diff options
Diffstat (limited to 'test/fuzzer/dataflow.test')
| -rw-r--r-- | test/fuzzer/dataflow.test | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/test/fuzzer/dataflow.test b/test/fuzzer/dataflow.test new file mode 100644 index 000000000..ba2d6e561 --- /dev/null +++ b/test/fuzzer/dataflow.test @@ -0,0 +1,76 @@ +# Tests the data flow tracer. +REQUIRES: linux + +# Build the tracer and the test. +RUN: %no_fuzzer_cpp_compiler -c -fno-sanitize=all -fsanitize=dataflow -fsanitize-coverage=trace-pc-guard,pc-table,func,trace-cmp %S/ThreeFunctionsTest.cpp -o %t-ThreeFunctionsTest.o +RUN: %no_fuzzer_cpp_compiler -fno-sanitize=all -fsanitize=dataflow %t-ThreeFunctionsTest.o %S/../../lib/fuzzer/dataflow/DataFlow.cpp -o %t-ThreeFunctionsTestDF + +# Dump the function list. +RUN: %t-ThreeFunctionsTestDF 2>&1 | FileCheck %s --check-prefix=FUNC_LIST +FUNC_LIST-DAG: LLVMFuzzerTestOneInput +FUNC_LIST-DAG: Func1 +FUNC_LIST-DAG: Func2 + +# Prepare the inputs. +RUN: rm -rf %t/IN +RUN: mkdir -p %t/IN +RUN: echo -n ABC > %t/IN/ABC +RUN: echo -n FUABC > %t/IN/FUABC +RUN: echo -n FUZZR > %t/IN/FUZZR +RUN: echo -n FUZZM > %t/IN/FUZZM +RUN: echo -n FUZZMU > %t/IN/FUZZMU + +# ABC: No data is used, the only used label is 4 (corresponds to the size) +RUN:%t-ThreeFunctionsTestDF %t/IN/ABC | FileCheck %s --check-prefix=IN_ABC +IN_ABC: LEN: 3 +IN_ABC: LABELS: 4 +IN_ABC: F{{[012]}} 4 +IN_ABC-NOT: F + +# FUABC: First 3 bytes are checked, Func1/Func2 are not called. +RUN:%t-ThreeFunctionsTestDF %t/IN/FUABC | FileCheck %s --check-prefix=IN_FUABC +IN_FUABC: LEN: 5 +IN_FUABC: LABELS: +IN_FUABC: L{{.*}} 1 +IN_FUABC: L{{.*}} 2 +IN_FUABC: L{{.*}} 3 +IN_FUABC-NOT: L{{.*}} 4 +IN_FUABC: F{{[012]}} +IN_FUABC-NOT: F + +# FUZZR: 5 bytes are used (4 in one function, 5-th in the other), Func2 is not called. +RUN:%t-ThreeFunctionsTestDF %t/IN/FUZZR | FileCheck %s --check-prefix=IN_FUZZR +IN_FUZZR: LEN: 5 +IN_FUZZR: LABELS: +IN_FUZZR: L{{.*}} 1 +IN_FUZZR: L{{.*}} 2 +IN_FUZZR: L{{.*}} 3 +IN_FUZZR: L[[L0:[0-9]*]] 4 +IN_FUZZR-DAG: F{{[012]}} 5 +IN_FUZZR-DAG: F{{[012]}} [[L0]] +IN_FUZZR-NOT: F + +# FUZZM: 5 bytes are used, both Func1 and Func2 are called, Func2 depends only on size (label 6). +RUN:%t-ThreeFunctionsTestDF %t/IN/FUZZM | FileCheck %s --check-prefix=IN_FUZZM +IN_FUZZM: LEN: 5 +IN_FUZZM: LABELS: +IN_FUZZM: L{{.*}} 1 +IN_FUZZM: L{{.*}} 2 +IN_FUZZM: L{{.*}} 3 +IN_FUZZM: L{{.*}} 4 +IN_FUZZM-DAG: F{{[012]}} 6 +IN_FUZZM-DAG: F{{[012]}} 5 +IN_FUZZM-DAG: F + +# FUZZMU: 6 bytes are used, both Func1 and Func2 are called, Func2 depends on byte 6 and size (label 7) +RUN:%t-ThreeFunctionsTestDF %t/IN/FUZZMU | FileCheck %s --check-prefix=IN_FUZZMU +IN_FUZZMU: LEN: 6 +IN_FUZZMU: LABELS: +IN_FUZZMU: L{{.*}} 1 +IN_FUZZMU: L{{.*}} 2 +IN_FUZZMU: L{{.*}} 3 +IN_FUZZMU: L{{.*}} 4 +IN_FUZZMU: L[[L2:[0-9]*]] 6 7 +IN_FUZZMU-DAG: F{{[012]}} 5 +IN_FUZZMU-DAG: F{{[012]}} [[L2]] +IN_FUZZMU-DAG: F |