FUZZER_FLAG(int, cross_over, 1, "If 1, cross over inputs.")
FUZZER_FLAG(int, mutate_depth, 5,
"Apply this number of consecutive mutations to each input.")
+FUZZER_FLAG(
+ int, prefer_small_during_initial_shuffle, -1,
+ "If 1, always prefer smaller inputs during the initial corpus shuffle."
+ " If 0, never do that. If -1, do it sometimes.")
FUZZER_FLAG(int, exit_on_first, 0,
"If 1, exit after the first new interesting input is found.")
FUZZER_FLAG(int, timeout, -1, "Timeout in seconds (if positive).")
int MutateDepth = 5;
bool ExitOnFirst = false;
bool UseFullCoverageSet = false;
+ int PreferSmallDuringInitialShuffle = -1;
size_t MaxNumberOfRuns = ULONG_MAX;
std::string OutputCorpus;
};
// Save the current corpus to OutputCorpus.
void SaveCorpus();
+ size_t secondsSinceProcessStartUp() {
+ return duration_cast<seconds>(system_clock::now() - ProcessStartTime)
+ .count();
+ }
+
+ size_t getTotalNumberOfRuns() { return TotalNumberOfRuns; }
+
static void AlarmCallback();
private:
}
void Fuzzer::ShuffleAndMinimize() {
+ bool PreferSmall =
+ (Options.PreferSmallDuringInitialShuffle == 1 ||
+ (Options.PreferSmallDuringInitialShuffle == -1 && rand() % 2));
if (Options.Verbosity)
- std::cerr << "Shuffle: " << Corpus.size() << "\n";
+ std::cerr << "Shuffle: Size: " << Corpus.size()
+ << " prefer small: " << PreferSmall
+ << "\n";
std::vector<Unit> NewCorpus;
- random_shuffle(Corpus.begin(), Corpus.end());
+ std::random_shuffle(Corpus.begin(), Corpus.end());
+ if (PreferSmall)
+ std::stable_sort(
+ Corpus.begin(), Corpus.end(),
+ [](const Unit &A, const Unit &B) { return A.size() < B.size(); });
size_t MaxCov = 0;
Unit &U = CurrentUnit;
for (const auto &C : Corpus) {
MaxCov = NewCoverage;
NewCorpus.push_back(U);
if (Options.Verbosity >= 2)
- std::cerr << "NEW0: " << NewCoverage << "\n";
+ std::cerr << "NEW0: " << NewCoverage
+ << " L " << U.size()
+ << "\n";
}
}
}
TestOneInput(U.data(), U.size());
size_t NewCoverage = __sanitizer_get_total_unique_coverage();
if (!(TotalNumberOfRuns & (TotalNumberOfRuns - 1)) && Options.Verbosity) {
- size_t Seconds =
- duration_cast<seconds>(system_clock::now() - ProcessStartTime).count();
+ size_t Seconds = secondsSinceProcessStartUp();
std::cerr
<< "#" << TotalNumberOfRuns
<< "\tcov: " << NewCoverage
Options.MutateDepth = Flags.mutate_depth;
Options.ExitOnFirst = Flags.exit_on_first;
Options.UseFullCoverageSet = Flags.use_full_coverage_set;
+ Options.PreferSmallDuringInitialShuffle =
+ Flags.prefer_small_during_initial_shuffle;
if (Flags.runs >= 0)
Options.MaxNumberOfRuns = Flags.runs;
if (!inputs.empty())
F.SaveCorpus();
F.Loop(Flags.iterations < 0 ? INT_MAX : Flags.iterations);
if (Flags.verbosity)
- std::cerr << "Done\n";
+ std::cerr << "Done " << F.getTotalNumberOfRuns()
+ << " runs in " << F.secondsSinceProcessStartUp()
+ << " seconds\n";
return 0;
}
projects / oota-llvm.git / commitdiff