diff options
| author | Kostya Serebryany <kcc@google.com> | 2015-01-27 22:08:41 +0000 |
|---|---|---|
| committer | Kostya Serebryany <kcc@google.com> | 2015-01-27 22:08:41 +0000 |
| commit | d53b43fe117c619aad57b5bf80000d1617eb142d (patch) | |
| tree | 71b45ceb5839c384fcd2501ad10c70f084e2f86f /llvm/lib/Fuzzer/FuzzerUtil.cpp | |
| parent | 7a503694febda8648e39417ba9039e3adeed5e36 (diff) | |
| download | bcm5719-llvm-d53b43fe117c619aad57b5bf80000d1617eb142d.tar.gz bcm5719-llvm-d53b43fe117c619aad57b5bf80000d1617eb142d.zip | |
Add a Fuzzer library
Summary:
A simple genetic in-process coverage-guided fuzz testing library.
I've used this fuzzer to test clang-format
(it found 12+ bugs, thanks djasper@ for the fixes!)
and it may also help us test other parts of LLVM.
So why not keep it in the LLVM repository?
I plan to add the cmake build rules later (in a separate patch, if that's ok)
and also add a clang-format-fuzzer target.
See README.txt for details.
Test Plan: Tests will follow separately.
Reviewers: djasper, chandlerc, rnk
Reviewed By: rnk
Subscribers: majnemer, ygribov, dblaikie, llvm-commits
Differential Revision: http://reviews.llvm.org/D7184
llvm-svn: 227252
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerUtil.cpp')
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerUtil.cpp | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerUtil.cpp b/llvm/lib/Fuzzer/FuzzerUtil.cpp new file mode 100644 index 00000000000..679f289a1c3 --- /dev/null +++ b/llvm/lib/Fuzzer/FuzzerUtil.cpp @@ -0,0 +1,61 @@ +//===- FuzzerUtil.cpp - Misc utils ----------------------------------------===// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// +// Misc utils. +//===----------------------------------------------------------------------===// + +#include "FuzzerInternal.h" +#include <iostream> +#include <sys/time.h> +#include <cassert> +#include <cstring> +#include <signal.h> + +namespace fuzzer { + +void Print(const Unit &v, const char *PrintAfter) { + std::cerr << v.size() << ": "; + for (auto x : v) + std::cerr << (unsigned) x << " "; + std::cerr << PrintAfter; +} + +void PrintASCII(const Unit &U, const char *PrintAfter) { + for (auto X : U) + std::cerr << (char)((isascii(X) && X >= ' ') ? X : '?'); + std::cerr << PrintAfter; +} + +std::string Hash(const Unit &in) { + size_t h1 = 0, h2 = 0; + for (auto x : in) { + h1 += x; + h1 *= 5; + h2 += x; + h2 *= 7; + } + return std::to_string(h1) + std::to_string(h2); +} + +static void AlarmHandler(int, siginfo_t *, void *) { + Fuzzer::AlarmCallback(); +} + +void SetTimer(int Seconds) { + struct itimerval T {{Seconds, 0}, {Seconds, 0}}; + std::cerr << "SetTimer " << Seconds << "\n"; + int Res = setitimer(ITIMER_REAL, &T, nullptr); + assert(Res == 0); + struct sigaction sigact; + memset(&sigact, 0, sizeof(sigact)); + sigact.sa_sigaction = AlarmHandler; + Res = sigaction(SIGALRM, &sigact, 0); + assert(Res == 0); +} + +} // namespace fuzzer |
