Page MenuHomePhabricator
Differential D73776 Diff 251365 compiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp

Changeset View

Standalone View

View Options

compiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp

Show First 20 LinesShow All 586 Lines▼ Show 20 LinesTEST(FuzzerUtil, Base64) {
EXPECT_EQ("YWJjeA==", Base64({'a', 'b', 'c', 'x'})); EXPECT_EQ("YWJjeA==", Base64({'a', 'b', 'c', 'x'}));
EXPECT_EQ("YWJjeHk=", Base64({'a', 'b', 'c', 'x', 'y'})); EXPECT_EQ("YWJjeHk=", Base64({'a', 'b', 'c', 'x', 'y'}));
EXPECT_EQ("YWJjeHl6", Base64({'a', 'b', 'c', 'x', 'y', 'z'})); EXPECT_EQ("YWJjeHl6", Base64({'a', 'b', 'c', 'x', 'y', 'z'}));
} }
TEST(Corpus, Distribution) { TEST(Corpus, Distribution) {
DataFlowTrace DFT; DataFlowTrace DFT;
Random Rand(0); Random Rand(0);
std::unique_ptr<InputCorpus> C(new InputCorpus("")); std::unique_ptr<InputCorpus> C(new InputCorpus("", false, 0, 0));
kccUnsubmitted
Done
ReplyInline Actions

When running 'ninja check-fuzzer' this test fails for me:

That's weird: why does the functionality change with Entropic off?

[5/9] Running Fuzzer unit tests
FAIL: LLVMFuzzer-Unittest :: ./Fuzzer-x86_64-Test/Corpus.Distribution (48 of 55)

  • TEST 'LLVMFuzzer-Unittest :: ./Fuzzer-x86_64-Test/Corpus.Distribution' FAILED ****

Note: Google Test filter = Corpus.Distribution
[==========] Running 1 test from 1 test case.
[----------] Global test environment set-up.
[----------] 1 test from Corpus
[ RUN ] Corpus.Distribution
/usr/local/google/home/kcc/llvm-project/compiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp:609: Failure
Expected: (Hist[i]) > (TriesPerUnit / N / 3), actual: 0 vs 2184
/usr/local/google/home/kcc/llvm-project/compiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp:609: Failure
Expected: (Hist[i]) > (TriesPerUnit / N / 3), actual: 0 vs 2184
/usr/local/google/home/kcc/llvm-project/compiler-rt/lib/fuzzer/tests/FuzzerUnittest.cpp:609: Failure

kcc: When running 'ninja check-fuzzer' this test fails for me: That's weird: why does the…
marcelAuthorUnsubmitted
Done
ReplyInline Actions

Instead of updating the corpus distribution every time it changes (e.g., FuzzerCorpus.h#L114 and FuzzerCorpus.h#L165), entropic schedules that update by setting a flag. For efficiency, only when (and just before) a new input is chosen, the corpus distribution is actually updated. I had this update in ChooseUnitToMutate which calls ChooseUnitIdxToMutate. Now moved the call to UpdateCorpusDistribution to ChooseUnitIdxToMutate (which is used by the test case).

All 40 fuzzer unit tests pass.

marcel: Instead of updating the corpus distribution every time it changes (e.g., FuzzerCorpus.h#L114…
size_t N = 10; size_t N = 10;
size_t TriesPerUnit = 1<<16; size_t TriesPerUnit = 1<<16;
for (size_t i = 0; i < N; i++) for (size_t i = 0; i < N; i++)
C->AddToCorpus(Unit{static_cast<uint8_t>(i)}, 1, false, false, {}, DFT, C->AddToCorpus(Unit{static_cast<uint8_t>(i)}, 1, false, false, {}, DFT,
nullptr); nullptr);
Vector<size_t> Hist(N); Vector<size_t> Hist(N);
for (size_t i = 0; i < N * TriesPerUnit; i++) { for (size_t i = 0; i < N * TriesPerUnit; i++) {
▲ Show 20 LinesShow All 441 Lines▼ Show 20 LinesTEST(FuzzerCommand, SetOutput) {
Cmd.combineOutAndErr(); Cmd.combineOutAndErr();
EXPECT_TRUE(Cmd.isOutAndErrCombined()); EXPECT_TRUE(Cmd.isOutAndErrCombined());
CmdLine = Cmd.toString(); CmdLine = Cmd.toString();
EXPECT_EQ(CmdLine, makeCmdLine("", ">thud 2>&1")); EXPECT_EQ(CmdLine, makeCmdLine("", ">thud 2>&1"));
} }
TEST(Entropic, UpdateFrequency) {
const size_t One = 1, Two = 2;
const size_t FeatIdx1 = 0, FeatIdx2 = 42, FeatIdx3 = 12, FeatIdx4 = 26;
size_t Index;
// Create input corpus with default entropic configuration
std::unique_ptr<InputCorpus> C(new InputCorpus("", true, 0xFF, 100));
InputInfo *II = new InputInfo();
C->AddRareFeature(FeatIdx1);
C->UpdateFeatureFrequency(II, FeatIdx1);
EXPECT_EQ(II->FeatureFreqs.size(), One);
C->AddRareFeature(FeatIdx2);
C->UpdateFeatureFrequency(II, FeatIdx1);
C->UpdateFeatureFrequency(II, FeatIdx2);
EXPECT_EQ(II->FeatureFreqs.size(), Two);
EXPECT_EQ(II->FeatureFreqs[0].second, 2);
EXPECT_EQ(II->FeatureFreqs[1].second, 1);
C->AddRareFeature(FeatIdx3);
C->AddRareFeature(FeatIdx4);
C->UpdateFeatureFrequency(II, FeatIdx3);
C->UpdateFeatureFrequency(II, FeatIdx3);
C->UpdateFeatureFrequency(II, FeatIdx3);
C->UpdateFeatureFrequency(II, FeatIdx4);
for (Index = 1; Index < II->FeatureFreqs.size(); Index++)
EXPECT_LT(II->FeatureFreqs[Index - 1].first, II->FeatureFreqs[Index].first);
C->DeleteFeatureFreq(II, FeatIdx3);
for (Index = 1; Index < II->FeatureFreqs.size(); Index++)
EXPECT_LT(II->FeatureFreqs[Index - 1].first, II->FeatureFreqs[Index].first);
}
long double SubAndSquare(long double X, long double Y) {
long double R = X - Y;
R = R * R;
return R;
}
TEST(Entropic, ComputeEnergy) {
const long double Precision = 0.01;
std::unique_ptr<InputCorpus> C(new InputCorpus("", true, 0xFF, 100));
InputInfo *II = new InputInfo();
Vector<std::pair<uint32_t, uint16_t>> FeatureFreqs = {
std::pair<uint32_t, uint16_t>(1, 3),
std::pair<uint32_t, uint16_t>(2, 3),
std::pair<uint32_t, uint16_t>(3, 3)};
kccUnsubmitted
Done
ReplyInline Actions

Will a simpler syntax work, e.g.:

{1,3},
{2,3}
kcc: Will a simpler syntax work, e.g.: {1,3}, {2,3}
II->FeatureFreqs = FeatureFreqs;
II->NumExecutedMutations = 0;
C->UpdateEnergy(II, 4);
EXPECT_LT(SubAndSquare(II->Energy, 1.450805), Precision);
II->NumExecutedMutations = 9;
C->UpdateEnergy(II, 5);
EXPECT_LT(SubAndSquare(II->Energy, 1.525496), Precision);
II->FeatureFreqs[0].second++;
II->FeatureFreqs.push_back(std::pair<uint32_t, uint16_t>(42, 6));
II->NumExecutedMutations = 20;
C->UpdateEnergy(II, 10);
EXPECT_LT(SubAndSquare(II->Energy, 1.792831), Precision);
}
int main(int argc, char **argv) { int main(int argc, char **argv) {
testing::InitGoogleTest(&argc, argv); testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS(); return RUN_ALL_TESTS();
} }