Roll src/third_party/WebKit 3aea697:d9c6159 (svn 201973:201974)
[chromium-blink-merge.git] / tools / ipc_fuzzer / scripts / ipc_fuzzer_gen.py
blobdc7d61edb3eccf15a01a7707923b51a79b05eb8e
1 #!/usr/bin/env python
2 # Copyright 2014 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file.
6 """Generational ClusterFuzz fuzzer. It generates IPC messages using
7 GenerateTraits. Support of GenerateTraits for different types will be gradually
8 added.
9 """
11 import os
12 import random
13 import subprocess
14 import sys
15 import utils
17 FUZZER_NAME_OPTION = '--fuzzer-name=generate'
18 MAX_IPC_MESSAGES_PER_TESTCASE = 1500
21 class GenerationalFuzzer:
22 def parse_arguments(self):
23 self.args = utils.parse_arguments()
25 def set_application_paths(self):
26 chrome_application_path = utils.get_application_path()
27 chrome_application_directory = os.path.dirname(chrome_application_path)
28 self.ipc_fuzzer_binary = utils.get_fuzzer_application_name()
29 self.ipc_replay_binary = utils.get_replay_application_name()
30 self.ipc_fuzzer_binary_path = os.path.join(
31 chrome_application_directory, self.ipc_fuzzer_binary)
32 self.ipc_replay_binary_path = os.path.join(
33 chrome_application_directory, self.ipc_replay_binary)
35 def generate_ipcdump_testcase(self):
36 ipcdump_testcase_path = (
37 utils.random_ipcdump_testcase_path(self.args.output_dir))
38 num_ipc_messages = random.randint(1, MAX_IPC_MESSAGES_PER_TESTCASE)
39 count_option = '--count=%d' % num_ipc_messages
41 cmd = [
42 self.ipc_fuzzer_binary_path,
43 FUZZER_NAME_OPTION,
44 count_option,
45 ipcdump_testcase_path,
48 if subprocess.call(cmd):
49 sys.exit('%s failed.' % self.ipc_fuzzer_binary)
51 utils.create_flags_file(ipcdump_testcase_path, self.ipc_replay_binary_path)
53 def main(self):
54 self.parse_arguments()
55 self.set_application_paths()
56 for _ in xrange(self.args.no_of_files):
57 self.generate_ipcdump_testcase()
59 return 0
61 if __name__ == "__main__":
62 fuzzer = GenerationalFuzzer()
63 sys.exit(fuzzer.main())