From 17062e257e70c0cc23df818e3e6444759e1fe08b Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 16 Oct 2015 22:41:47 +0000 Subject: [PATCH] [libFuzzer] When -test_single_input crashes the test it is not necessary to write crash-file because input is already known to the user. Patch by Mike Aizatsky git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250564 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Fuzzer/FuzzerDriver.cpp | 9 +++++---- lib/Fuzzer/FuzzerIO.cpp | 4 ++++ lib/Fuzzer/FuzzerInternal.h | 1 + lib/Fuzzer/FuzzerLoop.cpp | 2 ++ lib/Fuzzer/test/fuzzer.test | 7 ++++++- 5 files changed, 18 insertions(+), 5 deletions(-) diff --git a/lib/Fuzzer/FuzzerDriver.cpp b/lib/Fuzzer/FuzzerDriver.cpp index b5cf231e0f2..55d1491c7cf 100644 --- a/lib/Fuzzer/FuzzerDriver.cpp +++ b/lib/Fuzzer/FuzzerDriver.cpp @@ -277,12 +277,17 @@ int FuzzerDriver(const std::vector &Args, return 1; if (Flags.verbosity > 0 && !Options.Dictionary.empty()) Printf("Dictionary: %zd entries\n", Options.Dictionary.size()); + Options.SaveArtifacts = !Flags.test_single_input; Fuzzer F(USF, Options); if (Flags.apply_tokens) return ApplyTokens(F, Flags.apply_tokens); + // Timer + if (Flags.timeout > 0) + SetTimer(Flags.timeout / 2 + 1); + if (Flags.test_single_input) return RunOneTest(&F, Flags.test_single_input); @@ -294,10 +299,6 @@ int FuzzerDriver(const std::vector &Args, Printf("Seed: %u\n", Seed); USF.GetRand().ResetSeed(Seed); - // Timer - if (Flags.timeout > 0) - SetTimer(Flags.timeout / 2 + 1); - if (Flags.verbosity >= 2) { Printf("Tokens: {"); for (auto &T : Options.Tokens) diff --git a/lib/Fuzzer/FuzzerIO.cpp b/lib/Fuzzer/FuzzerIO.cpp index b6ffb752de3..4bb2df5d71a 100644 --- a/lib/Fuzzer/FuzzerIO.cpp +++ b/lib/Fuzzer/FuzzerIO.cpp @@ -49,6 +49,10 @@ static std::vector ListFilesInDir(const std::string &Dir, Unit FileToVector(const std::string &Path) { std::ifstream T(Path); + if (!T) { + Printf("No such directory: %s; exiting\n", Path.c_str()); + exit(1); + } return Unit((std::istreambuf_iterator(T)), std::istreambuf_iterator()); } diff --git a/lib/Fuzzer/FuzzerInternal.h b/lib/Fuzzer/FuzzerInternal.h index 500989072c3..c672f23d95f 100644 --- a/lib/Fuzzer/FuzzerInternal.h +++ b/lib/Fuzzer/FuzzerInternal.h @@ -93,6 +93,7 @@ class Fuzzer { std::string ArtifactPrefix = "./"; std::vector Tokens; std::vector Dictionary; + bool SaveArtifacts = true; }; Fuzzer(UserSuppliedFuzzer &USF, FuzzingOptions Options); void AddToCorpus(const Unit &U) { Corpus.push_back(U); } diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp index ec0b1176e28..9b238cb05b1 100644 --- a/lib/Fuzzer/FuzzerLoop.cpp +++ b/lib/Fuzzer/FuzzerLoop.cpp @@ -237,6 +237,8 @@ void Fuzzer::WriteToOutputCorpus(const Unit &U) { } void Fuzzer::WriteUnitToFileWithPrefix(const Unit &U, const char *Prefix) { + if (!Options.SaveArtifacts) + return; std::string Path = Options.ArtifactPrefix + Prefix + Hash(U); WriteToFile(U, Path); Printf("artifact_prefix='%s'; Test unit written to %s\n", diff --git a/lib/Fuzzer/test/fuzzer.test b/lib/Fuzzer/test/fuzzer.test index f3794dc3d38..dccc5e48250 100644 --- a/lib/Fuzzer/test/fuzzer.test +++ b/lib/Fuzzer/test/fuzzer.test @@ -1,7 +1,8 @@ CHECK: BINGO RUN: LLVMFuzzer-SimpleTest 2>&1 | FileCheck %s -RUN: LLVMFuzzer-SimpleTest -test_single_input=%S/hi.txt 2>&1 | FileCheck %s +RUN: not LLVMFuzzer-NullDerefTest -test_single_input=%S/hi.txt 2>&1 | FileCheck %s --check-prefix=SingleInput +SingleInput-NOT: Test unit written to ./crash- RUN: not LLVMFuzzer-InfiniteTest -timeout=2 2>&1 | FileCheck %s --check-prefix=InfiniteTest InfiniteTest: ALARM: working on the last Unit for @@ -14,6 +15,10 @@ RUN: not LLVMFuzzer-TimeoutTest -timeout=5 2>&1 | FileCheck %s --check-prefix=Ti TimeoutTest: ALARM: working on the last Unit for TimeoutTest: Test unit written to ./timeout- +RUN: not LLVMFuzzer-TimeoutTest -timeout=5 -test_single_input=%S/hi.txt 2>&1 | FileCheck %s --check-prefix=SingleInputTimeoutTest +SingleInputTimeoutTest: ALARM: working on the last Unit for +SingleInputTimeoutTest-NOT: Test unit written to ./timeout- + RUN: not LLVMFuzzer-NullDerefTest 2>&1 | FileCheck %s --check-prefix=NullDerefTest NullDerefTest: Test unit written to ./crash- RUN: not LLVMFuzzer-NullDerefTest -artifact_prefix=ZZZ 2>&1 | FileCheck %s --check-prefix=NullDerefTestPrefix -- 2.34.1