<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Dec 3, 2015 at 10:59 AM, Mike Aizatsky <span dir="ltr"><<a href="mailto:aizatsky@chromium.org" target="_blank">aizatsky@chromium.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>We don't want to enforce this contract on user fuzzer functions. While some people find it reasonable, other prefer to add assert(ptr) to their code.</div></div></blockquote><div><br></div><div>That seems like a flawed assertion though. Why wouldn't we just fix those fuzzer fuctions/deem them to be incorrect?<br><br>- Dave</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><br></div></div><div class="HOEnZb"><div class="h5"><br><div class="gmail_quote"><div dir="ltr">On Wed, Dec 2, 2015 at 9:39 PM David Blaikie <<a href="mailto:dblaikie@gmail.com" target="_blank">dblaikie@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I think maybe this came up in the code review, but I'm still confused:<br><br>Why is it significant to make the Data pointer non-null if the size is zero? The implementation shouldn't care what value the Data pointer has if it's been told that it points to zero valid bytes, no?</div><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Dec 2, 2015 at 2:43 PM, Mike Aizatsky via llvm-commits <span dir="ltr"><<a href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: aizatsky<br>
Date: Wed Dec 2 16:43:53 2015<br>
New Revision: 254558<br>
<br>
URL: <a href="http://llvm.org/viewvc/llvm-project?rev=254558&view=rev" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project?rev=254558&view=rev</a><br>
Log:<br>
Libfuzzer: do not pass null into user function<br>
<br>
Differential Revision: <a href="http://reviews.llvm.org/D15098" rel="noreferrer" target="_blank">http://reviews.llvm.org/D15098</a><br>
<br>
Modified:<br>
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp<br>
llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp<br>
<br>
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=254558&r1=254557&r2=254558&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=254558&r1=254557&r2=254558&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)<br>
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Wed Dec 2 16:43:53 2015<br>
@@ -238,7 +238,11 @@ void Fuzzer::RunOneAndUpdateCorpus(Unit<br>
}<br>
<br>
void Fuzzer::ExecuteCallback(const Unit &U) {<br>
- int Res = USF.TargetFunction(U.data(), U.size());<br>
+ const uint8_t *Data = U.data();<br>
+ uint8_t EmptyData;<br>
+ if (!Data)<br>
+ Data = &EmptyData;<br>
+ int Res = USF.TargetFunction(Data, U.size());<br>
(void)Res;<br>
assert(Res == 0);<br>
}<br>
<br>
Modified: llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp?rev=254558&r1=254557&r2=254558&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp?rev=254558&r1=254557&r2=254558&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp (original)<br>
+++ llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp Wed Dec 2 16:43:53 2015<br>
@@ -1,4 +1,5 @@<br>
// Simple test for a fuzzer. The fuzzer must find the string "Hi!".<br>
+#include <assert.h><br>
#include <cstdint><br>
#include <cstdlib><br>
#include <cstddef><br>
@@ -7,6 +8,7 @@<br>
static volatile int Sink;<br>
<br>
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {<br>
+ assert(Data);<br>
if (Size > 0 && Data[0] == 'H') {<br>
Sink = 1;<br>
if (Size > 1 && Data[1] == 'i') {<br>
<br>
<br>
_______________________________________________<br>
llvm-commits mailing list<br>
<a href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a><br>
<a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer" target="_blank">http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a><br>
</blockquote></div><br></div></div></blockquote></div>
</div></div></blockquote></div><br></div></div>