changeset 43615:6f5c352f41b6

fuzz: clean out most of fuzzutil It's now a header-only setup that just selects absl:: or std:: versions of things as needed, and a logging helper. There's some room for future cleanups here: we could move to just requiring a C++17 compiler and get rid of the absl stuff. Also, the mpatch parser has a fair amount of parsing the input string into char* blocks that we can and probably should fix that up to use FuzzedDataProvider as well. Differential Revision: https://phab.mercurial-scm.org/D7370
author Augie Fackler <augie@google.com>
date Mon, 11 Nov 2019 16:45:22 -0500
parents 78df32a8b6f4
children 92bb5bacd807
files contrib/fuzz/Makefile contrib/fuzz/fuzzutil.cc contrib/fuzz/fuzzutil.h
diffstat 3 files changed, 12 insertions(+), 58 deletions(-) [+]
line wrap: on
line diff
--- a/contrib/fuzz/Makefile	Mon Nov 11 16:37:18 2019 -0500
+++ b/contrib/fuzz/Makefile	Mon Nov 11 16:45:22 2019 -0500
@@ -3,15 +3,6 @@
 
 all: bdiff mpatch xdiff
 
-fuzzutil.o: fuzzutil.cc fuzzutil.h
-	$(CXX) $(CXXFLAGS) -g -O1 \
-	  -std=c++17 \
-	  -I../../mercurial -c -o fuzzutil.o fuzzutil.cc
-
-fuzzutil-oss-fuzz.o: fuzzutil.cc fuzzutil.h
-	$(CXX) $(CXXFLAGS) -std=c++17 \
-	  -I../../mercurial -c -o fuzzutil-oss-fuzz.o fuzzutil.cc
-
 pyutil.o: pyutil.cc pyutil.h
 	$(CXX) $(CXXFLAGS) -g -O1 \
 	  `$$OUT/sanpy/bin/python-config --cflags` \
@@ -21,17 +12,17 @@
 	$(CC) $(CFLAGS) -fsanitize=fuzzer-no-link,address -c -o bdiff.o \
 	  ../../mercurial/bdiff.c
 
-bdiff: bdiff.cc bdiff.o fuzzutil.o
+bdiff: bdiff.cc bdiff.o 
 	$(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
 	  -std=c++17 \
-	  -I../../mercurial bdiff.cc bdiff.o fuzzutil.o -o bdiff
+	  -I../../mercurial bdiff.cc bdiff.o -o bdiff
 
 bdiff-oss-fuzz.o: ../../mercurial/bdiff.c
 	$(CC) $(CFLAGS) -c -o bdiff-oss-fuzz.o ../../mercurial/bdiff.c
 
-bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o
+bdiff_fuzzer: bdiff.cc bdiff-oss-fuzz.o
 	$(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial bdiff.cc \
-	  bdiff-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \
+	  bdiff-oss-fuzz.o -lFuzzingEngine -o \
 	  $$OUT/bdiff_fuzzer
 
 mpatch.o: ../../mercurial/mpatch.c
@@ -39,16 +30,16 @@
 	  ../../mercurial/mpatch.c
 
 mpatch: CXXFLAGS += -std=c++17
-mpatch: mpatch.cc mpatch.o fuzzutil.o
+mpatch: mpatch.cc mpatch.o
 	$(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
-	  -I../../mercurial mpatch.cc mpatch.o fuzzutil.o -o mpatch
+	  -I../../mercurial mpatch.cc mpatch.o -o mpatch
 
 mpatch-oss-fuzz.o: ../../mercurial/mpatch.c
 	$(CC) $(CFLAGS) -c -o mpatch-oss-fuzz.o ../../mercurial/mpatch.c
 
-mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o
+mpatch_fuzzer: mpatch.cc mpatch-oss-fuzz.o 
 	$(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial mpatch.cc \
-	  mpatch-oss-fuzz.o fuzzutil-oss-fuzz.o -lFuzzingEngine -o \
+	  mpatch-oss-fuzz.o -lFuzzingEngine -o \
 	  $$OUT/mpatch_fuzzer
 
 mpatch_corpus.zip:
@@ -60,19 +51,19 @@
 	  $<
 
 xdiff: CXXFLAGS += -std=c++17
-xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o fuzzutil.o
+xdiff: xdiff.cc xdiffi.o xprepare.o xutils.o 
 	$(CXX) $(CXXFLAGS) -DHG_FUZZER_INCLUDE_MAIN=1 -g -O1 -fsanitize=fuzzer-no-link,address \
 	  -I../../mercurial xdiff.cc \
-	  xdiffi.o xprepare.o xutils.o fuzzutil.o -o xdiff
+	  xdiffi.o xprepare.o xutils.o -o xdiff
 
 fuzz-x%.o: ../../mercurial/thirdparty/xdiff/x%.c ../../mercurial/thirdparty/xdiff/*.h
 	$(CC) $(CFLAGS) -c \
 	  -o $@ \
 	  $<
 
-xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o
+xdiff_fuzzer: xdiff.cc fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o 
 	$(CXX) $(CXXFLAGS) -std=c++17 -I../../mercurial xdiff.cc \
-	  fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o fuzzutil-oss-fuzz.o \
+	  fuzz-xdiffi.o fuzz-xprepare.o fuzz-xutils.o \
 	  -lFuzzingEngine -o $$OUT/xdiff_fuzzer
 
 manifest.o: ../../mercurial/cext/manifest.c
--- a/contrib/fuzz/fuzzutil.cc	Mon Nov 11 16:37:18 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,27 +0,0 @@
-#include "fuzzutil.h"
-
-#include <cstring>
-#include <utility>
-
-contrib::optional<two_inputs> SplitInputs(const uint8_t *Data, size_t Size)
-{
-	if (!Size) {
-		return contrib::nullopt;
-	}
-	// figure out a random point in [0, Size] to split our input.
-	size_t left_size = (Data[0] / 255.0) * (Size - 1);
-
-	// Copy inputs to new allocations so if bdiff over-reads
-	// AddressSanitizer can detect it.
-	std::unique_ptr<char[]> left(new char[left_size]);
-	std::memcpy(left.get(), Data + 1, left_size);
-	// right starts at the next byte after left ends
-	size_t right_size = Size - (left_size + 1);
-	std::unique_ptr<char[]> right(new char[right_size]);
-	std::memcpy(right.get(), Data + 1 + left_size, right_size);
-	LOG(2) << "inputs are  " << left_size << " and " << right_size
-	       << " bytes" << std::endl;
-	two_inputs result = {std::move(right), right_size, std::move(left),
-	                     left_size};
-	return result;
-}
--- a/contrib/fuzz/fuzzutil.h	Mon Nov 11 16:37:18 2019 -0500
+++ b/contrib/fuzz/fuzzutil.h	Mon Nov 11 16:45:22 2019 -0500
@@ -34,14 +34,4 @@
 	if (level <= DEBUG)                                                    \
 	std::cout
 
-struct two_inputs {
-	std::unique_ptr<char[]> right;
-	size_t right_size;
-	std::unique_ptr<char[]> left;
-	size_t left_size;
-};
-
-/* Split a non-zero-length input into two inputs. */
-contrib::optional<two_inputs> SplitInputs(const uint8_t *Data, size_t Size);
-
 #endif /* CONTRIB_FUZZ_FUZZUTIL_H */