diff --git a/scripts/fuzz/fuzz_command_parser.options b/scripts/fuzz/fuzz_command_parser.options index ab1f3fb1..b8ad1de2 100644 --- a/scripts/fuzz/fuzz_command_parser.options +++ b/scripts/fuzz/fuzz_command_parser.options @@ -3,3 +3,4 @@ detect_leaks=0 max_len=8192 print_final_stats=1 use_value_profile=1 +max_total_time=180 diff --git a/scripts/fuzz/fuzz_rtcp_parser.options b/scripts/fuzz/fuzz_rtcp_parser.options index 63ff5444..90d89fbb 100644 --- a/scripts/fuzz/fuzz_rtcp_parser.options +++ b/scripts/fuzz/fuzz_rtcp_parser.options @@ -2,3 +2,4 @@ max_len=8192 print_final_stats=1 use_value_profile=1 +max_total_time=180 diff --git a/scripts/fuzz/fuzz_rtp_parser.options b/scripts/fuzz/fuzz_rtp_parser.options index 63ff5444..90d89fbb 100644 --- a/scripts/fuzz/fuzz_rtp_parser.options +++ b/scripts/fuzz/fuzz_rtp_parser.options @@ -2,3 +2,4 @@ max_len=8192 print_final_stats=1 use_value_profile=1 +max_total_time=180 diff --git a/scripts/fuzz/fuzz_rtp_session.c b/scripts/fuzz/fuzz_rtp_session.c index 4dffb25a..c2dc8abe 100644 --- a/scripts/fuzz/fuzz_rtp_session.c +++ b/scripts/fuzz/fuzz_rtp_session.c @@ -119,6 +119,7 @@ proc_foreach(void *dp, void *ap) struct sockaddr *rap; struct rtp_packet *pktp = rtp_packet_alloc(); assert (pktp != NULL); + //CALL_SMETHOD(pktp->rcnt, traceen, HEREVAL); void *olddata = CALL_SMETHOD(pktp->rcnt, getdata); CALL_SMETHOD(pktp->rcnt, attach, wpd_f, olddata); rap = sstosa(&pktp->raddr); @@ -132,7 +133,9 @@ proc_foreach(void *dp, void *ap) .strmp_out = ostp, .rsp = fap->rsp, .pktp = pktp}; - CALL_SMETHOD(istp->pproc_manager, handleat, &pktx, _PPROC_ORD_EMPTY); + struct pproc_act r; + r = CALL_SMETHOD(istp->pproc_manager, handleat, &pktx, _PPROC_ORD_EMPTY); + assert(r.a == PPROC_ACT_TAKE_v || r.a == PPROC_ACT_DROP_v); fap->nwait += 1; } return (RTPP_HT_MATCH_CONT); @@ -155,6 +158,9 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) if (size < 2) return (0); + fprintf(stderr, "LLVMFuzzerTestOneInput(data=%p, size=%lu)\n", data, + (unsigned long)size); + fflush(stderr); op_flags.value = data[0]; data += 1; size -= 1; diff --git a/scripts/fuzz/fuzz_rtp_session.options b/scripts/fuzz/fuzz_rtp_session.options index ab1f3fb1..cfb6d8f4 100644 --- a/scripts/fuzz/fuzz_rtp_session.options +++ b/scripts/fuzz/fuzz_rtp_session.options @@ -3,3 +3,4 @@ detect_leaks=0 max_len=8192 print_final_stats=1 use_value_profile=1 +max_total_time=7200 diff --git a/src/rtpp_command.c b/src/rtpp_command.c index cc8ec2a9..99360e26 100644 --- a/src/rtpp_command.c +++ b/src/rtpp_command.c @@ -126,6 +126,7 @@ create_twinlistener(unsigned int port, void *ap) SA_AF2STR(ctap->ia)); goto failure; } + //CALL_SMETHOD(ctap->fds[i]->rcnt, traceen); memcpy(&iac, ctap->ia, SA_LEN(ctap->ia)); satosin(&iac)->sin_port = htons(port); if (CALL_SMETHOD(ctap->fds[i], bind2, sstosa(&iac), SA_LEN(ctap->ia)) != 0) { diff --git a/src/rtpp_command_reply.c b/src/rtpp_command_reply.c index 23dc3e66..7bff0117 100644 --- a/src/rtpp_command_reply.c +++ b/src/rtpp_command_reply.c @@ -111,6 +111,7 @@ rtpc_reply_ctor(const struct rtpp_command_ctx *ctx) pvt->pub.smethods = rtpc_reply_smethods; #endif CALL_SMETHOD(pvt->pub.rcnt, use_stdfree, pvt); + CALL_SMETHOD(pvt->pub.rcnt, traceen, HEREVAL); return ((&pvt->pub)); e0: diff --git a/src/rtpp_module_if.c b/src/rtpp_module_if.c index 1024a3b8..d76166b0 100644 --- a/src/rtpp_module_if.c +++ b/src/rtpp_module_if.c @@ -168,6 +168,7 @@ rtpp_module_if_ctor(const char *mpath) pvt->pub.get_mconf = &rtpp_mif_get_mconf; pvt->pub.ul_subc_handle = &rtpp_mif_ul_subc_handle; pvt->pub.kaput = &rtpp_mif_kaput; + //CALL_SMETHOD(pvt->pub.rcnt, traceen, HEREVAL); CALL_SMETHOD(pvt->pub.rcnt, attach, (rtpp_refcnt_dtor_t)&rtpp_mif_dtor, pvt); return ((&pvt->pub)); diff --git a/src/rtpp_refcnt.c b/src/rtpp_refcnt.c index 683b042d..6a2c645d 100644 --- a/src/rtpp_refcnt.c +++ b/src/rtpp_refcnt.c @@ -44,6 +44,9 @@ #include "rtpp_refcnt.h" #include "rtpp_refcnt_fin.h" +#undef RTPP_DEBUG_refcnt +#define RTPP_DEBUG_refcnt 1 + #if RTPP_DEBUG_refcnt #include #ifdef RTPP_DEBUG