Fail on errors when building fuzzers

Fail on errors when using `fuzz.py`
facebook · Mar 18, 2024 · dada141 · dada141
1 parent cd4dba7
commit dada141
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 18 deletions.
diff --git a/tests/fuzz/fuzz.py b/tests/fuzz/fuzz.py
@@ -405,7 +405,10 @@ def build(args):
     cxxflags = shlex.split(args.cxxflags)
     mflags = shlex.split(args.mflags)
     # Flags to be added to both cflags and cxxflags
-    common_flags = []
+    common_flags = ['-Werror',
+    '-Wno-error=declaration-after-statement',
+    '-Wno-error=c++-compat'
+    ]
 
     cppflags += [
         '-DDEBUGLEVEL={}'.format(args.debug),

diff --git a/tests/fuzz/fuzz_data_producer.c b/tests/fuzz/fuzz_data_producer.c
@@ -28,12 +28,12 @@ void FUZZ_dataProducer_free(FUZZ_dataProducer_t *producer) { free(producer); }
 
 uint32_t FUZZ_dataProducer_uint32Range(FUZZ_dataProducer_t *producer, uint32_t min,
                                   uint32_t max) {
-    FUZZ_ASSERT(min <= max);
-
     uint32_t range = max - min;
     uint32_t rolling = range;
     uint32_t result = 0;
 
+    FUZZ_ASSERT(min <= max);
+
     while (rolling > 0 && producer->size > 0) {
       uint8_t next = *(producer->data + producer->size - 1);
       producer->size -= 1;
@@ -79,11 +79,11 @@ int FUZZ_dataProducer_empty(FUZZ_dataProducer_t *producer) {
 
 size_t FUZZ_dataProducer_contract(FUZZ_dataProducer_t *producer, size_t newSize)
 {
-    newSize = newSize > producer->size ? producer->size : newSize;
+    const size_t effectiveNewSize = newSize > producer->size ? producer->size : newSize;
 
-    size_t remaining = producer->size - newSize;
+    size_t remaining = producer->size - effectiveNewSize;
     producer->data = producer->data + remaining;
-    producer->size = newSize;
+    producer->size = effectiveNewSize;
     return remaining;
 }
 

diff --git a/tests/fuzz/regression_driver.c b/tests/fuzz/regression_driver.c
@@ -44,11 +44,12 @@ int main(int argc, char const **argv) {
     fprintf(stderr, "WARNING: No files passed to %s\n", argv[0]);
   for (i = 0; i < files->tableSize; ++i) {
     char const *fileName = files->fileNames[i];
-    DEBUGLOG(3, "Running %s", fileName);
     size_t const fileSize = UTIL_getFileSize(fileName);
     size_t readSize;
     FILE *file;
 
+    DEBUGLOG(3, "Running %s", fileName);
+
     /* Check that it is a regular file, and that the fileSize is valid.
      * If it is not a regular file, then it may have been deleted since we
      * constructed the list, so just skip it, but return an error exit code.

diff --git a/tests/fuzz/simple_decompress.c b/tests/fuzz/simple_decompress.c
@@ -16,6 +16,9 @@
 #include <stddef.h>
 #include <stdlib.h>
 #include <stdio.h>
+
+#define ZSTD_STATIC_LINKING_ONLY
+
 #include "fuzz_helpers.h"
 #include "zstd.h"
 #include "fuzz_data_producer.h"
@@ -34,17 +37,18 @@ int LLVMFuzzerTestOneInput(const uint8_t *src, size_t size)
         FUZZ_ASSERT(dctx);
     }
 
-    size_t const bufSize = FUZZ_dataProducer_uint32Range(producer, 0, 10 * size);
-    void *rBuf = FUZZ_malloc(bufSize);
-
-    size_t const dSize = ZSTD_decompressDCtx(dctx, rBuf, bufSize, src, size);
-    if (!ZSTD_isError(dSize)) {
-        /* If decompression was successful, the content size from the frame header(s) should be valid. */
-        size_t const expectedSize = ZSTD_findDecompressedSize(src, size);
-        FUZZ_ASSERT(expectedSize != ZSTD_CONTENTSIZE_ERROR);
-        FUZZ_ASSERT(expectedSize == ZSTD_CONTENTSIZE_UNKNOWN || expectedSize == dSize);
+    {
+        size_t const bufSize = FUZZ_dataProducer_uint32Range(producer, 0, 10 * size);
+        void *rBuf = FUZZ_malloc(bufSize);
+        size_t const dSize = ZSTD_decompressDCtx(dctx, rBuf, bufSize, src, size);
+        if (!ZSTD_isError(dSize)) {
+            /* If decompression was successful, the content size from the frame header(s) should be valid. */
+            size_t const expectedSize = ZSTD_findDecompressedSize(src, size);
+            FUZZ_ASSERT(expectedSize != ZSTD_CONTENTSIZE_ERROR);
+            FUZZ_ASSERT(expectedSize == ZSTD_CONTENTSIZE_UNKNOWN || expectedSize == dSize);
+        }
+        free(rBuf);
     }
-    free(rBuf);
 
     FUZZ_dataProducer_free(producer);
 

diff --git a/tests/fuzz/stream_round_trip.c b/tests/fuzz/stream_round_trip.c
@@ -136,7 +136,7 @@ static size_t compress(uint8_t *dst, size_t capacity,
     return dstSize;
 }
 
-size_t decompress(void* dst, size_t dstCapacity, void const* src, size_t srcSize, FUZZ_dataProducer_t* producer)
+static size_t decompress(void* dst, size_t dstCapacity, void const* src, size_t srcSize, FUZZ_dataProducer_t* producer)
 {
     ZSTD_inBuffer in = {src, srcSize, 0};
     ZSTD_outBuffer out = {dst, dstCapacity, 0};