This is an archive of the discontinued LLVM Phabricator instance.

Differential D150598

[libc] use LLVM atof for fuzz precheck
AbandonedPublic

Authored by michaelrj on May 15 2023, 11:23 AM.

Details

Reviewers
sivachandra
lntue
Summary

The atof differential fuzz precheck skips all hexadecimal subnormals
since glibc's atof doesn't round them correctly. By using glibc's atof
to check if the number is a hexadecimal subnormal it was found that it
sometimes rounds down to zero when it should round up to the minimum
subnormal. This bypassed the check since 0 does not count as a
subnormal. This patch solves the issue by using the LLVM-libc
implementation of atof.

Diff Detail

Event Timeline

michaelrj created this revision.May 15 2023, 11:23 AM
Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptMay 15 2023, 11:23 AM
Herald added subscribers: libc-commits, ecnelises, tschuett. · View Herald Transcript
michaelrj requested review of this revision.May 15 2023, 11:23 AM
Harbormaster completed remote builds in B232069: Diff 522277.May 15 2023, 11:30 AM
lntue accepted this revision.May 15 2023, 11:33 AM
This revision is now accepted and ready to land.May 15 2023, 11:33 AM
sivachandra added a comment.May 15 2023, 12:01 PM

I am fine with this, but it is kind of reducing the validity of the fuzz test - we are ignoring the correctness check of a class of inputs using the libc's own results. Could we use MPFR and not depend on the system libc at all? MPFR has functions like mpfr_set_str and mpfr_strtofr which perform the atof operation.

michaelrj abandoned this revision.May 18 2023, 1:34 PM

Abandoned in favor of https://reviews.llvm.org/D150905

Revision Contents

PathSize
libc/
fuzzing/
stdlib/
4 lines

Diff 522277

libc/fuzzing/stdlib/atof_differential_fuzz.cpp

Show All 31 Linesbool has_hex_prefix(const uint8_t *str) {
// Skip over sign // Skip over sign
if (str[index] == '-' || str[index] == '+') { if (str[index] == '-' || str[index] == '+') {
++index; ++index;
} }
return str[index] == '0' && (tolower(str[index + 1])) == 'x'; return str[index] == '0' && (tolower(str[index + 1])) == 'x';
} }
bool should_be_skipped(const uint8_t *str) { bool should_be_skipped(const uint8_t *str) {
double init_result = ::atof(reinterpret_cast<const char *>(str)); // We can be more confident that our atof is correct than the system one, at
// least for this case.
double init_result = __llvm_libc::atof(reinterpret_cast<const char *>(str));
if (init_result < 0) { if (init_result < 0) {
init_result = -init_result; init_result = -init_result;
} }
if (init_result < MIN_NORMAL && init_result != 0) { if (init_result < MIN_NORMAL && init_result != 0) {
return has_hex_prefix(str); return has_hex_prefix(str);
} }
return false; return false;
} }
Show All 21 Lines