From 58d43607862096aeb32d72173911c9df244a30f1 Mon Sep 17 00:00:00 2001 From: Chandler Carruth Date: Sat, 19 Jan 2019 08:50:56 +0000 Subject: Update the file headers across all of the LLVM projects in the monorepo to reflect the new license. We understand that people may be surprised that we're moving the header entirely to discuss the new license. We checked this carefully with the Foundation's lawyer and we believe this is the correct approach. Essentially, all code in the project is now made available by the LLVM project under our new license, so you will see that the license headers include that license only. Some of our contributors have contributed code under our old license, and accordingly, we have retained a copy of our old license notice in the top-level files in each project and repository. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@351636 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index e54885a1e..49031d3b4 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -1,9 +1,8 @@ //===- FuzzerMerge.h - merging corpa ----------------------------*- C++ -* ===// // -// The LLVM Compiler Infrastructure -// -// This file is distributed under the University of Illinois Open Source -// License. See LICENSE.TXT for details. +// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. +// See https://llvm.org/LICENSE.txt for license information. +// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // //===----------------------------------------------------------------------===// // Merging Corpora. -- cgit v1.2.1 From 4bdfbe8883e81de78f806e2539c0718af49c02c7 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 8 Feb 2019 21:27:23 +0000 Subject: [libFuzzer] introduce an experimental mode -fork=1, where fuzzing happens in a subprocess (still running multiple inputs per process), thus making the fuzzing more resilient to timeouts and OOMs. This is just a skeleton of the code, and some associated refactoring, not a fully working feature yet. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@353570 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 49031d3b4..917108e3f 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -67,13 +67,17 @@ struct Merger { Set ParseSummary(std::istream &IS); size_t Merge(const Set &InitialFeatures, Vector *NewFiles); - size_t Merge(Vector *NewFiles) { - return Merge(Set{}, NewFiles); - } size_t ApproximateMemoryConsumption() const; Set AllFeatures() const; }; +Vector +CrashResistantMerge(const Vector &Args, + const Vector &Corpora, + const std::string &CFPath, + const char *CoverageSummaryInputPathOrNull, + const char *CoverageSummaryOutputPathOrNull); + } // namespace fuzzer #endif // LLVM_FUZZER_MERGE_H -- cgit v1.2.1 From 4c775333c188cc37182c72eb2a7261f7eaeb32a5 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 8 Feb 2019 22:02:37 +0000 Subject: [libFuzzer] remove two unused experimental flags git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@353573 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 917108e3f..273f486b2 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -63,8 +63,6 @@ struct Merger { bool Parse(std::istream &IS, bool ParseCoverage); bool Parse(const std::string &Str, bool ParseCoverage); void ParseOrExit(std::istream &IS, bool ParseCoverage); - void PrintSummary(std::ostream &OS); - Set ParseSummary(std::istream &IS); size_t Merge(const Set &InitialFeatures, Vector *NewFiles); size_t ApproximateMemoryConsumption() const; @@ -74,9 +72,7 @@ struct Merger { Vector CrashResistantMerge(const Vector &Args, const Vector &Corpora, - const std::string &CFPath, - const char *CoverageSummaryInputPathOrNull, - const char *CoverageSummaryOutputPathOrNull); + const std::string &CFPath); } // namespace fuzzer -- cgit v1.2.1 From 170fdb7696b9c114106a40c7c3a9b523e6341db0 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 8 Feb 2019 22:59:03 +0000 Subject: [libFuzzer] refactor the merging code, NFC git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@353576 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 273f486b2..0d35155fe 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -71,7 +71,8 @@ struct Merger { Vector CrashResistantMerge(const Vector &Args, - const Vector &Corpora, + const Vector &OldCorpus, + const Vector &NewCorpus, const std::string &CFPath); } // namespace fuzzer -- cgit v1.2.1 From 00ab2236146c035d7cabab47c76d13596a4ea315 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Sat, 9 Feb 2019 00:16:21 +0000 Subject: [libFuzzer] more refactoring; change some of the exit codes (timeout, OOM, interrupt) so that the parent process can distinguish those git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@353584 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 0d35155fe..97f85cb4c 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -64,16 +64,19 @@ struct Merger { bool Parse(const std::string &Str, bool ParseCoverage); void ParseOrExit(std::istream &IS, bool ParseCoverage); size_t Merge(const Set &InitialFeatures, + Set *NewFeatures, Vector *NewFiles); size_t ApproximateMemoryConsumption() const; Set AllFeatures() const; }; -Vector -CrashResistantMerge(const Vector &Args, - const Vector &OldCorpus, - const Vector &NewCorpus, - const std::string &CFPath); +void CrashResistantMerge(const Vector &Args, + const Vector &OldCorpus, + const Vector &NewCorpus, + Vector *NewFiles, + const Set &InitialFeatures, + Set *NewFeatures, + const std::string &CFPath); } // namespace fuzzer -- cgit v1.2.1 From a098df1569900e6c3498ce9e9002db7374a284e6 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Tue, 12 Feb 2019 03:12:40 +0000 Subject: [libFuzzer] make the fork mode less verbose git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@353794 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 97f85cb4c..065dbd44a 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -76,7 +76,8 @@ void CrashResistantMerge(const Vector &Args, Vector *NewFiles, const Set &InitialFeatures, Set *NewFeatures, - const std::string &CFPath); + const std::string &CFPath, + bool Verbose); } // namespace fuzzer -- cgit v1.2.1 From a35757418b2f100086f7c4ca811719af4d0b07b1 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Thu, 14 Feb 2019 23:12:33 +0000 Subject: [libFuzzer] when doing the merge, keep track of the coveraged edges, not just features git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@354076 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 065dbd44a..157611cb9 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -56,6 +56,7 @@ struct MergeFileInfo { struct Merger { Vector Files; + size_t NumCoveredPCs = 0; size_t NumFilesInFirstCorpus = 0; size_t FirstNotProcessedFile = 0; std::string LastFailure; -- cgit v1.2.1 From 8d70b932e3dbd7218d31d28c2c5ed277018de7e9 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 15 Feb 2019 00:08:16 +0000 Subject: [libFuzzer] when doing the merge, keep track of the coveraged edges, not just features git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@354087 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 157611cb9..7a0cd4b71 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -51,12 +51,11 @@ namespace fuzzer { struct MergeFileInfo { std::string Name; size_t Size = 0; - Vector Features; + Vector Features, Cov; }; struct Merger { Vector Files; - size_t NumCoveredPCs = 0; size_t NumFilesInFirstCorpus = 0; size_t FirstNotProcessedFile = 0; std::string LastFailure; @@ -64,9 +63,9 @@ struct Merger { bool Parse(std::istream &IS, bool ParseCoverage); bool Parse(const std::string &Str, bool ParseCoverage); void ParseOrExit(std::istream &IS, bool ParseCoverage); - size_t Merge(const Set &InitialFeatures, - Set *NewFeatures, - Vector *NewFiles); + void Merge(const Set &InitialFeatures, Set *NewFeatures, + const Set &InitialCov, Set *NewCov, + Vector *NewFiles); size_t ApproximateMemoryConsumption() const; Set AllFeatures() const; }; @@ -77,6 +76,8 @@ void CrashResistantMerge(const Vector &Args, Vector *NewFiles, const Set &InitialFeatures, Set *NewFeatures, + const Set &InitialCov, + Set *NewCov, const std::string &CFPath, bool Verbose); -- cgit v1.2.1 From 459210eed41fa9d37af2cb490161f73f64f4e632 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 15 Feb 2019 00:15:13 +0000 Subject: [libFuzzer] fix the unit tests git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@354088 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/fuzzer/FuzzerMerge.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/fuzzer/FuzzerMerge.h') diff --git a/lib/fuzzer/FuzzerMerge.h b/lib/fuzzer/FuzzerMerge.h index 7a0cd4b71..c14dd589e 100644 --- a/lib/fuzzer/FuzzerMerge.h +++ b/lib/fuzzer/FuzzerMerge.h @@ -63,9 +63,9 @@ struct Merger { bool Parse(std::istream &IS, bool ParseCoverage); bool Parse(const std::string &Str, bool ParseCoverage); void ParseOrExit(std::istream &IS, bool ParseCoverage); - void Merge(const Set &InitialFeatures, Set *NewFeatures, - const Set &InitialCov, Set *NewCov, - Vector *NewFiles); + size_t Merge(const Set &InitialFeatures, Set *NewFeatures, + const Set &InitialCov, Set *NewCov, + Vector *NewFiles); size_t ApproximateMemoryConsumption() const; Set AllFeatures() const; }; -- cgit v1.2.1