Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
+klimek@ who contributed the first version of clang-fuzzer. We now have clang-proto-fuzzer (see tools/clang/tools/clang-fuzzer/README.txt) which shares code with clang-fuzzer, but which also depends on various packages (protobufs, in particular). clang-proto-fuzzer is off by default (requires a cmake flag) so these extra deps don't hurt anyone, but Nico's concern is that this way we pollute the main repo with code that requires extra deps. We could probably move the code to another repo (clang-tools-extra?) but my concerns are: * this is extra work, I don't want to do it "just in case". Only if it's a common agreement that the change will improve the overall state enough to spend this time. * we need to keep clang-fuzzer together with clang-proto-fuzzer, they are too close to have them separately. But this will make clang-fuzzer even less used. (Admittedly, the bugs found by clang-fuzzer are not being fixed anyway) WDYT? --kcc On Thu, Aug 10, 2017 at 12:32 PM, Nico Weberwrote: > On Thu, Aug 10, 2017 at 3:13 PM, Kostya Serebryany wrote: > >> >> >> On Thu, Aug 10, 2017 at 12:01 PM, Nico Weber wrote: >> >>> On Thu, Aug 10, 2017 at 2:04 PM, Kostya Serebryany >>> wrote: >>> On Thu, Aug 10, 2017 at 10:56 AM, Nico Weber via cfe-commits < cfe-commits@lists.llvm.org> wrote: > I really believe this has way too many deps to live in the clang > repro, as said on the review already. > I don't have a very strong opinion here and would be happy to move if I see more support for Nico's opinion (I haven't seen it on the review, and you didn't object further, so we proceeded). Again, my rational is that the simpler it is to use the more likely other researchers will extend this work. BTW, I am going to commit a Dockerfile that will make experimenting with this trivial. My current (dirty) version looks like this. Not too much trouble. FROM ubuntu:16.04 RUN apt-get update -y && apt-get install -y autoconf automake libtool curl make g++ unzip RUN apt-get install -y wget RUN apt-get install -y git binutils liblzma-dev libz-dev RUN apt-get install -y python-all RUN apt-get install -y cmake ninja-build RUN apt-get install -y subversion WORKDIR /root RUN wget -qO- https://github.com/google/prot obuf/releases/download/v3.3.0/protobuf-cpp-3.3.0.tar.gz | tar zxf - RUN cd protobuf-3.3.0 && ./autogen.sh && ./configure && make -j $(nproc) && make check -j $(nproc) && make install && ldconfig RUN apt-get install -y pkg-config RUN svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm RUN cd llvm/tools && svn co http://llvm.org/svn/llvm-project/cfe/trunk clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') RUN cd llvm/projects && svn co http://llvm.org/svn/llvm-proje ct/compiler-rt/trunk clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') RUN mkdir build0 && cd build0 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release ../llvm && ninja RUN mkdir build1 && cd build1 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release ../llvm -DLLVM_ENABLE_ASSERTIONS=ON -DCMAKE_C_COMPILER=`pwd`/../build0/bin/clang -DCMAKE_CXX_COMPILER=`pwd`/../build0/bin/clang++ -DLLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address -DCLANG_ENABLE_PROTO_FUZZER=ON RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer #RUN cd build1 && ninja clang-proto-to-cxx > Maybe this could live in clang-extra instead? > clang-extra? >>> >>> clang-tools-extra, sorry. >>> >>> That's a separate repo, right? >>> >>> Yes. >>> >>> It may require more cmake trickery, and we'll also have to share the clang-fuzzer-specific code between two repos. >>> >>> We could move the whole thing. I'd imagine that at most 3% of people who >>> use clang will use this fuzzer, so having it elsewhere seems reasonable. >>> (I'd imagine many more people to use clang-tidy for example, and that's in >>> the other repro.) >>> >> >> The clang-tidy argument doesn't work for me. >> clang-tidy is a separate tool. >> clang*fuzzer are ways to test clang, and so they have more reasons to >> stay closer to clang (for the same reason that the clang tests stay with >> clang). >> > > Then think of the "[cfe-dev] Proposal for an ABI testsuite for clang" > thread instead, which was about testing clang. We ended up putting that > into a completely separate repo. > > > > >> >> --kcc >> >> >>> Also see the "Contributing Extensions to Clang" section on >>> http://clang.llvm.org/get_involved.html >>> >>> I do want the original clang-fuzzer to remain where it was, and both (clang-fuzzer and clang-proto-fuzzer) share the code. > > On Aug 8, 2017
Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
On Thu, Aug 10, 2017 at 3:13 PM, Kostya Serebryanywrote: > > > On Thu, Aug 10, 2017 at 12:01 PM, Nico Weber wrote: > >> On Thu, Aug 10, 2017 at 2:04 PM, Kostya Serebryany >> wrote: >> >>> >>> >>> On Thu, Aug 10, 2017 at 10:56 AM, Nico Weber via cfe-commits < >>> cfe-commits@lists.llvm.org> wrote: >>> I really believe this has way too many deps to live in the clang repro, as said on the review already. >>> >>> I don't have a very strong opinion here and would be happy to move if I >>> see more support for Nico's opinion >>> (I haven't seen it on the review, and you didn't object further, so we >>> proceeded). >>> Again, my rational is that the simpler it is to use the more likely >>> other researchers will extend this work. >>> >>> BTW, I am going to commit a Dockerfile that will make experimenting with >>> this trivial. >>> My current (dirty) version looks like this. Not too much trouble. >>> >>> FROM ubuntu:16.04 >>> RUN apt-get update -y && apt-get install -y autoconf automake libtool >>> curl make g++ unzip >>> RUN apt-get install -y wget >>> RUN apt-get install -y git binutils liblzma-dev libz-dev >>> RUN apt-get install -y python-all >>> RUN apt-get install -y cmake ninja-build >>> RUN apt-get install -y subversion >>> >>> WORKDIR /root >>> RUN wget -qO- https://github.com/google/prot >>> obuf/releases/download/v3.3.0/protobuf-cpp-3.3.0.tar.gz | tar zxf - >>> RUN cd protobuf-3.3.0 && ./autogen.sh && ./configure && make -j $(nproc) >>> && make check -j $(nproc) && make install && ldconfig >>> RUN apt-get install -y pkg-config >>> RUN svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm >>> RUN cd llvm/tools && svn co http://llvm.org/svn/llvm-project/cfe/trunk >>> clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') >>> RUN cd llvm/projects && svn co http://llvm.org/svn/llvm-proje >>> ct/compiler-rt/trunk clang -r $(cd ../ && svn info | grep Revision | >>> awk '{print $2}') >>> RUN mkdir build0 && cd build0 && cmake -GNinja >>> -DCMAKE_BUILD_TYPE=Release ../llvm && ninja >>> RUN mkdir build1 && cd build1 && cmake -GNinja >>> -DCMAKE_BUILD_TYPE=Release ../llvm -DLLVM_ENABLE_ASSERTIONS=ON >>> -DCMAKE_C_COMPILER=`pwd`/../build0/bin/clang >>> -DCMAKE_CXX_COMPILER=`pwd`/../build0/bin/clang++ >>> -DLLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address >>> -DCLANG_ENABLE_PROTO_FUZZER=ON >>> RUN cd build1 && ninja clang-fuzzer >>> RUN cd build1 && ninja clang-proto-fuzzer >>> #RUN cd build1 && ninja clang-proto-to-cxx >>> >>> >>> Maybe this could live in clang-extra instead? >>> >>> clang-extra? >>> >> >> clang-tools-extra, sorry. >> >> >>> That's a separate repo, right? >>> >> >> Yes. >> >> >>> It may require more cmake trickery, and we'll also have to share the >>> clang-fuzzer-specific code between two repos. >>> >> >> We could move the whole thing. I'd imagine that at most 3% of people who >> use clang will use this fuzzer, so having it elsewhere seems reasonable. >> (I'd imagine many more people to use clang-tidy for example, and that's in >> the other repro.) >> > > The clang-tidy argument doesn't work for me. > clang-tidy is a separate tool. > clang*fuzzer are ways to test clang, and so they have more reasons to stay > closer to clang (for the same reason that the clang tests stay with clang). > Then think of the "[cfe-dev] Proposal for an ABI testsuite for clang" thread instead, which was about testing clang. We ended up putting that into a completely separate repo. > > --kcc > > >> Also see the "Contributing Extensions to Clang" section on >> http://clang.llvm.org/get_involved.html >> >> >>> I do want the original clang-fuzzer to remain where it was, and both >>> (clang-fuzzer and clang-proto-fuzzer) share the code. >>> >>> >>> >>> On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" < cfe-commits@lists.llvm.org> wrote: > Author: morehouse > Date: Tue Aug 8 13:15:04 2017 > New Revision: 310408 > > URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev > Log: > Integrate Kostya's clang-proto-fuzzer with LLVM. > > Summary: > The clang-proto-fuzzer models a subset of C++ as a protobuf and > uses libprotobuf-mutator to generate interesting mutations of C++ > programs. Clang-proto-fuzzer has already found several bugs in > Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747, > https://bugs.llvm.org/show_bug.cgi?id=33749). > > As with clang-fuzzer, clang-proto-fuzzer requires the following > cmake flags: > - CMAKE_C_COMPILER=clang > - CMAKE_CXX_COMPILER=clang++ > - LLVM_USE_SANITIZE_COVERAGE=YES // needed for libFuzzer > - LLVM_USE_SANITIZER=Address // needed for libFuzzer > > In addition, clang-proto-fuzzer requires: > - CLANG_ENABLE_PROTO_FUZZER=ON > > clang-proto-fuzzer also requires the following dependencies: > - binutils // needed for
Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
On Thu, Aug 10, 2017 at 12:01 PM, Nico Weberwrote: > On Thu, Aug 10, 2017 at 2:04 PM, Kostya Serebryany wrote: > >> >> >> On Thu, Aug 10, 2017 at 10:56 AM, Nico Weber via cfe-commits < >> cfe-commits@lists.llvm.org> wrote: >> >>> I really believe this has way too many deps to live in the clang repro, >>> as said on the review already. >>> >> >> I don't have a very strong opinion here and would be happy to move if I >> see more support for Nico's opinion >> (I haven't seen it on the review, and you didn't object further, so we >> proceeded). >> Again, my rational is that the simpler it is to use the more likely other >> researchers will extend this work. >> >> BTW, I am going to commit a Dockerfile that will make experimenting with >> this trivial. >> My current (dirty) version looks like this. Not too much trouble. >> >> FROM ubuntu:16.04 >> RUN apt-get update -y && apt-get install -y autoconf automake libtool >> curl make g++ unzip >> RUN apt-get install -y wget >> RUN apt-get install -y git binutils liblzma-dev libz-dev >> RUN apt-get install -y python-all >> RUN apt-get install -y cmake ninja-build >> RUN apt-get install -y subversion >> >> WORKDIR /root >> RUN wget -qO- https://github.com/google/prot >> obuf/releases/download/v3.3.0/protobuf-cpp-3.3.0.tar.gz | tar zxf - >> RUN cd protobuf-3.3.0 && ./autogen.sh && ./configure && make -j $(nproc) >> && make check -j $(nproc) && make install && ldconfig >> RUN apt-get install -y pkg-config >> RUN svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm >> RUN cd llvm/tools && svn co http://llvm.org/svn/llvm-project/cfe/trunk >> clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') >> RUN cd llvm/projects && svn co http://llvm.org/svn/llvm-proje >> ct/compiler-rt/trunk clang -r $(cd ../ && svn info | grep Revision | awk >> '{print $2}') >> RUN mkdir build0 && cd build0 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release >> ../llvm && ninja >> RUN mkdir build1 && cd build1 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release >> ../llvm -DLLVM_ENABLE_ASSERTIONS=ON >> -DCMAKE_C_COMPILER=`pwd`/../build0/bin/clang >> -DCMAKE_CXX_COMPILER=`pwd`/../build0/bin/clang++ >> -DLLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address >> -DCLANG_ENABLE_PROTO_FUZZER=ON >> RUN cd build1 && ninja clang-fuzzer >> RUN cd build1 && ninja clang-proto-fuzzer >> #RUN cd build1 && ninja clang-proto-to-cxx >> >> >> >>> Maybe this could live in clang-extra instead? >>> >> >> clang-extra? >> > > clang-tools-extra, sorry. > > >> That's a separate repo, right? >> > > Yes. > > >> It may require more cmake trickery, and we'll also have to share the >> clang-fuzzer-specific code between two repos. >> > > We could move the whole thing. I'd imagine that at most 3% of people who > use clang will use this fuzzer, so having it elsewhere seems reasonable. > (I'd imagine many more people to use clang-tidy for example, and that's in > the other repro.) > The clang-tidy argument doesn't work for me. clang-tidy is a separate tool. clang*fuzzer are ways to test clang, and so they have more reasons to stay closer to clang (for the same reason that the clang tests stay with clang). --kcc > Also see the "Contributing Extensions to Clang" section on > http://clang.llvm.org/get_involved.html > > >> I do want the original clang-fuzzer to remain where it was, and both >> (clang-fuzzer and clang-proto-fuzzer) share the code. >> >> >> >> >>> >>> On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" < >>> cfe-commits@lists.llvm.org> wrote: >>> Author: morehouse Date: Tue Aug 8 13:15:04 2017 New Revision: 310408 URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev Log: Integrate Kostya's clang-proto-fuzzer with LLVM. Summary: The clang-proto-fuzzer models a subset of C++ as a protobuf and uses libprotobuf-mutator to generate interesting mutations of C++ programs. Clang-proto-fuzzer has already found several bugs in Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747, https://bugs.llvm.org/show_bug.cgi?id=33749). As with clang-fuzzer, clang-proto-fuzzer requires the following cmake flags: - CMAKE_C_COMPILER=clang - CMAKE_CXX_COMPILER=clang++ - LLVM_USE_SANITIZE_COVERAGE=YES // needed for libFuzzer - LLVM_USE_SANITIZER=Address // needed for libFuzzer In addition, clang-proto-fuzzer requires: - CLANG_ENABLE_PROTO_FUZZER=ON clang-proto-fuzzer also requires the following dependencies: - binutils // needed for libprotobuf-mutator - liblzma-dev // needed for libprotobuf-mutator - libz-dev // needed for libprotobuf-mutator - docbook2x // needed for libprotobuf-mutator - Recent version of protobuf [3.3.0 is known to work] A working version of libprotobuf-mutator will automatically be downloaded and built as an external project. Implementation of clang-proto-fuzzer provided by
Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
On Thu, Aug 10, 2017 at 2:04 PM, Kostya Serebryanywrote: > > > On Thu, Aug 10, 2017 at 10:56 AM, Nico Weber via cfe-commits < > cfe-commits@lists.llvm.org> wrote: > >> I really believe this has way too many deps to live in the clang repro, >> as said on the review already. >> > > I don't have a very strong opinion here and would be happy to move if I > see more support for Nico's opinion > (I haven't seen it on the review, and you didn't object further, so we > proceeded). > Again, my rational is that the simpler it is to use the more likely other > researchers will extend this work. > > BTW, I am going to commit a Dockerfile that will make experimenting with > this trivial. > My current (dirty) version looks like this. Not too much trouble. > > FROM ubuntu:16.04 > RUN apt-get update -y && apt-get install -y autoconf automake libtool curl > make g++ unzip > RUN apt-get install -y wget > RUN apt-get install -y git binutils liblzma-dev libz-dev > RUN apt-get install -y python-all > RUN apt-get install -y cmake ninja-build > RUN apt-get install -y subversion > > WORKDIR /root > RUN wget -qO- https://github.com/google/protobuf/releases/download/v3. > 3.0/protobuf-cpp-3.3.0.tar.gz | tar zxf - > RUN cd protobuf-3.3.0 && ./autogen.sh && ./configure && make -j $(nproc) > && make check -j $(nproc) && make install && ldconfig > RUN apt-get install -y pkg-config > RUN svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm > RUN cd llvm/tools && svn co http://llvm.org/svn/llvm-project/cfe/trunk > clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') > RUN cd llvm/projects && svn co http://llvm.org/svn/llvm- > project/compiler-rt/trunk clang -r $(cd ../ && svn info | grep Revision | > awk '{print $2}') > RUN mkdir build0 && cd build0 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release > ../llvm && ninja > RUN mkdir build1 && cd build1 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release > ../llvm -DLLVM_ENABLE_ASSERTIONS=ON > -DCMAKE_C_COMPILER=`pwd`/../build0/bin/clang > -DCMAKE_CXX_COMPILER=`pwd`/../build0/bin/clang++ > -DLLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address > -DCLANG_ENABLE_PROTO_FUZZER=ON > RUN cd build1 && ninja clang-fuzzer > RUN cd build1 && ninja clang-proto-fuzzer > #RUN cd build1 && ninja clang-proto-to-cxx > > > >> Maybe this could live in clang-extra instead? >> > > clang-extra? > clang-tools-extra, sorry. > That's a separate repo, right? > Yes. > It may require more cmake trickery, and we'll also have to share the > clang-fuzzer-specific code between two repos. > We could move the whole thing. I'd imagine that at most 3% of people who use clang will use this fuzzer, so having it elsewhere seems reasonable. (I'd imagine many more people to use clang-tidy for example, and that's in the other repro.) Also see the "Contributing Extensions to Clang" section on http://clang.llvm.org/get_involved.html > I do want the original clang-fuzzer to remain where it was, and both > (clang-fuzzer and clang-proto-fuzzer) share the code. > > > > >> >> On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" < >> cfe-commits@lists.llvm.org> wrote: >> >>> Author: morehouse >>> Date: Tue Aug 8 13:15:04 2017 >>> New Revision: 310408 >>> >>> URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev >>> Log: >>> Integrate Kostya's clang-proto-fuzzer with LLVM. >>> >>> Summary: >>> The clang-proto-fuzzer models a subset of C++ as a protobuf and >>> uses libprotobuf-mutator to generate interesting mutations of C++ >>> programs. Clang-proto-fuzzer has already found several bugs in >>> Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747, >>> https://bugs.llvm.org/show_bug.cgi?id=33749). >>> >>> As with clang-fuzzer, clang-proto-fuzzer requires the following >>> cmake flags: >>> - CMAKE_C_COMPILER=clang >>> - CMAKE_CXX_COMPILER=clang++ >>> - LLVM_USE_SANITIZE_COVERAGE=YES // needed for libFuzzer >>> - LLVM_USE_SANITIZER=Address // needed for libFuzzer >>> >>> In addition, clang-proto-fuzzer requires: >>> - CLANG_ENABLE_PROTO_FUZZER=ON >>> >>> clang-proto-fuzzer also requires the following dependencies: >>> - binutils // needed for libprotobuf-mutator >>> - liblzma-dev // needed for libprotobuf-mutator >>> - libz-dev // needed for libprotobuf-mutator >>> - docbook2x // needed for libprotobuf-mutator >>> - Recent version of protobuf [3.3.0 is known to work] >>> >>> A working version of libprotobuf-mutator will automatically be >>> downloaded and built as an external project. >>> >>> Implementation of clang-proto-fuzzer provided by Kostya >>> Serebryany. >>> >>> https://bugs.llvm.org/show_bug.cgi?id=33829 >>> >>> Reviewers: kcc, vitalybuka, bogner >>> >>> Reviewed By: kcc, vitalybuka >>> >>> Subscribers: thakis, mgorny, cfe-commits >>> >>> Differential Revision: https://reviews.llvm.org/D36324 >>> >>> Added: >>> cfe/trunk/cmake/modules/ProtobufMutator.cmake >>> cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp >>> cfe/trunk/tools/clang-fuzzer/README.txt >>>
Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
On Thu, Aug 10, 2017 at 10:56 AM, Nico Weber via cfe-commits < cfe-commits@lists.llvm.org> wrote: > I really believe this has way too many deps to live in the clang repro, as > said on the review already. > I don't have a very strong opinion here and would be happy to move if I see more support for Nico's opinion (I haven't seen it on the review, and you didn't object further, so we proceeded). Again, my rational is that the simpler it is to use the more likely other researchers will extend this work. BTW, I am going to commit a Dockerfile that will make experimenting with this trivial. My current (dirty) version looks like this. Not too much trouble. FROM ubuntu:16.04 RUN apt-get update -y && apt-get install -y autoconf automake libtool curl make g++ unzip RUN apt-get install -y wget RUN apt-get install -y git binutils liblzma-dev libz-dev RUN apt-get install -y python-all RUN apt-get install -y cmake ninja-build RUN apt-get install -y subversion WORKDIR /root RUN wget -qO- https://github.com/google/protobuf/releases/download/v3.3.0/protobuf-cpp-3.3.0.tar.gz | tar zxf - RUN cd protobuf-3.3.0 && ./autogen.sh && ./configure && make -j $(nproc) && make check -j $(nproc) && make install && ldconfig RUN apt-get install -y pkg-config RUN svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm RUN cd llvm/tools && svn co http://llvm.org/svn/llvm-project/cfe/trunk clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') RUN cd llvm/projects && svn co http://llvm.org/svn/llvm-project/compiler-rt/trunk clang -r $(cd ../ && svn info | grep Revision | awk '{print $2}') RUN mkdir build0 && cd build0 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release ../llvm && ninja RUN mkdir build1 && cd build1 && cmake -GNinja -DCMAKE_BUILD_TYPE=Release ../llvm -DLLVM_ENABLE_ASSERTIONS=ON -DCMAKE_C_COMPILER=`pwd`/../build0/bin/clang -DCMAKE_CXX_COMPILER=`pwd`/../build0/bin/clang++ -DLLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address -DCLANG_ENABLE_PROTO_FUZZER=ON RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer #RUN cd build1 && ninja clang-proto-to-cxx > Maybe this could live in clang-extra instead? > clang-extra? That's a separate repo, right? It may require more cmake trickery, and we'll also have to share the clang-fuzzer-specific code between two repos. I do want the original clang-fuzzer to remain where it was, and both (clang-fuzzer and clang-proto-fuzzer) share the code. > > On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" < > cfe-commits@lists.llvm.org> wrote: > >> Author: morehouse >> Date: Tue Aug 8 13:15:04 2017 >> New Revision: 310408 >> >> URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev >> Log: >> Integrate Kostya's clang-proto-fuzzer with LLVM. >> >> Summary: >> The clang-proto-fuzzer models a subset of C++ as a protobuf and >> uses libprotobuf-mutator to generate interesting mutations of C++ >> programs. Clang-proto-fuzzer has already found several bugs in >> Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747, >> https://bugs.llvm.org/show_bug.cgi?id=33749). >> >> As with clang-fuzzer, clang-proto-fuzzer requires the following >> cmake flags: >> - CMAKE_C_COMPILER=clang >> - CMAKE_CXX_COMPILER=clang++ >> - LLVM_USE_SANITIZE_COVERAGE=YES // needed for libFuzzer >> - LLVM_USE_SANITIZER=Address // needed for libFuzzer >> >> In addition, clang-proto-fuzzer requires: >> - CLANG_ENABLE_PROTO_FUZZER=ON >> >> clang-proto-fuzzer also requires the following dependencies: >> - binutils // needed for libprotobuf-mutator >> - liblzma-dev // needed for libprotobuf-mutator >> - libz-dev // needed for libprotobuf-mutator >> - docbook2x // needed for libprotobuf-mutator >> - Recent version of protobuf [3.3.0 is known to work] >> >> A working version of libprotobuf-mutator will automatically be >> downloaded and built as an external project. >> >> Implementation of clang-proto-fuzzer provided by Kostya >> Serebryany. >> >> https://bugs.llvm.org/show_bug.cgi?id=33829 >> >> Reviewers: kcc, vitalybuka, bogner >> >> Reviewed By: kcc, vitalybuka >> >> Subscribers: thakis, mgorny, cfe-commits >> >> Differential Revision: https://reviews.llvm.org/D36324 >> >> Added: >> cfe/trunk/cmake/modules/ProtobufMutator.cmake >> cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp >> cfe/trunk/tools/clang-fuzzer/README.txt >> cfe/trunk/tools/clang-fuzzer/cxx_proto.proto >> cfe/trunk/tools/clang-fuzzer/handle-cxx/ >> cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt >> cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.cpp >> cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.h >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/ >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp >> Modified: >>
Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
+ Kostya The project isn't built by default, so the dependencies aren't needed unless you build the fuzzer specifically. On Thu, Aug 10, 2017 at 10:56 AM, Nico Weberwrote: > I really believe this has way too many deps to live in the clang repro, as > said on the review already. Maybe this could live in clang-extra instead? > > On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" < > cfe-commits@lists.llvm.org> wrote: > >> Author: morehouse >> Date: Tue Aug 8 13:15:04 2017 >> New Revision: 310408 >> >> URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev >> Log: >> Integrate Kostya's clang-proto-fuzzer with LLVM. >> >> Summary: >> The clang-proto-fuzzer models a subset of C++ as a protobuf and >> uses libprotobuf-mutator to generate interesting mutations of C++ >> programs. Clang-proto-fuzzer has already found several bugs in >> Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747, >> https://bugs.llvm.org/show_bug.cgi?id=33749). >> >> As with clang-fuzzer, clang-proto-fuzzer requires the following >> cmake flags: >> - CMAKE_C_COMPILER=clang >> - CMAKE_CXX_COMPILER=clang++ >> - LLVM_USE_SANITIZE_COVERAGE=YES // needed for libFuzzer >> - LLVM_USE_SANITIZER=Address // needed for libFuzzer >> >> In addition, clang-proto-fuzzer requires: >> - CLANG_ENABLE_PROTO_FUZZER=ON >> >> clang-proto-fuzzer also requires the following dependencies: >> - binutils // needed for libprotobuf-mutator >> - liblzma-dev // needed for libprotobuf-mutator >> - libz-dev // needed for libprotobuf-mutator >> - docbook2x // needed for libprotobuf-mutator >> - Recent version of protobuf [3.3.0 is known to work] >> >> A working version of libprotobuf-mutator will automatically be >> downloaded and built as an external project. >> >> Implementation of clang-proto-fuzzer provided by Kostya >> Serebryany. >> >> https://bugs.llvm.org/show_bug.cgi?id=33829 >> >> Reviewers: kcc, vitalybuka, bogner >> >> Reviewed By: kcc, vitalybuka >> >> Subscribers: thakis, mgorny, cfe-commits >> >> Differential Revision: https://reviews.llvm.org/D36324 >> >> Added: >> cfe/trunk/cmake/modules/ProtobufMutator.cmake >> cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp >> cfe/trunk/tools/clang-fuzzer/README.txt >> cfe/trunk/tools/clang-fuzzer/cxx_proto.proto >> cfe/trunk/tools/clang-fuzzer/handle-cxx/ >> cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt >> cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.cpp >> cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.h >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/ >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h >> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp >> Modified: >> cfe/trunk/CMakeLists.txt >> cfe/trunk/tools/clang-fuzzer/CMakeLists.txt >> cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp >> >> Modified: cfe/trunk/CMakeLists.txt >> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/CMakeLists.txt >> ?rev=310408=310407=310408=diff >> >> == >> --- cfe/trunk/CMakeLists.txt (original) >> +++ cfe/trunk/CMakeLists.txt Tue Aug 8 13:15:04 2017 >> @@ -377,6 +377,8 @@ option(CLANG_ENABLE_STATIC_ANALYZER "Bui >> option(CLANG_ANALYZER_BUILD_Z3 >>"Build the static analyzer with the Z3 constraint manager." OFF) >> >> +option(CLANG_ENABLE_PROTO_FUZZER "Build Clang protobuf fuzzer." OFF) >> + >> if(NOT CLANG_ENABLE_STATIC_ANALYZER AND (CLANG_ENABLE_ARCMT OR >> CLANG_ANALYZER_BUILD_Z3)) >>message(FATAL_ERROR "Cannot disable static analyzer while enabling >> ARCMT or Z3") >> endif() >> >> Added: cfe/trunk/cmake/modules/ProtobufMutator.cmake >> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/modules/ >> ProtobufMutator.cmake?rev=310408=auto >> >> == >> --- cfe/trunk/cmake/modules/ProtobufMutator.cmake (added) >> +++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Tue Aug 8 13:15:04 >> 2017 >> @@ -0,0 +1,24 @@ >> +set(PBM_PREFIX protobuf_mutator) >> +set(PBM_PATH ${CMAKE_CURRENT_BINARY_DIR}/${ >> PBM_PREFIX}/src/${PBM_PREFIX}) >> +set(PBM_LIB_PATH ${PBM_PATH}/src/libprotobuf-mutator.a) >> +set(PBM_FUZZ_LIB_PATH ${PBM_PATH}/src/libfuzzer/libp >> rotobuf-mutator-libfuzzer.a) >> + >> +ExternalProject_Add(${PBM_PREFIX} >> + PREFIX ${PBM_PREFIX} >> + GIT_REPOSITORY https://github.com/google/libprotobuf-mutator.git >> + GIT_TAG 34287f8 >> + CONFIGURE_COMMAND ${CMAKE_COMMAND} -G${CMAKE_GENERATOR} >> +-DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} >> +-DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} >> +-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} >> + BUILD_COMMAND ${CMAKE_MAKE_PROGRAM} >> + BUILD_BYPRODUCTS ${PBM_LIB_PATH} ${PBM_FUZZ_LIB_PATH} >> + BUILD_IN_SOURCE 1 >> + INSTALL_COMMAND "" >> +
Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.
I really believe this has way too many deps to live in the clang repro, as said on the review already. Maybe this could live in clang-extra instead? On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" < cfe-commits@lists.llvm.org> wrote: > Author: morehouse > Date: Tue Aug 8 13:15:04 2017 > New Revision: 310408 > > URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev > Log: > Integrate Kostya's clang-proto-fuzzer with LLVM. > > Summary: > The clang-proto-fuzzer models a subset of C++ as a protobuf and > uses libprotobuf-mutator to generate interesting mutations of C++ > programs. Clang-proto-fuzzer has already found several bugs in > Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747, > https://bugs.llvm.org/show_bug.cgi?id=33749). > > As with clang-fuzzer, clang-proto-fuzzer requires the following > cmake flags: > - CMAKE_C_COMPILER=clang > - CMAKE_CXX_COMPILER=clang++ > - LLVM_USE_SANITIZE_COVERAGE=YES // needed for libFuzzer > - LLVM_USE_SANITIZER=Address // needed for libFuzzer > > In addition, clang-proto-fuzzer requires: > - CLANG_ENABLE_PROTO_FUZZER=ON > > clang-proto-fuzzer also requires the following dependencies: > - binutils // needed for libprotobuf-mutator > - liblzma-dev // needed for libprotobuf-mutator > - libz-dev // needed for libprotobuf-mutator > - docbook2x // needed for libprotobuf-mutator > - Recent version of protobuf [3.3.0 is known to work] > > A working version of libprotobuf-mutator will automatically be > downloaded and built as an external project. > > Implementation of clang-proto-fuzzer provided by Kostya > Serebryany. > > https://bugs.llvm.org/show_bug.cgi?id=33829 > > Reviewers: kcc, vitalybuka, bogner > > Reviewed By: kcc, vitalybuka > > Subscribers: thakis, mgorny, cfe-commits > > Differential Revision: https://reviews.llvm.org/D36324 > > Added: > cfe/trunk/cmake/modules/ProtobufMutator.cmake > cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp > cfe/trunk/tools/clang-fuzzer/README.txt > cfe/trunk/tools/clang-fuzzer/cxx_proto.proto > cfe/trunk/tools/clang-fuzzer/handle-cxx/ > cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt > cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.cpp > cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.h > cfe/trunk/tools/clang-fuzzer/proto-to-cxx/ > cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt > cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp > cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h > cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp > Modified: > cfe/trunk/CMakeLists.txt > cfe/trunk/tools/clang-fuzzer/CMakeLists.txt > cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp > > Modified: cfe/trunk/CMakeLists.txt > URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/CMakeLists. > txt?rev=310408=310407=310408=diff > > == > --- cfe/trunk/CMakeLists.txt (original) > +++ cfe/trunk/CMakeLists.txt Tue Aug 8 13:15:04 2017 > @@ -377,6 +377,8 @@ option(CLANG_ENABLE_STATIC_ANALYZER "Bui > option(CLANG_ANALYZER_BUILD_Z3 >"Build the static analyzer with the Z3 constraint manager." OFF) > > +option(CLANG_ENABLE_PROTO_FUZZER "Build Clang protobuf fuzzer." OFF) > + > if(NOT CLANG_ENABLE_STATIC_ANALYZER AND (CLANG_ENABLE_ARCMT OR > CLANG_ANALYZER_BUILD_Z3)) >message(FATAL_ERROR "Cannot disable static analyzer while enabling > ARCMT or Z3") > endif() > > Added: cfe/trunk/cmake/modules/ProtobufMutator.cmake > URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/ > modules/ProtobufMutator.cmake?rev=310408=auto > > == > --- cfe/trunk/cmake/modules/ProtobufMutator.cmake (added) > +++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Tue Aug 8 13:15:04 2017 > @@ -0,0 +1,24 @@ > +set(PBM_PREFIX protobuf_mutator) > +set(PBM_PATH ${CMAKE_CURRENT_BINARY_DIR}/${PBM_PREFIX}/src/${PBM_PREFIX}) > +set(PBM_LIB_PATH ${PBM_PATH}/src/libprotobuf-mutator.a) > +set(PBM_FUZZ_LIB_PATH ${PBM_PATH}/src/libfuzzer/ > libprotobuf-mutator-libfuzzer.a) > + > +ExternalProject_Add(${PBM_PREFIX} > + PREFIX ${PBM_PREFIX} > + GIT_REPOSITORY https://github.com/google/libprotobuf-mutator.git > + GIT_TAG 34287f8 > + CONFIGURE_COMMAND ${CMAKE_COMMAND} -G${CMAKE_GENERATOR} > +-DCMAKE_C_COMPILER=${CMAKE_C_COMPILER} > +-DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER} > +-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE} > + BUILD_COMMAND ${CMAKE_MAKE_PROGRAM} > + BUILD_BYPRODUCTS ${PBM_LIB_PATH} ${PBM_FUZZ_LIB_PATH} > + BUILD_IN_SOURCE 1 > + INSTALL_COMMAND "" > + LOG_DOWNLOAD 1 > + LOG_CONFIGURE 1 > + LOG_BUILD 1 > + ) > + > +set(ProtobufMutator_INCLUDE_DIRS ${PBM_PATH}) > +set(ProtobufMutator_LIBRARIES ${PBM_FUZZ_LIB_PATH} ${PBM_LIB_PATH}) > > Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt > URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang- >