[llvm] r281122 - [libFuzzer] print a visible message if merge fails due to a crash

Fri Sep 9 17:15:42 PDT 2016

Author: kcc
Date: Fri Sep  9 19:15:41 2016
New Revision: 281122

URL: http://llvm.org/viewvc/llvm-project?rev=281122&view=rev
Log:
[libFuzzer] print a visible message if merge fails due to a crash 

Modified:
    llvm/trunk/lib/Fuzzer/FuzzerInternal.h
    llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
    llvm/trunk/lib/Fuzzer/test/merge.test

Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=281122&r1=281121&r2=281122&view=diff
==============================================================================

--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Fri Sep  9 19:15:41 2016
@@ -521,6 +521,8 @@ private:
 
   // Need to know our own thread.
   static thread_local bool IsMyThread;
+
+  bool InMergeMode = false;
 };
 
 // Global interface to functions that may or may not be available.

Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=281122&r1=281121&r2=281122&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Fri Sep  9 19:15:41 2016
@@ -188,7 +188,22 @@ void Fuzzer::StaticDeathCallback() {
   F->DeathCallback();
 }
 
+static void WarnOnUnsuccessfullMerge(bool DoWarn) {
+  Printf(
+   "***\n"
+   "***\n"
+   "***\n"
+   "*** NOTE: merge did not succeed due to a failure on one of the inputs.\n"
+   "*** You will need to filter out crashes from the corpus, e.g. like this:\n"
+   "***   for f in WITH_CRASHES/*; do ./fuzzer $f && cp $f NO_CRASHES; done\n"
+   "*** Future versions may have crash-resistant merge, stay tuned.\n"
+   "***\n"
+   "***\n"
+   "***\n");
+}
+
 void Fuzzer::DumpCurrentUnit(const char *Prefix) {
+  WarnOnUnsuccessfullMerge(InMergeMode);
   if (!CurrentUnitData) return;  // Happens when running individual inputs.
   MD.PrintMutationSequence();
   Printf("; base unit: %s\n", Sha1ToString(BaseSha1).c_str());
@@ -612,6 +627,7 @@ void Fuzzer::Merge(const std::vector<std
     Printf("Merge requires two or more corpus dirs\n");
     return;
   }
+  InMergeMode = true;
   std::vector<std::string> ExtraCorpora(Corpora.begin() + 1, Corpora.end());
 
   assert(Options.MaxLen > 0);

Modified: llvm/trunk/lib/Fuzzer/test/merge.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/merge.test?rev=281122&r1=281121&r2=281122&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/merge.test (original)
+++ llvm/trunk/lib/Fuzzer/test/merge.test Fri Sep  9 19:15:41 2016
@@ -28,3 +28,9 @@ CHECK2: === Merge: written 3 units
 RUN: LLVMFuzzer-FullCoverageSetTest -merge=1 %tmp/T1 %tmp/T2 2>&1 | FileCheck %s --check-prefix=CHECK3
 CHECK3: === Minimizing the initial corpus of 6 units
 CHECK3: === Merge: written 0 units
+
+
+# Check that when merge fails we print an error message.
+RUN: echo 'Hi!' > %tmp/T1/HiI
+RUN: not LLVMFuzzer-NullDerefTest -merge=1 %tmp/T1 %tmp/T2 2>&1 | FileCheck %s --check-prefix=MERGE_FAIL
+MERGE_FAIL: NOTE: merge did not succeed due to a failure on one of the inputs.


