summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer/FuzzerLoop.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerLoop.cpp')
-rw-r--r--llvm/lib/Fuzzer/FuzzerLoop.cpp27
1 files changed, 14 insertions, 13 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp
index db542b26511..1c2c369e53d 100644
--- a/llvm/lib/Fuzzer/FuzzerLoop.cpp
+++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp
@@ -60,8 +60,8 @@ static void MissingWeakApiFunction(const char *FnName) {
// Only one Fuzzer per process.
static Fuzzer *F;
-Fuzzer::Fuzzer(UserSuppliedFuzzer &USF, FuzzingOptions Options)
- : Generator(USF.GetRand().Rand()), USF(USF), Options(Options) {
+Fuzzer::Fuzzer(UserCallback CB, MutationDispatcher &MD, FuzzingOptions Options)
+ : CB(CB), MD(MD), Options(Options) {
SetDeathCallback();
InitializeTraceState();
assert(!F);
@@ -184,13 +184,13 @@ void Fuzzer::RereadOutputCorpus() {
void Fuzzer::ShuffleAndMinimize() {
bool PreferSmall = (Options.PreferSmallDuringInitialShuffle == 1 ||
(Options.PreferSmallDuringInitialShuffle == -1 &&
- USF.GetRand().RandBool()));
+ MD.GetRand().RandBool()));
if (Options.Verbosity)
Printf("PreferSmall: %d\n", PreferSmall);
PrintStats("READ ");
std::vector<Unit> NewCorpus;
if (Options.ShuffleAtStartUp) {
- std::random_shuffle(Corpus.begin(), Corpus.end(), USF.GetRand());
+ std::random_shuffle(Corpus.begin(), Corpus.end(), MD.GetRand());
if (PreferSmall)
std::stable_sort(
Corpus.begin(), Corpus.end(),
@@ -258,7 +258,7 @@ void Fuzzer::ExecuteCallback(const Unit &U) {
AssignTaintLabels(Data.get(), U.size());
CurrentUnitData = Data.get();
CurrentUnitSize = U.size();
- int Res = USF.TargetFunction(Data.get(), U.size());
+ int Res = CB(Data.get(), U.size());
(void)Res;
assert(Res == 0);
CurrentUnitData = nullptr;
@@ -355,7 +355,7 @@ void Fuzzer::PrintStatusForNewUnit(const Unit &U) {
PrintStats("NEW ", "");
if (Options.Verbosity) {
Printf(" L: %zd ", U.size());
- USF.GetMD().PrintMutationSequence();
+ MD.PrintMutationSequence();
Printf("\n");
}
}
@@ -364,7 +364,7 @@ void Fuzzer::ReportNewCoverage(const Unit &U) {
Corpus.push_back(U);
UpdateCorpusDistribution();
UnitHashesAddedToCorpus.insert(Hash(U));
- USF.GetMD().RecordSuccessfulMutationSequence();
+ MD.RecordSuccessfulMutationSequence();
PrintStatusForNewUnit(U);
WriteToOutputCorpus(U);
if (Options.ExitOnFirst)
@@ -404,7 +404,7 @@ void Fuzzer::Merge(const std::vector<std::string> &Corpora) {
}
void Fuzzer::MutateAndTestOne() {
- USF.GetMD().StartMutationSequence();
+ MD.StartMutationSequence();
auto U = ChooseUnitToMutate();
@@ -414,9 +414,9 @@ void Fuzzer::MutateAndTestOne() {
size_t NewSize = 0;
if (LLVMFuzzerCustomMutator)
NewSize = LLVMFuzzerCustomMutator(U.data(), Size, U.size(),
- USF.GetRand().Rand());
+ MD.GetRand().Rand());
else
- NewSize = USF.Mutate(U.data(), Size, U.size());
+ NewSize = MD.Mutate(U.data(), Size, U.size());
assert(NewSize > 0 && "Mutator returned empty unit");
assert(NewSize <= (size_t)Options.MaxLen &&
"Mutator return overisized unit");
@@ -432,7 +432,8 @@ void Fuzzer::MutateAndTestOne() {
// Hypothesis: units added to the corpus last are more likely to be interesting.
// This function gives more weight to the more recent units.
size_t Fuzzer::ChooseUnitIdxToMutate() {
- size_t Idx = static_cast<size_t>(CorpusDistribution(Generator));
+ size_t Idx =
+ static_cast<size_t>(CorpusDistribution(MD.GetRand().Get_mt19937()));
assert(Idx < Corpus.size());
return Idx;
}
@@ -489,7 +490,7 @@ void Fuzzer::Drill() {
void Fuzzer::Loop() {
system_clock::time_point LastCorpusReload = system_clock::now();
if (Options.DoCrossOver)
- USF.GetMD().SetCorpus(&Corpus);
+ MD.SetCorpus(&Corpus);
while (true) {
SyncCorpus();
auto Now = system_clock::now();
@@ -508,7 +509,7 @@ void Fuzzer::Loop() {
}
PrintStats("DONE ", "\n");
- USF.GetMD().PrintRecommendedDictionary();
+ MD.PrintRecommendedDictionary();
}
void Fuzzer::SyncCorpus() {
OpenPOWER on IntegriCloud