[PATCH] D124494: [lld] Add lld-fuzzer

Tue Apr 26 18:18:46 PDT 2022

alexander-shaposhnikov created this revision.
alexander-shaposhnikov added reviewers: MaskRay, kcc, thakis, rnk.
alexander-shaposhnikov created this object with visibility "All Users".
Herald added subscribers: StephenFan, mstorsjo, sunfish, mgorny.
Herald added a project: All.
alexander-shaposhnikov requested review of this revision.
Herald added a subscriber: aheejin.
Herald added a project: LLVM.

This diff introduces lld-fuzzer.
The command line interface is similar to other llvm fuzzer tools:

  `lld-fuzzer <libFuzzer options> -ignore_remaining_args=1 -flavor [gnu|wasm|link|ld64] <lld options>`

The last part ( `-flavor [gnu|wasm|link|ld64] <lld options>` ) is intended to emulate the existing interface of  LLD.

If no lld options are provided we use some hardcoded minimal default configurations to make the invocations like

  `lld-fuzzer ~/NEW_CORPUS_DIR_LLD_GNU/ -max_len=1000 -detect_leaks=0 -ignore_remaining_args=1 gnu`
  `lld-fuzzer ~/NEW_CORPUS_DIR_LLD_LD64/ -max_len=1000 -detect_leaks=0 -ignore_remaining_args=1 ld64`
  `lld-fuzzer ~/NEW_CORPUS_DIR_LLD_WASM/ -max_len=1000 -detect_leaks=0 -ignore_remaining_args=1 wasm`
  `lld-fuzzer ~/NEW_CORPUS_DIR_LLD_LINK/ -max_len=1000 -detect_leaks=0 -ignore_remaining_args=1 link`

do something meaningful.

Running the fuzzer (multiple times) with the empty initial corpus  has revealed a few bugs, some of them seem to be quite simple (e.g. using `assert` on user-provided data),  some others don't.
If there is any interest I can file the corresponding issues on LLVM's github.

Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D124494

Files:
  lld/CMakeLists.txt
  lld/tools/fuzzer/CMakeLists.txt
  lld/tools/fuzzer/lld-fuzzer.cpp

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D124494.425377.patch
Type: text/x-patch
Size: 5801 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20220427/c42d9eed/attachment.bin>