[llvm] r272240 - [libFuzzer] add one more OOM test, which we currently don't handle very well

Kostya Serebryany via llvm-commits llvm-commits at lists.llvm.org
Thu Jun 9 09:59:16 PDT 2016 

Good catch!
Here the fact that this is a global and we are using -O0 for the tests is
enough

On Thu, Jun 9, 2016 at 1:07 AM, Sean Silva <chisophugis at gmail.com> wrote:

>
>
> On Wed, Jun 8, 2016 at 6:20 PM, Kostya Serebryany via llvm-commits <
> llvm-commits at lists.llvm.org> wrote:
>
>> Author: kcc
>> Date: Wed Jun  8 20:20:35 2016
>> New Revision: 272240
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=272240&view=rev
>> Log:
>> [libFuzzer] add one more OOM test, which we currently don't handle very
>> well
>>
>> Added:
>>     llvm/trunk/lib/Fuzzer/test/OneHugeAllocTest.cpp
>> Modified:
>>     llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
>>
>> Modified: llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/CMakeLists.txt?rev=272240&r1=272239&r2=272240&view=diff
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/test/CMakeLists.txt (original)
>> +++ llvm/trunk/lib/Fuzzer/test/CMakeLists.txt Wed Jun  8 20:20:35 2016
>> @@ -78,6 +78,7 @@ set(Tests
>>    NullDerefTest
>>    NullDerefOnEmptyTest
>>    NthRunCrashTest
>> +  OneHugeAllocTest
>>    OutOfMemoryTest
>>    RepeatedMemcmp
>>    SimpleCmpTest
>>
>> Added: llvm/trunk/lib/Fuzzer/test/OneHugeAllocTest.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/OneHugeAllocTest.cpp?rev=272240&view=auto
>>
>> ==============================================================================
>> --- llvm/trunk/lib/Fuzzer/test/OneHugeAllocTest.cpp (added)
>> +++ llvm/trunk/lib/Fuzzer/test/OneHugeAllocTest.cpp Wed Jun  8 20:20:35
>> 2016
>> @@ -0,0 +1,29 @@
>> +// This file is distributed under the University of Illinois Open Source
>> +// License. See LICENSE.TXT for details.
>> +
>> +// Tests OOM handling when there is a single large allocation.
>> +#include <assert.h>
>> +#include <cstdint>
>> +#include <cstdlib>
>> +#include <cstddef>
>> +#include <cstring>
>> +#include <iostream>
>> +#include <unistd.h>
>> +
>> +static volatile char *SinkPtr;
>>
>
> Do you mean `static char *volatile SinkPtr`? Otherwise the store to
> SinkPtr is not volatile so it is not really acting like a sink.
>
> -- Sean Silva
>
>
>> +
>> +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
>> +  if (Size > 0 && Data[0] == 'H') {
>> +    if (Size > 1 && Data[1] == 'i') {
>> +      if (Size > 2 && Data[2] == '!') {
>> +        size_t kSize = (size_t)1 << 31;
>> +        char *p = new char[kSize];
>> +        memset(p, 0, kSize);
>> +        SinkPtr = p;
>> +        delete [] p;
>> +      }
>> +    }
>> +  }
>> +  return 0;
>> +}
>> +
>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160609/38030181/attachment-0001.html>

More information about the llvm-commits mailing list