Index: lib/fuzzer/FuzzerDefs.h =================================================================== --- lib/fuzzer/FuzzerDefs.h +++ lib/fuzzer/FuzzerDefs.h @@ -12,16 +12,16 @@ #ifndef LLVM_FUZZER_DEFS_H #define LLVM_FUZZER_DEFS_H +#include #include #include #include #include +#include +#include #include -#include +#include #include -#include -#include -#include // Platform detection. #ifdef __linux__ Index: lib/fuzzer/FuzzerFlags.def =================================================================== --- lib/fuzzer/FuzzerFlags.def +++ lib/fuzzer/FuzzerFlags.def @@ -146,7 +146,7 @@ "after this one. Useful for fuzzers that need to do their own " "argument parsing.") FUZZER_FLAG_STRING(focus_function, "Experimental. " - "Fuzzing will focus on inputs that trigger calls to this function") + "Fuzzing will focus on inputs that trigger calls to this function") FUZZER_DEPRECATED_FLAG(run_equivalence_server) FUZZER_DEPRECATED_FLAG(use_equivalence_server) Index: lib/fuzzer/FuzzerMutate.h =================================================================== --- lib/fuzzer/FuzzerMutate.h +++ lib/fuzzer/FuzzerMutate.h @@ -90,7 +90,7 @@ struct Mutator { size_t (MutationDispatcher::*Fn)(uint8_t *Data, size_t Size, size_t Max); - int Identifier; + MutationType Identifier; }; @@ -148,22 +148,22 @@ Vector DefaultMutators; }; -const std::map kMutationNames = { - {0, "AddWordFromManualDictionaryCount"}, - {1, "AddWordFromPersistentAutoDictionaryCount"}, - {2, "AddWordFromTORCCount"}, - {3, "ChangeASCIIIntegerCount"}, - {4, "ChangeBinaryIntegerCount"}, - {5, "ChangeBitCount"}, - {6, "CopyPartCount"}, - {7, "ChangeByteCount"}, - {8, "CrossOverCount"}, - {9, "CustomCrossoverCount"}, - {10, "CustomMutationCount"}, - {11, "EraseBytesCount"}, - {12, "InsertByteCount"}, - {13, "InsertRepeatedBytesCount"}, - {14, "ShuffleBytesCount"} +const std::unordered_map kMutationNames = { + {ManualDict, "AddWordFromManualDictionaryCount"}, + {PersAutoDict, "AddWordFromPersistentAutoDictionaryCount"}, + {CMP, "AddWordFromTORCCount"}, + {ChangeAsciiInt, "ChangeASCIIIntegerCount"}, + {ChangeBinInt, "ChangeBinaryIntegerCount"}, + {ChangeBit, "ChangeBitCount"}, + {CopyPart, "CopyPartCount"}, + {ChangeByte, "ChangeByteCount"}, + {CrossOver, "CrossOverCount"}, + {CustomCrossOver, "CustomCrossOverCount"}, + {CustomMutation, "CustomMutationCount"}, + {EraseBytes, "EraseBytesCount"}, + {InsertByte, "InsertByteCount"}, + {InsertRepeatedBytes, "InsertRepeatedBytesCount"}, + {ShuffleBytes, "ShuffleBytesCount"} }; } // namespace fuzzer Index: lib/fuzzer/FuzzerMutate.cpp =================================================================== --- lib/fuzzer/FuzzerMutate.cpp +++ lib/fuzzer/FuzzerMutate.cpp @@ -41,7 +41,7 @@ {&MutationDispatcher::Mutate_ChangeASCIIInteger, ChangeAsciiInt}, {&MutationDispatcher::Mutate_ChangeBinaryInteger, ChangeBinInt}, {&MutationDispatcher::Mutate_CopyPart, CopyPart}, - {&MutationDispatcher::Mutate_CrossOver, Crossover}, + {&MutationDispatcher::Mutate_CrossOver, CrossOver}, {&MutationDispatcher::Mutate_AddWordFromManualDictionary, ManualDict}, {&MutationDispatcher::Mutate_AddWordFromPersistentAutoDictionary, @@ -58,7 +58,7 @@ if (EF->LLVMFuzzerCustomCrossOver) Mutators.push_back( - {&MutationDispatcher::Mutate_CustomCrossOver, CustomCrossover}); + {&MutationDispatcher::Mutate_CustomCrossOver, CustomCrossOver}); } static char RandCh(Random &Rand) { @@ -89,7 +89,7 @@ return 0; assert(NewSize <= MaxSize && "CustomCrossOver returned overisized unit"); memcpy(Data, U.data(), NewSize); - MStats->IncrementCount(CustomCrossover, 0); + MStats->IncrementCount(CustomCrossOver, 0); return NewSize; } @@ -304,7 +304,6 @@ if (!Size) return 0; DE.IncUseCount(); CurrentDictionaryEntrySequence.push_back(&DE); - return Size; } @@ -463,7 +462,7 @@ assert(NewSize > 0 && "CrossOver returned empty unit"); assert(NewSize <= MaxSize && "CrossOver returned overisized unit"); memcpy(Data, U.data(), NewSize); - MStats->IncrementCount(Crossover, 0); + MStats->IncrementCount(CrossOver, 0); return NewSize; } Index: lib/fuzzer/FuzzerMutationStats.h =================================================================== --- lib/fuzzer/FuzzerMutationStats.h +++ lib/fuzzer/FuzzerMutationStats.h @@ -12,7 +12,7 @@ namespace fuzzer { -enum MutatorType { +enum MutationType { ManualDict, PersAutoDict, CMP, @@ -21,8 +21,8 @@ ChangeBit, ChangeByte, CopyPart, - Crossover, - CustomCrossover, + CrossOver, + CustomCrossOver, CustomMutation, EraseBytes, InsertByte, @@ -35,13 +35,14 @@ public: ~MutationStats() {} void PrintMutationCounts(); - void IncrementCount(int mType, int type); + void IncTotalMutationCount(MutationType MType); + void IncUsefulMutationCount(MutationType MType); private: // A total count of each mutation used in the fuzzing process. - std::array total; + std::array TotalMutations; // The number of each mutation that resulted in new coverage. - std::array useful; + std::array UsefulMutations; }; extern MutationStats *MStats; Index: lib/fuzzer/FuzzerMutationStats.cpp =================================================================== --- lib/fuzzer/FuzzerMutationStats.cpp +++ lib/fuzzer/FuzzerMutationStats.cpp @@ -25,30 +25,31 @@ Printf("\nTotal Mutations ----------\n"); for (int i = 0; i < MaxNumberOfMutationTypes; i++) { auto current = kMutationNames.find(i); - Printf("%s: %d\n", current->second.c_str(), total.at(i)); + Printf("%s: %d\n", current->second.c_str(), TotalMutations.at(i)); } Printf("\nUseful Mutations ----------\n"); for (int i = 0; i < MaxNumberOfMutationTypes; i++) { auto current = kMutationNames.find(i); - Printf("%s: %d\n", current->second.c_str(), useful.at(i)); + Printf("%s: %d\n", current->second.c_str(), UsefulMutations.at(i)); } } // Updates the count of mutations (total/useful) depending on type. // Types: (0) Total, (1) Useful -void MutationStats::IncrementCount(int mType, int type) { - switch (type) { - case 0: - total[mType]++; - break; - case 1: - useful[mType]++; - break; - default: - break; - } +void MutationStats::IncTotalMutationCount(MutationType MType) { + if ((MType < 0) || MType >= MaxNumberOfMutationTypes) + return; + else + TotalMutations[MType]++; +} + +void MutationStats::IncTotalMutationCount(MutationType MType) { + if ((MType < 0) || MType >= MaxNumberOfMutationTypes) + return; + else + UsefulMutations[MType]++; } } // namespace fuzzer