[llvm] r236683 - [lib/Fuzzer] add dfsan_weak_hook_memcmp, enable the test that uses it, simplify the test runner

Kostya Serebryany kcc at google.com
Wed May 6 17:11:33 PDT 2015 

Author: kcc
Date: Wed May  6 19:11:33 2015
New Revision: 236683

URL: http://llvm.org/viewvc/llvm-project?rev=236683&view=rev
Log:
[lib/Fuzzer] add dfsan_weak_hook_memcmp, enable the test that uses it, simplify the test runner

Modified:
    llvm/trunk/lib/Fuzzer/FuzzerDFSan.cpp
    llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp
    llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp
    llvm/trunk/lib/Fuzzer/test/dfsan/DFSanMemcmpTest.cpp
    llvm/trunk/lib/Fuzzer/test/dfsan/DFSanSimpleCmpTest.cpp
    llvm/trunk/lib/Fuzzer/test/fuzzer.test

Modified: llvm/trunk/lib/Fuzzer/FuzzerDFSan.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerDFSan.cpp?rev=236683&r1=236682&r2=236683&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerDFSan.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerDFSan.cpp Wed May  6 19:11:33 2015
@@ -81,6 +81,8 @@ __attribute__((weak))
 void dfsan_add_label(dfsan_label label, void *addr, size_t size);
 __attribute__((weak))
 const struct dfsan_label_info *dfsan_get_label_info(dfsan_label label);
+__attribute__((weak))
+dfsan_label dfsan_read_label(const void *addr, size_t size);
 }  // extern "C"
 
 namespace {
@@ -272,4 +274,17 @@ void __dfsw___sanitizer_cov_trace_cmp(ui
   uint64_t Type = (SizeAndType << 32) >> 32;
   DFSan->DFSanCmpCallback(PC, CmpSize, Type, Arg1, Arg2, L1, L2);
 }
+
+void dfsan_weak_hook_memcmp(void *caller_pc, const void *s1, const void *s2,
+                            size_t n, dfsan_label s1_label,
+                            dfsan_label s2_label, dfsan_label n_label) {
+  uintptr_t PC = reinterpret_cast<uintptr_t>(caller_pc);
+  uint64_t S1, S2;
+  // Simplification: handle only first 8 bytes.
+  memcpy(&S1, s1, std::min(n, sizeof(S1)));
+  memcpy(&S2, s2, std::min(n, sizeof(S2)));
+  dfsan_label L1 = dfsan_read_label(s1, n);
+  dfsan_label L2 = dfsan_read_label(s2, n);
+  DFSan->DFSanCmpCallback(PC, n, ICMP_EQ, S1, S2, L1, L2);
+}
 }  // extern "C"

Modified: llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp?rev=236683&r1=236682&r2=236683&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp (original)
+++ llvm/trunk/lib/Fuzzer/test/CxxTokensTest.cpp Wed May  6 19:11:33 2015
@@ -6,7 +6,7 @@
 #include <iostream>
 
 static void Found() {
-  std::cout << "Found the target, exiting\n";
+  std::cout << "BINGO; Found the target, exiting\n";
   exit(1);
 }
 

Modified: llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp?rev=236683&r1=236682&r2=236683&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp (original)
+++ llvm/trunk/lib/Fuzzer/test/SimpleTest.cpp Wed May  6 19:11:33 2015
@@ -12,7 +12,7 @@ extern "C" void LLVMFuzzerTestOneInput(c
     if (Size > 1 && Data[1] == 'i') {
       Sink = 2;
       if (Size > 2 && Data[2] == '!') {
-        std::cout << "Found the target, exiting\n";
+        std::cout << "BINGO; Found the target, exiting\n";
         exit(0);
       }
     }

Modified: llvm/trunk/lib/Fuzzer/test/dfsan/DFSanMemcmpTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/dfsan/DFSanMemcmpTest.cpp?rev=236683&r1=236682&r2=236683&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/dfsan/DFSanMemcmpTest.cpp (original)
+++ llvm/trunk/lib/Fuzzer/test/dfsan/DFSanMemcmpTest.cpp Wed May  6 19:11:33 2015
@@ -1,8 +1,12 @@
 // Simple test for a fuzzer. The fuzzer must find a particular string.
 #include <cstring>
 #include <cstdint>
+#include <cstdio>
+#include <cstdlib>
 
 extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
-  if (Size >= 10 && memcmp(Data, "0123456789", 10) == 0)
-    __builtin_trap();
+  if (Size >= 8 && memcmp(Data, "01234567", 8) == 0) {
+    fprintf(stderr, "BINGO\n");
+    exit(1);
+  }
 }

Modified: llvm/trunk/lib/Fuzzer/test/dfsan/DFSanSimpleCmpTest.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/dfsan/DFSanSimpleCmpTest.cpp?rev=236683&r1=236682&r2=236683&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/dfsan/DFSanSimpleCmpTest.cpp (original)
+++ llvm/trunk/lib/Fuzzer/test/dfsan/DFSanSimpleCmpTest.cpp Wed May  6 19:11:33 2015
@@ -23,7 +23,7 @@ extern "C" void LLVMFuzzerTestOneInput(c
       z >= -10005 &&
       z != -10003 &&
       a == 4242) {
-    fprintf(stderr, "Found the target: size %zd (%zd, %zd, %d, %d), exiting.\n",
+    fprintf(stderr, "BINGO; Found the target: size %zd (%zd, %zd, %d, %d), exiting.\n",
             Size, x, y, z, a);
     exit(1);
   }

Modified: llvm/trunk/lib/Fuzzer/test/fuzzer.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/fuzzer.test?rev=236683&r1=236682&r2=236683&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/fuzzer.test (original)
+++ llvm/trunk/lib/Fuzzer/test/fuzzer.test Wed May  6 19:11:33 2015
@@ -1,5 +1,6 @@
-RUN: ./LLVMFuzzer-SimpleTest 2>&1 | FileCheck %s --check-prefix=SimpleTest
-SimpleTest: Found the target, exiting
+CHECK: BINGO
+
+RUN: ./LLVMFuzzer-SimpleTest 2>&1 | FileCheck %s
 
 RUN: not ./LLVMFuzzer-InfiniteTest -timeout=2 2>&1 | FileCheck %s --check-prefix=InfiniteTest
 InfiniteTest: ALARM: working on the last Unit for
@@ -12,17 +13,15 @@ TimeoutTest: CRASHED; file written to ti
 RUN: not ./LLVMFuzzer-NullDerefTest 2>&1 | FileCheck %s --check-prefix=NullDerefTest
 NullDerefTest: CRASHED; file written to crash-
 
-RUN: not ./LLVMFuzzer-FullCoverageSetTest -timeout=15 -seed=1 -mutate_depth=2 -use_full_coverage_set=1 2>&1 | FileCheck %s --check-prefix=FullCoverageSetTest
-FullCoverageSetTest: BINGO
+RUN: not ./LLVMFuzzer-FullCoverageSetTest -timeout=15 -seed=1 -mutate_depth=2 -use_full_coverage_set=1 2>&1 | FileCheck %s
+
+RUN: not ./LLVMFuzzer-FourIndependentBranchesTest -timeout=15 -seed=1 -use_coverage_pairs=1 2>&1 | FileCheck %s
+
+RUN: not ./LLVMFuzzer-CounterTest -use_counters=1 -max_len=6 -seed=1 -timeout=15 2>&1 | FileCheck %s
 
-RUN: not ./LLVMFuzzer-FourIndependentBranchesTest -timeout=15 -seed=1 -use_coverage_pairs=1 2>&1 | FileCheck %s --check-prefix=FourIndependentBranchesTest
-FourIndependentBranchesTest: BINGO
+RUN: not ./LLVMFuzzer-DFSanSimpleCmpTest -seed=1 -timeout=15 2>&1 | FileCheck %s
 
-RUN: not ./LLVMFuzzer-CounterTest -use_counters=1 -max_len=6 -seed=1 -timeout=15 2>&1 | FileCheck %s --check-prefix=CounterTest
-CounterTest: BINGO
+RUN: not ./LLVMFuzzer-DFSanMemcmpTest -seed=1 -timeout=15 2>&1 | FileCheck %s
 
-RUN: not ./LLVMFuzzer-DFSanSimpleCmpTest -seed=1 -timeout=15 2>&1 | FileCheck %s --check-prefix=DFSanSimpleCmpTest
-DFSanSimpleCmpTest: Found the target:
+RUN: not ./LLVMFuzzer-CxxTokensTest -seed=1 -timeout=15 -tokens=%S/../cxx_fuzzer_tokens.txt 2>&1 | FileCheck %s
 
-RUN: not ./LLVMFuzzer-CxxTokensTest -seed=1 -timeout=15 -tokens=%S/../cxx_fuzzer_tokens.txt 2>&1 | FileCheck %s --check-prefix=CxxTokensTest
-CxxTokensTest: Found the target, exiting

More information about the llvm-commits mailing list