From: Kostya Serebryany Date: Wed, 1 Feb 2017 00:07:47 +0000 (+0000) Subject: [libFuzzer] increase the default size for shmem X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=63c362484ce91782adfdaa1383d804edd7980544;p=llvm [libFuzzer] increase the default size for shmem git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@293722 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/Fuzzer/FuzzerDriver.cpp b/lib/Fuzzer/FuzzerDriver.cpp index 5620cdea3fa..01f2bc0413e 100644 --- a/lib/Fuzzer/FuzzerDriver.cpp +++ b/lib/Fuzzer/FuzzerDriver.cpp @@ -482,8 +482,8 @@ int FuzzerDriver(int *argc, char ***argv, UserCallback Callback) { if (auto Name = Flags.run_equivalence_server) { SMR.Destroy(Name); - if (!SMR.Create(Name, 1 << 12)) { - Printf("ERROR: can't create shared memory region\n"); + if (!SMR.Create(Name)) { + Printf("ERROR: can't create shared memory region\n"); return 1; } Printf("INFO: EQUIVALENCE SERVER UP\n"); diff --git a/lib/Fuzzer/FuzzerShmem.h b/lib/Fuzzer/FuzzerShmem.h index 88719c1775f..53568e0acb6 100644 --- a/lib/Fuzzer/FuzzerShmem.h +++ b/lib/Fuzzer/FuzzerShmem.h @@ -22,10 +22,9 @@ namespace fuzzer { class SharedMemoryRegion { public: - bool Create(const char *Name, size_t Size); + bool Create(const char *Name); bool Open(const char *Name); bool Destroy(const char *Name); - size_t GetSize() const { return Size; } uint8_t *GetData() { return Data; } void PostServer() {Post(0);} void WaitServer() {Wait(0);} @@ -33,7 +32,7 @@ class SharedMemoryRegion { void WaitClient() {Wait(1);} size_t WriteByteArray(const uint8_t *Bytes, size_t N) { - N = std::min(N, GetSize() - sizeof(N)); + assert(N <= kShmemSize - sizeof(N)); memcpy(GetData(), &N, sizeof(N)); memcpy(GetData() + sizeof(N), Bytes, N); assert(N == ReadByteArraySize()); @@ -50,6 +49,8 @@ class SharedMemoryRegion { bool IsClient() const { return Data && !IAmServer; } private: + + static const size_t kShmemSize = 1 << 22; bool IAmServer; std::string Path(const char *Name); std::string SemName(const char *Name, int Idx); @@ -57,7 +58,6 @@ private: void Wait(int Idx); bool Map(int fd); - size_t Size = 0; uint8_t *Data = nullptr; void *Semaphore[2]; }; diff --git a/lib/Fuzzer/FuzzerShmemPosix.cpp b/lib/Fuzzer/FuzzerShmemPosix.cpp index c87407bb1d6..b727c24e960 100644 --- a/lib/Fuzzer/FuzzerShmemPosix.cpp +++ b/lib/Fuzzer/FuzzerShmemPosix.cpp @@ -35,17 +35,17 @@ std::string SharedMemoryRegion::SemName(const char *Name, int Idx) { } bool SharedMemoryRegion::Map(int fd) { - Data = (uint8_t *)mmap(0, Size, PROT_WRITE | PROT_READ, MAP_SHARED, fd, 0); + Data = + (uint8_t *)mmap(0, kShmemSize, PROT_WRITE | PROT_READ, MAP_SHARED, fd, 0); if (Data == (uint8_t*)-1) return false; return true; } -bool SharedMemoryRegion::Create(const char *Name, size_t Size) { +bool SharedMemoryRegion::Create(const char *Name) { int fd = open(Path(Name).c_str(), O_CREAT | O_RDWR, 0777); if (fd < 0) return false; - if (ftruncate(fd, Size) < 0) return false; - this->Size = Size; + if (ftruncate(fd, kShmemSize) < 0) return false; if (!Map(fd)) return false; for (int i = 0; i < 2; i++) { @@ -64,7 +64,7 @@ bool SharedMemoryRegion::Open(const char *Name) { struct stat stat_res; if (0 != fstat(fd, &stat_res)) return false; - Size = stat_res.st_size; + assert(stat_res.st_size == kShmemSize); if (!Map(fd)) return false; for (int i = 0; i < 2; i++) { diff --git a/lib/Fuzzer/test/equivalence.test b/lib/Fuzzer/test/equivalence.test index 6c9d87888e0..2728447e34a 100644 --- a/lib/Fuzzer/test/equivalence.test +++ b/lib/Fuzzer/test/equivalence.test @@ -1,6 +1,6 @@ RUN: LLVMFuzzer-EquivalenceATest -run_equivalence_server=EQUIV_TEST & export APID=$! RUN: sleep 3 -RUN: not LLVMFuzzer-EquivalenceBTest -use_equivalence_server=EQUIV_TEST 2>&1 | FileCheck %s +RUN: not LLVMFuzzer-EquivalenceBTest -use_equivalence_server=EQUIV_TEST -max_len=4096 2>&1 | FileCheck %s CHECK: ERROR: libFuzzer: equivalence-mismatch. Sizes: {{.*}}; offset 2 CHECK: SUMMARY: libFuzzer: equivalence-mismatch RUN: kill -9 $APID