diff --git a/build.sh b/build.sh index 6a35342..08e8576 100755 --- a/build.sh +++ b/build.sh @@ -1,21 +1,27 @@ -#!/bin/bash -export CC=afl-clang-lto -export CXX=afl-clang-lto++ -export LD=$CXX - +#!/bin/bash -e args=(-DBUILD_EXAMPLES=ON -DENABLE_OPENGL=OFF -DBUILD_SHARED_LIBS=OFF) +export CC=afl-clang-fast +export CXX=afl-clang-fast++ +export LD=$CXX unset AFL_USE_ASAN -grep -Fq '/afl-' build2/CMakeCache.txt || rm -rf build2 -cmake -S . -B build2 "${args[@]}" +if ! grep -Fq '/afl-' build2/CMakeCache.txt; then + rm -rf build2 + cmake -S . -B build2 "${args[@]}" +fi nice make -C build2 clean nice make -C build2 -j10 for f in build2/bin/Linux/*; do - ln -sv "../../$f" "bin/Linux/${f##*/}_noasan" + ln -snfv "../../$f" "bin/Linux/${f##*/}_noasan" done +export CC=afl-clang-lto +export CXX=afl-clang-lto++ +export LD=$CXX export AFL_USE_ASAN=1 -grep -Fq '/afl-' CMakeCache.txt || rm -f CMakeCache.txt -cmake . "${args[@]}" +if ! grep -Fq '/afl-' CMakeCache.txt; then + rm -f CMakeCache.txt + cmake . "${args[@]}" +fi nice make clean nice make -j10 diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt index 9fb7d3e..38a6999 100644 --- a/examples/CMakeLists.txt +++ b/examples/CMakeLists.txt @@ -3,6 +3,7 @@ set(CMAKE_CXX_STANDARD_REQUIRED ON) set(IRREXAMPLES LoadTexture + LoadMesh ) if(FALSE) list(APPEND IRREXAMPLES AutomatedTest) diff --git a/examples/LoadMesh/main.cpp b/examples/LoadMesh/main.cpp new file mode 100644 index 0000000..66d1977 --- /dev/null +++ b/examples/LoadMesh/main.cpp @@ -0,0 +1,44 @@ +#include +#include + +using namespace irr; + +int main(int argc, char *argv[]) +{ + if (argc < 2) + return 1; + + SIrrlichtCreationParameters p; + p.DriverType = video::EDT_NULL; + p.WindowSize = core::dimension2du(640, 480); + p.LoggingLevel = ELL_DEBUG; + + auto *device = createDeviceEx(p); + if (!device) + return 1; + auto *smgr = device->getSceneManager(); + + while (__AFL_LOOP(10000)) { + auto *mfile = device->getFileSystem()->createAndOpenFile(argv[1]); + if (!mfile) + continue; + scene::IAnimatedMesh *mesh; + // Irrlicht matches on file extension so we have to do this by hand + for (u32 i = 0; i < smgr->getMeshLoaderCount(); i++) { + mfile->seek(0); + mesh = smgr->getMeshLoader(i)->createMesh(mfile); + if (mesh) { + core::stringc msg("Loaded using loader #"); + msg += core::stringc(i); + device->getLogger()->log(msg.c_str(), ELL_DEBUG); + break; + } + } + if (mesh) + mesh->drop(); + mfile->drop(); + } + + device->drop(); + return 0; +} diff --git a/repro.sh b/repro.sh index e724c45..ebc73f5 100755 --- a/repro.sh +++ b/repro.sh @@ -1,7 +1,7 @@ #!/bin/bash aflout=out/default myout=out_rep -exe=./bin/Linux/LoadTexture +exe=./bin/Linux/LoadMesh rm -rf "$myout" && mkdir -p "$myout" find $aflout/crashes -name 'id:*' -print | \ while read file; do @@ -14,7 +14,7 @@ while read file; do if grep -Fq '==ERROR: AddressSanitizer: SEGV on unknown address' "$fout"; then gdb -q --batch -iex 'set confirm off' -ex r -ex bt --args \ ${exe}_noasan "$file" >"$fout" 2>&1 - if grep -q '^Thread.*received signal'; then + if grep -Eq '^(Thread|Program).*received signal' "$fout"; then cp "$file" "$myout/$short.bin" echo "✔ Reproduced (gdb)" else diff --git a/run.sh b/run.sh index 66b2402..b145e8d 100755 --- a/run.sh +++ b/run.sh @@ -1,15 +1,15 @@ #!/bin/bash export AFL_SKIP_CPUFREQ=1 export AFL_TMPDIR=/dev/shm +exe=./bin/Linux/LoadMesh opts=( -t 100 -i sample_u/ -o out/ ) -exe=./bin/Linux/LoadTexture if ! [ -d sample_u ]; then mkdir sample_u - afl-cmin.bash -i sample/ -o sample_u/ -- $exe @@ + afl-cmin.bash -T 4 -i sample/ -o sample_u/ -- $exe @@ echo; echo fi exec afl-fuzz \