<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Thanks! I will keep an eye on the bot and verify it after the bot catches up with the commit.<div class=""><br class=""></div><div class="">Steven<br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Oct 25, 2017, at 4:25 PM, Kostya Serebryany <<a href="mailto:kcc@google.com" class="">kcc@google.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">r316627 bumps the number of runs, let's see if it helps. </div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Wed, Oct 25, 2017 at 4:20 PM, Steven Wu <span dir="ltr" class=""><<a href="mailto:stevenwu@apple.com" target="_blank" class="">stevenwu@apple.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space" class="">I tried -purge_allocator_<wbr class="">interval=-1 already and it doesn't really have visible effects. It still takes about 800000 iterations. But reverting the commit will dramatically reduce the number.<div class=""><br class=""></div><div class="">I couldn't reproduce any of the above behavior on a macOS 10.13 machine but the bot is running 10.11 and I don't think it is going to be upgraded soon.</div><div class=""><br class=""></div><div class="">Here is 100 runs with random seed on the node:</div><div class="">27678, 86464, 292063, 223933, 270628, 369673, 69198, 104383, 360948, 493949, 201033, 69598, 38278, 369223, 1447353, 141653, 287133, 102902, 42483, 232098, 322363, 221209, 1351098, 334748, 133003, 154933, 283288, 53163, 142843, 684879, 231868, 129793, 65793, 289628, 661468, 39453, 1060768, 56888, 597893, 420758, 83254, 423834, 254628, 259539, 353788, 311658, 223364, 902998, 264956, 187758, 342088, 225504, 104525, 258820, 428398, 15638, 872103, 383763, 34288, 744653, 603998, 67733, 283263, 127868, 29828, 250905, 752238, 66483, 756183, 180353, 269019, 222198, 26859, 1542408, 77888, 300393, 370358, 382433, 173995, 186238, 218598, 215368, 166723, 427288, 147498, 255508, 215403, 181738, 524928, 74126, 48463, 278483, 533148, 27683, 200058, 127196, 405728, 203908, 487173, 104873</div><div class=""><br class=""></div><div class="">Let me know what else I can help.</div><span class="HOEnZb"><font color="#888888" class=""><div class=""><br class=""></div><div class="">Steven</div></font></span><div class=""><div class="h5"><div class=""><br class=""><div class=""><br class=""><blockquote type="cite" class=""><div class="">On Oct 25, 2017, at 4:00 PM, Kostya Serebryany <<a href="mailto:kcc@google.com" target="_blank" class="">kcc@google.com</a>> wrote:</div><br class="m_-7967190534120840566Apple-interchange-newline"><div class=""><br class="m_-7967190534120840566Apple-interchange-newline"><br style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px" class=""><div class="gmail_quote" style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">On Wed, Oct 25, 2017 at 3:11 PM, Steven Wu via llvm-commits<span class="m_-7967190534120840566Apple-converted-space"> </span><span dir="ltr" class=""><<a href="mailto:llvm-commits@lists.llvm.org" target="_blank" class="">llvm-commits@<wbr class="">lists.llvm.org</a>></span><span class="m_-7967190534120840566Apple-converted-space"> </span>wrote:<br class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class="">Hi Alex<div class=""><br class=""></div><div class="">This commit seems to break the greendragon libFuzzer bots in a weird way. </div><div class=""><a href="http://green.lab.llvm.org/green/job/libFuzzer/8140/" target="_blank" class="">http://green.lab.llvm.org/gree<wbr class="">n/job/libFuzzer/8140/</a></div><div class=""><br class=""></div><div class="">Personally, I have to rollback to macOS 10.11 to reproduce the issue. After your commit, it takes much more runs to trigger the exit on fuzzer-customcrossover.test<wbr class="">. I am not an expert in fuzzer so I don't understand how this commit actually trigger the issue.</div><div class=""><br class=""></div><div class="">Before this commit:</div><div class=""></div><blockquote type="cite" class=""><div class="">$ fuzzer-customcrossover.test.<wbr class="">tmp-CustomCrossOverTest -seed=1 -runs=100000</div></blockquote></div></blockquote><div class=""><br class=""></div><div class="">Weird. </div><div class="">On linux this test finishes much sooner regardless the seed. </div><div class="">Can you run 1000 times without -seed=1 (i.e. with a random seed) and tell us the iteration numbers? </div><div class=""><br class=""></div><div class=""> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word" class=""><blockquote type="cite" class=""><div class="">...</div><div class=""><div class="">#80269<span class="m_-7967190534120840566gmail-m_5950299218738954550Apple-tab-span" style="white-space:pre-wrap">       </span>REDUCE cov: 38 ft: 64 corp: 17/10063b exec/s: 26756 rss: 306Mb L: 961/4035 MS: 2 ChangeBinInt-EraseBytes-</div><div class="">#97458<span class="m_-7967190534120840566gmail-m_5950299218738954550Apple-tab-span" style="white-space:pre-wrap">     </span>NEW    cov: 39 ft: 65 corp: 18/10064b exec/s: 32486 rss: 361Mb L: 1/4035 MS: 1 ChangeByte-</div><div class="">BINGO; Found the target, exiting</div><div class="">==71874== ERROR: libFuzzer: fuzz target exited</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#0 0x1094e8ee0 in __sanitizer_print_stack_trace<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://asan_stack.cc:38/" target="_blank" class=""><wbr class="">asan_stack.cc:38</a></div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#1 0x1081f3c3b in fuzzer::Fuzzer::StaticExitCall<wbr class="">back() FuzzerLoop.cpp:214</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#2 0x7fff960c7450 in __cxa_finalize_ranges (libsystem_c.dylib:x86_64+0x5f<wbr class="">450)</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#3 0x7fff960c7766 in exit (libsystem_c.dylib:x86_64+0x5f<wbr class="">766)</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#4 0x1081e3b2b in LLVMFuzzerTestOneInput CustomCrossOverTest.cpp:34</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#5 0x1081f4def in fuzzer::Fuzzer::ExecuteCallbac<wbr class="">k(unsigned char const*, unsigned long) FuzzerLoop.cpp:471</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#6 0x1081f479b in fuzzer::Fuzzer::RunOne(unsigne<wbr class="">d char const*, unsigned long, bool, fuzzer::InputInfo*) FuzzerLoop.cpp:399</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#7 0x1081f6641 in fuzzer::Fuzzer::MutateAndTestO<wbr class="">ne() FuzzerLoop.cpp:602</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#8 0x1081f7277 in fuzzer::Fuzzer::Loop(std::__1:<wbr class="">:vector<std::__1::basic_string<wbr class=""><char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::<wbr class="">__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) FuzzerLoop.cpp:710</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#9 0x1081eeece in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) FuzzerDriver.cpp:738</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#10 0x108214cd2 in main FuzzerMain.cpp:20</div><div class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#11 0x7fff8c78d5ac in start (libdyld.dylib:x86_64+0x35ac)</div><div class=""><br class=""></div><div class="">SUMMARY: libFuzzer: fuzz target exited</div></div></blockquote><div class=""><div class=""><br class=""></div><div class="">After the commit, I have to use -run=1000000 to trigger:</div><div class=""></div><blockquote type="cite" class=""><div class="">$ fuzzer-customcrossover.test.<wbr class="">tmp-CustomCrossOverTest -seed=1 -runs=1000000</div><div class="">...</div><div class="">#819960<span class="m_-7967190534120840566gmail-m_5950299218738954550Apple-tab-span" style="white-space:pre-wrap">     </span>REDUCE cov: 38 ft: 64 corp: 17/10063b exec/s: 35650 rss: 407Mb L: 4035/4035 MS: 3 EraseBytes-CopyPart-CopyPart-<br class="">#837409<span class="m_-7967190534120840566gmail-m_5950299218738954550Apple-tab-span" style="white-space:pre-wrap">   </span>NEW    cov: 39 ft: 65 corp: 18/10064b exec/s: 34892 rss: 407Mb L: 1/4035 MS: 2 ChangeBit-ChangeBit-<br class="">BINGO; Found the target, exiting<br class="">==72288== ERROR: libFuzzer: fuzz target exited<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#0 0x1025d6ee0 in __sanitizer_print_stack_trace<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://asan_stack.cc:38/" target="_blank" class=""><wbr class="">asan_stack.cc:38</a><br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#1 0x1012dea2b in fuzzer::Fuzzer::StaticExitCall<wbr class="">back() FuzzerLoop.cpp:214<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#2 0x7fff960c7450 in __cxa_finalize_ranges (libsystem_c.dylib:x86_64+0x5f<wbr class="">450)<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#3 0x7fff960c7766 in exit (libsystem_c.dylib:x86_64+0x5f<wbr class="">766)<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#4 0x1012ce8cb in LLVMFuzzerTestOneInput CustomCrossOverTest.cpp:34<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#5 0x1012dfbdf in fuzzer::Fuzzer::ExecuteCallbac<wbr class="">k(unsigned char const*, unsigned long) FuzzerLoop.cpp:471<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#6 0x1012df58b in fuzzer::Fuzzer::RunOne(unsigne<wbr class="">d char const*, unsigned long, bool, fuzzer::InputInfo*) FuzzerLoop.cpp:399<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#7 0x1012e1431 in fuzzer::Fuzzer::MutateAndTestO<wbr class="">ne() FuzzerLoop.cpp:602<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#8 0x1012e2225 in fuzzer::Fuzzer::Loop(std::__1:<wbr class="">:vector<std::__1::basic_string<wbr class=""><char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<st<wbr class="">d::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) FuzzerLoop.cpp:725<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#9 0x1012d9c8e in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) FuzzerDriver.cpp:739<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#10 0x1012ffbd2 in main FuzzerMain.cpp:20<br class="">   <span class="m_-7967190534120840566Apple-converted-space"> </span>#11 0x7fff8c78d5ac in start (libdyld.dylib:x86_64+0x35ac)<br class=""><br class="">SUMMARY: libFuzzer: fuzz target exited</div></blockquote><div class=""><br class=""></div><div class="">The easiest fix might be to update the test to run a bit longer but I am not sure if that is the right fix without understanding what is the underlying reason:</div><div class=""><div class="">diff --git a/test/fuzzer/fuzzer-customcro<wbr class="">ssover.test b/test/fuzzer/fuzzer-customcro<wbr class="">ssover.test</div><div class="">index c32079f45..4b87c2cd7 100644</div><div class="">--- a/test/fuzzer/fuzzer-customcro<wbr class="">ssover.test</div><div class="">+++ b/test/fuzzer/fuzzer-customcro<wbr class="">ssover.test</div><div class="">@@ -1,6 +1,6 @@</div><div class=""> RUN: %cpp_compiler %S/CustomCrossOverTest.cpp -o %t-CustomCrossOverTest</div><div class=""><br class=""></div><div class="">-RUN: not %t-CustomCrossOverTest -seed=1 -runs=100000                2>&1 | FileCheck %s --check-prefix=CHECK_CO</div><div class="">+RUN: not %t-CustomCrossOverTest -seed=1 -runs=1000000               2>&1 | FileCheck %s --check-prefix=CHECK_CO</div><div class=""> Disable cross_over, verify that we can't find the target w/o it.</div><div class=""> RUN:     %t-CustomCrossOverTest -seed=1 -runs=1000000 -cross_over=0 2>&1 | FileCheck %s --check-prefix=CHECK_NO_CO</div></div><div class=""><br class=""></div><div class="">Thanks</div><div class=""><br class=""></div><div class="">Steven</div><div class=""><div class="m_-7967190534120840566gmail-h5"><div class=""><br class=""></div><div class=""><br class=""><blockquote type="cite" class=""><div class="">On Oct 23, 2017, at 3:04 PM, Alex Shlyapnikov via llvm-commits <<a href="mailto:llvm-commits@lists.llvm.org" target="_blank" class="">llvm-commits@lists.llvm.org</a>> wrote:</div><br class="m_-7967190534120840566gmail-m_5950299218738954550Apple-interchange-newline"><div class=""><div class="">Author: alekseyshl<br class="">Date: Mon Oct 23 15:04:30 2017<br class="">New Revision: 316382<br class=""><br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project?rev=316382&view=rev" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project?rev=316382&view=<wbr class="">rev</a><br class="">Log:<br class="">[libFuzzer] Periodically purge allocator's quarantine to prolong fuzzing sessions.<br class=""><br class="">Summary:<br class="">Fuzzing targets that allocate/deallocate a lot of memory tend to consume<br class="">a lot of RSS when ASan quarantine is enabled. Purging quarantine between<br class="">iterations and returning memory to OS keeps RSS down and should not<br class="">reduce the quarantine effectiveness provided the fuzz target does not<br class="">preserve state between iterations (in this case this feature can be turned off).<br class=""><br class="">Based on D39153.<br class=""><br class="">Reviewers: vitalybuka<br class=""><br class="">Subscribers: llvm-commits<br class=""><br class="">Differential Revision:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="https://reviews.llvm.org/D39155" target="_blank" class="">https://reviews.<wbr class="">llvm.org/D39155</a><br class=""><br class="">Modified:<br class="">   compiler-rt/trunk/lib/fuzze<wbr class="">r/FuzzerDriver.cpp<br class="">   compiler-rt/trunk/lib/fuzze<wbr class="">r/FuzzerExtFunctions.def<br class="">   compiler-rt/trunk/lib/fuzze<wbr class="">r/FuzzerFlags.def<br class="">   compiler-rt/trunk/lib/fuzze<wbr class="">r/FuzzerInternal.h<br class="">   compiler-rt/trunk/lib/fuzze<wbr class="">r/FuzzerLoop.cpp<br class="">   compiler-rt/trunk/lib/fuzze<wbr class="">r/FuzzerOptions.h<br class=""><br class="">Modified: compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerDriver.cpp<br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerDriver.cpp?rev=316382&r1=316381&r2=316382&view=diff" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project/compiler-rt/<wbr class="">trunk/lib/fuzzer/FuzzerDriver.<wbr class="">cpp?rev=316382&r1=316381&r2=<wbr class="">316382&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerDriver.cpp (original)<br class="">+++ compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerDriver.cpp Mon Oct 23 15:04:30 2017<br class="">@@ -578,6 +578,7 @@ int FuzzerDriver(int *argc, char ***argv<br class="">  Options.ReloadIntervalSec = Flags.reload;<br class="">  Options.OnlyASCII = Flags.only_ascii;<br class="">  Options.DetectLeaks = Flags.detect_leaks;<br class="">+  Options.PurgeAllocatorInterva<wbr class="">lSec = Flags.purge_allocator_interval<wbr class="">;<br class="">  Options.TraceMalloc = Flags.trace_malloc;<br class="">  Options.RssLimitMb = Flags.rss_limit_mb;<br class="">  if (Flags.runs >= 0)<br class=""><br class="">Modified: compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerExtFunctions.def<br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerExtFunctions.def?rev=316382&r1=316381&r2=316382&view=diff" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project/compiler-rt/<wbr class="">trunk/lib/fuzzer/<wbr class="">FuzzerExtFunctions.def?rev=<wbr class="">316382&r1=316381&r2=316382&<wbr class="">view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerExtFunctions.def (original)<br class="">+++ compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerExtFunctions.def Mon Oct 23 15:04:30 2017<br class="">@@ -33,6 +33,7 @@ EXT_FUNC(__sanitizer_install_m<wbr class="">alloc_and_<br class="">         (void (*malloc_hook)(const volatile void *, size_t),<br class="">          void (*free_hook)(const volatile void *)),<br class="">         false);<br class="">+EXT_FUNC(__sanitizer_purge_al<wbr class="">locator, void, (), false);<br class="">EXT_FUNC(__sanitizer_print_mem<wbr class="">ory_profile, int, (size_t, size_t), false);<br class="">EXT_FUNC(__sanitizer_print_sta<wbr class="">ck_trace, void, (), true);<br class="">EXT_FUNC(__sanitizer_symbolize<wbr class="">_pc, void,<br class=""><br class="">Modified: compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerFlags.def<br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerFlags.def?rev=316382&r1=316381&r2=316382&view=diff" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project/compiler-rt/<wbr class="">trunk/lib/fuzzer/FuzzerFlags.<wbr class="">def?rev=316382&r1=316381&r2=<wbr class="">316382&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerFlags.def (original)<br class="">+++ compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerFlags.def Mon Oct 23 15:04:30 2017<br class="">@@ -114,6 +114,10 @@ FUZZER_FLAG_INT(close_fd_mask, 0, "If 1,<br class="">    "Be careful, this will also close e.g. asan's stderr/stdout.")<br class="">FUZZER_FLAG_INT(detect_leaks, 1, "If 1, and if LeakSanitizer is enabled "<br class="">    "try to detect memory leaks during fuzzing (i.e. not only at shut down).")<br class="">+FUZZER_FLAG_INT(purge_allocat<wbr class="">or_interval, 1, "Purge allocator caches and "<br class="">+    "quarantines every <N> seconds. When rss_limit_mb is specified (>0), "<br class="">+    "purging starts when RSS exceeds 50% of rss_limit_mb. Pass "<br class="">+    "purge_allocator_interval=-<wbr class="">1 to disable this functionality.")<br class="">FUZZER_FLAG_INT(trace_malloc, 0, "If >= 1 will print all mallocs/frees. "<br class="">    "If >= 2 will also print stack traces.")<br class="">FUZZER_FLAG_INT(rss_limit_mb, 2048, "If non-zero, the fuzzer will exit upon"<br class=""><br class="">Modified: compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerInternal.h<br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerInternal.h?rev=316382&r1=316381&r2=316382&view=diff" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project/compiler-rt/<wbr class="">trunk/lib/fuzzer/<wbr class="">FuzzerInternal.h?rev=316382&<wbr class="">r1=316381&r2=316382&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerInternal.h (original)<br class="">+++ compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerInternal.h Mon Oct 23 15:04:30 2017<br class="">@@ -96,6 +96,7 @@ private:<br class="">  void CrashOnOverwrittenData();<br class="">  void InterruptCallback();<br class="">  void MutateAndTestOne();<br class="">+  void PurgeAllocator();<br class="">  void ReportNewCoverage(InputInfo *II, const Unit &U);<br class="">  void PrintPulseAndReportSlowInput(c<wbr class="">onst uint8_t *Data, size_t Size);<br class="">  void WriteToOutputCorpus(const Unit &U);<br class="">@@ -124,6 +125,8 @@ private:<br class="">  bool HasMoreMallocsThanFrees = false;<br class="">  size_t NumberOfLeakDetectionAttempts = 0;<br class=""><br class="">+  system_clock::time_point LastAllocatorPurgeAttemptTime = system_clock::now();<br class="">+<br class="">  UserCallback CB;<br class="">  InputCorpus &Corpus;<br class="">  MutationDispatcher &MD;<br class=""><br class="">Modified: compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerLoop.cpp<br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerLoop.cpp?rev=316382&r1=316381&r2=316382&view=diff" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project/compiler-rt/<wbr class="">trunk/lib/fuzzer/FuzzerLoop.<wbr class="">cpp?rev=316382&r1=316381&r2=<wbr class="">316382&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerLoop.cpp (original)<br class="">+++ compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerLoop.cpp Mon Oct 23 15:04:30 2017<br class="">@@ -587,7 +587,7 @@ void Fuzzer::MutateAndTestOne() {<br class="">    size_t NewSize = 0;<br class="">    NewSize = MD.Mutate(CurrentUnitData, Size, CurrentMaxMutationLen);<br class="">    assert(NewSize > 0 && "Mutator returned empty unit");<br class="">-    assert(NewSize <= CurrentMaxMutationLen && "Mutator return overisized unit");<br class="">+    assert(NewSize <= CurrentMaxMutationLen && "Mutator return oversized unit");<br class="">    Size = NewSize;<br class="">    II.NumExecutedMutations++;<br class="">    if (RunOne(CurrentUnitData, Size, /*MayDeleteFile=*/true, &II))<br class="">@@ -598,6 +598,25 @@ void Fuzzer::MutateAndTestOne() {<br class="">  }<br class="">}<br class=""><br class="">+void Fuzzer::PurgeAllocator() {<br class="">+  if (Options.PurgeAllocatorInterva<wbr class="">lSec < 0 ||<br class="">+      !EF->__sanitizer_purge_al<wbr class="">locator) {<br class="">+    return;<br class="">+  }<br class="">+  if (duration_cast<seconds>(system<wbr class="">_clock::now() -<br class="">+                             La<wbr class="">stAllocatorPurgeAttemptTime).<wbr class="">count() <<br class="">+      Options.PurgeAllocatorInt<wbr class="">ervalSec) {<br class="">+    return;<br class="">+  }<br class="">+<br class="">+  if (Options.RssLimitMb <= 0 ||<br class="">+      GetPeakRSSMb() > static_cast<size_t>(Options.Rs<wbr class="">sLimitMb) / 2) {<br class="">+    EF->__sanitizer_purge_alloc<wbr class="">ator();<br class="">+  }<br class="">+<br class="">+  LastAllocatorPurgeAttemptTime = system_clock::now();<br class="">+}<br class="">+<br class="">void Fuzzer::ReadAndExecuteSeedCorp<wbr class="">ora(const Vector<std::string> &CorpusDirs) {<br class="">  const size_t kMaxSaneLen = 1 << 20;<br class="">  const size_t kMinDefaultLen = 4096;<br class="">@@ -699,6 +718,8 @@ void Fuzzer::Loop(const Vector<std::stri<br class=""><br class="">    // Perform several mutations and runs.<br class="">    MutateAndTestOne();<br class="">+<br class="">+    PurgeAllocator();<br class="">  }<br class=""><br class="">  PrintStats("DONE  ", "\n");<br class=""><br class="">Modified: compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerOptions.h<br class="">URL:<span class="m_-7967190534120840566Apple-converted-space"> </span><a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerOptions.h?rev=316382&r1=316381&r2=316382&view=diff" target="_blank" class="">http://llvm.org/viewvc/<wbr class="">llvm-project/compiler-rt/<wbr class="">trunk/lib/fuzzer/<wbr class="">FuzzerOptions.h?rev=316382&r1=<wbr class="">316381&r2=316382&view=diff</a><br class="">==============================<wbr class="">==============================<wbr class="">==================<br class="">--- compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerOptions.h (original)<br class="">+++ compiler-rt/trunk/lib/fuzzer/F<wbr class="">uzzerOptions.h Mon Oct 23 15:04:30 2017<br class="">@@ -54,6 +54,7 @@ struct FuzzingOptions {<br class="">  bool DumpCoverage = false;<br class="">  bool UseClangCoverage = false;<br class="">  bool DetectLeaks = true;<br class="">+  int PurgeAllocatorIntervalSec = 1;<br class="">  int UseFeatureFrequency = false;<br class="">  int  TraceMalloc = 0;<br class="">  bool HandleAbrt = false;<br class=""><br class=""><br class="">______________________________<wbr class="">_________________<br class="">llvm-commits mailing list<br class=""><a href="mailto:llvm-commits@lists.llvm.org" target="_blank" class="">llvm-commits@lists.llvm.org</a><br class=""><a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" target="_blank" class="">http://lists.llvm.org/cgi-bin/<wbr class="">mailman/listinfo/llvm-commits</a><br class=""></div></div></blockquote></div><br class=""></div></div></div></div><br class="">______________________________<wbr class="">_________________<br class="">llvm-commits mailing list<br class=""><a href="mailto:llvm-commits@lists.llvm.org" target="_blank" class="">llvm-commits@lists.llvm.org</a><br class=""><a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer" target="_blank" class="">http://lists.llvm.org/cgi-bin/<wbr class="">mailman/listinfo/llvm-commits</a></blockquote></div></div></blockquote></div><br class=""></div></div></div></div></blockquote></div><br class=""></div>
</div></blockquote></div><br class=""></div></body></html>