shithub: fuzz

Download patch

ref: 98861d691b7f84e6cdedc5b27bcf3ebee4f3313d
parent: fd658ecbf502cdfec9a813c7e563ccb59cb2c3cf
author: seh <seh@localhost>
date: Tue Nov 27 10:16:55 EST 2018 

add TODO ;; clean up some source ;; limited refactor


--- /dev/null
+++ b/TODO
@@ -1,0 +1,9 @@
+- Literally any sandboxing at all
+
+- Move all the hardcoded tables to auto-generated tables via lex/yacc
+
+- No build warnings
+
+- Multi-threaded and thread-safe
+
+- Nicely log errors to log file as well, without adding teardown complexity
--- a/fuzz.h
+++ b/fuzz.h
@@ -4,6 +4,7 @@
 #include <u.h>
 #include <libc.h>
 #include <bio.h>
+
 #include "list.h"
 #include "mutate.h"
 
@@ -29,7 +30,8 @@
 /*
 For full list of syscalls:
 
-If systab doesn't exist, do: cd /sys/src/9/port && mk
+If systab doesn't exist → cd /sys/src/9/port && mk
+
 /sys/src/9/port/systab.h
 /sys/src/libc/9syscall/sys.h
 /sys/include/libc.h:537
@@ -38,7 +40,7 @@
 // User space syscall definitions as per libc.h with sc_ prefix added
 typedef int call;
 enum call {
-sc__exits, // unused -- here for offset
+sc__exits,		// unused -- here for offset
 sc_abort	,	//	abort(void);
 sc_access	,	//	access(char*, int);
 sc_alarm	,	//	alarm(ulong);
@@ -137,10 +139,10 @@
 	type	t;		// Type of the variable to cast to
 };
 
-// Type names table -- in input.c
+// Type names table -- see: input.c
 extern char *typenames[NTYPES];
 
-// User space system call names table -- NCALLS length -- in input.c
+// User space system call names table -- see: input.c
 extern char *callnames[NCALLS];
 
 // Structure to track state of system calling
--- a/inlist.c
+++ b/inlist.c
@@ -1,9 +1,10 @@
 #include "fuzz.h"
 
-// HERE BE DRAGONS -- this should be moved to a generator
+// HERE BE DRAGONS
 // Generate the input list for the given syscall
 
-void mk_int(List *l)
+void
+mk_int(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(int));
@@ -13,7 +14,8 @@
     ladd(l, tt);
 }
 
-void mk_intS(List *l)
+void
+mk_intS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
@@ -22,7 +24,8 @@
     ladd(l, tt);
 }
 
-void mk_uint(List *l)
+void
+mk_uint(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(unsigned int));
@@ -32,7 +35,8 @@
     ladd(l, tt);
 }
 
-void mk_IOchunkS(List *l)
+void
+mk_IOchunkS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
@@ -41,7 +45,8 @@
     ladd(l, tt);
 }
 
-void mk_long(List *l)
+void
+mk_long(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(long));
@@ -51,7 +56,8 @@
     ladd(l, tt);
 }
 
-void mk_longS(List *l)
+void
+mk_longS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(1 * sizeof(t_type));
@@ -60,7 +66,8 @@
     ladd(l, tt);
 }
 
-void mk_ulong(List *l)
+void
+mk_ulong(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(unsigned long));
@@ -70,7 +77,8 @@
     ladd(l, tt);
 }
 
-void mk_vlong(List *l)
+void
+mk_vlong(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(long long));
@@ -80,7 +88,8 @@
     ladd(l, tt);
 }
 
-void mk_DirS(List *l)
+void
+mk_DirS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
@@ -89,7 +98,8 @@
     ladd(l, tt);
 }
 
-void mk_DirSS(List *l)
+void
+mk_DirSS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
@@ -98,7 +108,8 @@
     ladd(l, tt);
 }
 
-void mk_char(List *l)
+void
+mk_char(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(char));
@@ -108,7 +119,8 @@
     ladd(l, tt);
 }
 
-void mk_uchar(List *l)
+void
+mk_uchar(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(sizeof(unsigned char));
@@ -118,7 +130,8 @@
     ladd(l, tt);
 }
 
-void mk_ucharS(List *l)
+void
+mk_ucharS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
@@ -127,7 +140,8 @@
     ladd(l, tt);
 }
 
-void mk_charS(List *l)
+void
+mk_charS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = malloc(1* sizeof(char*));
@@ -136,7 +150,8 @@
     ladd(l, tt);
 }
 
-void mk_void(List *l)
+void
+mk_void(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
@@ -145,7 +160,8 @@
     ladd(l, tt);
 }
 
-void mk_voidS(List *l)
+void
+mk_voidS(List *l)
 {
     t_type *tt = malloc(sizeof(t_type));
     tt->var = nil;
--- a/input.c
+++ b/input.c
@@ -1022,9 +1022,6 @@
 void
 log_call(caller *sc)
 {
-	// dolog("\nSystem Call: %s\n", sc->name);
-	// legacy since this is printed elsewhere
-	//dolog("\n\tRound #: %d\n", sc->round);
 	dolog("Arguments:\n");
 	int x;
 	for (x = 0; x < (sc->inputs.size); x++) {
@@ -1087,6 +1084,7 @@
 			default :
 				sysfatal("Error: Encountered unknown input variable type: %d", ele->t);
 		}
+
 		dolog("\n");
 	}
 }
--- a/main.c
+++ b/main.c
@@ -8,6 +8,7 @@
 Lock	rnglck;		// Lock for rng
 char*	logname = "./fuzz.log";	// Name of log file
 
+
 // Commandline usage warning
 void
 usage(void)
@@ -16,47 +17,7 @@
 	exits("usage");
 }
 
-// Perform locked logging operation -- wraps print
-void
-dolog(char *fmt, ...)
-{
-	va_list args;
-	va_start(args, fmt);
 
-	lock(&loglck);
-	Bvprint(logbp, fmt, args);
-	unlock(&loglck);
-
-	va_end(args);
-}
-
-// Perform a debug mode print (if built with -DDEBUG)
-void
-debug(char *fmt, ...)
-{
-	#ifdef DEBUG
-	va_list args;
-	va_start(args, fmt);
-
-	Bvprint(stdout, fmt, args);
-
-	va_end(args);
-	#endif
-}
-
-// Thread-safe sleepable random number generator
-int
-rng(void)
-{
-	ulong x;
-	lock(&rnglck);
-	// Generate a number: 0 ≤ x ≤ MAXINT
-	x = nrand(MAXINT);
-	//debug("DEBUG: Generated num is: %d\n", x);
-	unlock(&rnglck);
-	return x;
-}
-
 /* Prototypes */
 void	initsctable(void);
 int		name2index(char*);
@@ -135,7 +96,7 @@
 	// Operate for the desired number of rounds, -1 is infinite
 	for(i = 0; i < nrounds || nrounds < 0; i++){
 		int j;
-		dolog("== Begin round %d ==\n", i);
+		dolog("== Begin round %d ==\n\n", i);
 		
 		debug("DEBUG: i: %d nrounds: %d\n", i, nrounds);
 		
@@ -154,13 +115,16 @@
 
 	// Clean up
 	Bflush(logbp);
-	Bflush(stdout);
-	Bterm(stdout);
 	Bterm(logbp);
 	close(logfd);
+
+	Bflush(stdout);
+	Bterm(stdout);
+
 	Bflush(hjbp);
 	Bterm(hjbp);
 	close(hjfd);
+
 	exits(nil);
 }
 
@@ -189,4 +153,48 @@
 			return i;
 	}
 	return -1;
+}
+
+
+/* Exported in fuzz.h ↓ */
+
+
+// Perform locked logging operation -- wraps print
+void
+dolog(char *fmt, ...)
+{
+	va_list args;
+	va_start(args, fmt);
+
+	lock(&loglck);
+	Bvprint(logbp, fmt, args);
+	unlock(&loglck);
+
+	va_end(args);
+}
+
+// Perform a debug mode print (if built with -DDEBUG)
+void
+debug(char *fmt, ...)
+{
+	#ifdef DEBUG
+	va_list args;
+	va_start(args, fmt);
+
+	Bvprint(stdout, fmt, args);
+
+	va_end(args);
+	#endif
+}
+
+// Thread-safe sleepable random number generator
+int
+rng(void)
+{
+	ulong x;
+	lock(&rnglck);
+	// Generate a number: 0 ≤ x ≤ MAXINT
+	x = nrand(MAXINT);
+	unlock(&rnglck);
+	return x;
 }
--- a/mutate.c
+++ b/mutate.c
@@ -1,13 +1,12 @@
 #include "fuzz.h"
 
-#ifndef ROUND_NUM
-#define ROUND_NUM 1
-#endif // ROUND_NUM
+// This is the round where if pointers are nil we must then allocate and permutate further from
+#define MALLOC_ROUND 1
 
 void
 mut_int(int* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         *in_val = rng();
     }
@@ -22,7 +21,7 @@
 void
 mut_intstar(int** in_val, int* round)
 {
-	if(*round == ROUND_NUM)
+	if(*round == MALLOC_ROUND)
 	{
 		in_val = (int**) malloc(sizeof(int*));
 		*in_val = (int*) malloc(sizeof(int));
@@ -38,7 +37,7 @@
 void
 mut_uint(unsigned int* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         *in_val = rng();
     }
@@ -62,7 +61,7 @@
 	return val;
 /*
     // if not round 1, free the previously malloc-ed memory
-    if(in_val != nil)//*round != ROUND_NUM && *round != 0)
+    if(in_val != nil)//*round != MALLOC_ROUND && *round != 0)
     {
     //    free(*in_val);
 	debug("mut_charstar: in_val != nil\n");
@@ -171,7 +170,7 @@
 void
 mut_long(long* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         *in_val = (rng() << 16) | rng();
     }
@@ -193,7 +192,7 @@
 void
 mut_ulong(unsigned long* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         *in_val = (rng() << 16) | rng();
     }
@@ -207,7 +206,7 @@
 void
 mut_vlong(long long* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         *in_val = (rng() << 48) | (rng() << 32) | (rng() << 16) | rng();
     }
@@ -221,7 +220,7 @@
 void
 mut_void(void* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
@@ -233,7 +232,7 @@
 void
 mut_voidstar(void** in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
@@ -245,7 +244,7 @@
 void
 mut_IOchunk(IOchunk* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
@@ -257,7 +256,7 @@
 void
 mut_IOchunkstar(IOchunk** in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
@@ -269,7 +268,7 @@
 void
 mut_dir(Dir* in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
@@ -281,7 +280,7 @@
 void
 mut_dirstar(Dir** in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
@@ -293,7 +292,7 @@
 void
 mut_dirstar_star(Dir*** in_val, int *round)
 {
-    if(*round == ROUND_NUM)
+    if(*round == MALLOC_ROUND)
     {
         //*in_val = rng();
     }
--- a/mutate.h
+++ b/mutate.h
@@ -1,6 +1,3 @@
-#ifndef MUT_H
-#define MUT_H
-
 void mut_int(int*, int*);
 
 void mut_intstar(int**, int*);
@@ -38,5 +35,3 @@
 void mut_dirstar(Dir**, int*);
 
 void mut_dirstar_star(Dir***, int*);
-
-#endif