[llvm] r267770 - [libFuzzer] disable leak detection if we have tried it for 1000 times w/o finding a leak
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Wed Apr 27 12:52:34 PDT 2016
Author: kcc
Date: Wed Apr 27 14:52:34 2016
New Revision: 267770
URL: http://llvm.org/viewvc/llvm-project?rev=267770&view=rev
Log:
[libFuzzer] disable leak detection if we have tried it for 1000 times w/o finding a leak
Added:
llvm/trunk/lib/Fuzzer/test/AccumulateAllocationsTest.cpp
Modified:
llvm/trunk/lib/Fuzzer/FuzzerInternal.h
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=267770&r1=267769&r2=267770&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Wed Apr 27 14:52:34 2016
@@ -401,6 +401,7 @@ private:
size_t NumberOfNewUnitsAdded = 0;
bool HasMoreMallocsThanFrees = false;
+ size_t NumberOfLeakDetectionAttempts = 0;
std::vector<Unit> Corpus;
std::unordered_set<std::string> UnitHashesAddedToCorpus;
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=267770&r1=267769&r2=267770&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Wed Apr 27 14:52:34 2016
@@ -557,6 +557,15 @@ void Fuzzer::TryDetectingAMemoryLeak(uin
RunOneAndUpdateCorpus(Data, Size);
__lsan_enable();
if (!HasMoreMallocsThanFrees) return; // a leak is unlikely.
+ if (NumberOfLeakDetectionAttempts++ > 1000) {
+ Options.DetectLeaks = false;
+ Printf("INFO: libFuzzer disabled leak detection after every mutation.\n"
+ " Most likely the target function accumulates allocated\n"
+ " memory in a global state w/o actually leaking it.\n"
+ " If LeakSanitizer is enabled in this process it will still\n"
+ " run on the process shutdown.\n");
+ return;
+ }
// Now perform the actual lsan pass. This is expensive and we must ensure
// we don't call it too often.
if (__lsan_do_recoverable_leak_check()) { // Leak is found, report it.
Added: llvm/trunk/lib/Fuzzer/test/AccumulateAllocationsTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/AccumulateAllocationsTest.cpp?rev=267770&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/AccumulateAllocationsTest.cpp (added)
+++ llvm/trunk/lib/Fuzzer/test/AccumulateAllocationsTest.cpp Wed Apr 27 14:52:34 2016
@@ -0,0 +1,17 @@
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+
+// Test with a more mallocs than frees, but no leak.
+#include <cstdint>
+#include <cstddef>
+
+const int kAllocatedPointersSize = 10000;
+int NumAllocatedPointers = 0;
+int *AllocatedPointers[kAllocatedPointersSize];
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+ if (NumAllocatedPointers < kAllocatedPointersSize)
+ AllocatedPointers[NumAllocatedPointers++] = new int;
+ return 0;
+}
+
Modified: llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/CMakeLists.txt?rev=267770&r1=267769&r2=267770&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/CMakeLists.txt (original)
+++ llvm/trunk/lib/Fuzzer/test/CMakeLists.txt Wed Apr 27 14:52:34 2016
@@ -13,6 +13,7 @@ set(DFSanTests
)
set(Tests
+ AccumulateAllocationsTest
BufferOverflowOnInput
CallerCalleeTest
CounterTest
More information about the llvm-commits
mailing list