Commit Graph

44 Commits

Author SHA1 Message Date
Kostya Serebryany 54a8456005 [libFuzzer] make sure to flush IO when done merging one file
llvm-svn: 317835
2017-11-09 21:30:33 +00:00
Matt Morehouse 947838c9c5 [libFuzzer] Don't add leaking inputs to corpus.
Reviewers: kcc

Reviewed By: kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39850

llvm-svn: 317831
2017-11-09 20:44:08 +00:00
Kostya Serebryany a2ca2dcc46 [libFuzzer] handle SIGUSR1/SIGUSR2 and try to exit grafully on these signals
llvm-svn: 317829
2017-11-09 20:30:19 +00:00
Kostya Serebryany 3ac31d4453 [libFuzzer] allow merge to resume after being preempted
llvm-svn: 317767
2017-11-09 05:49:28 +00:00
Kostya Serebryany 68fdef1f7a [libFuzzer] allow user to specify the merge control file
llvm-svn: 317747
2017-11-09 01:05:29 +00:00
Vitaly Buka 7d22324b87 [fuzzer] Fix nested mallocs
Summary: Nested mallocs are possible with internal symbolizer.

Reviewers: kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39397

llvm-svn: 317186
2017-11-02 04:12:10 +00:00
Vitaly Buka ca9075272b [fuzzer] Script to detect unbalanced allocation in -trace_malloc output
Reviewers: kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39466

llvm-svn: 317119
2017-11-01 20:27:06 +00:00
Vitaly Buka 7dbc1d8433 [fuzzer] Fix threaded stack printing
Reviewers: kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39397

llvm-svn: 317071
2017-11-01 03:02:59 +00:00
Vitaly Buka df00e89cdc Revert "[fuzzer] Fix threaded stack printing and nested mallocs"
Fails on darwin

Revert "[fuzzer] Script to detect unbalanced allocation in -trace_malloc output"
Needs previous one.

This reverts commit r317034, r317036.

llvm-svn: 317061
2017-11-01 00:55:52 +00:00
Vitaly Buka 0747700ce1 [fuzzer] Script to detect unbalanced allocation in -trace_malloc output
Reviewers: kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39466

llvm-svn: 317036
2017-10-31 20:50:07 +00:00
Vitaly Buka 58da33e35c [fuzzer] Fix threaded stack printing and nested mallocs
Summary: Nested mallocs are possible with internal symbolizer.

Reviewers: kcc

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39397

llvm-svn: 317034
2017-10-31 20:49:48 +00:00
Alex Shlyapnikov 5ded0701a9 [Sanitizers-libFuzzer] Addressing coding style issues.
Summary: The result of clang-format and few manual changes (as prompted on D39155).

Reviewers: vitalybuka

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39211

llvm-svn: 316395
2017-10-23 23:24:33 +00:00
Alex Shlyapnikov 6f1c26f222 [libFuzzer] Periodically purge allocator's quarantine to prolong fuzzing sessions.
Summary:
Fuzzing targets that allocate/deallocate a lot of memory tend to consume
a lot of RSS when ASan quarantine is enabled. Purging quarantine between
iterations and returning memory to OS keeps RSS down and should not
reduce the quarantine effectiveness provided the fuzz target does not
preserve state between iterations (in this case this feature can be turned off).

Based on D39153.

Reviewers: vitalybuka

Subscribers: llvm-commits

Differential Revision: https://reviews.llvm.org/D39155

llvm-svn: 316382
2017-10-23 22:04:30 +00:00
Kostya Serebryany fc3079963f [libFuzzer] print a better warning if we hit the ld bug
llvm-svn: 315778
2017-10-14 00:07:11 +00:00
Alex Shlyapnikov 29d3ba7576 [Sanitizers] Always build libFuzzer with frame pointers.
Lacking frame pointers, sanitized fuzzers collect bogus stack
traces and the set of stack traces grows indefinitely, leading to OOMs.

llvm-svn: 315770
2017-10-13 21:57:43 +00:00
Kostya Serebryany 51823d3aae [libFuzzer] tweam use_feature_frequency to be less aggressive; run a dummy input before the seed corpus
llvm-svn: 315657
2017-10-13 01:12:23 +00:00
Kostya Serebryany 75480e3871 [libFuzzer] disable use_feature_frequency as it degrades some of the benchmarks too much :(
llvm-svn: 315503
2017-10-11 20:31:01 +00:00
Kostya Serebryany 198d385a77 [libFuzzer] make -use_feature_frequency less aggressive and enable by default
llvm-svn: 315490
2017-10-11 19:01:35 +00:00
Kostya Serebryany 4083d54675 [libFuzzer] experimental flag to tweak the corpus distribution. Seems to improve the situation dramatically on the png benchmark and make things worse on a number of micro-puzzles. Needs more A/B testing
llvm-svn: 315407
2017-10-11 01:44:26 +00:00
Max Moroz 330496c3fc [libFuzzer] Disable experimental clang coverage support by default.
Summary:
It can be enabled via "-use_clang_coverage=1" flag. Reason for disabling:
libFuzzer resets Clang Counters and makes it impossible to generate coverage
report for a regular fuzz target (i.e. not standalone build).

Reviewers: kcc

Reviewed By: kcc

Subscribers: kcc

Differential Revision: https://reviews.llvm.org/D38604

llvm-svn: 315029
2017-10-05 22:41:03 +00:00
Kostya Serebryany bcd78491ef [libFuzzer] minor refactoring, NFC
llvm-svn: 313406
2017-09-15 22:10:36 +00:00
Kostya Serebryany 97b8b2daff [libFuzzer] reduce the size of the merge control file by not dumping redundant features into it
llvm-svn: 313403
2017-09-15 22:02:26 +00:00
Kostya Serebryany 93679be037 [libFuzzer] factor out some code into GetSizedFilesFromDir; NFC
llvm-svn: 313081
2017-09-12 21:58:07 +00:00
Max Moroz 3f26dac416 [libfuzzer] Compare TotalNumberOfRuns with MaxNumberOfRuns when testing a memory leak.
Summary:
Fuzzer::TryDetectingAMemoryLeak may call ExecuteCallback which would
increment TotalNumberOfRuns, but it doesn't respect Options.MaxNumberOfRuns
value specified by a user.

Context: https://github.com/google/oss-fuzz/issues/822#issuecomment-328153970

Reviewers: kcc

Reviewed By: kcc

Differential Revision: https://reviews.llvm.org/D37632

llvm-svn: 312993
2017-09-12 02:01:54 +00:00
Kostya Serebryany 25d6b95679 [libFuzzer] remove a couple of reduntant includes
llvm-svn: 312848
2017-09-09 00:56:34 +00:00
Kostya Serebryany 082e9a7528 [libFuzzer] tolerate missing files when loading the seed corpus
llvm-svn: 312269
2017-08-31 19:17:15 +00:00
Kamil Rytarowski 8da2722a9f Add preliminary NetBSD support in libfuzzer
Summary:
This code already works and passes some number of tests.

There is need to finish remaining sanitizers to get better coverage.

Many tests fail due to overly long file names of executables (>31).
This is a current shortcoming of the NetBSD 8(beta) kernel, as
certain functions can fail (like retrieving file name of executable).

Sponsored by <The NetBSD Foundation>

Reviewers: joerg, kcc, vitalybuka, george.karpenkov

Reviewed By: kcc

Subscribers: mgorny, llvm-commits, #sanitizers

Tags: #sanitizers

Differential Revision: https://reviews.llvm.org/D37304

llvm-svn: 312183
2017-08-30 22:44:11 +00:00
Kostya Serebryany 4faeb87ebe [libFUzzer] change the way we load the seed corpora: instead of loading all files and these executing all files, load and execute them one-by-one. This should reduce the memory usage in many cases
llvm-svn: 312033
2017-08-29 20:51:24 +00:00
Kostya Serebryany 3a8e3c8336 [libFuzzer] refactoring: move reading the seed corpus closer to where it's consumed; NFC
llvm-svn: 311972
2017-08-29 02:05:01 +00:00
Kostya Serebryany c07008653c [libFuzzer] allow -print_funcs=N: N is the max number of new covered function printed
llvm-svn: 311945
2017-08-28 22:52:22 +00:00
George Karpenkov dacfd66dfd [libFuzzer] Fix libFuzzer flag propagation for standalone builds.
Under the previous configurations, flags from SANITIZER_COMMON were not
propagated for standalone builds.

Differential Revision: https://reviews.llvm.org/D37225

llvm-svn: 311912
2017-08-28 19:44:19 +00:00
George Karpenkov bebcbfb46d [libFuzzer] Use custom allocators for STL containers in libFuzzer.
Avoids ODR violations causing spurious ASAN warnings.

Differential Revision: https://reviews.llvm.org/D37086

llvm-svn: 311866
2017-08-27 23:20:09 +00:00
George Karpenkov 24069a0424 Revert "[libFuzzer] Use custom allocators for STL containers in libFuzzer"
This reverts commit 3539efc2f2218dba2bcbd645d0fe276f2b5cf588.

llvm-svn: 311831
2017-08-26 17:50:35 +00:00
George Karpenkov d50410bfb1 [libFuzzer] Use custom allocators for STL containers in libFuzzer
Avoids ODR violations causing spurious ASAN container overflow warnings.

Differential Revision: https://reviews.llvm.org/D37086

llvm-svn: 311830
2017-08-26 17:17:37 +00:00
Kostya Serebryany 09c4161029 [libFuzzer] prepare tests for switching from -fsanitize-coverage=trace-pc-guard to -fsanitize-coverage=inline-8bit-counters
llvm-svn: 311798
2017-08-25 20:20:46 +00:00
Kostya Serebryany 2eef816e6e [libFuzzer] add -print_funcs=1 (on bey default): print newly discovered functions during fuzzing
llvm-svn: 311797
2017-08-25 20:09:25 +00:00
Kostya Serebryany d3e4b7e24a [sanitizer-coverage] extend fsanitize-coverage=pc-table with flags for every PC
llvm-svn: 311794
2017-08-25 19:29:47 +00:00
Matt Morehouse b1fa8255db [SanitizerCoverage] Optimize stack-depth instrumentation.
Summary:
Use the initialexec TLS type and eliminate calls to the TLS
wrapper.  Fixes the sanitizer-x86_64-linux-fuzzer bot failure.

Reviewers: vitalybuka, kcc

Reviewed By: kcc

Subscribers: hiraditya, llvm-commits

Differential Revision: https://reviews.llvm.org/D37026

llvm-svn: 311490
2017-08-22 21:28:29 +00:00
George Karpenkov 6bb45f793f [libFuzzer] Move check for thread_local back into libFuzzer's CMake,
as it breaks builtin standalone build on some bots.

llvm-svn: 311482
2017-08-22 18:34:28 +00:00
Kostya Serebryany 33fb36c353 [libFuzzer] fix the stack-depth initialization, add a lit test for DeepRecursionTest.cpp
llvm-svn: 311421
2017-08-22 01:50:00 +00:00
Kostya Serebryany f65cf64fa2 [libFuzzer] apply changes lost during the migration to compiler-rt
llvm-svn: 311420
2017-08-22 01:28:32 +00:00
Kostya Serebryany 055f441bd2 [libFuzzer] better README.txt
llvm-svn: 311418
2017-08-22 01:15:40 +00:00
Kostya Serebryany 0977643039 [libFuzzer] remove stale file
llvm-svn: 311417
2017-08-22 01:14:53 +00:00
George Karpenkov 10ab2ace13 Move libFuzzer to compiler_rt.
Resulting library binaries will be named libclang_rt.fuzzer*, and will
be placed in Clang toolchain, allowing redistribution.

Differential Revision: https://reviews.llvm.org/D36908

llvm-svn: 311407
2017-08-21 23:25:50 +00:00