aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarcoFalke <falke.marco@gmail.com>2021-06-08 09:19:08 +0200
committerMarcoFalke <falke.marco@gmail.com>2021-06-08 09:19:16 +0200
commit76d4018aa5426f2359b80466a56d28fc5046e0e2 (patch)
treeb599b15c5a11681cbc673ea8d66fbb6ed4e7727d
parente638acf6970394f8eb1957366ad2d39512f33b31 (diff)
parentfa13f34bf35129b38af699a0faf32c39d2ba8576 (diff)
Merge bitcoin/bitcoin#22180: fuzz: Increase branch coverage of the float fuzz target
fa13f34bf35129b38af699a0faf32c39d2ba8576 fuzz: Increase branch coverage of the float fuzz target (MarcoFalke) fad0c58c3ecdf2a2a602ff39c9fd9dda7f8747d9 fuzz: Remove confusing return keyword from CallOneOf (MarcoFalke) Pull request description: Currently the branch coverage for the float fuzz target is only 50% : https://marcofalke.github.io/btc_cov/fuzz.coverage/src/test/fuzz/float.cpp.gcov.html This is caused by the Fuzzed Data Provider only picking "nice" floats. ACKs for top commit: practicalswift: cr ACK fa13f34bf35129b38af699a0faf32c39d2ba8576: patch looks correct Tree-SHA512: 326822515e9a1c77647d41eab9a96185a3b320914d9264730fa72ffb76c2bf3dc5bf72cf6cd9beef14f4f032358d76a976860bf3e2418ae61943cf926c0ea086
-rw-r--r--src/test/fuzz/float.cpp29
-rw-r--r--src/test/fuzz/util.h2
2 files changed, 29 insertions, 2 deletions
diff --git a/src/test/fuzz/float.cpp b/src/test/fuzz/float.cpp
index adef66a3ee..2f77c8949e 100644
--- a/src/test/fuzz/float.cpp
+++ b/src/test/fuzz/float.cpp
@@ -5,6 +5,7 @@
#include <memusage.h>
#include <test/fuzz/FuzzedDataProvider.h>
#include <test/fuzz/fuzz.h>
+#include <test/fuzz/util.h>
#include <util/serfloat.h>
#include <version.h>
@@ -17,7 +18,33 @@ FUZZ_TARGET(float)
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
{
- const double d = fuzzed_data_provider.ConsumeFloatingPoint<double>();
+ const double d{[&] {
+ double tmp;
+ CallOneOf(
+ fuzzed_data_provider,
+ // an actual number
+ [&] { tmp = fuzzed_data_provider.ConsumeFloatingPoint<double>(); },
+ // special numbers and NANs
+ [&] { tmp = fuzzed_data_provider.PickValueInArray({
+ std::numeric_limits<double>::infinity(),
+ -std::numeric_limits<double>::infinity(),
+ std::numeric_limits<double>::min(),
+ -std::numeric_limits<double>::min(),
+ std::numeric_limits<double>::max(),
+ -std::numeric_limits<double>::max(),
+ std::numeric_limits<double>::lowest(),
+ -std::numeric_limits<double>::lowest(),
+ std::numeric_limits<double>::quiet_NaN(),
+ -std::numeric_limits<double>::quiet_NaN(),
+ std::numeric_limits<double>::signaling_NaN(),
+ -std::numeric_limits<double>::signaling_NaN(),
+ std::numeric_limits<double>::denorm_min(),
+ -std::numeric_limits<double>::denorm_min(),
+ }); },
+ // Anything from raw memory (also checks that DecodeDouble doesn't crash on any input)
+ [&] { tmp = DecodeDouble(fuzzed_data_provider.ConsumeIntegral<uint64_t>()); });
+ return tmp;
+ }()};
(void)memusage::DynamicUsage(d);
uint64_t encoded = EncodeDouble(d);
diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h
index 36b1d5035c..023dcdb3e5 100644
--- a/src/test/fuzz/util.h
+++ b/src/test/fuzz/util.h
@@ -44,7 +44,7 @@ void CallOneOf(FuzzedDataProvider& fuzzed_data_provider, Callables... callables)
const size_t call_index{fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, call_size - 1)};
size_t i{0};
- return ((i++ == call_index ? callables() : void()), ...);
+ ((i++ == call_index ? callables() : void()), ...);
}
template <typename Collection>