From: Kostya Serebryany Date: Fri, 2 Oct 2015 23:34:06 +0000 (+0000) Subject: [libFuzzer] make LLVMFuzzerTestOneInput (the fuzzer target function) return int inste... X-Git-Url: http://plrg.eecs.uci.edu/git/?p=oota-llvm.git;a=commitdiff_plain;h=9906eefc84affaf8b63a2ae1682131a70fe12182 [libFuzzer] make LLVMFuzzerTestOneInput (the fuzzer target function) return int instead of void. The actual return value is not *yet* used (and expected to be 0). This change is API breaking, so the fuzzers will need to be updated. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@249214 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/docs/LibFuzzer.rst b/docs/LibFuzzer.rst index 4155526ac84..0c90a1d5429 100644 --- a/docs/LibFuzzer.rst +++ b/docs/LibFuzzer.rst @@ -21,7 +21,8 @@ This library is intended primarily for in-process coverage-guided fuzz testing optimizations options (e.g. -O0, -O1, -O2) to diversify testing. * Build a test driver using the same options as the library. The test driver is a C/C++ file containing interesting calls to the library - inside a single function ``extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);`` + inside a single function ``extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size);``. + Currently, the only expected return value is 0, others are reserved for future. * Link the Fuzzer, the library and the driver together into an executable using the same sanitizer options as for the library. * Collect the initial corpus of inputs for the @@ -83,11 +84,12 @@ Toy example A simple function that does something interesting if it receives the input "HI!":: cat << EOF >> test_fuzzer.cc - extern "C" void LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size) { + extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, unsigned long size) { if (size > 0 && data[0] == 'H') if (size > 1 && data[1] == 'I') if (size > 2 && data[2] == '!') __builtin_trap(); + return 0; } EOF # Get lib/Fuzzer. Assuming that you already have fresh clang in PATH. @@ -119,8 +121,8 @@ Here we show how to use lib/Fuzzer on something real, yet simple: pcre2_:: cat << EOF > pcre_fuzzer.cc #include #include "pcre2posix.h" - extern "C" void LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { - if (size < 1) return; + extern "C" int LLVMFuzzerTestOneInput(const unsigned char *data, size_t size) { + if (size < 1) return 0; char *str = new char[size+1]; memcpy(str, data, size); str[size] = 0; @@ -130,6 +132,7 @@ Here we show how to use lib/Fuzzer on something real, yet simple: pcre2_:: regfree(&preg); } delete [] str; + return 0; } EOF clang++ -g -fsanitize=address $COV_FLAGS -c -std=c++11 -I inst/include/ pcre_fuzzer.cc @@ -227,7 +230,7 @@ to find Heartbleed with LibFuzzer:: assert (SSL_CTX_use_PrivateKey_file(sctx, "server.key", SSL_FILETYPE_PEM)); return 0; } - extern "C" void LLVMFuzzerTestOneInput(unsigned char *Data, size_t Size) { + extern "C" int LLVMFuzzerTestOneInput(unsigned char *Data, size_t Size) { static int unused = Init(); SSL *server = SSL_new(sctx); BIO *sinbio = BIO_new(BIO_s_mem()); @@ -237,6 +240,7 @@ to find Heartbleed with LibFuzzer:: BIO_write(sinbio, Data, Size); SSL_do_handshake(server); SSL_free(server); + return 0; } EOF # Build the fuzzer. diff --git a/lib/Fuzzer/FuzzerInterface.h b/lib/Fuzzer/FuzzerInterface.h index 7f7d608800d..de5084222ef 100644 --- a/lib/Fuzzer/FuzzerInterface.h +++ b/lib/Fuzzer/FuzzerInterface.h @@ -23,7 +23,9 @@ namespace fuzzer { -typedef void (*UserCallback)(const uint8_t *Data, size_t Size); +typedef void (*DeprecatedUserCallback)(const uint8_t *Data, size_t Size); +/// Returns an int 0. Values other than zero are reserved for future. +typedef int (*UserCallback)(const uint8_t *Data, size_t Size); /** Simple C-like interface with a single user-supplied callback. Usage: @@ -31,8 +33,9 @@ Usage: #\code #include "FuzzerInterface.h" -void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { DoStuffWithData(Data, Size); + return 0; } // Implement your own main() or use the one from FuzzerMain.cpp. @@ -43,6 +46,7 @@ int main(int argc, char **argv) { #\endcode */ int FuzzerDriver(int argc, char **argv, UserCallback Callback); +int FuzzerDriver(int argc, char **argv, DeprecatedUserCallback Callback); class FuzzerRandomBase { public: @@ -118,7 +122,7 @@ class MyFuzzer : public fuzzer::UserSuppliedFuzzer { public: MyFuzzer(fuzzer::FuzzerRandomBase *Rand); // Must define the target function. - void TargetFunction(...) { ... } + int TargetFunction(...) { ...; return 0; } // Optionally define the mutator. size_t Mutate(...) { ... } // Optionally define the CrossOver method. @@ -136,7 +140,7 @@ class UserSuppliedFuzzer { UserSuppliedFuzzer(); // Deprecated, don't use. UserSuppliedFuzzer(FuzzerRandomBase *Rand); /// Executes the target function on 'Size' bytes of 'Data'. - virtual void TargetFunction(const uint8_t *Data, size_t Size) = 0; + virtual int TargetFunction(const uint8_t *Data, size_t Size) = 0; /// Mutates 'Size' bytes of data in 'Data' inplace into up to 'MaxSize' bytes, /// returns the new size of the data, which should be positive. virtual size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize) { diff --git a/lib/Fuzzer/FuzzerInternal.h b/lib/Fuzzer/FuzzerInternal.h index 78e9c2208b6..3049167c62b 100644 --- a/lib/Fuzzer/FuzzerInternal.h +++ b/lib/Fuzzer/FuzzerInternal.h @@ -176,12 +176,19 @@ class SimpleUserSuppliedFuzzer: public UserSuppliedFuzzer { public: SimpleUserSuppliedFuzzer(FuzzerRandomBase *Rand, UserCallback Callback) : UserSuppliedFuzzer(Rand), Callback(Callback) {} - virtual void TargetFunction(const uint8_t *Data, size_t Size) { - return Callback(Data, Size); + + SimpleUserSuppliedFuzzer(FuzzerRandomBase *Rand, DeprecatedUserCallback Callback) + : UserSuppliedFuzzer(Rand), DeprecatedCallback(Callback) {} + + virtual int TargetFunction(const uint8_t *Data, size_t Size) override { + if (Callback) return Callback(Data, Size); + DeprecatedCallback(Data, Size); + return 0; } private: - UserCallback Callback; + DeprecatedUserCallback DeprecatedCallback = nullptr; + UserCallback Callback = nullptr; }; }; // namespace fuzzer diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp index 62a47bf0581..bfeed1ab21e 100644 --- a/lib/Fuzzer/FuzzerLoop.cpp +++ b/lib/Fuzzer/FuzzerLoop.cpp @@ -194,12 +194,14 @@ Unit Fuzzer::SubstituteTokens(const Unit &U) const { } void Fuzzer::ExecuteCallback(const Unit &U) { + int Res = 0; if (Options.Tokens.empty()) { - USF.TargetFunction(U.data(), U.size()); + Res = USF.TargetFunction(U.data(), U.size()); } else { auto T = SubstituteTokens(U); - USF.TargetFunction(T.data(), T.size()); + Res = USF.TargetFunction(T.data(), T.size()); } + assert(Res == 0); } size_t Fuzzer::RunOneMaximizeTotalCoverage(const Unit &U) { diff --git a/lib/Fuzzer/FuzzerMain.cpp b/lib/Fuzzer/FuzzerMain.cpp index c4dffb45d16..c5af5b05909 100644 --- a/lib/Fuzzer/FuzzerMain.cpp +++ b/lib/Fuzzer/FuzzerMain.cpp @@ -13,7 +13,7 @@ #include "FuzzerInternal.h" // This function should be defined by the user. -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int main(int argc, char **argv) { return fuzzer::FuzzerDriver(argc, argv, LLVMFuzzerTestOneInput); diff --git a/lib/Fuzzer/test/CounterTest.cpp b/lib/Fuzzer/test/CounterTest.cpp index 29ddb02ebae..b61f419c499 100644 --- a/lib/Fuzzer/test/CounterTest.cpp +++ b/lib/Fuzzer/test/CounterTest.cpp @@ -2,7 +2,7 @@ // executed many times. #include -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { int Num = 0; for (size_t i = 0; i < Size; i++) if (Data[i] == 'A' + i) @@ -11,4 +11,5 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { std::cerr << "BINGO!\n"; exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/CxxTokensTest.cpp b/lib/Fuzzer/test/CxxTokensTest.cpp index 77d08b3d105..82773231569 100644 --- a/lib/Fuzzer/test/CxxTokensTest.cpp +++ b/lib/Fuzzer/test/CxxTokensTest.cpp @@ -10,9 +10,9 @@ static void Found() { exit(1); } -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { // looking for "thread_local unsigned A;" - if (Size < 24) return; + if (Size < 24) return 0; if (0 == memcmp(&Data[0], "thread_local", 12)) if (Data[12] == ' ') if (0 == memcmp(&Data[13], "unsigned", 8)) @@ -20,5 +20,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Data[22] == 'A') if (Data[23] == ';') Found(); + return 0; } diff --git a/lib/Fuzzer/test/FourIndependentBranchesTest.cpp b/lib/Fuzzer/test/FourIndependentBranchesTest.cpp index e0b7509b8d6..6007dd4a027 100644 --- a/lib/Fuzzer/test/FourIndependentBranchesTest.cpp +++ b/lib/Fuzzer/test/FourIndependentBranchesTest.cpp @@ -4,7 +4,7 @@ #include #include -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { int bits = 0; if (Size > 0 && Data[0] == 'F') bits |= 1; if (Size > 1 && Data[1] == 'U') bits |= 2; @@ -14,5 +14,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { std::cerr << "BINGO!\n"; exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/FullCoverageSetTest.cpp b/lib/Fuzzer/test/FullCoverageSetTest.cpp index 2c6ff98db00..a868084a0ce 100644 --- a/lib/Fuzzer/test/FullCoverageSetTest.cpp +++ b/lib/Fuzzer/test/FullCoverageSetTest.cpp @@ -4,7 +4,7 @@ #include #include -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { int bits = 0; if (Size > 0 && Data[0] == 'F') bits |= 1; if (Size > 1 && Data[1] == 'U') bits |= 2; @@ -16,5 +16,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { std::cerr << "BINGO!\n"; exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/InfiniteTest.cpp b/lib/Fuzzer/test/InfiniteTest.cpp index b6d174ffdc9..e3288eecfba 100644 --- a/lib/Fuzzer/test/InfiniteTest.cpp +++ b/lib/Fuzzer/test/InfiniteTest.cpp @@ -8,7 +8,7 @@ static volatile int Sink; static volatile int One = 1; -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Size > 0 && Data[0] == 'H') { Sink = 1; if (Size > 1 && Data[1] == 'i') { @@ -20,5 +20,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } } } + return 0; } diff --git a/lib/Fuzzer/test/MemcmpTest.cpp b/lib/Fuzzer/test/MemcmpTest.cpp index 2954b6c7d48..47ce59e0d8f 100644 --- a/lib/Fuzzer/test/MemcmpTest.cpp +++ b/lib/Fuzzer/test/MemcmpTest.cpp @@ -4,7 +4,7 @@ #include #include -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { // TODO: check other sizes. if (Size >= 8 && memcmp(Data, "01234567", 8) == 0) { if (Size >= 12 && memcmp(Data + 8, "ABCD", 4) == 0) { @@ -16,4 +16,5 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } } } + return 0; } diff --git a/lib/Fuzzer/test/NullDerefTest.cpp b/lib/Fuzzer/test/NullDerefTest.cpp index 0cff6617a31..200c56ccbbc 100644 --- a/lib/Fuzzer/test/NullDerefTest.cpp +++ b/lib/Fuzzer/test/NullDerefTest.cpp @@ -7,7 +7,7 @@ static volatile int Sink; static volatile int *Null = 0; -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Size > 0 && Data[0] == 'H') { Sink = 1; if (Size > 1 && Data[1] == 'i') { @@ -18,5 +18,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } } } + return 0; } diff --git a/lib/Fuzzer/test/SimpleCmpTest.cpp b/lib/Fuzzer/test/SimpleCmpTest.cpp index ee378146dae..8568c737efb 100644 --- a/lib/Fuzzer/test/SimpleCmpTest.cpp +++ b/lib/Fuzzer/test/SimpleCmpTest.cpp @@ -4,8 +4,8 @@ #include #include -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { - if (Size < 14) return; +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { + if (Size < 14) return 0; uint64_t x = 0; int64_t y = 0; int z = 0; @@ -27,4 +27,5 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { Size, x, y, z, a); exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/SimpleDictionaryTest.cpp b/lib/Fuzzer/test/SimpleDictionaryTest.cpp index 20c80674366..b9cb2f0270a 100644 --- a/lib/Fuzzer/test/SimpleDictionaryTest.cpp +++ b/lib/Fuzzer/test/SimpleDictionaryTest.cpp @@ -10,9 +10,9 @@ static volatile int Zero = 0; -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { const char *Expected = "ElvisPresley"; - if (Size < strlen(Expected)) return; + if (Size < strlen(Expected)) return 0; size_t Match = 0; for (size_t i = 0; Expected[i]; i++) if (Expected[i] + Zero == Data[i]) @@ -21,5 +21,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { std::cout << "BINGO; Found the target, exiting\n"; exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/SimpleHashTest.cpp b/lib/Fuzzer/test/SimpleHashTest.cpp index a541d6813b5..5bab3fa7f64 100644 --- a/lib/Fuzzer/test/SimpleHashTest.cpp +++ b/lib/Fuzzer/test/SimpleHashTest.cpp @@ -22,15 +22,16 @@ static uint32_t simple_hash(const uint8_t *Data, size_t Size) { return Hash; } -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Size < 14) - return; + return 0; uint32_t Hash = simple_hash(&Data[0], Size - 4); uint32_t Want = reinterpret_cast(&Data[Size - 4])[0]; if (Hash != Want) - return; + return 0; fprintf(stderr, "BINGO; simple_hash defeated: %x == %x\n", (unsigned int)Hash, (unsigned int)Want); exit(1); + return 0; } diff --git a/lib/Fuzzer/test/SimpleTest.cpp b/lib/Fuzzer/test/SimpleTest.cpp index a891635a7f1..6811d115d96 100644 --- a/lib/Fuzzer/test/SimpleTest.cpp +++ b/lib/Fuzzer/test/SimpleTest.cpp @@ -6,7 +6,7 @@ static volatile int Sink; -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Size > 0 && Data[0] == 'H') { Sink = 1; if (Size > 1 && Data[1] == 'i') { @@ -17,5 +17,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } } } + return 0; } diff --git a/lib/Fuzzer/test/StrcmpTest.cpp b/lib/Fuzzer/test/StrcmpTest.cpp index 04264fa93fd..835819ae2f4 100644 --- a/lib/Fuzzer/test/StrcmpTest.cpp +++ b/lib/Fuzzer/test/StrcmpTest.cpp @@ -16,7 +16,7 @@ bool Eq(const uint8_t *Data, size_t Size, const char *Str) { return res == 0; } -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Eq(Data, Size, "AAA") && Size >= 3 && Eq(Data + 3, Size - 3, "BBBB") && Size >= 7 && Eq(Data + 7, Size - 7, "CCCCCC") && @@ -25,4 +25,5 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { fprintf(stderr, "BINGO\n"); exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/StrncmpTest.cpp b/lib/Fuzzer/test/StrncmpTest.cpp index 187a2fd66ba..55344d75e0b 100644 --- a/lib/Fuzzer/test/StrncmpTest.cpp +++ b/lib/Fuzzer/test/StrncmpTest.cpp @@ -6,7 +6,7 @@ static volatile int sink; -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { // TODO: check other sizes. char *S = (char*)Data; if (Size >= 8 && strncmp(S, "123", 8)) @@ -21,4 +21,5 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } } } + return 0; } diff --git a/lib/Fuzzer/test/SwitchTest.cpp b/lib/Fuzzer/test/SwitchTest.cpp index 9f921fb6098..5de7fff7452 100644 --- a/lib/Fuzzer/test/SwitchTest.cpp +++ b/lib/Fuzzer/test/SwitchTest.cpp @@ -42,7 +42,7 @@ bool ShortSwitch(const uint8_t *Data, size_t Size) { return false; } -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Size >= 4 && Switch(Data, Size) && Size >= 12 && Switch(Data + 4, Size - 4) && Size >= 14 && ShortSwitch(Data + 12, 2) @@ -50,5 +50,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { fprintf(stderr, "BINGO; Found the target, exiting\n"); exit(1); } + return 0; } diff --git a/lib/Fuzzer/test/TimeoutTest.cpp b/lib/Fuzzer/test/TimeoutTest.cpp index d541c058b64..71790ded95a 100644 --- a/lib/Fuzzer/test/TimeoutTest.cpp +++ b/lib/Fuzzer/test/TimeoutTest.cpp @@ -6,7 +6,7 @@ static volatile int Sink; -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (Size > 0 && Data[0] == 'H') { Sink = 1; if (Size > 1 && Data[1] == 'i') { @@ -18,5 +18,6 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { } } } + return 0; } diff --git a/lib/Fuzzer/test/UserSuppliedFuzzerTest.cpp b/lib/Fuzzer/test/UserSuppliedFuzzerTest.cpp index 1e497cb28fa..59f83b57bfa 100644 --- a/lib/Fuzzer/test/UserSuppliedFuzzerTest.cpp +++ b/lib/Fuzzer/test/UserSuppliedFuzzerTest.cpp @@ -16,9 +16,9 @@ class MyFuzzer : public fuzzer::UserSuppliedFuzzer { public: MyFuzzer(fuzzer::FuzzerRandomBase *Rand) : fuzzer::UserSuppliedFuzzer(Rand) {} - void TargetFunction(const uint8_t *Data, size_t Size) { - if (Size <= 10) return; - if (memcmp(Data, &kMagic, sizeof(kMagic))) return; + int TargetFunction(const uint8_t *Data, size_t Size) { + if (Size <= 10) return 0; + if (memcmp(Data, &kMagic, sizeof(kMagic))) return 0; // It's hard to get here w/o advanced fuzzing techniques (e.g. cmp tracing). // So, we simply 'fix' the data in the custom mutator. if (Data[8] == 'H') { @@ -29,6 +29,7 @@ class MyFuzzer : public fuzzer::UserSuppliedFuzzer { } } } + return 0; } // Custom mutator. virtual size_t Mutate(uint8_t *Data, size_t Size, size_t MaxSize) { diff --git a/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp b/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp index 47cea87cc37..b4024bcaa99 100644 --- a/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp +++ b/tools/llvm-as-fuzzer/llvm-as-fuzzer.cpp @@ -43,7 +43,7 @@ static bool InstalledHandler = false; } // end of anonymous namespace -extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { // Allocate space for locals before setjmp so that memory can be collected // if parse exits prematurely (via longjmp). @@ -58,7 +58,7 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { if (setjmp(JmpBuf)) // If reached, we have returned with non-zero status, so exit. - return; + return 0; // TODO(kschimpf) Write a main to do this initialization. if (!InstalledHandler) { @@ -69,7 +69,8 @@ extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { M = parseAssembly(MemBuf->getMemBufferRef(), Err, Context); if (!M.get()) - return; + return 0; verifyModule(*M.get()); + return 0; } diff --git a/tools/llvm-mc-fuzzer/llvm-mc-fuzzer.cpp b/tools/llvm-mc-fuzzer/llvm-mc-fuzzer.cpp index 7710f80985d..3f80e4582ee 100644 --- a/tools/llvm-mc-fuzzer/llvm-mc-fuzzer.cpp +++ b/tools/llvm-mc-fuzzer/llvm-mc-fuzzer.cpp @@ -62,7 +62,7 @@ static cl::list cl::desc("Options to pass to the fuzzer"), cl::ZeroOrMore, cl::PositionalEatsArgs); -void DisassembleOneInput(const uint8_t *Data, size_t Size) { +int DisassembleOneInput(const uint8_t *Data, size_t Size) { char AssemblyText[AssemblyTextBufSize]; std::vector DataCopy(Data, Data + Size); @@ -85,6 +85,7 @@ void DisassembleOneInput(const uint8_t *Data, size_t Size) { break; } while (Consumed != 0); LLVMDisasmDispose(Ctx); + return 0; } int main(int argc, char **argv) {