fuzz: signalBug() / signalBoring()

fuzz/fuzz.cpp

Index: fuzz/fuzz.cpp
diff --git a/fuzz/fuzz.cpp b/fuzz/fuzz.cpp
index 929ba7a4cf54dd4d7243d968cb7bfc9182ad7c1c..55f6046f6ebde515d36ebef34073ff5db1e10d1b 100644
--- a/fuzz/fuzz.cpp
+++ b/fuzz/fuzz.cpp
@@ -6,9 +6,14 @@
  */
 
 #include "Fuzz.h"
+#include <stdlib.h>
+#include <signal.h>
 
 int main(int argc, char** argv) {
-    ASSERT(argc > 2);
+    if (argc < 3) {
+        SkDebugf("Usage: %s <fuzz name> <path/to/fuzzed.data>\n", argv[0]);
+        return 1;
+    }
     const char* name = argv[1];
     const char* path = argv[2];
 
@@ -18,6 +23,7 @@ int main(int argc, char** argv) {
     for (auto r = SkTRegistry<Fuzzable>::Head(); r; r = r->next()) {
         auto fuzzable = r->factory();
         if (0 == strcmp(name, fuzzable.name)) {
+            SkDebugf("Running %s\n", fuzzable.name);
             fuzzable.fn(&fuzz);
             return 0;
         }
@@ -28,19 +34,22 @@ int main(int argc, char** argv) {
 
 Fuzz::Fuzz(SkData* bytes) : fBytes(SkSafeRef(bytes)), fNextByte(0) {}
 
+void Fuzz::signalBug   () { raise(SIGSEGV); }
+void Fuzz::signalBoring() { exit(0); }
+
 template <typename T>
-static T read(const SkData* data, int* next) {
-    ASSERT(sizeof(T) <= data->size());
-    if (*next + sizeof(T) > data->size()) {
-        *next = 0;
+T Fuzz::nextT() {
+    if (fNextByte + sizeof(T) > fBytes->size()) {
+        this->signalBoring();
     }
+
     T val;
-    memcpy(&val, data->bytes() + *next, sizeof(T));
-    *next += sizeof(T);
+    memcpy(&val, fBytes->bytes() + fNextByte, sizeof(T));
+    fNextByte += sizeof(T);
     return val;
 }
 
-uint8_t  Fuzz::nextB() { return read<uint8_t >(fBytes, &fNextByte); }
-uint32_t Fuzz::nextU() { return read<uint32_t>(fBytes, &fNextByte); }
-float    Fuzz::nextF() { return read<float   >(fBytes, &fNextByte); }
+uint8_t  Fuzz::nextB() { return this->nextT<uint8_t >(); }
+uint32_t Fuzz::nextU() { return this->nextT<uint32_t>(); }
+float    Fuzz::nextF() { return this->nextT<float   >(); }