Page MenuHomePhabricator

[libFuzzer] Disable len_control by default if LLVMFuzzerCustomMutator is used.
ClosedPublic

Authored by Dor1s on Jun 14 2019, 7:16 AM.

Details

Summary

Some custom mutators may not peform well when size restriction is
enforced by len_control. Because of that, it's safer to disable len_control
by default in such cases, but still allow users to enable it manually.
Bug example: https://bugs.chromium.org/p/chromium/issues/detail?id=919530.

Tested manually with LPM-based and regular fuzz targets.

Diff Detail

Repository
rL LLVM

Event Timeline

Dor1s created this revision.Jun 14 2019, 7:16 AM
Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptJun 14 2019, 7:16 AM
Herald added subscribers: Restricted Project, delcypher. · View Herald Transcript

maybe test?

@metzman also suggested it, will add soon!

kcc accepted this revision.Jun 14 2019, 11:41 AM

LGTM given a test
Thanks!

This revision is now accepted and ready to land.Jun 14 2019, 11:41 AM
Dor1s updated this revision to Diff 204830.Jun 14 2019, 12:22 PM

Added a test, thanks @metzman for the idea how to test it.

metzman accepted this revision.Jun 14 2019, 12:27 PM

LGTM

test/fuzzer/fuzzer-custommutator.test
4 ↗(On Diff #204830)

nit: maybe comment why we care about this limit?

This revision was automatically updated to reflect the committed changes.