Seed values for LibFuzzer are read in as signed integers

[Quuxplusone]

Bugzilla Link	PR25767
Status	RESOLVED FIXED
Importance	P normal
Reported by	Dan A (danielaustin@google.com)
Reported on	2015-12-07 13:03:03 -0800
Last modified on	2015-12-14 16:02:30 -0800
Version	trunk
Hardware	All All
CC	aizatsky@chromium.org, danielaustin@google.com, kcc@google.com, llvm-bugs@lists.llvm.org
Fixed by commit(s)
Attachments
Blocks
Blocked by
See also

In FuzzerDriver.cpp, this happened:

define FUZZER_FLAG_INT(Name, Default, Description) int Name;

This results in 'stol: out of range' exceptions when processing a value larger than 2147483647. This was identified by running:

./fuzzer -seed=2574387484

on a 32-bit ARM device (Current AOSP, Nexus 6)

Fuzzing session replay requires first checking if the generated seed value is greater than 2147483647, and translating it to its hex representation, which does not trigger the out of range issue.

This only seems to be an issue when using the seed flag, the seed value in FuzzerDriver is an unsigned and appears to be handled correctly in the rest of the library.

[Quuxplusone]

Mike, can you handle this while I am OOO?
I think we just need to introduce FUZZER_FLAG_UNSIGNED

[Quuxplusone]

Fixed in http://reviews.llvm.org/rL255296