fuzz.h
1 // Copyright (c) 2009-2021 The Bitcoin Core developers 2 // Distributed under the MIT software license, see the accompanying 3 // file COPYING or http://www.opensource.org/licenses/mit-license.php. 4 5 #ifndef BITCOIN_TEST_FUZZ_FUZZ_H 6 #define BITCOIN_TEST_FUZZ_FUZZ_H 7 8 #include <span.h> 9 10 #include <cstdint> 11 #include <functional> 12 #include <string_view> 13 14 /** 15 * Can be used to limit a theoretically unbounded loop. This caps the runtime 16 * to avoid timeouts or OOMs. 17 * 18 * This can be used in combination with a check in the condition to confirm 19 * whether the fuzz engine provided "good" data. If the fuzz input contains 20 * invalid data, the loop aborts early. This will teach the fuzz engine to look 21 * for useful data and avoids bloating the fuzz input folder with useless data. 22 */ 23 #define LIMITED_WHILE(condition, limit) \ 24 for (unsigned _count{limit}; (condition) && _count; --_count) 25 26 using FuzzBufferType = Span<const uint8_t>; 27 28 using TypeTestOneInput = std::function<void(FuzzBufferType)>; 29 struct FuzzTargetOptions { 30 std::function<void()> init{[] {}}; 31 bool hidden{false}; 32 }; 33 34 void FuzzFrameworkRegisterTarget(std::string_view name, TypeTestOneInput target, FuzzTargetOptions opts); 35 36 #define FUZZ_TARGET(...) DETAIL_FUZZ(__VA_ARGS__) 37 38 #define DETAIL_FUZZ(name, ...) \ 39 void name##_fuzz_target(FuzzBufferType); \ 40 struct name##_Before_Main { \ 41 name##_Before_Main() \ 42 { \ 43 FuzzFrameworkRegisterTarget(#name, name##_fuzz_target, {__VA_ARGS__}); \ 44 } \ 45 } const static g_##name##_before_main; \ 46 void name##_fuzz_target(FuzzBufferType buffer) 47 48 #endif // BITCOIN_TEST_FUZZ_FUZZ_H