xref: /llvm-project/compiler-rt/lib/scudo/standalone/fuzz/get_error_info_fuzzer.cpp (revision 3da01663313803530a936aee7ecc592534aeb380) 
121d50019SPeter Collingbourne //===-- get_error_info_fuzzer.cpp -----------------------------------------===//
221d50019SPeter Collingbourne //
321d50019SPeter Collingbourne // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
421d50019SPeter Collingbourne // See https://llvm.org/LICENSE.txt for license information.
521d50019SPeter Collingbourne // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
621d50019SPeter Collingbourne //
721d50019SPeter Collingbourne //===----------------------------------------------------------------------===//
821d50019SPeter Collingbourne 
921d50019SPeter Collingbourne #define SCUDO_FUZZ
1021d50019SPeter Collingbourne #include "allocator_config.h"
1121d50019SPeter Collingbourne #include "combined.h"
12*3da01663SFlorian Mayer #include "common.h"
1321d50019SPeter Collingbourne 
1421d50019SPeter Collingbourne #include <fuzzer/FuzzedDataProvider.h>
1521d50019SPeter Collingbourne 
1621d50019SPeter Collingbourne #include <string>
1721d50019SPeter Collingbourne #include <vector>
1821d50019SPeter Collingbourne 
LLVMFuzzerTestOneInput(uint8_t * Data,size_t Size)1921d50019SPeter Collingbourne extern "C" int LLVMFuzzerTestOneInput(uint8_t *Data, size_t Size) {
2021d50019SPeter Collingbourne   using AllocatorT = scudo::Allocator<scudo::AndroidConfig>;
2121d50019SPeter Collingbourne   FuzzedDataProvider FDP(Data, Size);
2221d50019SPeter Collingbourne 
2321d50019SPeter Collingbourne   uintptr_t FaultAddr = FDP.ConsumeIntegral<uintptr_t>();
2421d50019SPeter Collingbourne   uintptr_t MemoryAddr = FDP.ConsumeIntegral<uintptr_t>();
2521d50019SPeter Collingbourne 
26ebff66beSMitch Phillips   std::string MemoryAndTags =
27ebff66beSMitch Phillips       FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
2821d50019SPeter Collingbourne   const char *Memory = MemoryAndTags.c_str();
2921d50019SPeter Collingbourne   // Assume 16-byte alignment.
3021d50019SPeter Collingbourne   size_t MemorySize = (MemoryAndTags.length() / 17) * 16;
3121d50019SPeter Collingbourne   const char *MemoryTags = Memory + MemorySize;
3221d50019SPeter Collingbourne 
33ebff66beSMitch Phillips   std::string StackDepotBytes =
34ebff66beSMitch Phillips       FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
3521d50019SPeter Collingbourne 
361f55fa0bSPeter Collingbourne   std::string RegionInfoBytes =
371f55fa0bSPeter Collingbourne       FDP.ConsumeRandomLengthString(FDP.remaining_bytes());
3821d50019SPeter Collingbourne   std::vector<char> RegionInfo(AllocatorT::getRegionInfoArraySize(), 0);
39ebff66beSMitch Phillips   for (size_t i = 0; i < RegionInfoBytes.length() && i < RegionInfo.size();
40ebff66beSMitch Phillips        ++i) {
4121d50019SPeter Collingbourne     RegionInfo[i] = RegionInfoBytes[i];
4221d50019SPeter Collingbourne   }
4321d50019SPeter Collingbourne 
441f55fa0bSPeter Collingbourne   std::string RingBufferBytes = FDP.ConsumeRemainingBytesAsString();
451f55fa0bSPeter Collingbourne 
4621d50019SPeter Collingbourne   scudo_error_info ErrorInfo;
47*3da01663SFlorian Mayer   AllocatorT::getErrorInfo(&ErrorInfo, FaultAddr, StackDepotBytes.data(),
48*3da01663SFlorian Mayer                            StackDepotBytes.size(), RegionInfo.data(),
49*3da01663SFlorian Mayer                            RingBufferBytes.data(), RingBufferBytes.size(),
50*3da01663SFlorian Mayer                            Memory, MemoryTags, MemoryAddr, MemorySize);
5121d50019SPeter Collingbourne   return 0;
5221d50019SPeter Collingbourne }
53