[libFuzzer] reshuffle the code for -exit_on_src_pos and -exit_on_item

llvm-svn: 284508
2016-10-18 18:06:05 +00:00 · 2016-10-18 18:06:05 +00:00 · 8dfed45cd4
parent 8dbe20c1c7
commit 8dfed45cd4
2 changed files with 12 additions and 15 deletions
--- a/llvm/lib/Fuzzer/FuzzerInternal.h
+++ b/llvm/lib/Fuzzer/FuzzerInternal.h
@ -119,8 +119,7 @@ private:
  void TryDetectingAMemoryLeak(const uint8_t *Data, size_t Size,
                               bool DuringInitialCorpusExecution);
  void AddToCorpus(const Unit &U);
-  void CheckExitOnSrcPos();
-  void CheckExitOnItem();
+  void CheckExitOnSrcPosOrItem();

  // Trace-based fuzzing: we run a unit with some kind of tracing
  // enabled and record potentially useful mutations. Then
--- a/llvm/lib/Fuzzer/FuzzerLoop.cpp
+++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp
@ -379,17 +379,7 @@ void Fuzzer::SetMaxMutationLen(size_t MaxMutationLen) {
  this->MaxMutationLen = MaxMutationLen;
 }

-void Fuzzer::CheckExitOnItem() {
-  if (!Options.ExitOnItem.empty()) {
-    if (Corpus.HasUnit(Options.ExitOnItem)) {
-      Printf("INFO: found item with checksum '%s', exiting.\n",
-             Options.ExitOnItem.c_str());
-      _Exit(0);
-    }
-  }
-}
-
-void Fuzzer::CheckExitOnSrcPos() {
+void Fuzzer::CheckExitOnSrcPosOrItem() {
  if (!Options.ExitOnSrcPos.empty()) {
    uintptr_t *PCIDs;
    if (size_t NumNewPCIDs = TPC.GetNewPCIDs(&PCIDs)) {
@ -403,6 +393,13 @@ void Fuzzer::CheckExitOnSrcPos() {
      }
    }
  }
+  if (!Options.ExitOnItem.empty()) {
+    if (Corpus.HasUnit(Options.ExitOnItem)) {
+      Printf("INFO: found item with checksum '%s', exiting.\n",
+             Options.ExitOnItem.c_str());
+      _Exit(0);
+    }
+  }
 }

 void Fuzzer::RereadOutputCorpus(size_t MaxSize) {
@ -419,6 +416,7 @@ void Fuzzer::RereadOutputCorpus(size_t MaxSize) {
      U.resize(MaxSize);
    if (!Corpus.HasUnit(U)) {
      if (size_t NumFeatures = RunOne(U)) {
+        CheckExitOnSrcPosOrItem();
        Corpus.AddToCorpus(U, NumFeatures);
        Reloaded = true;
      }
@ -447,6 +445,7 @@ void Fuzzer::ShuffleAndMinimize(UnitVector *InitialCorpus) {

  for (const auto &U : *InitialCorpus) {
    if (size_t NumFeatures = RunOne(U)) {
+      CheckExitOnSrcPosOrItem();
      Corpus.AddToCorpus(U, NumFeatures);
      if (Options.Verbosity >= 2)
        Printf("NEW0: %zd L %zd\n", MaxCoverage.BlockCoverage, U.size());
@ -482,7 +481,6 @@ size_t Fuzzer::RunOne(const uint8_t *Data, size_t Size) {
  if (Res && Options.UseCmp)
    TPC.ProcessTORC(MD.GetTraceCmpDictionary(), CurrentUnitData, Size);

-  CheckExitOnSrcPos();
  auto TimeOfUnit =
      duration_cast<seconds>(UnitStopTime - UnitStartTime).count();
  if (!(TotalNumberOfRuns & (TotalNumberOfRuns - 1)) &&
@ -726,7 +724,7 @@ void Fuzzer::MutateAndTestOne() {
      Corpus.AddToCorpus({CurrentUnitData, CurrentUnitData + Size}, NumFeatures,
                         /*MayDeleteFile=*/true);
      ReportNewCoverage(&II, {CurrentUnitData, CurrentUnitData + Size});
-      CheckExitOnItem();
+      CheckExitOnSrcPosOrItem();
    }
    StopTraceRecording();
    TryDetectingAMemoryLeak(CurrentUnitData, Size,