X-Git-Url: http://plrg.eecs.uci.edu/git/?a=blobdiff_plain;f=lib%2FFuzzer%2FFuzzerMain.cpp;h=c4dffb45d166af62643e0368e04239c4c11337c6;hb=d00bdb627b38ad63ad00bcfbd7dee28d704bfc3a;hp=9d4004e951d89907208c51cbe50708cff1966e42;hpb=556d1a3b80ddedf8d68bf1293fba755f688e83b7;p=oota-llvm.git diff --git a/lib/Fuzzer/FuzzerMain.cpp b/lib/Fuzzer/FuzzerMain.cpp index 9d4004e951d..c4dffb45d16 100644 --- a/lib/Fuzzer/FuzzerMain.cpp +++ b/lib/Fuzzer/FuzzerMain.cpp @@ -9,138 +9,12 @@ // main() and flags. //===----------------------------------------------------------------------===// +#include "FuzzerInterface.h" #include "FuzzerInternal.h" -#include -#include -#include -#include - -// ASAN options: -// * don't dump the coverage to disk. -// * enable coverage by default. -extern "C" const char *__asan_default_options() { - return "coverage_pcs=0:coverage=1"; -} - -// Program arguments. -struct FlagDescription { - const char *Name; - const char *Description; - int Default; - int *Flag; -}; - -struct { -#define FUZZER_FLAG(Type, Name, Default, Description) Type Name; -#include "FuzzerFlags.def" -#undef FUZZER_FLAG -} Flags; - -static FlagDescription FlagDescriptions [] { -#define FUZZER_FLAG(Type, Name, Default, Description) {#Name, Description, Default, &Flags.Name}, -#include "FuzzerFlags.def" -#undef FUZZER_FLAG -}; - -static const size_t kNumFlags = - sizeof(FlagDescriptions) / sizeof(FlagDescriptions[0]); - -static std::vector inputs; -static const char *ProgName; - -static void PrintHelp() { - std::cerr << "Usage: " << ProgName - << " [-flag1=val1 [-flag2=val2 ...] ] [dir1 [dir2 ...] ]\n"; - std::cerr << "\nFlags: (strictly in form -flag=value)\n"; - size_t MaxFlagLen = 0; - for (size_t F = 0; F < kNumFlags; F++) - MaxFlagLen = std::max(strlen(FlagDescriptions[F].Name), MaxFlagLen); - - for (size_t F = 0; F < kNumFlags; F++) { - const auto &D = FlagDescriptions[F]; - std::cerr << " " << D.Name; - for (size_t i = 0, n = MaxFlagLen - strlen(D.Name); i < n; i++) - std::cerr << " "; - std::cerr << "\t"; - std::cerr << D.Default << "\t" << D.Description << "\n"; - } -} - -static const char *FlagValue(const char *Param, const char *Name) { - size_t Len = strlen(Name); - if (Param[0] == '-' && strstr(Param + 1, Name) == Param + 1 && - Param[Len + 1] == '=') - return &Param[Len + 2]; - return nullptr; -} - -static bool ParseOneFlag(const char *Param) { - if (Param[0] != '-') return false; - for (size_t F = 0; F < kNumFlags; F++) { - const char *Name = FlagDescriptions[F].Name; - const char *Str = FlagValue(Param, Name); - if (Str) { - int Val = std::stol(Str); - *FlagDescriptions[F].Flag = Val; - if (Flags.verbosity >= 2) - std::cerr << "Flag: " << Name << " " << Val << "\n"; - return true; - } - } - PrintHelp(); - exit(1); -} - -// We don't use any library to minimize dependencies. -static void ParseFlags(int argc, char **argv) { - for (size_t F = 0; F < kNumFlags; F++) - *FlagDescriptions[F].Flag = FlagDescriptions[F].Default; - for (int A = 1; A < argc; A++) { - if (ParseOneFlag(argv[A])) continue; - inputs.push_back(argv[A]); - } -} +// This function should be defined by the user. +extern "C" void LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size); int main(int argc, char **argv) { - using namespace fuzzer; - - ProgName = argv[0]; - ParseFlags(argc, argv); - if (Flags.help) { - PrintHelp(); - return 0; - } - Fuzzer::FuzzingOptions Options; - Options.Verbosity = Flags.verbosity; - Options.MaxLen = Flags.max_len; - Options.DoCrossOver = Flags.cross_over; - Options.MutateDepth = Flags.mutate_depth; - Options.ExitOnFirst = Flags.exit_on_first; - if (!inputs.empty()) - Options.OutputCorpus = inputs[0]; - Fuzzer F(Options); - - unsigned seed = Flags.seed; - // Initialize seed. - if (seed == 0) - seed = time(0) * 10000 + getpid(); - if (Flags.verbosity) - std::cerr << "Seed: " << seed << "\n"; - srand(seed); - - // Timer - if (Flags.timeout > 0) - SetTimer(Flags.timeout); - - for (auto &inp : inputs) - F.ReadDir(inp); - - if (F.CorpusSize() == 0) - F.AddToCorpus(Unit()); // Can't fuzz empty corpus, so add an empty input. - F.ShuffleAndMinimize(); - F.Loop(Flags.iterations < 0 ? INT_MAX : Flags.iterations); - if (Flags.verbosity) - std::cerr << "Done\n"; - return 1; + return fuzzer::FuzzerDriver(argc, argv, LLVMFuzzerTestOneInput); }