From a115942ed69762206f87c680ef7ec98de3382fa6 Mon Sep 17 00:00:00 2001 From: mtklein Date: Fri, 15 Jan 2016 05:46:54 -0800 Subject: fuzz: signalBug() / signalBoring() Instead of a single ASSERT macro, this switches to two new methods: - signalBug(): tell afl-fuzz there's a bug caused by its inputs (by crashing) - signalBoring(): tell afl-fuzz these inputs are not worth testing (by exiting gracefully) I'm not seeing any effect on fuzz/s when I just always log verbosely. signalBug() now triggers SIGSEGV rather than SIGABRT. This should make it work with catchsegv more easily. BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1585353002 Review URL: https://codereview.chromium.org/1585353002 --- fuzz/Fuzz.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'fuzz/Fuzz.h') diff --git a/fuzz/Fuzz.h b/fuzz/Fuzz.h index f5083ef8e6..0f34ef4b3e 100644 --- a/fuzz/Fuzz.h +++ b/fuzz/Fuzz.h @@ -11,7 +11,6 @@ #include "SkData.h" #include "SkTRegistry.h" #include "SkTypes.h" -#include class Fuzz : SkNoncopyable { public: @@ -21,7 +20,13 @@ public: uint32_t nextU(); float nextF(); + void signalBug (); // Tell afl-fuzz these inputs found a bug. + void signalBoring(); // Tell afl-fuzz these inputs are not worth testing. + private: + template + T nextT(); + SkAutoTUnref fBytes; int fNextByte; }; @@ -36,6 +41,4 @@ struct Fuzzable { SkTRegistry register_##name({#name, fuzz_##name}); \ static void fuzz_##name(Fuzz* f) -#define ASSERT(cond) do { if (!(cond)) abort(); } while(false) - #endif//Fuzz_DEFINED -- cgit v1.2.3