[llvm] r272706 - Enable libFuzzer's afl_driver to append stderr to a file.

Vitaly Buka via llvm-commits llvm-commits at lists.llvm.org
Tue Jun 14 13:42:06 PDT 2016 

Author: vitalybuka
Date: Tue Jun 14 15:42:05 2016
New Revision: 272706

URL: http://llvm.org/viewvc/llvm-project?rev=272706&view=rev
Log:
Enable libFuzzer's afl_driver to append stderr to a file.

Summary:
[libFuzzer] Enable afl_driver to append stderr to a user specified file.

Append stderr of afl_driver to the file specified by the environmental variable
AFL_DRIVER_STDERR_DUPLICATE_FILENAME if it is set. This lets users see outputs
on crashes without rerunning crashing test cases (which won't work for crashes
that are difficult to reproduce). Before this patch, stderr would only be sent to afl-fuzz
and users would have no way of seeing it.

Reviewers: llvm-commits, aizatsky, kcc, vitalybuka

Subscribers: vitalybuka

Differential Revision: http://reviews.llvm.org/D21194

Added:
    llvm/trunk/lib/Fuzzer/test/AFLDriverTest.cpp
    llvm/trunk/lib/Fuzzer/test/afl-driver.test
Modified:
    llvm/trunk/lib/Fuzzer/afl/afl_driver.cpp
    llvm/trunk/lib/Fuzzer/test/CMakeLists.txt

Modified: llvm/trunk/lib/Fuzzer/afl/afl_driver.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/afl/afl_driver.cpp?rev=272706&r1=272705&r2=272706&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/afl/afl_driver.cpp (original)
+++ llvm/trunk/lib/Fuzzer/afl/afl_driver.cpp Tue Jun 14 15:42:05 2016
@@ -60,6 +60,25 @@ static volatile char suppress_warning1 =
 static const size_t kMaxAflInputSize = 1 << 20;
 static uint8_t AflInputBuf[kMaxAflInputSize];
 
+// If the user asks us to duplicate stderr, then do it.
+static void maybe_duplicate_stderr() {
+  char* stderr_duplicate_filename =
+      getenv("AFL_DRIVER_STDERR_DUPLICATE_FILENAME");
+
+  if (!stderr_duplicate_filename)
+    return;
+
+  FILE* stderr_duplicate_stream =
+      freopen(stderr_duplicate_filename, "a+", stderr);
+
+  if (!stderr_duplicate_stream) {
+    fprintf(stderr,
+            "Failed to duplicate stderr to AFL_DRIVER_STDERR_DUPLICATE_FILENAME"
+            );
+    abort();
+  }
+}
+
 int main(int argc, char **argv) {
   fprintf(stderr, "Running in AFl-fuzz mode\nUsage:\n"
                   "afl-fuzz [afl-flags] %s [N] "
@@ -70,6 +89,8 @@ int main(int argc, char **argv) {
     LLVMFuzzerInitialize(&argc, &argv);
   // Do any other expensive one-time initialization here.
 
+  maybe_duplicate_stderr();
+
   __afl_manual_init();
 
   int N = 1000;

Added: llvm/trunk/lib/Fuzzer/test/AFLDriverTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/AFLDriverTest.cpp?rev=272706&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/AFLDriverTest.cpp (added)
+++ llvm/trunk/lib/Fuzzer/test/AFLDriverTest.cpp Tue Jun 14 15:42:05 2016
@@ -0,0 +1,12 @@
+#include <stdint.h>
+#include <stdlib.h>
+
+extern "C" void __afl_manual_init() {}
+
+extern "C" int __afl_persistent_loop(unsigned int) {
+  return 0;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  return 0;
+}

Modified: llvm/trunk/lib/Fuzzer/test/CMakeLists.txt
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/CMakeLists.txt?rev=272706&r1=272705&r2=272706&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/CMakeLists.txt (original)
+++ llvm/trunk/lib/Fuzzer/test/CMakeLists.txt Tue Jun 14 15:42:05 2016
@@ -110,6 +110,19 @@ foreach(Test ${Tests})
 endforeach()
 
 ###############################################################################
+# AFL Driver test
+###############################################################################
+
+add_executable(AFLDriverTest
+  AFLDriverTest.cpp ../afl/afl_driver.cpp)
+
+set_target_properties(AFLDriverTest
+    PROPERTIES RUNTIME_OUTPUT_DIRECTORY
+    "${CMAKE_BINARY_DIR}/lib/Fuzzer/test"
+    )
+set(TestBinaries ${TestBinaries} AFLDriverTest)
+
+###############################################################################
 # Unit tests
 ###############################################################################
 

Added: llvm/trunk/lib/Fuzzer/test/afl-driver.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/afl-driver.test?rev=272706&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/afl-driver.test (added)
+++ llvm/trunk/lib/Fuzzer/test/afl-driver.test Tue Jun 14 15:42:05 2016
@@ -0,0 +1,10 @@
+; Test that not specifying a file isn't broken.
+RUN: unset AFL_DRIVER_STDERR_DUPLICATE_FILENAME
+RUN: AFLDriverTest
+
+; Test that specifying an invalid file causes a crash.
+RUN: AFL_DRIVER_STDERR_DUPLICATE_FILENAME="%T" not --crash AFLDriverTest
+
+; Test that a file is created when specified as the duplicate stderr.
+RUN: AFL_DRIVER_STDERR_DUPLICATE_FILENAME=%t AFLDriverTest
+RUN: stat %t

More information about the llvm-commits mailing list