}
int CollectDataFlow(const std::string &DFTBinary, const std::string &DirPath,
- const Vector<std::string> &CorpusDirs,
- const Vector<std::string> &ExtraSeeds) {
- Printf("INFO: collecting data flow. DFTBinary: %s DirPath: %s\n",
- DFTBinary.c_str(), DirPath.c_str());
+ const Vector<SizedFile> &CorporaFiles) {
+ Printf("INFO: collecting data flow for %zd files\n", CorporaFiles.size());
return 0;
}
#define LLVM_FUZZER_DATA_FLOW_TRACE
#include "FuzzerDefs.h"
+#include "FuzzerIO.h"
#include <unordered_map>
#include <vector>
namespace fuzzer {
int CollectDataFlow(const std::string &DFTBinary, const std::string &DirPath,
- const Vector<std::string> &CorpusDirs,
- const Vector<std::string> &ExtraSeeds);
+ const Vector<SizedFile> &CorporaFiles);
class BlockCoverage {
public:
return Files;
}
+static Vector<SizedFile> ReadCorpora(const Vector<std::string> &CorpusDirs,
+ const Vector<std::string> &ExtraSeedFiles) {
+ Vector<SizedFile> SizedFiles;
+ size_t LastNumFiles = 0;
+ for (auto &Dir : CorpusDirs) {
+ GetSizedFilesFromDir(Dir, &SizedFiles);
+ Printf("INFO: % 8zd files found in %s\n", SizedFiles.size() - LastNumFiles,
+ Dir.c_str());
+ LastNumFiles = SizedFiles.size();
+ }
+ for (auto &File : ExtraSeedFiles)
+ if (auto Size = FileSize(File))
+ SizedFiles.push_back({File, Size});
+ return SizedFiles;
+}
+
int FuzzerDriver(int *argc, char ***argv, UserCallback Callback) {
using namespace fuzzer;
assert(argc && argv && "Argument pointers cannot be nullptr");
return 1;
if (Flags.verbosity > 0 && !Dictionary.empty())
Printf("Dictionary: %zd entries\n", Dictionary.size());
- bool DoPlainRun = AllInputsAreFiles();
+ bool RunIndividualFiles = AllInputsAreFiles();
Options.SaveArtifacts =
- !DoPlainRun || Flags.minimize_crash_internal_step;
+ !RunIndividualFiles || Flags.minimize_crash_internal_step;
Options.PrintNewCovPcs = Flags.print_pcs;
Options.PrintNewCovFuncs = Flags.print_funcs;
Options.PrintFinalStats = Flags.print_final_stats;
Options.FeaturesDir = Flags.features_dir;
Options.LazyCounters = Flags.lazy_counters;
- auto ExtraSeedFiles = ParseSeedInuts(Flags.seed_inputs);
-
unsigned Seed = Flags.seed;
// Initialize Seed.
if (Seed == 0)
if (Flags.verbosity)
Printf("INFO: Seed: %u\n", Seed);
- if (Flags.collect_data_flow)
- return CollectDataFlow(Flags.collect_data_flow, Flags.data_flow_trace,
- *Inputs, ExtraSeedFiles);
+ if (Flags.collect_data_flow) {
+ if (RunIndividualFiles)
+ return CollectDataFlow(Flags.collect_data_flow, Flags.data_flow_trace,
+ ReadCorpora({}, *Inputs));
+ else
+ return CollectDataFlow(Flags.collect_data_flow, Flags.data_flow_trace,
+ ReadCorpora(*Inputs, {}));
+ }
Random Rand(Seed);
auto *MD = new MutationDispatcher(Rand, Options);
if (Flags.cleanse_crash)
return CleanseCrashInput(Args, Options);
- if (DoPlainRun) {
+ if (RunIndividualFiles) {
Options.SaveArtifacts = false;
int Runs = std::max(1, Flags.runs);
Printf("%s: Running %zd inputs %d time(s) each.\n", ProgName->c_str(),
exit(0);
}
- F->Loop(*Inputs, ExtraSeedFiles);
+ auto CorporaFiles = ReadCorpora(*Inputs, ParseSeedInuts(Flags.seed_inputs));
+ F->Loop(CorporaFiles);
if (Flags.verbosity)
Printf("Done %zd runs in %zd second(s)\n", F->getTotalNumberOfRuns(),
Fuzzer(UserCallback CB, InputCorpus &Corpus, MutationDispatcher &MD,
FuzzingOptions Options);
~Fuzzer();
- void Loop(const Vector<std::string> &CorpusDirs,
- const Vector<std::string> &ExtraSeedFiles);
- void ReadAndExecuteSeedCorpora(const Vector<std::string> &CorpusDirs,
- const Vector<std::string> &ExtraSeedFiles);
+ void Loop(Vector<SizedFile> &CorporaFiles);
+ void ReadAndExecuteSeedCorpora(Vector<SizedFile> &CorporaFiles);
void MinimizeCrashLoop(const Unit &U);
void RereadOutputCorpus(size_t MaxSize);
LastAllocatorPurgeAttemptTime = system_clock::now();
}
-void Fuzzer::ReadAndExecuteSeedCorpora(
- const Vector<std::string> &CorpusDirs,
- const Vector<std::string> &ExtraSeedFiles) {
+void Fuzzer::ReadAndExecuteSeedCorpora(Vector<SizedFile> &CorporaFiles) {
const size_t kMaxSaneLen = 1 << 20;
const size_t kMinDefaultLen = 4096;
- Vector<SizedFile> SizedFiles;
size_t MaxSize = 0;
size_t MinSize = -1;
size_t TotalSize = 0;
- size_t LastNumFiles = 0;
- for (auto &Dir : CorpusDirs) {
- GetSizedFilesFromDir(Dir, &SizedFiles);
- Printf("INFO: % 8zd files found in %s\n", SizedFiles.size() - LastNumFiles,
- Dir.c_str());
- LastNumFiles = SizedFiles.size();
- }
- // Add files from -seed_inputs.
- for (auto &File : ExtraSeedFiles)
- if (auto Size = FileSize(File))
- SizedFiles.push_back({File, Size});
-
- for (auto &File : SizedFiles) {
+ for (auto &File : CorporaFiles) {
MaxSize = Max(File.Size, MaxSize);
MinSize = Min(File.Size, MinSize);
TotalSize += File.Size;
if (Options.LazyCounters)
TPC.ProtectLazyCounters();
- if (SizedFiles.empty()) {
+ if (CorporaFiles.empty()) {
Printf("INFO: A corpus is not provided, starting from an empty corpus\n");
Unit U({'\n'}); // Valid ASCII input.
RunOne(U.data(), U.size());
} else {
Printf("INFO: seed corpus: files: %zd min: %zdb max: %zdb total: %zdb"
" rss: %zdMb\n",
- SizedFiles.size(), MinSize, MaxSize, TotalSize, GetPeakRSSMb());
+ CorporaFiles.size(), MinSize, MaxSize, TotalSize, GetPeakRSSMb());
if (Options.ShuffleAtStartUp)
- std::shuffle(SizedFiles.begin(), SizedFiles.end(), MD.GetRand());
+ std::shuffle(CorporaFiles.begin(), CorporaFiles.end(), MD.GetRand());
if (Options.PreferSmall) {
- std::stable_sort(SizedFiles.begin(), SizedFiles.end());
- assert(SizedFiles.front().Size <= SizedFiles.back().Size);
+ std::stable_sort(CorporaFiles.begin(), CorporaFiles.end());
+ assert(CorporaFiles.front().Size <= CorporaFiles.back().Size);
}
// Load and execute inputs one by one.
- for (auto &SF : SizedFiles) {
+ for (auto &SF : CorporaFiles) {
auto U = FileToVector(SF.File, MaxInputLen, /*ExitOnError=*/false);
assert(U.size() <= MaxInputLen);
RunOne(U.data(), U.size());
}
}
-void Fuzzer::Loop(const Vector<std::string> &CorpusDirs,
- const Vector<std::string> &ExtraSeedFiles) {
- ReadAndExecuteSeedCorpora(CorpusDirs, ExtraSeedFiles);
+void Fuzzer::Loop(Vector<SizedFile> &CorporaFiles) {
+ ReadAndExecuteSeedCorpora(CorporaFiles);
DFT.Clear(); // No need for DFT any more.
TPC.SetPrintNewPCs(Options.PrintNewCovPcs);
TPC.SetPrintNewFuncs(Options.PrintNewCovFuncs);