kcc (Kostya Serebryany)
User

Projects

User does not belong to any projects.

User Details

User Since
Oct 3 2012, 4:55 AM (254 w, 2 d)

Recent Activity

Mon, Aug 14

kcc committed rL310881: [libFuzzer] try to use less RAM while processing the initial corpus.
[libFuzzer] try to use less RAM while processing the initial corpus
Mon, Aug 14, 1:35 PM
kcc committed rL310877: [libFuzzer] explicitly use -fsanitize-coverage=trace-pc-guard in….
[libFuzzer] explicitly use -fsanitize-coverage=trace-pc-guard in…
Mon, Aug 14, 12:58 PM

Fri, Aug 11

kcc committed rL310774: Add a Dockerfile for clang-proto-fuzzer.
Add a Dockerfile for clang-proto-fuzzer
Fri, Aug 11, 6:28 PM
kcc closed D36635: Add a Dockerfile for clang-proto-fuzzer.
Fri, Aug 11, 6:27 PM
kcc added a comment to D36635: Add a Dockerfile for clang-proto-fuzzer.

I'd avoid such extra complexity, after all this is just an example.
One can force the full rebuild with --no-cache. It'll take just a bit more time since most of the time is consumed by the compiler builds.
BTW, my old svn (1.8.8, Ubuntu 14.04) does't have "info --show-item revision"

Fri, Aug 11, 4:12 PM
kcc committed rL310771: [libFuzzer] experimental support for Clang's coverage (fprofile-instr-generate)….
[libFuzzer] experimental support for Clang's coverage (fprofile-instr-generate)…
Fri, Aug 11, 4:06 PM
kcc added inline comments to D36635: Add a Dockerfile for clang-proto-fuzzer.
Fri, Aug 11, 2:05 PM
kcc updated the diff for D36635: Add a Dockerfile for clang-proto-fuzzer.

fix 'svn co' command (apparently it did not matter though)

Fri, Aug 11, 2:03 PM
kcc committed rL310751: [libFuzzer] recommend Clang Coverage for coverage visualization.
[libFuzzer] recommend Clang Coverage for coverage visualization
Fri, Aug 11, 1:33 PM
kcc added a comment to D36275: Implement llvm-isel-fuzzer for fuzzing instruction selection.

LGTM from fuzzing POV, let's see how this works.

Fri, Aug 11, 1:24 PM
kcc created D36635: Add a Dockerfile for clang-proto-fuzzer.
Fri, Aug 11, 1:07 PM
kcc committed rL310746: [libFuzzer] test libFuzzer using -fsanitize=fuzzer/fuzzer-no-link.
[libFuzzer] test libFuzzer using -fsanitize=fuzzer/fuzzer-no-link
Fri, Aug 11, 12:38 PM

Thu, Aug 10

kcc accepted D36602: Update libFuzzer documentation for -fsanitize=fuzzer-no-link flag.

LGTM with a nit

Thu, Aug 10, 7:02 PM
kcc added a comment to D36600: Add -fsanitize=fuzzer-no-link flag to the driver..

yes

Thu, Aug 10, 6:50 PM
kcc accepted D36600: Add -fsanitize=fuzzer-no-link flag to the driver..

LGTM, thanks!
But please also change the docs.

Thu, Aug 10, 6:47 PM
kcc added a comment to D32193: More user-friendly libFuzzer flag.

Than -fsanitize=fuzzer-no-link :)
Will you have time to make this change?

Thu, Aug 10, 4:39 PM
kcc added a comment to D32193: More user-friendly libFuzzer flag.

Naming is hard. maybe -fsanitize=fuzzer-no-link?

Thu, Aug 10, 4:12 PM
kcc added a comment to D32193: More user-friendly libFuzzer flag.

@kcc I guess I didn't have this problem yet as somehow on macos the symbol collision seems to be resolved "properly" in most cases.
Honestly the way I would do it is by providing a function run_fuzzer which would take a function pointer with an explicit callback.

Thu, Aug 10, 4:00 PM
kcc added a comment to D32193: More user-friendly libFuzzer flag.

OMG no.

Thu, Aug 10, 3:11 PM
kcc added a comment to D32193: More user-friendly libFuzzer flag.

I am using TotT clang to build libpng with fsanitize=fuzzer and libpng's configure script fails
configure: error: C compiler cannot create executables

Thu, Aug 10, 3:02 PM
kcc added a comment to D32193: More user-friendly libFuzzer flag.

There is a problem with -fsanitize=fuzzer

Thu, Aug 10, 2:57 PM

Wed, Aug 9

kcc accepted D36465: [RFC] Change cmp instrumentation to distinguish comparisons with const operands.

LGTM with nits, thanks!

Wed, Aug 9, 1:04 PM
kcc accepted D36521: Update LibFuzzer w.r.t. the new comparisons instrumentation API.

LGTM

Wed, Aug 9, 12:07 PM
kcc accepted D36523: Update sanitizers w.r.t. the new comparisons instrumentation API.

LGTM

Wed, Aug 9, 12:06 PM

Tue, Aug 8

kcc added a comment to D36477: added more hooks for fuzzing into DFSan.
In D36477#835621, @kcc wrote:

are tests possible here?

my first thought on testing is that I could add a dummy code that
has a strcpy call for example, and define dfsan_weak_hook_strcpy
such that it sets some boolean to true (initially false). And then
assert that the value is changed to true.

Tue, Aug 8, 3:55 PM
kcc committed rL310409: [sanitizer-coverage] -fsanitize-coverage=bb,inline-8bit-counters.
[sanitizer-coverage] -fsanitize-coverage=bb,inline-8bit-counters
Tue, Aug 8, 1:22 PM
kcc accepted D36324: Integrate Kostya's clang-proto-fuzzer with LLVM..

LGTM with a couple if nits in the README

Tue, Aug 8, 1:03 PM
kcc added a comment to D36465: [RFC] Change cmp instrumentation to distinguish comparisons with const operands.

To save one hop, who do you want this to be split in patches?

Tue, Aug 8, 11:39 AM
kcc added a comment to D36324: Integrate Kostya's clang-proto-fuzzer with LLVM..

Looks good!
Now, please add a clang/tools/clang-fuzzer/README.txt describing how to build the fuzzers (both the old one and the new one) and how to run them.
For the new one explain how to install the deps

Tue, Aug 8, 11:23 AM
kcc added a comment to D36465: [RFC] Change cmp instrumentation to distinguish comparisons with const operands.

I am fine with breaking the API. Whoever uses this API will need to add a tiny bit of code to work with the new compiler (and that code will be compatible with the old version).
It's better to break the API this way than to introduce the flags or weak aliases, etc

Tue, Aug 8, 11:11 AM
kcc added a comment to D36477: added more hooks for fuzzing into DFSan.

are tests possible here?

Tue, Aug 8, 10:59 AM
kcc added a comment to D36476: (1) bring back support of dfsan into libFuzzer (2) introduce more dfsan hooks (3) introduce a bias in mutations towards locations found by dfsan (4) add support for taking input from static analyzer abouts hints to potentially buggy locations and....
  • I'd like to see some kind of design doc first (preferably, in a form of comment in e.g. FuzzerDFSan.h
  • Is it possible to split this patch into several (e.g. can static-analyzer-pl-parser.py go separately? )
  • does static-analyzer-pl-parser.py have to be in pythoin? Why is C++ less/not suitable?
  • tests are must-have
  • don't copy-paste code (e.g. lots of changes in FuzzerMutate.cpp seem similar)
  • try to put dfsan-specific code in separate file(s)
  • please obey the LLVM coding style
Tue, Aug 8, 10:57 AM
kcc added a comment to D36324: Integrate Kostya's clang-proto-fuzzer with LLVM..
In D36324#834660, @kcc wrote:

Why do we need LLVM_ENABLE_RTTI=ON here?

Attempting to build without it yields all kinds of protobuf errors. For example:

Tue, Aug 8, 9:57 AM

Mon, Aug 7

kcc added a comment to D36324: Integrate Kostya's clang-proto-fuzzer with LLVM..

Why do we need LLVM_ENABLE_RTTI=ON here?

Mon, Aug 7, 5:21 PM
kcc committed rL310326: [libFuzzer] simplify code, NFC.
[libFuzzer] simplify code, NFC
Mon, Aug 7, 5:18 PM
kcc committed rL310325: [libFuzzer] remove stale code.
[libFuzzer] remove stale code
Mon, Aug 7, 5:15 PM
kcc committed rL310324: [libFuzzer] simplify the implementation of -print_coverage=1.
[libFuzzer] simplify the implementation of -print_coverage=1
Mon, Aug 7, 5:13 PM
kcc committed rL310321: [libFuzzer] use custom compile flags for libFuzzer benchmarks.
[libFuzzer] use custom compile flags for libFuzzer benchmarks
Mon, Aug 7, 3:57 PM
kcc added a reviewer for D36324: Integrate Kostya's clang-proto-fuzzer with LLVM.: bogner.

+bogner@ FYI

Mon, Aug 7, 2:29 PM
kcc accepted D36428: [libFuzzer] Do not instrument libFuzzer itself when built with -DLLVM_USE_SANITIZE_COVERAGE.

LGTM

Mon, Aug 7, 1:49 PM

Fri, Aug 4

kcc committed rL310151: [libFuzzer] use the in-binary pc table (instead of PCs captured at run-time) to….
[libFuzzer] use the in-binary pc table (instead of PCs captured at run-time) to…
Fri, Aug 4, 4:50 PM
kcc committed rL310148: [libFuzzer] print PCs using the in-binary PC-table instead of relying on PCs….
[libFuzzer] print PCs using the in-binary PC-table instead of relying on PCs…
Fri, Aug 4, 4:14 PM
kcc committed rL310136: [libFuzzer] add -fsanitize-coverage-pc-table to -fsanitize=fuzzer.
[libFuzzer] add -fsanitize-coverage-pc-table to -fsanitize=fuzzer
Fri, Aug 4, 2:35 PM
kcc committed rL310126: [libFuzzer] re-enable fuzzer-printcovpcs.test.
[libFuzzer] re-enable fuzzer-printcovpcs.test
Fri, Aug 4, 1:48 PM
kcc committed rL310125: [libFuzzer] re-enable the bigger libFuzzer tests.
[libFuzzer] re-enable the bigger libFuzzer tests
Fri, Aug 4, 1:45 PM
kcc committed rL310113: [libFuzzer] make a test more robust.
[libFuzzer] make a test more robust
Fri, Aug 4, 1:10 PM
kcc committed rL310110: [libFuzzer] remove the now redundant 'LLVMFuzzer-' prefix from libFuzzer tests.
[libFuzzer] remove the now redundant 'LLVMFuzzer-' prefix from libFuzzer tests
Fri, Aug 4, 1:06 PM
kcc committed rL310106: [libFuzzer] split one test into several.
[libFuzzer] split one test into several
Fri, Aug 4, 1:02 PM
kcc committed rL310102: [libFuzzer] add -DLIBFUZZER_ENABLE_TESTS=ON to libFuzzer bot.
[libFuzzer] add -DLIBFUZZER_ENABLE_TESTS=ON to libFuzzer bot
Fri, Aug 4, 12:31 PM
kcc committed rL310091: [libFuzzer] make trace-pc.test more reliable.
[libFuzzer] make trace-pc.test more reliable
Fri, Aug 4, 11:44 AM
kcc added a comment to D36324: Integrate Kostya's clang-proto-fuzzer with LLVM..

Why should this be part of llvm? This seems to come with very heavy dependencies (protobuf), and LLVM has historically tried to minimize the number of things it depends on.

Fri, Aug 4, 11:29 AM
kcc committed rL310081: [libFuzzer] simplify the fuzzer bot following r310075.
[libFuzzer] simplify the fuzzer bot following r310075
Fri, Aug 4, 11:05 AM

Thu, Aug 3

kcc accepted D36205: Drop Windows support from libFuzzer tests.

LGTM

Thu, Aug 3, 5:27 PM
kcc accepted D36297: Disable libFuzzer tests on Windows.

LGTM

Thu, Aug 3, 5:25 PM
kcc accepted D36295: Port libFuzzer tests to LIT. Do not require two-stage build for check-fuzzer..

LGTM with a nit, and thanks again for doing this.
I guess you may want to submit this tomorrow morning, so that we don't spoil the tonight's LLVM social with whatever this is going to break.

Thu, Aug 3, 5:25 PM
kcc added a comment to D36295: Port libFuzzer tests to LIT. Do not require two-stage build for check-fuzzer..

Yep, this is ok now. Looking further.

Thu, Aug 3, 5:14 PM
kcc added a comment to D36295: Port libFuzzer tests to LIT. Do not require two-stage build for check-fuzzer..

Now, something is fishy here.
check-fuzzer indeed passes, but if I crippled the merge functionality (replace OUTER with OTTER in FuzzerMerge.cpp) it still passes, i.e. the tests don't work any more.

Thu, Aug 3, 5:03 PM
kcc added a comment to D36295: Port libFuzzer tests to LIT. Do not require two-stage build for check-fuzzer..

Once finalized and submitted, I'll take care of the linux buildbot.

Thu, Aug 3, 4:48 PM
kcc added a comment to D36242: Make libFuzzer test more resilient to changes.

Yes, please make check-fuzzer a no-op on windows

Thu, Aug 3, 2:36 PM
kcc added a comment to D36242: Make libFuzzer test more resilient to changes.

But that won't matter for us soon, right?

Thu, Aug 3, 2:31 PM
kcc added a comment to D36283: Changing seed for libFuzzer strncmp test.

unlikely a good solution.
maybe just increase the # of runs to 10000000 ?

Thu, Aug 3, 1:33 PM
kcc added a comment to D36205: Drop Windows support from libFuzzer tests.

I would still suggest to make check-fuzzer a no-op on Windows so that we don't need to touch the windows bot configs now.

Thu, Aug 3, 1:22 PM
kcc added inline comments to D36275: Implement llvm-isel-fuzzer for fuzzing instruction selection.
Thu, Aug 3, 1:17 PM
kcc added inline comments to D36275: Implement llvm-isel-fuzzer for fuzzing instruction selection.
Thu, Aug 3, 1:08 PM

Wed, Aug 2

kcc added a comment to D36242: Make libFuzzer test more resilient to changes.

LGTM

Wed, Aug 2, 6:22 PM
kcc added a comment to D36242: Make libFuzzer test more resilient to changes.

@kcc my bad, strnstr is actually not available outside of FreeBSD-like systems.
Would it be OK to change to strstr?

Wed, Aug 2, 3:33 PM
kcc accepted D36242: Make libFuzzer test more resilient to changes.

LGTM

Wed, Aug 2, 2:21 PM
kcc committed rL309854: Add new ASAN_OPTION: sleep_after_init..
Add new ASAN_OPTION: sleep_after_init.
Wed, Aug 2, 11:49 AM
kcc closed D35409: Add new ASAN_OPTION: sleep_after_init..
Wed, Aug 2, 11:49 AM
kcc added a comment to D36205: Drop Windows support from libFuzzer tests.

@kcc Does it mean you would be OK with the change moving the compilation commands to LIT, and only compiling unit-tests in CMake?

Wed, Aug 2, 11:27 AM
kcc added a comment to D36205: Drop Windows support from libFuzzer tests.

I prefer moving compilation commands to LIT.

Wed, Aug 2, 11:20 AM
kcc added a comment to D36205: Drop Windows support from libFuzzer tests.

We will have to do something of this sort anyway once we make 'check-fuzzer' a part of 'check-all' on Linux and Mac.

Wed, Aug 2, 11:09 AM
kcc added a comment to D36205: Drop Windows support from libFuzzer tests.

Is there an option to make check-fuzzer a no-op on windows?
This way we won't have to touch the bot (and then touch it again, when windows is reinstated)

Wed, Aug 2, 11:04 AM
kcc accepted D35409: Add new ASAN_OPTION: sleep_after_init..

LGTM
You don't have commit access, do you?
I'll land it later today, unless someone else beats me to it.

Wed, Aug 2, 10:17 AM

Tue, Aug 1

kcc added reviewers for D36205: Drop Windows support from libFuzzer tests: zturner, rnk.

I don't mind, but please let Zack or Reid review this.
The question is: do we need to remove all traces of windows support from tests, or just disable check-fuzzer on the bot and remove only the parts that are blocking the refactoring.

Tue, Aug 1, 7:32 PM
kcc added a comment to D27869: [libFuzzer] Diff 24 - Use clang as linker in Windows, to properly include sanitizer libraries..

AFAICT, libFuzzer on Windows has no active users or contributors.
If you ask me, I would prefer to

a) disable check-fuzzer on the windows bot
b) complete the migration from llvm to compiler-rt, while preserving the status quo only on Linux and Mac
c) let anyone who cares about windows (if anyone left) fix it once the dust settles.
Tue, Aug 1, 6:17 PM
kcc committed rL309716: [libFuzzer] temporarty remove pc-tables and disable test/fuzzer-printcovpcs..
[libFuzzer] temporarty remove pc-tables and disable test/fuzzer-printcovpcs.
Tue, Aug 1, 11:03 AM

Mon, Jul 31

kcc committed rL309655: [sanitizer-coverage] dummy definitions for __sanitizer_cov_8bit_counters_init….
[sanitizer-coverage] dummy definitions for __sanitizer_cov_8bit_counters_init…
Mon, Jul 31, 9:24 PM
kcc committed rL309647: [libFuzzer] implement more correct way of computing feature index for….
[libFuzzer] implement more correct way of computing feature index for…
Mon, Jul 31, 6:17 PM
kcc committed rL309646: [libFuzzer] enable -fsanitize-coverage=pc-table for all tests.
[libFuzzer] enable -fsanitize-coverage=pc-table for all tests
Mon, Jul 31, 5:51 PM
kcc committed rL309644: [sanitizer-coverage] relax an assertion.
[sanitizer-coverage] relax an assertion
Mon, Jul 31, 5:46 PM
kcc added a reviewer for D36116: [sanitizers test cmake] Refactor the logic for compiling and generating the tests out into a function: vitalybuka.
Mon, Jul 31, 3:15 PM
kcc committed rL309615: [libFuzzer] implement __sanitizer_cov_pcs_init and add pc-table to build flags….
[libFuzzer] implement __sanitizer_cov_pcs_init and add pc-table to build flags…
Mon, Jul 31, 1:21 PM
kcc committed rL309611: [sanitizer-coverage] don't instrument available_externally functions.
[sanitizer-coverage] don't instrument available_externally functions
Mon, Jul 31, 1:01 PM
kcc committed rL309610: [sanitizer-coverage] ensure minimal alignment for coverage counters and guards.
[sanitizer-coverage] ensure minimal alignment for coverage counters and guards
Mon, Jul 31, 12:52 PM
kcc added a comment to D35409: Add new ASAN_OPTION: sleep_after_init..

Take a look at test/asan/TestCases/sleep_before_dying.c,
you will need a similar one.

Mon, Jul 31, 11:48 AM

Fri, Jul 28

kcc committed rL309443: [libFuzzer] improve support for inline-8bit-counters (make it more correct and….
[libFuzzer] improve support for inline-8bit-counters (make it more correct and…
Fri, Jul 28, 3:01 PM

Thu, Jul 27

kcc committed rL309351: [sanitizer-coverage] add a run-time test for -fsanitize-coverage=inline-8bit….
[sanitizer-coverage] add a run-time test for -fsanitize-coverage=inline-8bit…
Thu, Jul 27, 6:39 PM
kcc committed rL309338: [sanitizer-coverage] clang flags pumbing for -fsanitize-coverage=pc-table.
[sanitizer-coverage] clang flags pumbing for -fsanitize-coverage=pc-table
Thu, Jul 27, 5:11 PM
kcc committed rL309337: [sanitizer-coverage] rename sanitizer-coverage-create-pc-table into sanitizer….
[sanitizer-coverage] rename sanitizer-coverage-create-pc-table into sanitizer…
Thu, Jul 27, 5:10 PM
kcc committed rL309335: [sanitizer-coverage] add a feature sanitizer-coverage-create-pc-table=1 (works….
[sanitizer-coverage] add a feature sanitizer-coverage-create-pc-table=1 (works…
Thu, Jul 27, 4:39 PM
kcc accepted D35958: [sancov] Implement __sanitizer_cov_reset..

LGTM

Thu, Jul 27, 4:19 PM
kcc added inline comments to D35958: [sancov] Implement __sanitizer_cov_reset..
Thu, Jul 27, 3:58 PM
kcc accepted D35866: [sanitizer_common] Fuchsia-specific implementation of SanitizerCoverage.

What about tests?
(Well, this probably applies to all fuchsia-related patches).

Thu, Jul 27, 2:43 PM · Restricted Project

Wed, Jul 26

kcc added inline comments to D35704: added reset feature to dfsan.
Wed, Jul 26, 3:33 PM
kcc added a reviewer for D35913: [sanitizers test CMake] further refactor testing CMake for tsan: vitalybuka.
Wed, Jul 26, 2:02 PM
kcc committed rL309173: [sanitizer-coverage] remove stale code.
[sanitizer-coverage] remove stale code
Wed, Jul 26, 1:42 PM
kcc added a reviewer for D35870: [sanitizer tests] Factor out CMake logic for compiling sanitizer tests: vitalybuka.
Wed, Jul 26, 12:37 PM

Tue, Jul 25

kcc added a comment to D35870: [sanitizer tests] Factor out CMake logic for compiling sanitizer tests.

check-msan is only available on platforms that support msan (i.e. Linux).
I *think* the same it true about xray

Tue, Jul 25, 5:46 PM
kcc committed rL309038: [libFuzzer] don't disable msan for TracePC::CollectFeatures: this started to….
[libFuzzer] don't disable msan for TracePC::CollectFeatures: this started to…
Tue, Jul 25, 3:06 PM