| Kostya Serebryany | 67af992 | 2018-06-07 01:40:20 +0000 | [diff] [blame^] | 1 | # Tests the data flow tracer. |
| 2 | REQUIRES: linux |
| 3 | |
| 4 | # Build the tracer and the test. |
| 5 | RUN: %no_fuzzer_cpp_compiler -c -fno-sanitize=all -fsanitize=dataflow %S/../../lib/fuzzer/dataflow/DataFlow.cpp -o %t-DataFlow.o |
| 6 | RUN: %no_fuzzer_cpp_compiler -fno-sanitize=all -fsanitize=dataflow -fsanitize-coverage=trace-pc-guard,pc-table,func,trace-cmp %S/OnlySomeBytesTest.cpp %t-DataFlow.o -o %t-DFT |
| 7 | RUN: %cpp_compiler %S/OnlySomeBytesTest.cpp -o %t-Fuzz |
| 8 | |
| 9 | # Prepare the inputs. |
| 10 | RUN: rm -rf %t/IN |
| 11 | RUN: mkdir -p %t/IN |
| 12 | RUN: echo -n 0123456789012345678901234567890123456789012345678901234567891234 > %t/IN/6 |
| 13 | RUN: cat %t/IN/6 %t/IN/6 %t/IN/6 %t/IN/6 > %t/IN/8 |
| 14 | RUN: cat %t/IN/8 %t/IN/8 %t/IN/8 %t/IN/8 > %t/IN/10 |
| 15 | RUN: cat %t/IN/10 %t/IN/10 %t/IN/10 %t/IN/10 > %t/IN/12 |
| 16 | # %t/IN/12 is 4096 bytes-long. |
| 17 | |
| 18 | RUN: %t-Fuzz -focus_function=f0 -runs=0 %t/IN 2>&1 | FileCheck %s --check-prefix=NO_FOCUSED_INPUT |
| 19 | NO_FOCUSED_INPUT: INFO: 0/2 inputs touch the focus function |
| 20 | |
| 21 | RUN: (echo -n ABC; cat %t/IN/12) > %t/IN/ABC |
| 22 | RUN: %t-Fuzz -focus_function=f0 -runs=0 %t/IN 2>&1 | FileCheck %s --check-prefix=ONE_FOCUSED_INPUT |
| 23 | ONE_FOCUSED_INPUT: INFO: 1/3 inputs touch the focus function |
| 24 | |
| 25 | RUN: rm -rf %t/DFT_DIR |
| 26 | RUN: %libfuzzer_src/scripts/collect_data_flow.py %t-DFT %t/IN %t/DFT_DIR |
| 27 | |
| 28 | # Repat twice to make sure that the inputs with DFT are not removed from the corpus. |
| 29 | RUN: %t-Fuzz -focus_function=f0 -data_flow_trace=%t/DFT_DIR -runs=100 %t/IN 2>&1 | FileCheck %s --check-prefix=HAVE_DFT |
| 30 | RUN: %t-Fuzz -focus_function=f0 -data_flow_trace=%t/DFT_DIR -runs=100 %t/IN 2>&1 | FileCheck %s --check-prefix=HAVE_DFT |
| 31 | HAVE_DFT: INFO: 1/{{.*}} inputs have the Data Flow Trace |