Include Debug-formatted output in fuzzer output #48
Conversation
|
If folks like this approach I'll go ahead and try to upstream the libfuzzer patch. |
|
Does this only get called when a bug is found? |
|
Yep. |
|
|
| Err(_) => return, | ||
| }; | ||
|
|
||
| println!("Formatted: {:?}", data); |
There was a problem hiding this comment.
We should probably make Debug a super trait of Arbitrary, I think. IIRC, it is for quickcheck's version.
There was a problem hiding this comment.
I'm okay with that! cc @nagisa
|
|
||
| let data: $dty = match Arbitrary::arbitrary(&mut buf) { | ||
| Ok(d) => d, | ||
| Err(_) => return, |
There was a problem hiding this comment.
These error cases should probably fall back to the default outputter, and print the bytes or whatever, right?
There was a problem hiding this comment.
Ah I see that they will, since this is additional output, not replacing the existing output.
| @@ -183,6 +183,9 @@ void Fuzzer::DumpCurrentUnit(const char *Prefix) { | |||
| PrintHexArray(CurrentUnitData, UnitSize, "\n"); | |||
| PrintASCII(CurrentUnitData, UnitSize, "\n"); | |||
| } | |||
| if (EF->LLVMFuzzerCustomOutput) { | |||
| EF->LLVMFuzzerCustomOutput(CurrentUnitData, CurrentUnitSize); | |||
There was a problem hiding this comment.
I think it makes sense to call custom user code last, after the test case has been written to a file, just in case the custom user output code panics again or something like that.
There was a problem hiding this comment.
Works. I'm going to be submittign this patch upstream anyway.
|
Upstreaming at https://reviews.llvm.org/D70738 |
Manishearth
force-pushed
the
debug-output
branch
from
9904adc to
61d3eea
Compare
|
We did an alternative implementation in #53 |
Fixes https://github.com/rust-fuzz/libfuzzer-sys/issues/47
This is really a proof of concept. Ideally we can upstream LLVMFuzzerCustomOutput, and also we can make this work so that it is able to turn itself off for types that don't implement Debug.
Thoughts? @nagisa @fitzgen