From 57c7326a41f9748558fccc3e1197c561a4b4d80d Mon Sep 17 00:00:00 2001 From: xushengbin Date: Mon, 11 Aug 2025 06:40:28 +0000 Subject: [PATCH 1/2] =?UTF-8?q?fuzz=E7=94=A8=E4=BE=8B=E5=91=8A=E8=AD=A6?= =?UTF-8?q?=E6=B8=85=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xushengbin --- .../concurrent_fuzzer/concurrent_fuzzer.cpp | 52 ++++++++++++++----- 1 file changed, 40 insertions(+), 12 deletions(-) diff --git a/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp b/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp index 8e3a5f9..26b2a87 100644 --- a/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp +++ b/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp @@ -180,12 +180,6 @@ bool FuzzConcurrentTaskServiceRequestAuth(const uint8_t* data, size_t size) return true; } -bool FuzzConcurrentTaskServiceStopRemoteObject(const uint8_t* data, size_t size) -{ - ConcurrentTaskClient::GetInstance().StopRemoteObject(); - return true; -} - bool FuzzConcurrentTaskServiceSetThreadQos(const uint8_t* data, size_t size) { FuzzedDataProvider fdp(data, size); @@ -227,7 +221,21 @@ bool FuzzConcurrentTaskServiceSetQosForOtherThread(const uint8_t* data, size_t s bool FuzzConcurrentTaskServiceResetThreadQos(const uint8_t* data, size_t size) { - QOS::ResetThreadQos(); + FuzzedDataProvider fdp(data, size); + if (size > sizeof(int) + sizeof(int)) { + int level = fdp.ConsumeIntegral(); + level = level % TEST_DATA_TENTH; + if (level == TEST_DATA_FIFTH || level == TEST_DATA_SECOND) { + QOS::SetThreadQos(QOS::QosLevel::QOS_BACKGROUND); + } else if (level == TEST_DATA_THIRD || level == TEST_DATA_FOURTH) { + QOS::SetThreadQos(QOS::QosLevel::QOS_UTILITY); + } else if (level == TEST_DATA_FIFTH || level == TEST_DATA_SIXTH) { + QOS::SetThreadQos(QOS::QosLevel::QOS_DEFAULT); + } else if (level == TEST_DATA_SEVENTH || level == TEST_DATA_EIGHTH) { + QOS::SetThreadQos(QOS::QosLevel::QOS_USER_INITIATED); + } + QOS::ResetThreadQos(); + } return true; } @@ -243,8 +251,11 @@ bool FuzzConcurrentTaskServiceResetQosForOtherThread(const uint8_t* data, size_t void FuzzQosPolicyInit(const uint8_t* data, size_t size) { - QosPolicy qosPolicy; - qosPolicy.Init(); + FuzzedDataProvider fdp(data, size); + if (size > sizeof(int)) { + QosPolicy qosPolicy; + qosPolicy.Init(); + } return; } @@ -260,7 +271,21 @@ bool FuzzQosInterfaceEnableRtg(const uint8_t* data, size_t size) bool FuzzQosInterfaceQosLeave(const uint8_t* data, size_t size) { - QosLeave(); + FuzzedDataProvider fdp(data, size); + if (size > sizeof(int) + sizeof(int)) { + int level = fdp.ConsumeIntegral(); + level = level % TEST_DATA_TENTH; + if (level == TEST_DATA_FIFTH || level == TEST_DATA_SECOND) { + QOS::SetThreadQos(QOS::QosLevel::QOS_BACKGROUND); + } else if (level == TEST_DATA_THIRD || level == TEST_DATA_FOURTH) { + QOS::SetThreadQos(QOS::QosLevel::QOS_UTILITY); + } else if (level == TEST_DATA_FIFTH || level == TEST_DATA_SIXTH) { + QOS::SetThreadQos(QOS::QosLevel::QOS_DEFAULT); + } else if (level == TEST_DATA_SEVENTH || level == TEST_DATA_EIGHTH) { + QOS::SetThreadQos(QOS::QosLevel::QOS_USER_INITIATED); + } + QosLeave(); + } return true; } @@ -394,7 +419,11 @@ bool FuzzConcurrentTaskClinetRequestAuth(const uint8_t* data, size_t size) bool FuzzConcurrentTaskClientStopRemoteObject(const uint8_t* data, size_t size) { - ConcurrentTaskClient::GetInstance().StopRemoteObject(); + FuzzedDataProvider fdp(data, size); + if (size > sizeof(int)) { + ConcurrentTaskClient::GetInstance().StopRemoteObject(); + } + return true; } @@ -520,7 +549,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) OHOS::FuzzConcurrentTaskServiceSetAudioDeadline(data, size); OHOS::FuzzConcurrentTaskServiceRequestAuth(data, size); - OHOS::FuzzConcurrentTaskServiceStopRemoteObject(data, size); OHOS::FuzzConcurrentTaskServiceSetThreadQos(data, size); OHOS::FuzzConcurrentTaskServiceSetQosForOtherThread(data, size); OHOS::FuzzConcurrentTaskServiceResetThreadQos(data, size); -- Gitee From f7b44c7f012e9be6933c6b55636b4da35ff0e236 Mon Sep 17 00:00:00 2001 From: xushengbin Date: Mon, 11 Aug 2025 07:19:33 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=E4=BB=A3=E7=A0=81=E5=9D=8F=E5=91=B3?= =?UTF-8?q?=E9=81=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xushengbin --- test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp b/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp index 26b2a87..fd981c1 100644 --- a/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp +++ b/test/fuzztest/concurrent_fuzzer/concurrent_fuzzer.cpp @@ -423,7 +423,6 @@ bool FuzzConcurrentTaskClientStopRemoteObject(const uint8_t* data, size_t size) if (size > sizeof(int)) { ConcurrentTaskClient::GetInstance().StopRemoteObject(); } - return true; } -- Gitee