[libc-commits] [libc] [libc] fuzz test for heap_sort (PR #100826)

via libc-commits libc-commits at lists.llvm.org
Fri Jul 26 17:06:07 PDT 2024 

https://github.com/RoseZhang03 updated https://github.com/llvm/llvm-project/pull/100826

>From 5dbd17fe11774aa706a59ee345d2576540e4538f Mon Sep 17 00:00:00 2001
From: Rose Zhang <rosezhang at google.com>
Date: Fri, 26 Jul 2024 22:45:50 +0000
Subject: [PATCH 1/2] [libc] fuzz test for heap_sort

Made a fuzz test for heap_sort based off of qsort_fuzz implementation
---
 libc/fuzzing/stdlib/CMakeLists.txt     |  8 ++++
 libc/fuzzing/stdlib/heap_sort_fuzz.cpp | 53 ++++++++++++++++++++++++++
 2 files changed, 61 insertions(+)
 create mode 100644 libc/fuzzing/stdlib/heap_sort_fuzz.cpp

diff --git a/libc/fuzzing/stdlib/CMakeLists.txt b/libc/fuzzing/stdlib/CMakeLists.txt
index 204bc619318da..3f954a6fe2a79 100644
--- a/libc/fuzzing/stdlib/CMakeLists.txt
+++ b/libc/fuzzing/stdlib/CMakeLists.txt
@@ -6,6 +6,14 @@ add_libc_fuzzer(
     libc.src.stdlib.qsort
 )
 
+add_libc_fuzzer(
+  heap_sort_fuzz
+  SRCS
+    heap_sort_fuzz.cpp
+  DEPENDS
+    libc.src.stlib.heap_sort
+)
+
 add_libc_fuzzer(
   atof_differential_fuzz
   SRCS
diff --git a/libc/fuzzing/stdlib/heap_sort_fuzz.cpp b/libc/fuzzing/stdlib/heap_sort_fuzz.cpp
new file mode 100644
index 0000000000000..70daa7e623e1c
--- /dev/null
+++ b/libc/fuzzing/stdlib/heap_sort_fuzz.cpp
@@ -0,0 +1,53 @@
+//===-- heap_sort_fuzz.cpp ----------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+///
+/// Fuzzing test for llvm-libc heap_sort implementation.
+///
+//===----------------------------------------------------------------------===//
+
+#include "src/stdlib/heap_sort.h"
+#include <stdint.h>
+
+static int int_compare(const void *l, const void *r) {
+  int li = *reinterpret_cast<const int *>(l);
+  int ri = *reinterpret_cast<const int *>(r);
+  if (li == ri)
+    return 0;
+  else if (li > ri)
+    return 1;
+  else
+    return -1;
+}
+
+namespace LIBC_NAMESPACE_DECL {
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+
+  const size_t array_size = size / sizeof(int);
+  if (array_size == 0)
+    return 0;
+
+  int *array = new int[array_size];
+  const int *data_as_int = reinterpret_cast<const int *>(data);
+  for (size_t i = 0; i < array_size; ++i)
+    array[i] = data_as_int[i];
+
+  auto arr = internal::Array(reinterpret_cast<uint8_t *>(array), array_size, sizeof(int), int_compare);
+
+  internal::heap_sort(arr);
+
+  for (size_t i = 0; i < array_size - 1; ++i) {
+    if (arr.get(i) > arr.get(i + 1))
+      __builtin_trap();
+  }
+
+  delete[] array;
+  return 0;
+}
+
+} // namespace LIBC_NAMESPACE_DECL
\ No newline at end of file

>From 2c39053430e84559886f56993f765e1ee1d5426c Mon Sep 17 00:00:00 2001
From: Rose Zhang <rosezhang at google.com>
Date: Sat, 27 Jul 2024 00:05:52 +0000
Subject: [PATCH 2/2] added line at end

---
 libc/fuzzing/stdlib/heap_sort_fuzz.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libc/fuzzing/stdlib/heap_sort_fuzz.cpp b/libc/fuzzing/stdlib/heap_sort_fuzz.cpp
index 70daa7e623e1c..28950f7a6171f 100644
--- a/libc/fuzzing/stdlib/heap_sort_fuzz.cpp
+++ b/libc/fuzzing/stdlib/heap_sort_fuzz.cpp
@@ -50,4 +50,4 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
   return 0;
 }
 
-} // namespace LIBC_NAMESPACE_DECL
\ No newline at end of file
+} // namespace LIBC_NAMESPACE_DECL

More information about the libc-commits mailing list