From ef1de3295a543c18652a8fde532455c3a121b4fd Mon Sep 17 00:00:00 2001 From: Alexey Samsonov Date: Thu, 28 May 2015 18:35:18 +0000 Subject: [PATCH] Add llvm-dwarfdump-fuzzer that uses LibFuzzer to fuzz llvm-dwarfdump tool. The fuzzer is very simple, but not quite useful at the moment: it's unable to discover "interesting" examples, as LLVMObject library is terrible at error recovery, calling "report_fatal_error()" far too often. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238451 91177308-0d34-0410-b5e6-96231b3b80d8 --- tools/llvm-dwarfdump/CMakeLists.txt | 4 +++ tools/llvm-dwarfdump/fuzzer/CMakeLists.txt | 14 +++++++++ .../fuzzer/llvm-dwarfdump-fuzzer.cpp | 34 ++++++++++++++++++++++ 3 files changed, 52 insertions(+) create mode 100644 tools/llvm-dwarfdump/fuzzer/CMakeLists.txt create mode 100644 tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp diff --git a/tools/llvm-dwarfdump/CMakeLists.txt b/tools/llvm-dwarfdump/CMakeLists.txt index 086b1397461..9a2e53f5a4b 100644 --- a/tools/llvm-dwarfdump/CMakeLists.txt +++ b/tools/llvm-dwarfdump/CMakeLists.txt @@ -7,3 +7,7 @@ set(LLVM_LINK_COMPONENTS add_llvm_tool(llvm-dwarfdump llvm-dwarfdump.cpp ) + +if(LLVM_USE_SANITIZE_COVERAGE) + add_subdirectory(fuzzer) +endif() diff --git a/tools/llvm-dwarfdump/fuzzer/CMakeLists.txt b/tools/llvm-dwarfdump/fuzzer/CMakeLists.txt new file mode 100644 index 00000000000..1de35a3de47 --- /dev/null +++ b/tools/llvm-dwarfdump/fuzzer/CMakeLists.txt @@ -0,0 +1,14 @@ +set(LLVM_LINK_COMPONENTS + DebugInfoDWARF + Object + Support + ) + +add_llvm_executable(llvm-dwarfdump-fuzzer + EXCLUDE_FROM_ALL + llvm-dwarfdump-fuzzer.cpp + ) + +target_link_libraries(llvm-dwarfdump-fuzzer + LLVMFuzzer + ) diff --git a/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp b/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp new file mode 100644 index 00000000000..af0ac365228 --- /dev/null +++ b/tools/llvm-dwarfdump/fuzzer/llvm-dwarfdump-fuzzer.cpp @@ -0,0 +1,34 @@ +//===-- llvm-dwarfdump-fuzzer.cpp - Fuzz the llvm-dwarfdump tool ----------===// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// +/// +/// \file +/// \brief This file implements a function that runs llvm-dwarfdump +/// on a single input. This function is then linked into the Fuzzer library. +/// +//===----------------------------------------------------------------------===// +#include "llvm/DebugInfo/DIContext.h" +#include "llvm/DebugInfo/DWARF/DWARFContext.h" +#include "llvm/Object/ObjectFile.h" +#include "llvm/Support/MemoryBuffer.h" + +using namespace llvm; +using namespace object; + +extern "C" void LLVMFuzzerTestOneInput(uint8_t *data, size_t size) { + std::unique_ptr Buff = MemoryBuffer::getMemBuffer( + StringRef((const char *)data, size), "", false); + + ErrorOr> ObjOrErr = + ObjectFile::createObjectFile(Buff->getMemBufferRef()); + if (!ObjOrErr) + return; + ObjectFile &Obj = *ObjOrErr.get(); + std::unique_ptr DICtx(new DWARFContextInMemory(Obj)); + DICtx->dump(nulls(), DIDT_All); +} -- 2.11.0