[compiler-rt] r330652 - [libFuzzer] Add feature to not use AFL's deferred forkserver.

Matt Morehouse via llvm-commits llvm-commits at lists.llvm.org
Mon Apr 23 14:36:21 PDT 2018 

Author: morehouse
Date: Mon Apr 23 14:36:21 2018
New Revision: 330652

URL: http://llvm.org/viewvc/llvm-project?rev=330652&view=rev
Log:
[libFuzzer] Add feature to not use AFL's deferred forkserver.

A small but substantial minority of libFuzzer-based fuzzers run code that
does not play well with fork in global constructors or LLVMFuzzerInitialize.
This patch allows these fuzzers to use afl_driver by allowing them to
opt-out of using AFL's deferred forkserver which deferres calling fork until
after this code.

Patch By: metzman

Differential Revision: https://reviews.llvm.org/D45744

Modified:
    compiler-rt/trunk/lib/fuzzer/afl/afl_driver.cpp

Modified: compiler-rt/trunk/lib/fuzzer/afl/afl_driver.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/afl/afl_driver.cpp?rev=330652&r1=330651&r2=330652&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/afl/afl_driver.cpp (original)
+++ compiler-rt/trunk/lib/fuzzer/afl/afl_driver.cpp Mon Apr 23 14:36:21 2018
@@ -138,6 +138,17 @@ static const int kNumExtraStats = 2;
 static const char *kExtraStatsFormatString = "peak_rss_mb            : %u\n"
                                              "slowest_unit_time_sec  : %u\n";
 
+// Experimental feature to use afl_driver without AFL's deferred mode.
+// Needs to run before __afl_auto_init.
+__attribute__((constructor(0))) void __decide_deferred_forkserver(void) {
+  if (getenv("AFL_DRIVER_DONT_DEFER")) {
+    if (unsetenv("__AFL_DEFER_FORKSRV")) {
+      perror("Failed to unset __AFL_DEFER_FORKSRV");
+      abort();
+    }
+  }
+}
+
 // Copied from FuzzerUtil.cpp.
 size_t GetPeakRSSMb() {
   struct rusage usage;
@@ -315,7 +326,8 @@ int main(int argc, char **argv) {
   maybe_duplicate_stderr();
   maybe_initialize_extra_stats();
 
-  __afl_manual_init();
+  if (!getenv("AFL_DRIVER_DONT_DEFER"))
+    __afl_manual_init();
 
   int N = 1000;
   if (argc == 2 && argv[1][0] == '-')

More information about the llvm-commits mailing list