From: Kostya Serebryany <kcc@google.com>
Date: Thu, 23 Jul 2015 18:37:22 +0000 (+0000)
Subject: [libFuzzer] dump long running units to disk
X-Git-Url: http://plrg.eecs.uci.edu/git/?p=oota-llvm.git;a=commitdiff_plain;h=6cbc095f13d49b3df8269cda4774ffecdd40aebe;hp=899ad498633facd7b8be979282e93820bc87b01f

[libFuzzer] dump long running units to disk

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243031 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Fuzzer/FuzzerInternal.h b/lib/Fuzzer/FuzzerInternal.h
index c387fe7a7c6..af3d011f08a 100644
--- a/lib/Fuzzer/FuzzerInternal.h
+++ b/lib/Fuzzer/FuzzerInternal.h
@@ -108,7 +108,7 @@ class Fuzzer {
   size_t RunOneMaximizeFullCoverageSet(const Unit &U);
   size_t RunOneMaximizeCoveragePairs(const Unit &U);
   void WriteToOutputCorpus(const Unit &U);
-  void WriteToCrash(const Unit &U, const char *Prefix);
+  void WriteUnitToFileWithPrefix(const Unit &U, const char *Prefix);
   void PrintStats(const char *Where, size_t Cov, const char *End = "\n");
   void PrintUnitInASCIIOrTokens(const Unit &U, const char *PrintAfter = "");
 
diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp
index 9ef47583cbb..d6533910f00 100644
--- a/lib/Fuzzer/FuzzerLoop.cpp
+++ b/lib/Fuzzer/FuzzerLoop.cpp
@@ -49,7 +49,7 @@ void Fuzzer::DeathCallback() {
   Printf("DEATH:\n");
   Print(CurrentUnit, "\n");
   PrintUnitInASCIIOrTokens(CurrentUnit, "\n");
-  WriteToCrash(CurrentUnit, "crash-");
+  WriteUnitToFileWithPrefix(CurrentUnit, "crash-");
 }
 
 void Fuzzer::StaticAlarmCallback() {
@@ -70,7 +70,7 @@ void Fuzzer::AlarmCallback() {
            Options.UnitTimeoutSec);
     Print(CurrentUnit, "\n");
     PrintUnitInASCIIOrTokens(CurrentUnit, "\n");
-    WriteToCrash(CurrentUnit, "timeout-");
+    WriteUnitToFileWithPrefix(CurrentUnit, "timeout-");
     exit(1);
   }
 }
@@ -161,6 +161,7 @@ size_t Fuzzer::RunOne(const Unit &U) {
     TimeOfLongestUnitInSeconds = TimeOfUnit;
     Printf("Longest unit: %zd s:\n", TimeOfLongestUnitInSeconds);
     Print(U, "\n");
+    WriteUnitToFileWithPrefix(U, "long-running-unit-");
   }
   return Res;
 }
@@ -248,10 +249,10 @@ void Fuzzer::WriteToOutputCorpus(const Unit &U) {
     Printf("Written to %s\n", Path.c_str());
 }
 
-void Fuzzer::WriteToCrash(const Unit &U, const char *Prefix) {
+void Fuzzer::WriteUnitToFileWithPrefix(const Unit &U, const char *Prefix) {
   std::string Path = Prefix + Hash(U);
   WriteToFile(U, Path);
-  Printf("CRASHED; file written to %s\nBase64: ", Path.c_str());
+  Printf("Test unit written to %s\nBase64: ", Path.c_str());
   PrintFileAsBase64(Path);
 }
 
diff --git a/lib/Fuzzer/test/fuzzer.test b/lib/Fuzzer/test/fuzzer.test
index b233acb0c72..55f081980a1 100644
--- a/lib/Fuzzer/test/fuzzer.test
+++ b/lib/Fuzzer/test/fuzzer.test
@@ -4,14 +4,14 @@ RUN: LLVMFuzzer-SimpleTest 2>&1 | FileCheck %s
 
 RUN: not LLVMFuzzer-InfiniteTest -timeout=2 2>&1 | FileCheck %s --check-prefix=InfiniteTest
 InfiniteTest: ALARM: working on the last Unit for
-InfiniteTest: CRASHED; file written to timeout
+InfiniteTest: Test unit written to timeout-
 
 RUN: not LLVMFuzzer-TimeoutTest -timeout=5 2>&1 | FileCheck %s --check-prefix=TimeoutTest
 TimeoutTest: ALARM: working on the last Unit for
-TimeoutTest: CRASHED; file written to timeout
+TimeoutTest: Test unit written to timeout-
 
 RUN: not LLVMFuzzer-NullDerefTest 2>&1 | FileCheck %s --check-prefix=NullDerefTest
-NullDerefTest: CRASHED; file written to crash-
+NullDerefTest: Test unit written to crash-
 
 RUN: not LLVMFuzzer-FullCoverageSetTest -timeout=15 -seed=1 -mutate_depth=2 -use_full_coverage_set=1 2>&1 | FileCheck %s