diff options
author | Leander Beernaert <leander.beernaert@qt.io> | 2020-01-22 13:47:08 +0100 |
---|---|---|
committer | Leander Beernaert <leander.beernaert@qt.io> | 2020-01-24 13:17:33 +0100 |
commit | 502d3d6744913899da87acfda5ebdab42c40329e (patch) | |
tree | 16658a328503bfd5a62b4fd5d69ffb66e9854b18 /tests/libfuzzer | |
parent | d1be8b9ceb2c7b20bbe53a07154c79699540ea3d (diff) | |
parent | 06bb315beb6c2c398223cfe52cbc7f66e14a8557 (diff) |
Merge remote-tracking branch 'origin/dev' into merge-dev
Change-Id: I31b761cfd5ea01373c60d02a5da8c33398d34739
Diffstat (limited to 'tests/libfuzzer')
-rw-r--r-- | tests/libfuzzer/README | 5 | ||||
-rw-r--r-- | tests/libfuzzer/corelib/serialization/qxmlstream/qxmlstreamreader/readnext/readnext.pro | 7 | ||||
-rw-r--r-- | tests/libfuzzer/gui/iccparser/iccparser.pro | 3 | ||||
-rw-r--r-- | tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro | 8 | ||||
-rw-r--r-- | tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp (renamed from tests/libfuzzer/gui/iccparser/main.cpp) | 4 | ||||
-rw-r--r-- | tests/libfuzzer/gui/text/qtextdocument/setHtml/setHtml.pro | 7 | ||||
-rw-r--r-- | tests/libfuzzer/gui/text/qtextdocument/setMarkdown/setMarkdown.pro | 7 | ||||
-rw-r--r-- | tests/libfuzzer/gui/text/qtextlayout/beginLayout/beginLayout.pro | 7 |
8 files changed, 40 insertions, 8 deletions
diff --git a/tests/libfuzzer/README b/tests/libfuzzer/README index 57140cebfb..16e70e9bee 100644 --- a/tests/libfuzzer/README +++ b/tests/libfuzzer/README @@ -17,6 +17,8 @@ To run a test with libFuzzer: install libFuzzer for this version of clang explicitly. 2. Make sure clang and clang++ from this version of clang are found in PATH. 3. Configure Qt with + -platform linux-clang -sanitize fuzzer-no-link + or, if you are using clang 5 -platform linux-clang -coverage trace-pc-guard to add the needed code coverage instrumentation. Since speed of execution is crucial for fuzz testing, it's recommendable to also use the switches @@ -29,7 +31,8 @@ To run a test with libFuzzer: Depending on the expected input format of the tested function, you will get results faster if you: * provide a set of interesting input data by passing the path of a directory which contains - these data, each in one file. You can find such data sets in the subdirectory "testcases". + these data, each in one file. You can find such data sets in the subdirectory + "fuzzing/testcases" of the qtqa repository. * pass a so-called dictionary listing keywords of the input format using -dict=<dictionary file> A couple of such dictionaries are provided by AFL (http://lcamtuf.coredump.cx/afl/) diff --git a/tests/libfuzzer/corelib/serialization/qxmlstream/qxmlstreamreader/readnext/readnext.pro b/tests/libfuzzer/corelib/serialization/qxmlstream/qxmlstreamreader/readnext/readnext.pro index 2fda3ecefd..6c988c2434 100644 --- a/tests/libfuzzer/corelib/serialization/qxmlstream/qxmlstreamreader/readnext/readnext.pro +++ b/tests/libfuzzer/corelib/serialization/qxmlstream/qxmlstreamreader/readnext/readnext.pro @@ -2,4 +2,9 @@ QT -= gui CONFIG += console CONFIG -= app_bundle SOURCES += main.cpp -LIBS += -fsanitize=fuzzer +FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) +isEmpty(FUZZ_ENGINE) { + QMAKE_LFLAGS += -fsanitize=fuzzer +} else { + LIBS += $$FUZZ_ENGINE +} diff --git a/tests/libfuzzer/gui/iccparser/iccparser.pro b/tests/libfuzzer/gui/iccparser/iccparser.pro deleted file mode 100644 index bf4037eae7..0000000000 --- a/tests/libfuzzer/gui/iccparser/iccparser.pro +++ /dev/null @@ -1,3 +0,0 @@ -QT += gui -SOURCES += main.cpp -LIBS += -fsanitize=fuzzer diff --git a/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro new file mode 100644 index 0000000000..934ff81077 --- /dev/null +++ b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/fromiccprofile.pro @@ -0,0 +1,8 @@ +QT += gui +SOURCES += main.cpp +FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) +isEmpty(FUZZ_ENGINE) { + QMAKE_LFLAGS += -fsanitize=fuzzer +} else { + LIBS += $$FUZZ_ENGINE +} diff --git a/tests/libfuzzer/gui/iccparser/main.cpp b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp index 1db43d2e25..7681c1468e 100644 --- a/tests/libfuzzer/gui/iccparser/main.cpp +++ b/tests/libfuzzer/gui/painting/qcolorspace/fromiccprofile/main.cpp @@ -29,6 +29,10 @@ #include <QGuiApplication> #include <QColorSpace> +// Run this with +// QT_LOGGING_RULES="qt.gui.icc=false" +// to reduce noise and increase speed. + extern "C" int LLVMFuzzerTestOneInput(const char *data, size_t size) { static int c = 0; static QGuiApplication a(c, nullptr); diff --git a/tests/libfuzzer/gui/text/qtextdocument/setHtml/setHtml.pro b/tests/libfuzzer/gui/text/qtextdocument/setHtml/setHtml.pro index c9b14f6caf..af5ef9e940 100644 --- a/tests/libfuzzer/gui/text/qtextdocument/setHtml/setHtml.pro +++ b/tests/libfuzzer/gui/text/qtextdocument/setHtml/setHtml.pro @@ -1,3 +1,8 @@ QT += widgets SOURCES += main.cpp -LIBS += -fsanitize=fuzzer +FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) +isEmpty(FUZZ_ENGINE) { + QMAKE_LFLAGS += -fsanitize=fuzzer +} else { + LIBS += $$FUZZ_ENGINE +} diff --git a/tests/libfuzzer/gui/text/qtextdocument/setMarkdown/setMarkdown.pro b/tests/libfuzzer/gui/text/qtextdocument/setMarkdown/setMarkdown.pro index 4a2dfa51b9..758622e1af 100644 --- a/tests/libfuzzer/gui/text/qtextdocument/setMarkdown/setMarkdown.pro +++ b/tests/libfuzzer/gui/text/qtextdocument/setMarkdown/setMarkdown.pro @@ -1,4 +1,9 @@ CONFIG += console CONFIG -= app_bundle SOURCES += main.cpp -LIBS += -fsanitize=fuzzer +FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) +isEmpty(FUZZ_ENGINE) { + QMAKE_LFLAGS += -fsanitize=fuzzer +} else { + LIBS += $$FUZZ_ENGINE +} diff --git a/tests/libfuzzer/gui/text/qtextlayout/beginLayout/beginLayout.pro b/tests/libfuzzer/gui/text/qtextlayout/beginLayout/beginLayout.pro index c9b14f6caf..af5ef9e940 100644 --- a/tests/libfuzzer/gui/text/qtextlayout/beginLayout/beginLayout.pro +++ b/tests/libfuzzer/gui/text/qtextlayout/beginLayout/beginLayout.pro @@ -1,3 +1,8 @@ QT += widgets SOURCES += main.cpp -LIBS += -fsanitize=fuzzer +FUZZ_ENGINE = $$(LIB_FUZZING_ENGINE) +isEmpty(FUZZ_ENGINE) { + QMAKE_LFLAGS += -fsanitize=fuzzer +} else { + LIBS += $$FUZZ_ENGINE +} |