From 54a6363a8f154430342ea6fa4a9d81b686587ba0 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Fri, 29 Jan 2016 23:30:07 +0000 Subject: [PATCH] [libFuzzer] add -timeout_exitcode option llvm-svn: 259265 --- llvm/docs/LibFuzzer.rst | 1 + llvm/lib/Fuzzer/FuzzerDriver.cpp | 1 + llvm/lib/Fuzzer/FuzzerFlags.def | 2 ++ llvm/lib/Fuzzer/FuzzerInternal.h | 1 + llvm/lib/Fuzzer/FuzzerLoop.cpp | 2 +- llvm/lib/Fuzzer/test/fuzzer-timeout.test | 1 + 6 files changed, 7 insertions(+), 1 deletion(-) diff --git a/llvm/docs/LibFuzzer.rst b/llvm/docs/LibFuzzer.rst index 7a8d090..b4c8919 100644 --- a/llvm/docs/LibFuzzer.rst +++ b/llvm/docs/LibFuzzer.rst @@ -62,6 +62,7 @@ The most important flags are:: mutate_depth 5 Apply this number of consecutive mutations to each input. timeout 1200 Timeout in seconds (if positive). If one unit runs more than this number of seconds the process will abort. abort_on_timeout 0 If positive, call abort on timeout. + timeout_exitcode 77 Unless abort_on_timeout is set, use this exitcode on timeout. max_total_time 0 If positive, indicates the maximal total time in seconds to run the fuzzer. help 0 Print help. merge 0 If 1, the 2-nd, 3-rd, etc corpora will be merged into the 1-st corpus. Only interesting units will be taken. diff --git a/llvm/lib/Fuzzer/FuzzerDriver.cpp b/llvm/lib/Fuzzer/FuzzerDriver.cpp index d117681..e73feaf 100644 --- a/llvm/lib/Fuzzer/FuzzerDriver.cpp +++ b/llvm/lib/Fuzzer/FuzzerDriver.cpp @@ -269,6 +269,7 @@ int FuzzerDriver(const std::vector &Args, Options.MaxLen = Flags.max_len; Options.UnitTimeoutSec = Flags.timeout; Options.AbortOnTimeout = Flags.abort_on_timeout; + Options.TimeoutExitCode = Flags.timeout_exitcode; Options.MaxTotalTimeSec = Flags.max_total_time; Options.DoCrossOver = Flags.cross_over; Options.MutateDepth = Flags.mutate_depth; diff --git a/llvm/lib/Fuzzer/FuzzerFlags.def b/llvm/lib/Fuzzer/FuzzerFlags.def index 7f8d705..a451436 100644 --- a/llvm/lib/Fuzzer/FuzzerFlags.def +++ b/llvm/lib/Fuzzer/FuzzerFlags.def @@ -30,6 +30,8 @@ FUZZER_FLAG_INT( "Timeout in seconds (if positive). " "If one unit runs more than this number of seconds the process will abort.") FUZZER_FLAG_INT(abort_on_timeout, 0, "If positive, call abort on timeout.") +FUZZER_FLAG_INT(timeout_exitcode, 77, + "Unless abort_on_timeout is set, use this exitcode on timeout.") FUZZER_FLAG_INT(max_total_time, 0, "If positive, indicates the maximal total " "time in seconds to run the fuzzer.") FUZZER_FLAG_INT(help, 0, "Print help.") diff --git a/llvm/lib/Fuzzer/FuzzerInternal.h b/llvm/lib/Fuzzer/FuzzerInternal.h index b2a62dd..d506f8f 100644 --- a/llvm/lib/Fuzzer/FuzzerInternal.h +++ b/llvm/lib/Fuzzer/FuzzerInternal.h @@ -175,6 +175,7 @@ public: int MaxLen = 0; int UnitTimeoutSec = 300; bool AbortOnTimeout = false; + int TimeoutExitCode = 77; int MaxTotalTimeSec = 0; bool DoCrossOver = true; int MutateDepth = 5; diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp index b39860c..56c9c05 100644 --- a/llvm/lib/Fuzzer/FuzzerLoop.cpp +++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp @@ -114,7 +114,7 @@ void Fuzzer::AlarmCallback() { Printf("SUMMARY: libFuzzer: timeout\n"); if (Options.AbortOnTimeout) abort(); - exit(1); + exit(Options.TimeoutExitCode); } } diff --git a/llvm/lib/Fuzzer/test/fuzzer-timeout.test b/llvm/lib/Fuzzer/test/fuzzer-timeout.test index 8db5f89..2de460d 100644 --- a/llvm/lib/Fuzzer/test/fuzzer-timeout.test +++ b/llvm/lib/Fuzzer/test/fuzzer-timeout.test @@ -12,3 +12,4 @@ SingleInputTimeoutTest: ALARM: working on the last Unit for SingleInputTimeoutTest-NOT: Test unit written to ./timeout- RUN: ASAN_OPTIONS=handle_abort=0 not --crash LLVMFuzzer-TimeoutTest -timeout=1 -abort_on_timeout=1 +RUN: LLVMFuzzer-TimeoutTest -timeout=1 -timeout_exitcode=0 -- 2.7.4