Intermediate changes

commit_hash:ebf6fb6dff099bd6bcfbf201e52dda1751dd76fd
author: robot-piglet <[email protected]> 2025-03-19 13:47:45 +0300
committer: robot-piglet <[email protected]> 2025-03-19 14:01:35 +0300
commit: 61b92aeb846ebc6180fb4c18c85ff10c58093610 (patch)
tree: 12548033bf36969184a00836dcbbdc8b14a7da2c /contrib/libs/libfuzzer/lib
parent: 28b29535ce7b21a3dde60b485c98f66f8c08f882 (diff)
6 files changed, 30 insertions, 21 deletions
diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h
index 48f063c7ee4..64eb35c57a5 100644
--- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h
+++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h
@@ -29,7 +29,9 @@ public:
     static_assert(kMaxSizeT <= std::numeric_limits<uint8_t>::max(),
                   "FixedWord::kMaxSizeT cannot fit in a uint8_t.");
     assert(S <= kMaxSize);
-    memcpy(Data, B, S);
+    // memcpy cannot take null pointer arguments even if Size is 0.
+    if (S)
+      memcpy(Data, B, S);
     Size = static_cast<uint8_t>(S);
   }
 
diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp
index 688bad1d51c..566820ae6d1 100644
--- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp
+++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp
@@ -14,6 +14,7 @@
 
 #include "FuzzerExtFunctions.h"
 #include "FuzzerIO.h"
+#include <stdlib.h>
 
 using namespace fuzzer;
 
@@ -22,6 +23,11 @@ using namespace fuzzer;
 #define STRINGIFY(A) STRINGIFY_(A)
 
 #if LIBFUZZER_MSVC
+#define GET_FUNCTION_ADDRESS(fn) &fn
+#else
+#define GET_FUNCTION_ADDRESS(fn) __builtin_function_start(fn)
+#endif // LIBFUZER_MSVC
+
 // Copied from compiler-rt/lib/sanitizer_common/sanitizer_win_defs.h
 #if defined(_M_IX86) || defined(__i386__)
 #define WIN_SYM_PREFIX "_"
@@ -31,17 +37,9 @@ using namespace fuzzer;
 
 // Declare external functions as having alternativenames, so that we can
 // determine if they are not defined.
-#define EXTERNAL_FUNC(Name, Default)                                   \
-  __pragma(comment(linker, "/alternatename:" WIN_SYM_PREFIX STRINGIFY( \
+#define EXTERNAL_FUNC(Name, Default)                                           \
+  __pragma(comment(linker, "/alternatename:" WIN_SYM_PREFIX STRINGIFY(         \
                                Name) "=" WIN_SYM_PREFIX STRINGIFY(Default)))
-#else
-// Declare external functions as weak to allow them to default to a specified
-// function if not defined explicitly. We must use weak symbols because clang's
-// support for alternatename is not 100%, see
-// https://bugs.llvm.org/show_bug.cgi?id=40218 for more details.
-#define EXTERNAL_FUNC(Name, Default) \
-  __attribute__((weak, alias(STRINGIFY(Default))))
-#endif  // LIBFUZZER_MSVC
 
 extern "C" {
 #define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN)         \
@@ -57,20 +55,23 @@ extern "C" {
 }
 
 template <typename T>
-static T *GetFnPtr(T *Fun, T *FunDef, const char *FnName, bool WarnIfMissing) {
+static T *GetFnPtr(void *Fun, void *FunDef, const char *FnName,
+                   bool WarnIfMissing) {
   if (Fun == FunDef) {
     if (WarnIfMissing)
       Printf("WARNING: Failed to find function \"%s\".\n", FnName);
     return nullptr;
   }
-  return Fun;
+  return (T *)Fun;
 }
 
 namespace fuzzer {
 
 ExternalFunctions::ExternalFunctions() {
-#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
-  this->NAME = GetFnPtr<decltype(::NAME)>(::NAME, ::NAME##Def, #NAME, WARN);
+#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN)                            \
+  this->NAME = GetFnPtr<decltype(::NAME)>(GET_FUNCTION_ADDRESS(::NAME),        \
+                                          GET_FUNCTION_ADDRESS(::NAME##Def),   \
+                                          #NAME, WARN);
 
 #include "FuzzerExtFunctions.def"
 
diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def
index 0c6a7e611f6..2d02938f5b6 100644
--- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def
+++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def
@@ -14,8 +14,9 @@ FUZZER_FLAG_UNSIGNED(seed, 0, "Random seed. If 0, seed is generated.")
 FUZZER_FLAG_INT(runs, -1,
             "Number of individual test runs (-1 for infinite runs).")
 FUZZER_FLAG_INT(max_len, 0, "Maximum length of the test input. "
-    "If 0, libFuzzer tries to guess a good value based on the corpus "
-    "and reports it. ")
+  "Contents of corpus files are going to be truncated to this value. "
+  "If 0, libFuzzer tries to guess a good value based on the corpus "
+  "and reports it.")
 FUZZER_FLAG_INT(len_control, 100, "Try generating small inputs first, "
   "then try larger inputs over time.  Specifies the rate at which the length "
   "limit is increased (smaller == faster).  If 0, immediately try inputs with "
diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp
index bab76b28023..869326d4f9b 100644
--- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp
+++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp
@@ -581,6 +581,9 @@ void Fuzzer::CrashOnOverwrittenData() {
 // Compare two arrays, but not all bytes if the arrays are large.
 static bool LooseMemeq(const uint8_t *A, const uint8_t *B, size_t Size) {
   const size_t Limit = 64;
+  // memcmp cannot take null pointer arguments even if Size is 0.
+  if (!Size)
+    return true;
   if (Size <= 64)
     return !memcmp(A, B, Size);
   // Compare first and last Limit/2 bytes.
@@ -598,7 +601,9 @@ ATTRIBUTE_NOINLINE bool Fuzzer::ExecuteCallback(const uint8_t *Data,
   // We copy the contents of Unit into a separate heap buffer
   // so that we reliably find buffer overflows in it.
   uint8_t *DataCopy = new uint8_t[Size];
-  memcpy(DataCopy, Data, Size);
+  // memcpy cannot take null pointer arguments even if Size is 0.
+  if (Size)
+    memcpy(DataCopy, Data, Size);
   if (EF->__msan_unpoison)
     EF->__msan_unpoison(DataCopy, Size);
   if (EF->__msan_unpoison_param)
diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp
index da3eb3cfb34..2db2ea98d5c 100644
--- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp
+++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp
@@ -246,8 +246,8 @@ void SetThreadName(std::thread &thread, const std::string &name) {
   // from thread.native_handle() here.
   typedef HRESULT(WINAPI * proc)(HANDLE, PCWSTR);
   HMODULE kbase = GetModuleHandleA("KernelBase.dll");
-  proc ThreadNameProc =
-      reinterpret_cast<proc>(GetProcAddress(kbase, "SetThreadDescription"));
+  proc ThreadNameProc = reinterpret_cast<proc>(
+      (void *)GetProcAddress(kbase, "SetThreadDescription"));
   if (ThreadNameProc) {
     std::wstring buf;
     auto sz = MultiByteToWideChar(CP_UTF8, 0, name.data(), -1, nullptr, 0);
diff --git a/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make b/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make
index 244f7a51fdc..0315d60cc68 100644
--- a/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make
+++ b/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make
@@ -8,7 +8,7 @@ LICENSE_TEXTS(.yandex_meta/licenses.list.txt)
 
 SUBSCRIBER(g:cpp-contrib)
 
-VERSION(19.1.7)
+VERSION(20.1.0)
 
 PEERDIR(
     contrib/libs/afl/llvm_mode
author	robot-piglet <[email protected]>	2025-03-19 13:47:45 +0300
committer	robot-piglet <[email protected]>	2025-03-19 14:01:35 +0300
commit	61b92aeb846ebc6180fb4c18c85ff10c58093610 (patch)
tree	12548033bf36969184a00836dcbbdc8b14a7da2c /contrib/libs/libfuzzer/lib
parent	28b29535ce7b21a3dde60b485c98f66f8c08f882 (diff)