[llvm] r249096 - [LibFuzzer] test_single_input option to run a single test case.

Ivan Krasin via llvm-commits llvm-commits at lists.llvm.org
Thu Oct 1 16:23:06 PDT 2015 

Author: krasin
Date: Thu Oct  1 18:23:06 2015
New Revision: 249096

URL: http://llvm.org/viewvc/llvm-project?rev=249096&view=rev
Log:
[LibFuzzer] test_single_input option to run a single test case.

-test_single_input flag specifies a file name with test data.

Review URL: http://reviews.llvm.org/D13359

Patch by Mike Aizatsky!


Added:
    llvm/trunk/lib/Fuzzer/test/hi.txt
Modified:
    llvm/trunk/docs/LibFuzzer.rst
    llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
    llvm/trunk/lib/Fuzzer/FuzzerFlags.def
    llvm/trunk/lib/Fuzzer/FuzzerInternal.h
    llvm/trunk/lib/Fuzzer/test/fuzzer.test

Modified: llvm/trunk/docs/LibFuzzer.rst
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/docs/LibFuzzer.rst?rev=249096&r1=249095&r2=249096&view=diff
==============================================================================
--- llvm/trunk/docs/LibFuzzer.rst (original)
+++ llvm/trunk/docs/LibFuzzer.rst Thu Oct  1 18:23:06 2015
@@ -68,6 +68,7 @@ The most important flags are::
   sync_timeout                       	600	Minimum timeout between syncs.
   use_traces                            0       Experimental: use instruction traces
   only_ascii                            0       If 1, generate only ASCII (isprint+isspace) inputs.
+  test_single_input                     ""      Use specified file content as test input. Test will be run only once. Useful for debugging a particular case.
 
 
 For the full list of flags run the fuzzer binary with ``-help=1``.

Modified: llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp?rev=249096&r1=249095&r2=249096&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp Thu Oct  1 18:23:06 2015
@@ -202,6 +202,12 @@ int ApplyTokens(const Fuzzer &F, const c
   return 0;
 }
 
+int RunOneTest(Fuzzer *F, const char *InputFilePath) {
+  Unit U = FileToVector(InputFilePath);
+  F->ExecuteCallback(U);
+  return 0;
+}
+
 int FuzzerDriver(int argc, char **argv, UserCallback Callback) {
   FuzzerRandomLibc Rand(0);
   SimpleUserSuppliedFuzzer SUSF(&Rand, Callback);
@@ -275,6 +281,9 @@ int FuzzerDriver(const std::vector<std::
   if (Flags.apply_tokens)
     return ApplyTokens(F, Flags.apply_tokens);
 
+  if (Flags.test_single_input)
+    return RunOneTest(&F, Flags.test_single_input);
+
   unsigned Seed = Flags.seed;
   // Initialize Seed.
   if (Seed == 0)

Modified: llvm/trunk/lib/Fuzzer/FuzzerFlags.def
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerFlags.def?rev=249096&r1=249095&r2=249096&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerFlags.def (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerFlags.def Thu Oct  1 18:23:06 2015
@@ -66,3 +66,4 @@ FUZZER_FLAG_INT(tbm_depth, 5, "Apply at
                                "trace-based-mutations (tbm).")
 FUZZER_FLAG_INT(tbm_width, 5, "Apply at most this number of independent"
                                "trace-based-mutations (tbm)")
+FUZZER_FLAG_STRING(test_single_input, "Use specified file as test input.")
\ No newline at end of file

Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=249096&r1=249095&r2=249096&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Thu Oct  1 18:23:06 2015
@@ -115,10 +115,10 @@ class Fuzzer {
   static void StaticAlarmCallback();
 
   Unit SubstituteTokens(const Unit &U) const;
+  void ExecuteCallback(const Unit &U);
 
  private:
   void AlarmCallback();
-  void ExecuteCallback(const Unit &U);
   void MutateAndTestOne(Unit *U);
   void ReportNewCoverage(size_t NewCoverage, const Unit &U);
   size_t RunOne(const Unit &U);

Modified: llvm/trunk/lib/Fuzzer/test/fuzzer.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/fuzzer.test?rev=249096&r1=249095&r2=249096&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/fuzzer.test (original)
+++ llvm/trunk/lib/Fuzzer/test/fuzzer.test Thu Oct  1 18:23:06 2015
@@ -1,6 +1,7 @@
 CHECK: BINGO
 
 RUN: LLVMFuzzer-SimpleTest 2>&1 | FileCheck %s
+RUN: LLVMFuzzer-SimpleTest -test_single_input=%S/hi.txt 2>&1 | FileCheck %s 
 
 RUN: not LLVMFuzzer-InfiniteTest -timeout=2 2>&1 | FileCheck %s --check-prefix=InfiniteTest
 InfiniteTest: ALARM: working on the last Unit for

Added: llvm/trunk/lib/Fuzzer/test/hi.txt
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/test/hi.txt?rev=249096&view=auto
==============================================================================
--- llvm/trunk/lib/Fuzzer/test/hi.txt (added)
+++ llvm/trunk/lib/Fuzzer/test/hi.txt Thu Oct  1 18:23:06 2015
@@ -0,0 +1 @@
+Hi!
\ No newline at end of file

More information about the llvm-commits mailing list