[llvm] r308541 - [libFuzzer] enable reduce_inputs=1 by default (seems to be a big win usually)
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Wed Jul 19 15:10:30 PDT 2017
Author: kcc
Date: Wed Jul 19 15:10:30 2017
New Revision: 308541
URL: http://llvm.org/viewvc/llvm-project?rev=308541&view=rev
Log:
[libFuzzer] enable reduce_inputs=1 by default (seems to be a big win usually)
Modified:
llvm/trunk/docs/LibFuzzer.rst
llvm/trunk/lib/Fuzzer/FuzzerFlags.def
llvm/trunk/lib/Fuzzer/test/shrink.test
llvm/trunk/lib/Fuzzer/test/value-profile-load.test
Modified: llvm/trunk/docs/LibFuzzer.rst
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/docs/LibFuzzer.rst?rev=308541&r1=308540&r2=308541&view=diff
==============================================================================
--- llvm/trunk/docs/LibFuzzer.rst (original)
+++ llvm/trunk/docs/LibFuzzer.rst Wed Jul 19 15:10:30 2017
@@ -345,6 +345,9 @@ possible event codes are:
``NEW``
The fuzzer has created a test input that covers new areas of the code
under test. This input will be saved to the primary corpus directory.
+``REDUCE``
+ The fuzzer has found a better (smaller) input that triggers previously
+ discovered features (set ``-reduce_inputs=0`` to disable).
``pulse``
The fuzzer has generated 2\ :sup:`n` inputs (generated periodically to reassure
the user that the fuzzer is still working).
Modified: llvm/trunk/lib/Fuzzer/FuzzerFlags.def
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerFlags.def?rev=308541&r1=308540&r2=308541&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerFlags.def (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerFlags.def Wed Jul 19 15:10:30 2017
@@ -66,8 +66,8 @@ FUZZER_FLAG_INT(use_value_profile, 0,
"Experimental. Use value profile to guide fuzzing.")
FUZZER_FLAG_INT(use_cmp, 1, "Use CMP traces to guide mutations")
FUZZER_FLAG_INT(shrink, 0, "Experimental. Try to shrink corpus inputs.")
-FUZZER_FLAG_INT(reduce_inputs, 0, "Experimental. "
- "Try to reduce the size of inputs wile preserving their full feature sets")
+FUZZER_FLAG_INT(reduce_inputs, 1,
+ "Try to reduce the size of inputs while preserving their full feature sets")
FUZZER_FLAG_UNSIGNED(jobs, 0, "Number of jobs to run. If jobs >= 1 we spawn"
" this number of jobs in separate worker processes"
" with stdout/stderr redirected to fuzz-JOB.log.")
Modified: llvm/trunk/lib/Fuzzer/test/shrink.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/shrink.test?rev=308541&r1=308540&r2=308541&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/shrink.test (original)
+++ llvm/trunk/lib/Fuzzer/test/shrink.test Wed Jul 19 15:10:30 2017
@@ -1,6 +1,6 @@
-RUN: LLVMFuzzer-ShrinkControlFlowTest -seed=1 -exit_on_item=0eb8e4ed029b774d80f2b66408203801cb982a60 -runs=1000000 -shrink=1 2>&1 | FileCheck %s --check-prefix=SHRINK1
-RUN: LLVMFuzzer-ShrinkControlFlowTest -seed=1 -exit_on_item=0eb8e4ed029b774d80f2b66408203801cb982a60 -runs=1000000 -shrink=0 2>&1 | FileCheck %s --check-prefix=SHRINK0
-RUN: LLVMFuzzer-ShrinkValueProfileTest -seed=1 -exit_on_item=aea2e3923af219a8956f626558ef32f30a914ebc -runs=100000 -shrink=1 -use_value_profile=1 2>&1 | FileCheck %s --check-prefix=SHRINK1_VP
+RUN: LLVMFuzzer-ShrinkControlFlowTest -seed=1 -exit_on_item=0eb8e4ed029b774d80f2b66408203801cb982a60 -runs=1000000 -shrink=1 -reduce_inputs=0 2>&1 | FileCheck %s --check-prefix=SHRINK1
+RUN: LLVMFuzzer-ShrinkControlFlowTest -seed=1 -exit_on_item=0eb8e4ed029b774d80f2b66408203801cb982a60 -runs=1000000 -shrink=0 -reduce_inputs=0 2>&1 | FileCheck %s --check-prefix=SHRINK0
+RUN: LLVMFuzzer-ShrinkValueProfileTest -seed=1 -exit_on_item=aea2e3923af219a8956f626558ef32f30a914ebc -runs=100000 -shrink=1 -reduce_inputs=0 -use_value_profile=1 2>&1 | FileCheck %s --check-prefix=SHRINK1_VP
SHRINK0: Done 1000000 runs in
SHRINK1: INFO: found item with checksum '0eb8e4ed029b774d80f2b66408203801cb982a60', exiting.
Modified: llvm/trunk/lib/Fuzzer/test/value-profile-load.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/value-profile-load.test?rev=308541&r1=308540&r2=308541&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/value-profile-load.test (original)
+++ llvm/trunk/lib/Fuzzer/test/value-profile-load.test Wed Jul 19 15:10:30 2017
@@ -1,3 +1,3 @@
CHECK: AddressSanitizer: global-buffer-overflow
-RUN: not LLVMFuzzer-LoadTest -seed=1 -use_cmp=0 -use_value_profile=1 -runs=10000000 2>&1 | FileCheck %s
+RUN: not LLVMFuzzer-LoadTest -seed=2 -use_cmp=0 -use_value_profile=1 -runs=20000000 2>&1 | FileCheck %s
More information about the llvm-commits
mailing list