Add llvm-dwarfdump-fuzzer that uses LibFuzzer to fuzz llvm-dwarfdump tool.

The fuzzer is very simple, but not quite useful at the moment: it's unable
to discover "interesting" examples, as LLVMObject library is terrible at
error recovery, calling "report_fatal_error()" far too often.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238451 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/tools/llvm-dwarfdump/CMakeLists.txt b/tools/llvm-dwarfdump/CMakeLists.txt
index 086b13974614fad7d83f3f33e852a97043175fe7..9a2e53f5a4bb27e82447e45d1ce5263454839f02 100644 (file)
--- a/tools/llvm-dwarfdump/CMakeLists.txt
+++ b/tools/llvm-dwarfdump/CMakeLists.txt
@@ -7,3 +7,7 @@ set(LLVM_LINK_COMPONENTS
 add_llvm_tool(llvm-dwarfdump
   llvm-dwarfdump.cpp
   )
+
+if(LLVM_USE_SANITIZE_COVERAGE)
+  add_subdirectory(fuzzer)
+endif()

diff --git a/tools/llvm-dwarfdump/fuzzer/CMakeLists.txt b/tools/llvm-dwarfdump/fuzzer/CMakeLists.txt
new file mode 100644 (file)
index 0000000..1de35a3
--- /dev/null
+++ b/tools/llvm-dwarfdump/fuzzer/CMakeLists.txt
@@ -0,0 +1,14 @@
+set(LLVM_LINK_COMPONENTS
+  DebugInfoDWARF
+  Object
+  Support
+  )
+
+add_llvm_executable(llvm-dwarfdump-fuzzer
+  EXCLUDE_FROM_ALL
+  llvm-dwarfdump-fuzzer.cpp
+  )
+
+target_link_libraries(llvm-dwarfdump-fuzzer
+  LLVMFuzzer
+  )

diff --git a/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp b/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp
new file mode 100644 (file)
index 0000000..af0ac36
--- /dev/null
+++ b/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp
@@ -0,0 +1,34 @@
+//===-- llvm-dwarfdump-fuzzer.cpp - Fuzz the llvm-dwarfdump tool ----------===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+///
+/// \file
+/// \brief This file implements a function that runs llvm-dwarfdump
+///  on a single input. This function is then linked into the Fuzzer library.
+///
+//===----------------------------------------------------------------------===//
+#include "llvm/DebugInfo/DIContext.h"
+#include "llvm/DebugInfo/DWARF/DWARFContext.h"
+#include "llvm/Object/ObjectFile.h"
+#include "llvm/Support/MemoryBuffer.h"
+
+using namespace llvm;
+using namespace object;
+
+extern "C" void LLVMFuzzerTestOneInput(uint8_t *data, size_t size) {
+  std::unique_ptr<MemoryBuffer> Buff = MemoryBuffer::getMemBuffer(
+      StringRef((const char *)data, size), "", false);
+
+  ErrorOr<std::unique_ptr<ObjectFile>> ObjOrErr =
+      ObjectFile::createObjectFile(Buff->getMemBufferRef());
+  if (!ObjOrErr)
+    return;
+  ObjectFile &Obj = *ObjOrErr.get();
+  std::unique_ptr<DIContext> DICtx(new DWARFContextInMemory(Obj));
+  DICtx->dump(nulls(), DIDT_All);
+}