6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-06-20 10:24:12 +00:00
Code Issues Projects Releases Wiki Activity

[lib/Fuzzer] extend the fuzzer interface to allow user-supplied mutators

Browse Source 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238059 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Kostya Serebryany
2015-05-22 22:35:31 +00:00
parent d8319655f2
commit ebada2c2bc
12 changed files with 258 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
lib/Fuzzer/FuzzerCrossOver.cpp
View File

@ -9,39 +9,42 @@
// Cross over test inputs.
//===----------------------------------------------------------------------===//
#include <cstring>
#include "FuzzerInternal.h"
#include <algorithm>
namespace fuzzer {
// Cross A and B, store the result (ap to MaxLen bytes) in U.
void CrossOver(const Unit &A, const Unit &B, Unit *U, size_t MaxLen) {
size_t Size = rand() % MaxLen + 1;
U->clear();
const Unit *V = &A;
size_t PosA = 0;
size_t PosB = 0;
size_t *Pos = &PosA;
while (U->size() < Size && (PosA < A.size() || PosB < B.size())) {
// Merge a part of V into U.
size_t SizeLeftU = Size - U->size();
if (*Pos < V->size()) {
size_t SizeLeftV = V->size() - *Pos;
size_t MaxExtraSize = std::min(SizeLeftU, SizeLeftV);
// Cross Data1 and Data2, store the result (up to MaxOutSize bytes) in Out.
size_t CrossOver(const uint8_t *Data1, size_t Size1,
const uint8_t *Data2, size_t Size2,
uint8_t *Out, size_t MaxOutSize) {
MaxOutSize = rand() % MaxOutSize + 1;
size_t OutPos = 0;
size_t Pos1 = 0;
size_t Pos2 = 0;
size_t *InPos = &Pos1;
size_t InSize = Size1;
const uint8_t *Data = Data1;
bool CurrentlyUsingFirstData = true;
while (OutPos < MaxOutSize && (Pos1 < Size1 || Pos2 < Size2)) {
// Merge a part of Data into Out.
size_t OutSizeLeft = MaxOutSize - OutPos;
if (*InPos < InSize) {
size_t InSizeLeft = InSize - *InPos;
size_t MaxExtraSize = std::min(OutSizeLeft, InSizeLeft);
size_t ExtraSize = rand() % MaxExtraSize + 1;
U->insert(U->end(), V->begin() + *Pos, V->begin() + *Pos + ExtraSize);
(*Pos) += ExtraSize;
}
// Use the other Unit on the next iteration.
if (Pos == &PosA) {
Pos = &PosB;
V = &B;
} else {
Pos = &PosA;
V = &A;
memcpy(Out + OutPos, Data + *InPos, ExtraSize);
OutPos += ExtraSize;
(*InPos) += ExtraSize;
}
// Use the other input data on the next iteration.
InPos = CurrentlyUsingFirstData ? &Pos2 : &Pos1;
InSize = CurrentlyUsingFirstData ? Size2 : Size1;
Data = CurrentlyUsingFirstData ? Data2 : Data1;
CurrentlyUsingFirstData = !CurrentlyUsingFirstData;
}
return OutPos;
}
} // namespace fuzzer