mirror of
https://github.com/c64scene-ar/llvm-6502.git
synced 2024-07-22 09:29:31 +00:00
[lib/Fuzzer] when -sync_command=<CMD> is given, periodically execute 'CMD CORPUS' to synchronize with other processes
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@237617 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
parent
825a528bbe
commit
05ef67b6b9
@ -230,6 +230,9 @@ int FuzzerDriver(int argc, char **argv, UserCallback Callback) {
|
|||||||
Options.MaxNumberOfRuns = Flags.runs;
|
Options.MaxNumberOfRuns = Flags.runs;
|
||||||
if (!inputs.empty())
|
if (!inputs.empty())
|
||||||
Options.OutputCorpus = inputs[0];
|
Options.OutputCorpus = inputs[0];
|
||||||
|
if (Flags.sync_command)
|
||||||
|
Options.SyncCommand = Flags.sync_command;
|
||||||
|
Options.SyncTimeout = Flags.sync_timeout;
|
||||||
Fuzzer F(Callback, Options);
|
Fuzzer F(Callback, Options);
|
||||||
|
|
||||||
unsigned seed = Flags.seed;
|
unsigned seed = Flags.seed;
|
||||||
|
@ -53,3 +53,7 @@ FUZZER_FLAG_STRING(tokens, "Use the file with tokens (one token per line) to"
|
|||||||
" fuzz a token based input language.")
|
" fuzz a token based input language.")
|
||||||
FUZZER_FLAG_STRING(apply_tokens, "Read the given input file, substitute bytes "
|
FUZZER_FLAG_STRING(apply_tokens, "Read the given input file, substitute bytes "
|
||||||
" with tokens and write the result to stdout.")
|
" with tokens and write the result to stdout.")
|
||||||
|
FUZZER_FLAG_STRING(sync_command, "Execute an external command "
|
||||||
|
"\"<sync_command> <test_corpus>\" "
|
||||||
|
"to synchronize the test corpus.")
|
||||||
|
FUZZER_FLAG_INT(sync_timeout, 600, "Minimal timeout between syncs.")
|
||||||
|
@ -83,7 +83,7 @@ std::string DirPlusFile(const std::string &DirPath,
|
|||||||
|
|
||||||
void PrintFileAsBase64(const std::string &Path) {
|
void PrintFileAsBase64(const std::string &Path) {
|
||||||
std::string Cmd = "base64 -w 0 < " + Path + "; echo";
|
std::string Cmd = "base64 -w 0 < " + Path + "; echo";
|
||||||
system(Cmd.c_str());
|
ExecuteCommand(Cmd);
|
||||||
}
|
}
|
||||||
|
|
||||||
} // namespace fuzzer
|
} // namespace fuzzer
|
||||||
|
@ -43,6 +43,7 @@ void PrintASCII(const Unit &U, const char *PrintAfter = "");
|
|||||||
std::string Hash(const Unit &U);
|
std::string Hash(const Unit &U);
|
||||||
void SetTimer(int Seconds);
|
void SetTimer(int Seconds);
|
||||||
void PrintFileAsBase64(const std::string &Path);
|
void PrintFileAsBase64(const std::string &Path);
|
||||||
|
void ExecuteCommand(const std::string &Command);
|
||||||
|
|
||||||
// Private copy of SHA1 implementation.
|
// Private copy of SHA1 implementation.
|
||||||
static const int kSHA1NumBytes = 20;
|
static const int kSHA1NumBytes = 20;
|
||||||
@ -66,7 +67,9 @@ class Fuzzer {
|
|||||||
bool Reload = true;
|
bool Reload = true;
|
||||||
int PreferSmallDuringInitialShuffle = -1;
|
int PreferSmallDuringInitialShuffle = -1;
|
||||||
size_t MaxNumberOfRuns = ULONG_MAX;
|
size_t MaxNumberOfRuns = ULONG_MAX;
|
||||||
|
int SyncTimeout = 600;
|
||||||
std::string OutputCorpus;
|
std::string OutputCorpus;
|
||||||
|
std::string SyncCommand;
|
||||||
std::vector<std::string> Tokens;
|
std::vector<std::string> Tokens;
|
||||||
};
|
};
|
||||||
Fuzzer(UserCallback Callback, FuzzingOptions Options);
|
Fuzzer(UserCallback Callback, FuzzingOptions Options);
|
||||||
@ -108,6 +111,8 @@ class Fuzzer {
|
|||||||
void PrintStats(const char *Where, size_t Cov, const char *End = "\n");
|
void PrintStats(const char *Where, size_t Cov, const char *End = "\n");
|
||||||
void PrintUnitInASCIIOrTokens(const Unit &U, const char *PrintAfter = "");
|
void PrintUnitInASCIIOrTokens(const Unit &U, const char *PrintAfter = "");
|
||||||
|
|
||||||
|
void SyncCorpus();
|
||||||
|
|
||||||
// Trace-based fuzzing: we run a unit with some kind of tracing
|
// Trace-based fuzzing: we run a unit with some kind of tracing
|
||||||
// enabled and record potentially useful mutations. Then
|
// enabled and record potentially useful mutations. Then
|
||||||
// We apply these mutations one by one to the unit and run it again.
|
// We apply these mutations one by one to the unit and run it again.
|
||||||
@ -142,6 +147,7 @@ class Fuzzer {
|
|||||||
UserCallback Callback;
|
UserCallback Callback;
|
||||||
FuzzingOptions Options;
|
FuzzingOptions Options;
|
||||||
system_clock::time_point ProcessStartTime = system_clock::now();
|
system_clock::time_point ProcessStartTime = system_clock::now();
|
||||||
|
system_clock::time_point LastExternalSync = system_clock::now();
|
||||||
system_clock::time_point UnitStartTime;
|
system_clock::time_point UnitStartTime;
|
||||||
long TimeOfLongestUnitInSeconds = 0;
|
long TimeOfLongestUnitInSeconds = 0;
|
||||||
long EpochOfLastReadOfOutputCorpus = 0;
|
long EpochOfLastReadOfOutputCorpus = 0;
|
||||||
|
@ -324,6 +324,7 @@ void Fuzzer::MutateAndTestOne(Unit *U) {
|
|||||||
void Fuzzer::Loop(size_t NumIterations) {
|
void Fuzzer::Loop(size_t NumIterations) {
|
||||||
for (size_t i = 1; i <= NumIterations; i++) {
|
for (size_t i = 1; i <= NumIterations; i++) {
|
||||||
for (size_t J1 = 0; J1 < Corpus.size(); J1++) {
|
for (size_t J1 = 0; J1 < Corpus.size(); J1++) {
|
||||||
|
SyncCorpus();
|
||||||
RereadOutputCorpus();
|
RereadOutputCorpus();
|
||||||
if (TotalNumberOfRuns >= Options.MaxNumberOfRuns)
|
if (TotalNumberOfRuns >= Options.MaxNumberOfRuns)
|
||||||
return;
|
return;
|
||||||
@ -342,4 +343,14 @@ void Fuzzer::Loop(size_t NumIterations) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void Fuzzer::SyncCorpus() {
|
||||||
|
if (Options.SyncCommand.empty() || Options.OutputCorpus.empty()) return;
|
||||||
|
auto Now = system_clock::now();
|
||||||
|
if (duration_cast<seconds>(Now - LastExternalSync).count() <
|
||||||
|
Options.SyncTimeout)
|
||||||
|
return;
|
||||||
|
LastExternalSync = Now;
|
||||||
|
ExecuteCommand(Options.SyncCommand + " " + Options.OutputCorpus);
|
||||||
|
}
|
||||||
|
|
||||||
} // namespace fuzzer
|
} // namespace fuzzer
|
||||||
|
@ -70,4 +70,8 @@ int NumberOfCpuCores() {
|
|||||||
return N;
|
return N;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void ExecuteCommand(const std::string &Command) {
|
||||||
|
system(Command.c_str());
|
||||||
|
}
|
||||||
|
|
||||||
} // namespace fuzzer
|
} // namespace fuzzer
|
||||||
|
Loading…
Reference in New Issue
Block a user