Lines Matching +full:auto +full:- +full:string +full:- +full:detection
1 //===- FuzzerDriver.cpp - FuzzerDriver function and flags -----------------===//
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
7 //===----------------------------------------------------------------------===//
9 //===----------------------------------------------------------------------===//
28 #include <string>
89 static std::vector<std::string> *Inputs;
90 static std::string *ProgName;
94 auto Prog = ProgName->c_str(); in PrintHelp()
96 Printf("%s [-flag1=val1 [-flag2=val2 ...] ] [dir1 [dir2 ...] ]\n", Prog); in PrintHelp()
99 Printf("%s [-flag1=val1 [-flag2=val2 ...] ] file1 [file2 ...]\n", Prog); in PrintHelp()
101 Printf("\nFlags: (strictly in form -flag=value)\n"); in PrintHelp()
107 const auto &D = FlagDescriptions[F]; in PrintHelp()
110 for (size_t i = 0, n = MaxFlagLen - strlen(D.Name); i < n; i++) in PrintHelp()
115 Printf("\nFlags starting with '--' will be ignored and " in PrintHelp()
121 if (Param[0] == '-' && strstr(Param + 1, Name) == Param + 1 && in FlagValue()
131 if (*Str == '-') { in MyStol()
133 Sign = -1; in MyStol()
139 Res = Res * 10 + (Ch - '0'); in MyStol()
145 if (Param[0] != '-') return false; in ParseOneFlag()
146 if (Param[1] == '-') { in ParseOneFlag()
150 Printf("INFO: libFuzzer ignores flags that start with '--'\n"); in ParseOneFlag()
162 auto Val = MyStol(Str); in ParseOneFlag()
168 auto Val = std::stoul(Str); in ParseOneFlag()
185 "use -help=1 to list all flags\n\n", Param); in ParseOneFlag()
190 static void ParseFlags(const std::vector<std::string> &Args, in ParseFlags()
203 if (EF->LLVMFuzzerCustomMutator) { in ParseFlags()
206 "Disabling -len_control by default.\n", EF->LLVMFuzzerCustomMutator); in ParseFlags()
209 Inputs = new std::vector<std::string>; in ParseFlags()
216 Inputs->push_back(Args[A]); in ParseFlags()
236 std::string Log = "fuzz-" + std::to_string(C) + ".log"; in WorkerThread()
241 std::string CommandLine = Cmd.toString(); in WorkerThread()
254 static void ValidateDirectoryExists(const std::string &Path, in ValidateDirectoryExists()
257 Printf("ERROR: Provided directory path is an empty string\n"); in ValidateDirectoryExists()
276 std::string CloneArgsWithoutX(const std::vector<std::string> &Args, in CloneArgsWithoutX()
278 std::string Cmd; in CloneArgsWithoutX()
279 for (auto &S : Args) { in CloneArgsWithoutX()
287 static int RunInMultipleProcesses(const std::vector<std::string> &Args, in RunInMultipleProcesses()
303 for (auto &T : V) in RunInMultipleProcesses()
313 F->RssLimitCallback(); in RssThread()
328 F->ExecuteCallback(U.data(), U.size()); in RunOneTest()
330 // Leak detection is not needed when collecting full coverage data. in RunOneTest()
331 F->TPCUpdateObservedPCs(); in RunOneTest()
333 F->TryDetectingAMemoryLeak(U.data(), U.size(), true); in RunOneTest()
339 if (Inputs->empty()) return false; in AllInputsAreFiles()
340 for (auto &Path : *Inputs) in AllInputsAreFiles()
346 static std::string GetDedupTokenFromCmdOutput(const std::string &S) { in GetDedupTokenFromCmdOutput()
347 auto Beg = S.find("DEDUP_TOKEN:"); in GetDedupTokenFromCmdOutput()
348 if (Beg == std::string::npos) in GetDedupTokenFromCmdOutput()
350 auto End = S.find('\n', Beg); in GetDedupTokenFromCmdOutput()
351 if (End == std::string::npos) in GetDedupTokenFromCmdOutput()
353 return S.substr(Beg, End - Beg); in GetDedupTokenFromCmdOutput()
356 int CleanseCrashInput(const std::vector<std::string> &Args, in CleanseCrashInput()
358 if (Inputs->size() != 1 || !Flags.exact_artifact_path) { in CleanseCrashInput()
359 Printf("ERROR: -cleanse_crash should be given one input file and" in CleanseCrashInput()
360 " -exact_artifact_path\n"); in CleanseCrashInput()
363 std::string InputFilePath = Inputs->at(0); in CleanseCrashInput()
364 std::string OutputFilePath = Flags.exact_artifact_path; in CleanseCrashInput()
371 auto TmpFilePath = TempPath("CleanseCrashInput", ".repro"); in CleanseCrashInput()
376 std::string CurrentFilePath = InputFilePath; in CleanseCrashInput()
377 auto U = FileToVector(CurrentFilePath); in CleanseCrashInput()
391 for (auto NewByte : ReplacementBytes) { in CleanseCrashInput()
394 auto ExitCode = ExecuteCommand(Cmd); in CleanseCrashInput()
411 int MinimizeCrashInput(const std::vector<std::string> &Args, in MinimizeCrashInput()
413 if (Inputs->size() != 1) { in MinimizeCrashInput()
414 Printf("ERROR: -minimize_crash should be given one input file\n"); in MinimizeCrashInput()
417 std::string InputFilePath = Inputs->at(0); in MinimizeCrashInput()
424 Printf("INFO: you need to specify -runs=N or " in MinimizeCrashInput()
425 "-max_total_time=N with -minimize_crash=1\n" in MinimizeCrashInput()
426 "INFO: defaulting to -max_total_time=600\n"); in MinimizeCrashInput()
432 std::string CurrentFilePath = InputFilePath; in MinimizeCrashInput()
442 std::string CmdOutput; in MinimizeCrashInput()
451 auto DedupToken1 = GetDedupTokenFromCmdOutput(CmdOutput); in MinimizeCrashInput()
455 std::string ArtifactPath = in MinimizeCrashInput()
458 : Options.ArtifactPrefix + "minimized-from-" + Hash(U); in MinimizeCrashInput()
474 auto DedupToken2 = GetDedupTokenFromCmdOutput(CmdOutput); in MinimizeCrashInput()
495 assert(Inputs->size() == 1); in MinimizeCrashInputInternalStep()
496 std::string InputFilePath = Inputs->at(0); in MinimizeCrashInputInternalStep()
503 F->SetMaxInputLen(U.size()); in MinimizeCrashInputInternalStep()
504 F->SetMaxMutationLen(U.size() - 1); in MinimizeCrashInputInternalStep()
505 F->MinimizeCrashLoop(U); in MinimizeCrashInputInternalStep()
511 const std::vector<std::string> &Args, in Merge()
512 const std::vector<std::string> &Corpora, const char *CFPathOrNull) { in Merge()
525 std::string CFPath = CFPathOrNull ? CFPathOrNull : TempPath("Merge", ".txt"); in Merge()
526 std::vector<std::string> NewFiles; in Merge()
530 for (auto &Path : NewFiles) in Merge()
531 F->WriteToOutputCorpus(FileToVector(Path, Options.MaxLen)); in Merge()
550 for (auto &C : Corpus) { in AnalyzeDictionary()
552 F->ExecuteCallback(C.data(), C.size()); in AnalyzeDictionary()
560 auto StartPos = std::search(Data.begin(), Data.end(), in AnalyzeDictionary()
569 auto EndPos = StartPos + Dict[i].size(); in AnalyzeDictionary()
570 for (auto It = StartPos; It != EndPos; ++It) in AnalyzeDictionary()
578 F->ExecuteCallback(Data.data(), Data.size()); in AnalyzeDictionary()
585 --Scores[i]; in AnalyzeDictionary()
605 std::vector<std::string> ParseSeedInuts(const char *seed_inputs) { in ParseSeedInuts()
606 // Parse -seed_inputs=file1,file2,... or -seed_inputs=@seed_inputs_file in ParseSeedInuts()
607 std::vector<std::string> Files; in ParseSeedInuts()
609 std::string SeedInputs; in ParseSeedInuts()
620 while ((comma_pos = SeedInputs.find_last_of(',')) != std::string::npos) { in ParseSeedInuts()
629 ReadCorpora(const std::vector<std::string> &CorpusDirs, in ReadCorpora()
630 const std::vector<std::string> &ExtraSeedFiles) { in ReadCorpora()
633 for (auto &Dir : CorpusDirs) { in ReadCorpora()
635 Printf("INFO: % 8zd files found in %s\n", SizedFiles.size() - LastNumFiles, in ReadCorpora()
639 for (auto &File : ExtraSeedFiles) in ReadCorpora()
640 if (auto Size = FileSize(File)) in ReadCorpora()
648 std::string Argv0((*argv)[0]); in FuzzerDriver()
650 if (EF->LLVMFuzzerInitialize) in FuzzerDriver()
651 EF->LLVMFuzzerInitialize(argc, argv); in FuzzerDriver()
652 if (EF->__msan_scoped_disable_interceptor_checks) in FuzzerDriver()
653 EF->__msan_scoped_disable_interceptor_checks(); in FuzzerDriver()
654 const std::vector<std::string> Args(*argv, *argv + *argc); in FuzzerDriver()
656 ProgName = new std::string(Args[0]); in FuzzerDriver()
716 if (!Inputs->empty() && !Flags.minimize_crash_internal_step) { in FuzzerDriver()
719 std::string OutputCorpusDir = (*Inputs)[0]; in FuzzerDriver()
732 std::string ArtifactPathDir = Options.ArtifactPrefix; in FuzzerDriver()
733 if (!IsSeparator(ArtifactPathDir[ArtifactPathDir.length() - 1])) { in FuzzerDriver()
814 auto *MD = new MutationDispatcher(Rand, Options); in FuzzerDriver()
815 auto *Corpus = new InputCorpus(Options.OutputCorpus, Entropic); in FuzzerDriver()
816 auto *F = new Fuzzer(Callback, *Corpus, *MD, Options); in FuzzerDriver()
818 for (auto &U: Dictionary) in FuzzerDriver()
820 MD->AddWordToManualDictionary(Word(U.data(), U.size())); in FuzzerDriver()
857 Printf("%s: Running %zd inputs %d time(s) each.\n", ProgName->c_str(), in FuzzerDriver()
858 Inputs->size(), Runs); in FuzzerDriver()
859 for (auto &Path : *Inputs) { in FuzzerDriver()
860 auto StartTime = system_clock::now(); in FuzzerDriver()
864 auto StopTime = system_clock::now(); in FuzzerDriver()
865 auto MS = duration_cast<milliseconds>(StopTime - StartTime).count(); in FuzzerDriver()
872 F->PrintFinalStats(); in FuzzerDriver()
878 FuzzWithFork(F->GetMD().GetRand(), Options, Args, *Inputs, Flags.fork); in FuzzerDriver()
886 F->SetMaxInputLen(kDefaultMaxMergeLen); in FuzzerDriver()
888 F->CrashResistantMergeInternalStep(Flags.merge_control_file, in FuzzerDriver()
896 for (auto &Inp : *Inputs) { in FuzzerDriver()
902 if (Dictionary.empty() || Inputs->empty()) { in FuzzerDriver()
914 auto CorporaFiles = ReadCorpora(*Inputs, ParseSeedInuts(Flags.seed_inputs)); in FuzzerDriver()
915 F->Loop(CorporaFiles); in FuzzerDriver()
918 Printf("Done %zd runs in %zd second(s)\n", F->getTotalNumberOfRuns(), in FuzzerDriver()
919 F->secondsSinceProcessStartUp()); in FuzzerDriver()
920 F->PrintFinalStats(); in FuzzerDriver()