From 2a50aa48db017e702506cbfa0f95129255762e93 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Sat, 17 Oct 2015 04:38:26 +0000 Subject: [PATCH] [libFuzzer] add -shuffle flag git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250603 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Fuzzer/FuzzerDriver.cpp | 1 + lib/Fuzzer/FuzzerFlags.def | 1 + lib/Fuzzer/FuzzerInternal.h | 1 + lib/Fuzzer/FuzzerLoop.cpp | 12 +++++++----- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/lib/Fuzzer/FuzzerDriver.cpp b/lib/Fuzzer/FuzzerDriver.cpp index 55d1491c7cf..ce745fed387 100644 --- a/lib/Fuzzer/FuzzerDriver.cpp +++ b/lib/Fuzzer/FuzzerDriver.cpp @@ -255,6 +255,7 @@ int FuzzerDriver(const std::vector &Args, Options.ExitOnFirst = Flags.exit_on_first; Options.UseCounters = Flags.use_counters; Options.UseTraces = Flags.use_traces; + Options.ShuffleAtStartUp = Flags.shuffle; Options.PreferSmallDuringInitialShuffle = Flags.prefer_small_during_initial_shuffle; Options.Tokens = ReadTokensFile(Flags.deprecated_tokens); diff --git a/lib/Fuzzer/FuzzerFlags.def b/lib/Fuzzer/FuzzerFlags.def index b50d6d4ad03..e9767dc4531 100644 --- a/lib/Fuzzer/FuzzerFlags.def +++ b/lib/Fuzzer/FuzzerFlags.def @@ -18,6 +18,7 @@ FUZZER_FLAG_INT(max_len, 64, "Maximum length of the test input.") FUZZER_FLAG_INT(cross_over, 1, "If 1, cross over inputs.") FUZZER_FLAG_INT(mutate_depth, 5, "Apply this number of consecutive mutations to each input.") +FUZZER_FLAG_INT(shuffle, 1, "Shuffle inputs at startup") FUZZER_FLAG_INT( prefer_small_during_initial_shuffle, -1, "If 1, always prefer smaller inputs during the initial corpus shuffle." diff --git a/lib/Fuzzer/FuzzerInternal.h b/lib/Fuzzer/FuzzerInternal.h index a720adb21e4..7391e5ff0bd 100644 --- a/lib/Fuzzer/FuzzerInternal.h +++ b/lib/Fuzzer/FuzzerInternal.h @@ -82,6 +82,7 @@ class Fuzzer { bool UseTraces = false; bool UseFullCoverageSet = false; bool Reload = true; + bool ShuffleAtStartUp = true; int PreferSmallDuringInitialShuffle = -1; size_t MaxNumberOfRuns = ULONG_MAX; int SyncTimeout = 600; diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp index a642bbbf5cb..ef71407d21c 100644 --- a/lib/Fuzzer/FuzzerLoop.cpp +++ b/lib/Fuzzer/FuzzerLoop.cpp @@ -137,11 +137,13 @@ void Fuzzer::ShuffleAndMinimize() { Printf("PreferSmall: %d\n", PreferSmall); PrintStats("READ ", 0); std::vector NewCorpus; - std::random_shuffle(Corpus.begin(), Corpus.end(), USF.GetRand()); - if (PreferSmall) - std::stable_sort( - Corpus.begin(), Corpus.end(), - [](const Unit &A, const Unit &B) { return A.size() < B.size(); }); + if (Options.ShuffleAtStartUp) { + std::random_shuffle(Corpus.begin(), Corpus.end(), USF.GetRand()); + if (PreferSmall) + std::stable_sort( + Corpus.begin(), Corpus.end(), + [](const Unit &A, const Unit &B) { return A.size() < B.size(); }); + } Unit &U = CurrentUnit; for (const auto &C : Corpus) { for (size_t First = 0; First < 1; First++) { -- 2.34.1