Add fuzz tests for DecodedInsn class

PiperOrigin-RevId: 484288892
google · Oct 27, 2022 · ac44043 · ac44043
1 parent 8bec045
commit ac44043
Show file tree

Hide file tree

Showing 3 changed files with 86 additions and 0 deletions.
diff --git a/WORKSPACE b/WORKSPACE
@@ -177,3 +177,21 @@ http_archive(
     strip_prefix = "abseil-py-1.2.0",
     urls = ["https://github.com/abseil/abseil-py/archive/refs/tags/v1.2.0.tar.gz"],
 )
+
+# To use the latest version of FuzzTest, update this regularly to the latest
+# commit in the main branch: https://github.com/google/fuzztest/commits/main
+FUZZTEST_COMMIT = "62cf00c7341eb05d128d0a3cbce79ac31dbda032"
+
+http_archive(
+    name = "com_google_fuzztest",
+    strip_prefix = "fuzztest-" + FUZZTEST_COMMIT,
+    url = "https://github.com/google/fuzztest/archive/" + FUZZTEST_COMMIT + ".zip",
+)
+
+# Required by com_google_fuzztest.
+http_archive(
+    name = "com_googlesource_code_re2",
+    sha256 = "f89c61410a072e5cbcf8c27e3a778da7d6fd2f2b5b1445cd4f4508bee946ab0f",
+    strip_prefix = "re2-2022-06-01",
+    url = "https://github.com/google/re2/archive/refs/tags/2022-06-01.tar.gz",
+)
diff --git a/common/BUILD b/common/BUILD
@@ -339,6 +339,17 @@ cc_test(
     ],
 )
 
+cc_test(
+    name = "decoded_insn_fuzz_test",
+    srcs = ["decoded_insn_fuzz_test.cc"],
+    deps = [
+        ":decoded_insn",
+        "@silifuzz//util/testing:status_matchers",
+        "@com_google_fuzztest//fuzztest",
+        "@com_google_googletest//:gtest_main",
+    ],
+)
+
 cc_library(
     name = "harness_tracer",
     srcs = ["harness_tracer.cc"],

diff --git a/common/decoded_insn_fuzz_test.cc b/common/decoded_insn_fuzz_test.cc
@@ -0,0 +1,57 @@
+// Copyright 2022 The SiliFuzz Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <sys/user.h>
+
+#include <cstddef>
+#include <string>
+
+#include "gmock/gmock.h"
+#include "gtest/gtest.h"
+#include "fuzztest/fuzztest.h"
+#include "./common/decoded_insn.h"
+#include "./util/testing/status_matchers.h"
+
+namespace silifuzz {
+namespace {
+using ::fuzztest::Arbitrary;
+using testing::IsOk;
+
+void ConstructorWithRandomInsnBytes(const std::string& bytes) {
+  // This should not crash.
+  DecodedInsn insn(bytes);
+}
+
+FUZZ_TEST(FuzzDecodedInsn, ConstructorWithRandomInsnBytes)
+    .WithDomains(Arbitrary<std::string>().WithMaxSize(256));
+
+void MayHaveSplitLockRandomInsnAndRegs(const std::string& bytes,
+                                       const std::string& regs) {
+  DecodedInsn insn(bytes);
+  // If bytes contain a valid locking instruction, may_have_split_lock()
+  // should not fail.
+  if (insn.is_valid() && insn.is_locking()) {
+    struct user_regs_struct regs_struct;
+    memcpy(&regs_struct, regs.data(), sizeof(regs_struct));
+    EXPECT_THAT(insn.may_have_split_lock(regs_struct), IsOk());
+  }
+}
+
+FUZZ_TEST(FuzzDecodedInsn, MayHaveSplitLockRandomInsnAndRegs)
+    .WithDomains(Arbitrary<std::string>().WithMaxSize(256),
+                 Arbitrary<std::string>().WithSize(sizeof(user_regs_struct)));
+
+}  // namespace
+
+}  // namespace silifuzz