diff options
| author | Kostya Serebryany <kcc@google.com> | 2016-05-09 21:02:36 +0000 |
|---|---|---|
| committer | Kostya Serebryany <kcc@google.com> | 2016-05-09 21:02:36 +0000 |
| commit | ca9694ba2ccf2beee3ee0ed694e905d349e7bc80 (patch) | |
| tree | d7972ab7032371cd6ee9f783a97373d81d16da53 /llvm/lib/Fuzzer/test | |
| parent | 60b3cbe0953c6f8662e39d1d8aab7a824ad7b721 (diff) | |
| download | bcm5719-llvm-ca9694ba2ccf2beee3ee0ed694e905d349e7bc80.tar.gz bcm5719-llvm-ca9694ba2ccf2beee3ee0ed694e905d349e7bc80.zip | |
[libFuzzer] add a test for libFuzzer+ubsan, extend the docs on using libFuzzer+ubsan
llvm-svn: 268968
Diffstat (limited to 'llvm/lib/Fuzzer/test')
| -rw-r--r-- | llvm/lib/Fuzzer/test/CMakeLists.txt | 10 | ||||
| -rw-r--r-- | llvm/lib/Fuzzer/test/SignedIntOverflowTest.cpp | 28 | ||||
| -rw-r--r-- | llvm/lib/Fuzzer/test/fuzzer-ubsan.test | 4 | ||||
| -rw-r--r-- | llvm/lib/Fuzzer/test/ubsan/CMakeLists.txt | 14 |
4 files changed, 56 insertions, 0 deletions
diff --git a/llvm/lib/Fuzzer/test/CMakeLists.txt b/llvm/lib/Fuzzer/test/CMakeLists.txt index 81a996930f4..52ed2f5bbb3 100644 --- a/llvm/lib/Fuzzer/test/CMakeLists.txt +++ b/llvm/lib/Fuzzer/test/CMakeLists.txt @@ -57,6 +57,10 @@ set(TracePCTests FullCoverageSetTest ) +set(UbsanTests + SignedIntOverflowTest + ) + set(TestBinaries) foreach(Test ${Tests}) @@ -118,6 +122,12 @@ foreach(Test ${UninstrumentedTests}) set(TestBinaries ${TestBinaries} LLVMFuzzer-${Test}-Uninstrumented) endforeach() +add_subdirectory(ubsan) + +foreach(Test ${UbsanTests}) + set(TestBinaries ${TestBinaries} LLVMFuzzer-${Test}-Ubsan) +endforeach() + add_subdirectory(trace-bb) foreach(Test ${TraceBBTests}) diff --git a/llvm/lib/Fuzzer/test/SignedIntOverflowTest.cpp b/llvm/lib/Fuzzer/test/SignedIntOverflowTest.cpp new file mode 100644 index 00000000000..7df32ad5793 --- /dev/null +++ b/llvm/lib/Fuzzer/test/SignedIntOverflowTest.cpp @@ -0,0 +1,28 @@ +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. + +// Test for signed-integer-overflow. +#include <assert.h> +#include <cstdint> +#include <cstdlib> +#include <cstddef> +#include <iostream> +#include <climits> + +static volatile int Sink; +static int Large = INT_MAX; + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + assert(Data); + if (Size > 0 && Data[0] == 'H') { + Sink = 1; + if (Size > 1 && Data[1] == 'i') { + Sink = 2; + if (Size > 2 && Data[2] == '!') { + Large++; // int overflow. + } + } + } + return 0; +} + diff --git a/llvm/lib/Fuzzer/test/fuzzer-ubsan.test b/llvm/lib/Fuzzer/test/fuzzer-ubsan.test new file mode 100644 index 00000000000..0e8ad6c94a1 --- /dev/null +++ b/llvm/lib/Fuzzer/test/fuzzer-ubsan.test @@ -0,0 +1,4 @@ +RUN: not LLVMFuzzer-SignedIntOverflowTest-Ubsan 2>&1 | FileCheck %s +CHECK: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' +CHECK: Test unit written to ./crash- + diff --git a/llvm/lib/Fuzzer/test/ubsan/CMakeLists.txt b/llvm/lib/Fuzzer/test/ubsan/CMakeLists.txt new file mode 100644 index 00000000000..5547704525e --- /dev/null +++ b/llvm/lib/Fuzzer/test/ubsan/CMakeLists.txt @@ -0,0 +1,14 @@ +# These tests are instrumented with ubsan in non-recovery mode. + +set(CMAKE_CXX_FLAGS_RELEASE + "${LIBFUZZER_FLAGS_BASE} -O0 -fsanitize=undefined -fno-sanitize-recover=all") + +foreach(Test ${UbsanTests}) + add_executable(LLVMFuzzer-${Test}-Ubsan + ../${Test}.cpp + ) + target_link_libraries(LLVMFuzzer-${Test}-Ubsan + LLVMFuzzer + ) +endforeach() + |
