>> // Timer
>> if (Flags.timeout > 0)
>> SetTimer(Flags.timeout / 2 + 1);
>> @@ -300,13 +276,6 @@ int FuzzerDriver(const std::vector<std::
>> Printf("Seed: %u\n", Seed);
>> USF.GetRand().ResetSeed(Seed);
>>
>> - if (Flags.verbosity >= 2) {
>> - Printf("Tokens: {");
>> - for (auto &T : Options.Tokens)
>> - Printf("%s,", T.c_str());
>> - Printf("}\n");
>> - }
>> -
>> F.RereadOutputCorpus();
>> for (auto &inp : *Inputs)
>> if (inp != Options.OutputCorpus)
>>
>> Modified: llvm/trunk/lib/Fuzzer/FuzzerFlags.def
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerFlags.def?rev=251069&r1=251068&r2=251069&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/FuzzerFlags.def (original)
>> +++ llvm/trunk/lib/Fuzzer/FuzzerFlags.def Thu Oct 22 16:48:09 2015
>> @@ -47,11 +47,6 @@ FUZZER_FLAG_INT(workers, 0,
>> FUZZER_FLAG_INT(reload, 1,
>> "Reload the main corpus periodically to get new units"
>> " discovered by other processes.")
>> -FUZZER_FLAG_STRING(deprecated_tokens,
>> - "Use the file with tokens (one token per line) to"
>> - " fuzz a token based input language.")
>> -FUZZER_FLAG_STRING(apply_tokens, "Read the given input file, substitute
>> bytes "
>> - " with tokens and write the result to
>> stdout.")
>> FUZZER_FLAG_STRING(sync_command, "Execute an external command "
>> "\"<sync_command> <test_corpus>\" "
>> "to synchronize the test corpus.")
>>
>> Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=251069&r1=251068&r2=251069&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
>> +++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Thu Oct 22 16:48:09 2015
>> @@ -93,7 +93,6 @@ class Fuzzer {
>> std::string OutputCorpus;
>> std::string SyncCommand;
>> std::string ArtifactPrefix = "./";
>> - std::vector<std::string> Tokens;
>> std::vector<Unit> Dictionary;
>> bool SaveArtifacts = true;
>> };
>> @@ -119,7 +118,6 @@ class Fuzzer {
>>
>> static void StaticAlarmCallback();
>>
>> - Unit SubstituteTokens(const Unit &U) const;
>> void ExecuteCallback(const Unit &U);
>>
>> private:
>> @@ -133,7 +131,7 @@ class Fuzzer {
>> void WriteToOutputCorpus(const Unit &U);
>> void WriteUnitToFileWithPrefix(const Unit &U, const char *Prefix);
>> void PrintStats(const char *Where, size_t Cov, const char *End = "\n");
>> - void PrintUnitInASCIIOrTokens(const Unit &U, const char *PrintAfter =
>> "");
>> + void PrintUnitInASCII(const Unit &U, const char *PrintAfter = "");
>>
>> void SyncCorpus();
>>
>>
>> Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=251069&r1=251068&r2=251069&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
>> +++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Thu Oct 22 16:48:09 2015
>> @@ -35,14 +35,8 @@ void Fuzzer::SetDeathCallback() {
>> __sanitizer_set_death_callback(StaticDeathCallback);
>> }
>>
>> -void Fuzzer::PrintUnitInASCIIOrTokens(const Unit &U, const char
>> *PrintAfter) {
>> - if (Options.Tokens.empty()) {
>> - PrintASCII(U, PrintAfter);
>> - } else {
>> - auto T = SubstituteTokens(U);
>> - T.push_back(0);
>> - Printf("%s%s", T.data(), PrintAfter);
>> - }
>> +void Fuzzer::PrintUnitInASCII(const Unit &U, const char *PrintAfter) {
>> + PrintASCII(U, PrintAfter);
>> }
>>
>> void Fuzzer::StaticDeathCallback() {
>> @@ -54,7 +48,7 @@ void Fuzzer::DeathCallback() {
>> Printf("DEATH:\n");
>> if (CurrentUnit.size() <= kMaxUnitSizeToPrint) {
>> Print(CurrentUnit, "\n");
>> - PrintUnitInASCIIOrTokens(CurrentUnit, "\n");
>> + PrintUnitInASCII(CurrentUnit, "\n");
>> }
>> WriteUnitToFileWithPrefix(CurrentUnit, "crash-");
>> }
>> @@ -77,7 +71,7 @@ void Fuzzer::AlarmCallback() {
>> Options.UnitTimeoutSec);
>> if (CurrentUnit.size() <= kMaxUnitSizeToPrint) {
>> Print(CurrentUnit, "\n");
>> - PrintUnitInASCIIOrTokens(CurrentUnit, "\n");
>> + PrintUnitInASCII(CurrentUnit, "\n");
>> }
>> WriteUnitToFileWithPrefix(CurrentUnit, "timeout-");
>> Printf("==%d== ERROR: libFuzzer: timeout after %d seconds\n",
>> GetPid(),
>> @@ -191,28 +185,9 @@ void Fuzzer::RunOneAndUpdateCorpus(Unit
>> ReportNewCoverage(RunOne(U), U);
>> }
>>
>> -Unit Fuzzer::SubstituteTokens(const Unit &U) const {
>> - Unit Res;
>> - for (auto Idx : U) {
>> - if (Idx < Options.Tokens.size()) {
>> - std::string Token = Options.Tokens[Idx];
>> - Res.insert(Res.end(), Token.begin(), Token.end());
>> - } else {
>> - Res.push_back(' ');
>> - }
>> - }
>> - // FIXME: Apply DFSan labels.
>> - return Res;
>> -}
>> -
>> void Fuzzer::ExecuteCallback(const Unit &U) {
>> - int Res = 0;
>> - if (Options.Tokens.empty()) {
>> - Res = USF.TargetFunction(U.data(), U.size());
>> - } else {
>> - auto T = SubstituteTokens(U);
>> - Res = USF.TargetFunction(T.data(), T.size());
>> - }
>> + int Res = USF.TargetFunction(U.data(), U.size());
>> + (void)Res;
>> assert(Res == 0);
>> }
>>
>> @@ -278,7 +253,7 @@ void Fuzzer::ReportNewCoverage(size_t Ne
>> Printf(" L: %zd", U.size());
>> if (U.size() < 30) {
>> Printf(" ");
>> - PrintUnitInASCIIOrTokens(U, "\t");
>> + PrintUnitInASCII(U, "\t");
>> Print(U);
>> }
>> Printf("\n");
>>
>> Modified: llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/CMakeLists.txt?rev=251069&r1=251068&r2=251069&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/test/CMakeLists.txt (original)
>> +++ llvm/trunk/lib/Fuzzer/test/CMakeLists.txt Thu Oct 22 16:48:09 2015
>> @@ -14,7 +14,6 @@ set(DFSanTests
>>
>> set(Tests
>> CounterTest
>> - CxxTokensTest
>> FourIndependentBranchesTest
>> FullCoverageSetTest
>> InfiniteTest
>>
>> Removed: llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp?rev=251068&view=auto
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp (original)
>> +++ llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp (removed)
>> @@ -1,25 +0,0 @@
>> -// Simple test for a fuzzer. The fuzzer must find a sequence of C++
>> tokens.
>> -#include <cstdint>
>> -#include <cstdlib>
>> -#include <cstddef>
>> -#include <cstring>
>> -#include <iostream>
>> -
>> -static void Found() {
>> - std::cout << "BINGO; Found the target, exiting\n";
>> - exit(1);
>> -}
>> -
>> -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
>> - // looking for "thread_local unsigned A;"
>> - if (Size < 24) return 0;
>> - if (0 == memcmp(&Data[0], "thread_local", 12))
>> - if (Data[12] == ' ')
>> - if (0 == memcmp(&Data[13], "unsigned", 8))
>> - if (Data[21] == ' ')
>> - if (Data[22] == 'A')
>> - if (Data[23] == ';')
>> - Found();
>> - return 0;
>> -}
>> -
>>
>> Modified: llvm/trunk/lib/Fuzzer/test/fuzzer.test
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/fuzzer.test?rev=251069&r1=251068&r2=251069&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/test/fuzzer.test (original)
>> +++ llvm/trunk/lib/Fuzzer/test/fuzzer.test Thu Oct 22 16:48:09 2015
>> @@ -37,8 +37,6 @@ RUN: not LLVMFuzzer-CounterTest -use_cou
>>
>> RUN: not LLVMFuzzer-SimpleCmpTest -use_traces=1 -seed=1 -runs=1000000
>> -timeout=5 2>&1 | FileCheck %s
>>
>> -RUN: not LLVMFuzzer-CxxTokensTest -seed=1 -timeout=15
>> -deprecated_tokens=%S/../cxx_fuzzer_tokens.txt 2>&1 | FileCheck %s
>> -
>> RUN: not LLVMFuzzer-UserSuppliedFuzzerTest -seed=1 -timeout=15 2>&1 |
>> FileCheck %s
>>
>> RUN: not LLVMFuzzer-MemcmpTest -use_traces=1 -seed=1 -runs=100000 2>&1
>> | FileCheck %s
>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20151023/d37af50f/attachment.html>
More information about the llvm-commits
mailing list