FailedChanges

Summary

  1. [fuzzer] Create user provided fuzzer writeable directories when requested if they dont exist (details)
  2. Step down from security group (details)
  3. Add new hidden option -print-changed which only reports changes to IR (details)
  4. [libFuzzer] Add an option to keep initial seed inputs around. (details)
Commit 711b9806547b0392ff636499cebfb73f72d4c595 by mascasa
[fuzzer] Create user provided fuzzer writeable directories when requested if they dont exist

Currently, libFuzzer will exit with an error message if a non-existent
directory is provided for any of the appropriate arguments. For cases
where libFuzzer is used in a specialized embedded environment, it would
be much easier to have libFuzzer create the directories for the user.

This patch accommodates for this scenario by allowing the user to provide
the argument `-create_missing_dirs=1` which makes libFuzzer attempt to
create the `artifact_prefix`, `exact_artifact_path`,
`features_dir` and/or corpus directory if they don't already exist rather
than throw an error and exit.

Split off from D84808 as requested [here](https://reviews.llvm.org/D84808#2208546).

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D86733
The file was modifiedcompiler-rt/test/fuzzer/fuzzer-dirs.test (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerIO.h (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerDriver.cpp (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerFlags.def (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerIO.cpp (diff)
Commit baa74e013f7e30f09b002692913a705b704a58f5 by JF Bastien
Step down from security group

Propose Ahmed as a replacement. He's fixed many security issues in LLVM for Apple in the last few years, as such he'll fit the "Individual contributors" description.

Differential Revision: https://reviews.llvm.org/D86742
The file was modifiedllvm/docs/Security.rst (diff)
Commit 7bc9924cb2fbd9f3ae53577607822ace267a04e6 by anhtuyen
Add new hidden option -print-changed which only reports changes to IR

A new hidden option -print-changed is added along with code to support
printing the IR as it passes through the opt pipeline in the new pass
manager. Only those passes that change the IR are reported, with others
only having the banner reported, indicating that they did not change the
IR, were filtered out or ignored. Filtering of output via the
-filter-print-funcs is supported and a new supporting hidden option
-filter-passes is added. The latter takes a comma separated list of pass
names and filters the output to only show those passes in the list that
change the IR. The output can also be modified via the -print-module-scope
function.

The code introduces a template base class that generalizes the comparison
of IRs that takes an IR representation as template parameter. The
constructor takes a series of lambdas that provide an event based API
for generalized reporting of IRs as they are changed in the opt pipeline
through the new pass manager.

The first of several instantiations is provided that prints the IR
in a form similar to that produced by -print-after-all with the above
mentioned filtering capabilities. This version, and the others to
follow will be introduced at the upcoming developer's conference.
See https://hotcrp.llvm.org/usllvm2020/paper/29 for more information.

Reviewed By: yrouban (Yevgeny Rouban)

Differential Revision: https://reviews.llvm.org/D86360
The file was modifiedllvm/include/llvm/Passes/StandardInstrumentations.h (diff)
The file was addedllvm/test/Other/change-printer.ll
The file was modifiedllvm/lib/Passes/StandardInstrumentations.cpp (diff)
The file was modifiedllvm/lib/IR/LegacyPassManager.cpp (diff)
Commit 62673c430de43837b0f177089ed184a0ffcd5678 by dokyungs
[libFuzzer] Add an option to keep initial seed inputs around.

This patch adds an option "keep_seed" to keep all initial seed inputs in the
corpus. Previously, only the initial seed inputs that find new coverage were
added to the corpus, and all the other initial inputs were discarded. We
observed in some circumstances that useful initial seed inputs are discarded as
they find no new coverage, even though they contain useful fragments in them
(e.g., SQLITE3 FuzzBench benchmark). This newly added option provides a way to
keeping seed inputs in the corpus for those circumstances. With this patch, and
with -keep_seed=1, all initial seed inputs are kept in the corpus regardless of
whether they find new coverage or not. Further, these seed inputs are not
replaced with smaller inputs even if -reduce_inputs=1.

Differential Revision: https://reviews.llvm.org/D86577
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerOptions.h (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerInternal.h (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerLoop.cpp (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerFlags.def (diff)
The file was modifiedcompiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerFork.cpp (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerCorpus.h (diff)
The file was modifiedcompiler-rt/lib/fuzzer/FuzzerDriver.cpp (diff)
The file was addedcompiler-rt/test/fuzzer/KeepSeedTest.cpp
The file was addedcompiler-rt/test/fuzzer/keep-seed.test