review.tizen.org Git - platform/upstream/llvm.git/commit

author	Dokyung Song <dokyungs@google.com>
	Fri, 31 Jul 2020 00:07:20 +0000 (00:07 +0000)
committer	Dokyung Song <dokyungs@google.com>
	Thu, 3 Sep 2020 15:54:39 +0000 (15:54 +0000)
commit	62673c430de43837b0f177089ed184a0ffcd5678
tree	8699e069fdde11f014f7cd906d2dbca6a555d7ee	tree \| snapshot
parent	7bc9924cb2fbd9f3ae53577607822ace267a04e6	commit \| diff

[libFuzzer] Add an option to keep initial seed inputs around.

This patch adds an option "keep_seed" to keep all initial seed inputs in the
corpus. Previously, only the initial seed inputs that find new coverage were
added to the corpus, and all the other initial inputs were discarded. We
observed in some circumstances that useful initial seed inputs are discarded as
they find no new coverage, even though they contain useful fragments in them
(e.g., SQLITE3 FuzzBench benchmark). This newly added option provides a way to
keeping seed inputs in the corpus for those circumstances. With this patch, and
with -keep_seed=1, all initial seed inputs are kept in the corpus regardless of
whether they find new coverage or not. Further, these seed inputs are not
replaced with smaller inputs even if -reduce_inputs=1.

Differential Revision: https://reviews.llvm.org/D86577

compiler-rt/lib/fuzzer/FuzzerCorpus.h		diff \| blob \| history
compiler-rt/lib/fuzzer/FuzzerDriver.cpp		diff \| blob \| history
compiler-rt/lib/fuzzer/FuzzerFlags.def		diff \| blob \| history
compiler-rt/lib/fuzzer/FuzzerFork.cpp		diff \| blob \| history
compiler-rt/lib/fuzzer/FuzzerInternal.h		diff \| blob \| history
compiler-rt/lib/fuzzer/FuzzerLoop.cpp		diff \| blob \| history
compiler-rt/lib/fuzzer/FuzzerOptions.h		diff \| blob \| history
compiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp		diff \| blob \| history
compiler-rt/test/fuzzer/KeepSeedTest.cpp	[new file with mode: 0644]	blob
compiler-rt/test/fuzzer/keep-seed.test	[new file with mode: 0644]	blob