This is an archive of the discontinued LLVM Phabricator instance.

[libc] Add fuzzing for printf floats
ClosedPublic

Authored by michaelrj on Jul 27 2023, 4:37 PM.

Details

Summary

To guarantee accuracy for all potential float values, this patch adds a
fuzzer to compare the results for float conversions from our printf
against MPFR's.

Diff Detail

Event Timeline

michaelrj created this revision.Jul 27 2023, 4:37 PM
Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptJul 27 2023, 4:37 PM
michaelrj requested review of this revision.Jul 27 2023, 4:37 PM
lntue added inline comments.Jul 28 2023, 6:27 AM
libc/fuzzing/stdio/printf_float_conv_fuzz.cpp
38

Will using enums for the error codes be better here?

michaelrj updated this revision to Diff 545272.Jul 28 2023, 2:04 PM
michaelrj marked an inline comment as done.

use an enum instead of int for the return value of test_vals

lntue accepted this revision.Aug 1 2023, 8:41 PM
lntue added inline comments.
libc/fuzzing/stdio/printf_float_conv_fuzz.cpp
2–3

Nit: line format.

This revision is now accepted and ready to land.Aug 1 2023, 8:41 PM
michaelrj edited the summary of this revision. (Show Details)Aug 3 2023, 3:27 PM
michaelrj updated this revision to Diff 547023.Aug 3 2023, 3:28 PM
michaelrj marked an inline comment as done.
michaelrj edited the summary of this revision. (Show Details)

Fix the header and also several bugs found with the fuzzer

lntue accepted this revision.Aug 4 2023, 11:00 AM
michaelrj updated this revision to Diff 547356.Aug 4 2023, 2:39 PM

fix another fuzz-found bug. Given this I'm going to let the fuzzer run over the weekend before landing

michaelrj updated this revision to Diff 547369.Aug 4 2023, 3:09 PM

fix another bug

michaelrj updated this revision to Diff 547394.Aug 4 2023, 4:24 PM

more bugfixes and a new patch in the chain

michaelrj updated this revision to Diff 548277.Aug 8 2023, 10:29 AM

A bunch more bugfixes, but it seems to be stable now. The fuzzer has ran for ~12 hours with no failure.

It would be helpful to actually leave a trail of descriptions of the mutually exclusive bugs that were identified. Also, prefer landing their fixes in separate patches (unless the fixes are trivial).

This revision was automatically updated to reflect the committed changes.