diff options
| author | Kostya Serebryany <kcc@google.com> | 2015-03-31 20:13:20 +0000 |
|---|---|---|
| committer | Kostya Serebryany <kcc@google.com> | 2015-03-31 20:13:20 +0000 |
| commit | 52a788e5037d9cd8af981a1b64af9d76b7b6b798 (patch) | |
| tree | f5bcb681f3ce80ae15052121401bde1272ffe913 /llvm/lib/Fuzzer/FuzzerInternal.h | |
| parent | d2edb241e2397bb623e5e86a33d31d1cca7c342e (diff) | |
| download | bcm5719-llvm-52a788e5037d9cd8af981a1b64af9d76b7b6b798.tar.gz bcm5719-llvm-52a788e5037d9cd8af981a1b64af9d76b7b6b798.zip | |
[fuzzer] Add support for token-based fuzzing (e.g. for C++). Allow string flags.
llvm-svn: 233745
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerInternal.h')
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerInternal.h | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerInternal.h b/llvm/lib/Fuzzer/FuzzerInternal.h index 66548350e97..77871097bd7 100644 --- a/llvm/lib/Fuzzer/FuzzerInternal.h +++ b/llvm/lib/Fuzzer/FuzzerInternal.h @@ -23,7 +23,8 @@ namespace fuzzer { typedef std::vector<uint8_t> Unit; using namespace std::chrono; -Unit ReadFile(const char *Path); +std::string FileToString(const std::string &Path); +Unit FileToVector(const std::string &Path); void ReadDirToVectorOfUnits(const char *Path, std::vector<Unit> *V); void WriteToFile(const Unit &U, const std::string &Path); void CopyFileToErr(const std::string &Path); @@ -55,12 +56,9 @@ class Fuzzer { int PreferSmallDuringInitialShuffle = -1; size_t MaxNumberOfRuns = ULONG_MAX; std::string OutputCorpus; + std::vector<std::string> Tokens; }; - Fuzzer(UserCallback Callback, FuzzingOptions Options) - : Callback(Callback), Options(Options) { - SetDeathCallback(); - InitializeDFSan(); - } + Fuzzer(UserCallback Callback, FuzzingOptions Options); void AddToCorpus(const Unit &U) { Corpus.push_back(U); } size_t Loop(size_t NumIterations); void ShuffleAndMinimize(); @@ -79,22 +77,28 @@ class Fuzzer { size_t getTotalNumberOfRuns() { return TotalNumberOfRuns; } - static void AlarmCallback(); + static void StaticAlarmCallback(); + + Unit SubstituteTokens(const Unit &U) const; private: + void AlarmCallback(); + void ExecuteCallback(const Unit &U); size_t MutateAndTestOne(Unit *U); size_t RunOne(const Unit &U); size_t RunOneMaximizeTotalCoverage(const Unit &U); size_t RunOneMaximizeFullCoverageSet(const Unit &U); size_t RunOneMaximizeCoveragePairs(const Unit &U); void WriteToOutputCorpus(const Unit &U); - static void WriteToCrash(const Unit &U, const char *Prefix); + void WriteToCrash(const Unit &U, const char *Prefix); bool MutateWithDFSan(Unit *U); void PrintStats(const char *Where, size_t Cov, const char *End = "\n"); + void PrintUnitInASCIIOrTokens(const Unit &U, const char *PrintAfter = ""); void SetDeathCallback(); - static void DeathCallback(); - static Unit CurrentUnit; + static void StaticDeathCallback(); + void DeathCallback(); + Unit CurrentUnit; size_t TotalNumberOfRuns = 0; @@ -113,7 +117,7 @@ class Fuzzer { UserCallback Callback; FuzzingOptions Options; system_clock::time_point ProcessStartTime = system_clock::now(); - static system_clock::time_point UnitStartTime; + system_clock::time_point UnitStartTime; long TimeOfLongestUnitInSeconds = 0; }; |
