From 6d5ee5a800163515ea78b4dfa69c99a17a13ed62 Mon Sep 17 00:00:00 2001 From: Mike Aizatsky Date: Thu, 10 Dec 2015 20:41:53 +0000 Subject: [PATCH] [LibFuzzer] Introducing FUZZER_FLAG_UNSIGNED and using it for seeding. Differential Revision: http://reviews.llvm.org/D15339 done git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@255296 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Fuzzer/FuzzerDriver.cpp | 20 ++++++++++++++++++-- lib/Fuzzer/FuzzerFlags.def | 2 +- lib/Fuzzer/FuzzerInterface.cpp | 2 +- lib/Fuzzer/FuzzerInterface.h | 6 +++--- lib/Fuzzer/test/fuzzer.test | 4 ++-- 5 files changed, 25 insertions(+), 9 deletions(-) diff --git a/lib/Fuzzer/FuzzerDriver.cpp b/lib/Fuzzer/FuzzerDriver.cpp index fa473811068..872d2c88e6f 100644 --- a/lib/Fuzzer/FuzzerDriver.cpp +++ b/lib/Fuzzer/FuzzerDriver.cpp @@ -32,23 +32,30 @@ struct FlagDescription { int Default; int *IntFlag; const char **StrFlag; + unsigned int *UIntFlag; }; struct { #define FUZZER_FLAG_INT(Name, Default, Description) int Name; +#define FUZZER_FLAG_UNSIGNED(Name, Default, Description) unsigned int Name; #define FUZZER_FLAG_STRING(Name, Description) const char *Name; #include "FuzzerFlags.def" #undef FUZZER_FLAG_INT +#undef FUZZER_FLAG_UNSIGNED #undef FUZZER_FLAG_STRING } Flags; static const FlagDescription FlagDescriptions [] { #define FUZZER_FLAG_INT(Name, Default, Description) \ - { #Name, Description, Default, &Flags.Name, nullptr}, + {#Name, Description, Default, &Flags.Name, nullptr, nullptr}, +#define FUZZER_FLAG_UNSIGNED(Name, Default, Description) \ + {#Name, Description, static_cast(Default), \ + nullptr, nullptr, &Flags.Name}, #define FUZZER_FLAG_STRING(Name, Description) \ - { #Name, Description, 0, nullptr, &Flags.Name }, + {#Name, Description, 0, nullptr, &Flags.Name, nullptr}, #include "FuzzerFlags.def" #undef FUZZER_FLAG_INT +#undef FUZZER_FLAG_UNSIGNED #undef FUZZER_FLAG_STRING }; @@ -106,6 +113,12 @@ static bool ParseOneFlag(const char *Param) { if (Flags.verbosity >= 2) Printf("Flag: %s %d\n", Name, Val);; return true; + } else if (FlagDescriptions[F].UIntFlag) { + unsigned int Val = std::stoul(Str); + *FlagDescriptions[F].UIntFlag = Val; + if (Flags.verbosity >= 2) + Printf("Flag: %s %u\n", Name, Val); + return true; } else if (FlagDescriptions[F].StrFlag) { *FlagDescriptions[F].StrFlag = Str; if (Flags.verbosity >= 2) @@ -123,6 +136,9 @@ static void ParseFlags(const std::vector &Args) { for (size_t F = 0; F < kNumFlags; F++) { if (FlagDescriptions[F].IntFlag) *FlagDescriptions[F].IntFlag = FlagDescriptions[F].Default; + if (FlagDescriptions[F].UIntFlag) + *FlagDescriptions[F].UIntFlag = + static_cast(FlagDescriptions[F].Default); if (FlagDescriptions[F].StrFlag) *FlagDescriptions[F].StrFlag = nullptr; } diff --git a/lib/Fuzzer/FuzzerFlags.def b/lib/Fuzzer/FuzzerFlags.def index 7aea5bf641c..da7a2d3f5c7 100644 --- a/lib/Fuzzer/FuzzerFlags.def +++ b/lib/Fuzzer/FuzzerFlags.def @@ -11,7 +11,7 @@ // portability and independence. //===----------------------------------------------------------------------===// FUZZER_FLAG_INT(verbosity, 1, "Verbosity level.") -FUZZER_FLAG_INT(seed, 0, "Random seed. If 0, seed is generated.") +FUZZER_FLAG_UNSIGNED(seed, 0, "Random seed. If 0, seed is generated.") FUZZER_FLAG_INT(runs, -1, "Number of individual test runs (-1 for infinite runs).") FUZZER_FLAG_INT(max_len, 64, "Maximum length of the test input.") diff --git a/lib/Fuzzer/FuzzerInterface.cpp b/lib/Fuzzer/FuzzerInterface.cpp index 79cb0e40f0e..bcd726fc08e 100644 --- a/lib/Fuzzer/FuzzerInterface.cpp +++ b/lib/Fuzzer/FuzzerInterface.cpp @@ -15,7 +15,7 @@ namespace fuzzer { -void FuzzerRandomLibc::ResetSeed(int seed) { srand(seed); } +void FuzzerRandomLibc::ResetSeed(unsigned int seed) { srand(seed); } size_t FuzzerRandomLibc::Rand() { return rand(); } diff --git a/lib/Fuzzer/FuzzerInterface.h b/lib/Fuzzer/FuzzerInterface.h index c96343404f4..c409c06eca1 100644 --- a/lib/Fuzzer/FuzzerInterface.h +++ b/lib/Fuzzer/FuzzerInterface.h @@ -50,7 +50,7 @@ class FuzzerRandomBase { public: FuzzerRandomBase(){} virtual ~FuzzerRandomBase(){}; - virtual void ResetSeed(int seed) = 0; + virtual void ResetSeed(unsigned int seed) = 0; // Return a random number. virtual size_t Rand() = 0; // Return a random number in range [0,n). @@ -60,8 +60,8 @@ class FuzzerRandomBase { class FuzzerRandomLibc : public FuzzerRandomBase { public: - FuzzerRandomLibc(int seed) { ResetSeed(seed); } - void ResetSeed(int seed) override; + FuzzerRandomLibc(unsigned int seed) { ResetSeed(seed); } + void ResetSeed(unsigned int seed) override; ~FuzzerRandomLibc() override {} size_t Rand() override; }; diff --git a/lib/Fuzzer/test/fuzzer.test b/lib/Fuzzer/test/fuzzer.test index 3b7045d8de8..6515628d108 100644 --- a/lib/Fuzzer/test/fuzzer.test +++ b/lib/Fuzzer/test/fuzzer.test @@ -48,8 +48,8 @@ RUN: not LLVMFuzzer-SimpleCmpTest -use_traces=1 -seed=1 -runs=1000000 -timeout=5 RUN: not LLVMFuzzer-UserSuppliedFuzzerTest -seed=1 -timeout=15 2>&1 | FileCheck %s -RUN: not LLVMFuzzer-MemcmpTest -use_traces=1 -seed=1 -runs=100000 2>&1 | FileCheck %s -RUN: LLVMFuzzer-MemcmpTest -seed=1 -runs=1000000 2>&1 | FileCheck %s --check-prefix=Done1000000 +RUN: not LLVMFuzzer-MemcmpTest -use_traces=1 -seed=4294967295 -runs=100000 2>&1 | FileCheck %s +RUN: LLVMFuzzer-MemcmpTest -seed=4294967295 -runs=1000000 2>&1 | FileCheck %s --check-prefix=Done1000000 Done1000000: Done 1000000 runs in RUN: not LLVMFuzzer-StrncmpTest -use_traces=1 -seed=1 -runs=100000 2>&1 | FileCheck %s -- 2.34.1