[PATCH] D12438: Build a lib/Fuzzer version for llvm-as.
Karl Schimpf via llvm-commits
llvm-commits at lists.llvm.org
Mon Aug 31 10:56:48 PDT 2015
This revision was automatically updated to reflect the committed changes.
Closed by commit rL246458: Build a lib/Fuzzer version for llvm-as. (authored by kschimpf).
Changed prior to commit:
http://reviews.llvm.org/D12438?vs=33439&id=33599#toc
Repository:
rL LLVM
http://reviews.llvm.org/D12438
Files:
llvm/trunk/tools/llvm-as-fuzzer/CMakeLists.txt
llvm/trunk/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp
Index: llvm/trunk/tools/llvm-as-fuzzer/CMakeLists.txt
===================================================================
--- llvm/trunk/tools/llvm-as-fuzzer/CMakeLists.txt
+++ llvm/trunk/tools/llvm-as-fuzzer/CMakeLists.txt
@@ -0,0 +1,13 @@
+if( LLVM_USE_SANITIZE_COVERAGE )
+ set(LLVM_LINK_COMPONENTS
+ AsmParser
+ BitWriter
+ Core
+ Support
+ )
+ add_llvm_tool(llvm-as-fuzzer
+ llvm-as-fuzzer.cpp)
+ target_link_libraries(llvm-as-fuzzer
+ LLVMFuzzer
+ )
+endif()
Index: llvm/trunk/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp
===================================================================
--- llvm/trunk/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp
+++ llvm/trunk/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp
@@ -0,0 +1,75 @@
+//===--- fuzz-llvm-as.cpp - Fuzzer for llvm-as using lib/Fuzzer -----------===//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+//
+// Build tool to fuzz the LLVM assembler (llvm-as) using
+// lib/Fuzzer. The main reason for using this tool is that it is much
+// faster than using afl-fuzz, since it is run in-process.
+//
+//===----------------------------------------------------------------------===//
+
+#include "llvm/ADT/StringRef.h"
+#include "llvm/AsmParser/Parser.h"
+#include "llvm/IR/LLVMContext.h"
+#include "llvm/IR/Module.h"
+#include "llvm/IR/Verifier.h"
+#include "llvm/Support/ErrorHandling.h"
+#include "llvm/Support/MemoryBuffer.h"
+#include "llvm/Support/raw_ostream.h"
+#include "llvm/Support/SourceMgr.h"
+
+#include <csetjmp>
+
+using namespace llvm;
+
+static jmp_buf JmpBuf;
+
+namespace {
+
+void MyFatalErrorHandler(void *user_data, const std::string& reason,
+ bool gen_crash_diag) {
+ // Don't bother printing reason, just return to the test function,
+ // since a fatal error represents a successful parse (i.e. it correctly
+ // terminated with an error message to the user).
+ longjmp(JmpBuf, 1);
+}
+
+static bool InstalledHandler = false;
+
+} // end of anonymous namespace
+
+extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+
+ // Allocate space for locals before setjmp so that memory can be collected
+ // if parse exits prematurely (via longjmp).
+ StringRef Input((const char *)Data, Size);
+ // Note: We need to create a buffer to add a null terminator to the
+ // end of the input string. The parser assumes that the string
+ // parsed is always null terminated.
+ std::unique_ptr<MemoryBuffer> MemBuf = MemoryBuffer::getMemBufferCopy(Input);
+ SMDiagnostic Err;
+ LLVMContext &Context = getGlobalContext();
+ std::unique_ptr<Module> M;
+
+ if (setjmp(JmpBuf))
+ // If reached, we have returned with non-zero status, so exit.
+ return;
+
+ // TODO(kschimpf) Write a main to do this initialization.
+ if (!InstalledHandler) {
+ llvm::install_fatal_error_handler(::MyFatalErrorHandler, nullptr);
+ InstalledHandler = true;
+ }
+
+ M = parseAssembly(MemBuf->getMemBufferRef(), Err, Context);
+
+ if (!M.get())
+ return;
+
+ verifyModule(*M.get());
+}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D12438.33599.patch
Type: text/x-patch
Size: 3307 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150831/3d872996/attachment-0001.bin>
More information about the llvm-commits
mailing list