[llvm] r308653 - [libFuzzer] make sure CheckExitOnSrcPosOrItem is called after the new input is saved to the corpus
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Thu Jul 20 11:53:25 PDT 2017
Author: kcc
Date: Thu Jul 20 11:53:25 2017
New Revision: 308653
URL: http://llvm.org/viewvc/llvm-project?rev=308653&view=rev
Log:
[libFuzzer] make sure CheckExitOnSrcPosOrItem is called after the new input is saved to the corpus
Modified:
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
llvm/trunk/lib/Fuzzer/test/reduce_inputs.test
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=308653&r1=308652&r2=308653&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Thu Jul 20 11:53:25 2017
@@ -344,8 +344,10 @@ void Fuzzer::RereadOutputCorpus(size_t M
if (U.size() > MaxSize)
U.resize(MaxSize);
if (!Corpus.HasUnit(U)) {
- if (RunOne(U.data(), U.size()))
+ if (RunOne(U.data(), U.size())) {
+ CheckExitOnSrcPosOrItem();
Reloaded = true;
+ }
}
}
if (Reloaded)
@@ -371,6 +373,7 @@ void Fuzzer::ShuffleAndMinimize(UnitVect
for (const auto &U : *InitialCorpus) {
RunOne(U.data(), U.size());
+ CheckExitOnSrcPosOrItem();
TryDetectingAMemoryLeak(U.data(), U.size(),
/*DuringInitialCorpusExecution*/ true);
}
@@ -418,14 +421,12 @@ bool Fuzzer::RunOne(const uint8_t *Data,
if (NumNewFeatures) {
Corpus.AddToCorpus({Data, Data + Size}, NumNewFeatures, MayDeleteFile,
UniqFeatureSetTmp);
- CheckExitOnSrcPosOrItem();
return true;
}
if (II && FoundUniqFeaturesOfII &&
FoundUniqFeaturesOfII == II->UniqFeatureSet.size() &&
II->U.size() > Size) {
Corpus.Replace(II, {Data, Data + Size});
- CheckExitOnSrcPosOrItem();
return true;
}
return false;
@@ -527,6 +528,7 @@ void Fuzzer::ReportNewCoverage(InputInfo
WriteToOutputCorpus(U);
NumberOfNewUnitsAdded++;
TPC.PrintNewPCs();
+ CheckExitOnSrcPosOrItem(); // Check only after the unit is saved to corpus.
}
// Tries detecting a memory leak on the particular input that we have just
Modified: llvm/trunk/lib/Fuzzer/test/reduce_inputs.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/reduce_inputs.test?rev=308653&r1=308652&r2=308653&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/reduce_inputs.test (original)
+++ llvm/trunk/lib/Fuzzer/test/reduce_inputs.test Thu Jul 20 11:53:25 2017
@@ -7,7 +7,7 @@ CHECK: INFO: found item with checksum '0
# Test that reduce_inputs deletes redundant files in the corpus.
RUN: LLVMFuzzer-ShrinkControlFlowSimpleTest -runs=0 %t/C 2>&1 | FileCheck %s --check-prefix=COUNT
-COUNT: READ units: 3
+COUNT: READ units: 4
# a bit longer test
RUN: LLVMFuzzer-ShrinkControlFlowTest -exit_on_item=0eb8e4ed029b774d80f2b66408203801cb982a60 -seed=1 -runs=1000000 2>&1 | FileCheck %s
More information about the llvm-commits
mailing list