[compiler-rt] c2df1d8 - [libfuzzer] add test of cov file-id in control file
Vitaly Buka via llvm-commits
llvm-commits at lists.llvm.org
Wed Mar 22 22:56:10 PDT 2023
Author: Wu, Yingcong
Date: 2023-03-22T22:55:48-07:00
New Revision: c2df1d8a6d1cab95637a3b40d49a15e535135b33
URL: https://github.com/llvm/llvm-project/commit/c2df1d8a6d1cab95637a3b40d49a15e535135b33
DIFF: https://github.com/llvm/llvm-project/commit/c2df1d8a6d1cab95637a3b40d49a15e535135b33.diff
LOG: [libfuzzer] add test of cov file-id in control file
There is test for ft file-id in control file, but no test for cov line.
Without the test, a invalid cov file-id would cause crash.
Reviewed By: vitalybuka
Differential Revision: https://reviews.llvm.org/D145672
Added:
Modified:
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
compiler-rt/test/fuzzer/merge-control-file.test
Removed:
################################################################################
diff --git a/compiler-rt/lib/fuzzer/FuzzerMerge.cpp b/compiler-rt/lib/fuzzer/FuzzerMerge.cpp
index 24bd11958e807..8c8806e8aafd3 100644
--- a/compiler-rt/lib/fuzzer/FuzzerMerge.cpp
+++ b/compiler-rt/lib/fuzzer/FuzzerMerge.cpp
@@ -77,6 +77,7 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) {
size_t ExpectedStartMarker = 0;
const size_t kInvalidStartMarker = -1;
size_t LastSeenStartMarker = kInvalidStartMarker;
+ bool HaveFtMarker = true;
std::vector<uint32_t> TmpFeatures;
std::set<uint32_t> PCs;
while (std::getline(IS, Line, '\n')) {
@@ -93,12 +94,13 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) {
LastSeenStartMarker = ExpectedStartMarker;
assert(ExpectedStartMarker < Files.size());
ExpectedStartMarker++;
+ HaveFtMarker = false;
} else if (Marker == "FT") {
// FT FILE_ID COV1 COV2 COV3 ...
size_t CurrentFileIdx = N;
if (CurrentFileIdx != LastSeenStartMarker)
return false;
- LastSeenStartMarker = kInvalidStartMarker;
+ HaveFtMarker = true;
if (ParseCoverage) {
TmpFeatures.clear(); // use a vector from outer scope to avoid resizes.
while (ISS1 >> N)
@@ -108,6 +110,8 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) {
}
} else if (Marker == "COV") {
size_t CurrentFileIdx = N;
+ if (CurrentFileIdx != LastSeenStartMarker)
+ return false;
if (ParseCoverage)
while (ISS1 >> N)
if (PCs.insert(N).second)
@@ -116,7 +120,7 @@ bool Merger::Parse(std::istream &IS, bool ParseCoverage) {
return false;
}
}
- if (LastSeenStartMarker != kInvalidStartMarker)
+ if (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker)
LastFailure = Files[LastSeenStartMarker].Name;
FirstNotProcessedFile = ExpectedStartMarker;
diff --git a/compiler-rt/test/fuzzer/merge-control-file.test b/compiler-rt/test/fuzzer/merge-control-file.test
index ebd2cf5af3baa..c7d666ea471e9 100644
--- a/compiler-rt/test/fuzzer/merge-control-file.test
+++ b/compiler-rt/test/fuzzer/merge-control-file.test
@@ -50,3 +50,17 @@ RUN: echo STARTED 2 2 >> %t/MCF
RUN: echo FT 2 13 >> %t/MCF
RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=OK_3
OK_3: MERGE-OUTER: nothing to do, merge has been completed before
+
+# Test for invalid COV file_id
+RUN: rm -f %t/T1/*; cp %t/T0/* %t/T1
+RUN: echo 3 > %t/MCF; echo 0 >> %t/MCF; echo %t/T1/1 >> %t/MCF; echo %t/T1/2 >> %t/MCF; echo %t/T1/3 >> %t/MCF
+RUN: echo STARTED 0 1 >> %t/MCF
+RUN: echo FT 0 11 >> %t/MCF
+RUN: echo STARTED 1 2 >> %t/MCF
+RUN: echo FT 1 12 >> %t/MCF
+RUN: echo STARTED 2 2 >> %t/MCF
+RUN: echo FT 2 13 >> %t/MCF
+# Invalid file-id 21 here
+RUN: echo COV 21 13 >> %t/MCF
+RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=COV_INVALID
+COV_INVALID: MERGE-OUTER: bad control file, will overwrite it
More information about the llvm-commits
mailing list