- Timestamp:
- Mar 11, 2020 6:38:31 PM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Runtime/common/fuzz/fuzz.cpp
r82968 r83266 206 206 /** Parent mutation (no reference is held), NULL means root or original data. */ 207 207 PRTFUZZMUTATION pMutationParent; 208 /** Start offset where new mutations are allowed to start. */ 209 uint64_t offMutStartNew; 210 /** Size of the range in bytes where mutations are allowed to happen. */ 211 uint64_t cbMutNew; 208 212 /** Mutation level. */ 209 213 uint32_t iLvl; … … 302 306 /** Total number of bytes of memory currently allocated in total for this context. */ 303 307 volatile size_t cbMemTotal; 308 /** Start offset in the input where a mutation is allowed to happen. */ 309 uint64_t offMutStart; 310 /** size of the range where a mutation can happen. */ 311 uint64_t cbMutRange; 304 312 } RTFUZZCTXINT; 305 313 … … 784 792 785 793 /** 794 * Creates a new mutation capable of holding the additional number of bytes - extended version. 795 * 796 * @returns Pointer to the newly created mutation or NULL if out of memory. 797 * @param pThis The fuzzer context instance. 798 * @param offMutation The starting offset for the mutation. 799 * @param pMutationParent The parent mutation, can be NULL. 800 * @param offMuStartNew Offset where descendants of the created mutation can start to mutate. 801 * @param cbMutNew Range in bytes where descendants of the created mutation can mutate.c 802 * @param cbAdditional Additional number of bytes to allocate after the core structure. 803 * @param ppvMutation Where to store the pointer to the mutation dependent data on success. 804 */ 805 static PRTFUZZMUTATION rtFuzzMutationCreateEx(PRTFUZZCTXINT pThis, uint64_t offMutation, PRTFUZZMUTATION pMutationParent, 806 uint64_t offMutStartNew, uint64_t cbMutNew, size_t cbAdditional, void **ppvMutation) 807 { 808 PRTFUZZMUTATION pMutation = (PRTFUZZMUTATION)rtFuzzCtxMemoryAlloc(pThis, sizeof(RTFUZZMUTATION) + cbAdditional); 809 if (RT_LIKELY(pMutation)) 810 { 811 pMutation->u32Magic = 0; /** @todo */ 812 pMutation->pFuzzer = pThis; 813 pMutation->cRefs = 1; 814 pMutation->iLvl = 0; 815 pMutation->offMutation = offMutation; 816 pMutation->pMutationParent = pMutationParent; 817 pMutation->offMutStartNew = offMutStartNew; 818 pMutation->cbMutNew = cbMutNew; 819 pMutation->cbMutation = cbAdditional; 820 pMutation->fInTree = false; 821 pMutation->fCached = false; 822 pMutation->pvInput = NULL; 823 pMutation->cbInput = 0; 824 pMutation->cbAlloc = 0; 825 826 if (pMutationParent) 827 pMutation->iLvl = pMutationParent->iLvl + 1; 828 if (ppvMutation) 829 *ppvMutation = &pMutation->abMutation[0]; 830 } 831 832 return pMutation; 833 } 834 835 836 /** 786 837 * Creates a new mutation capable of holding the additional number of bytes. 787 838 * … … 793 844 * @param ppvMutation Where to store the pointer to the mutation dependent data on success. 794 845 */ 795 static PRTFUZZMUTATION rtFuzzMutationCreate(PRTFUZZCTXINT pThis, uint64_t offMutation, PRTFUZZMUTATION pMutationParent, 796 size_t cbAdditional, void **ppvMutation) 797 { 798 PRTFUZZMUTATION pMutation = (PRTFUZZMUTATION)rtFuzzCtxMemoryAlloc(pThis, sizeof(RTFUZZMUTATION) + cbAdditional); 799 if (RT_LIKELY(pMutation)) 800 { 801 pMutation->u32Magic = 0; /** @todo */ 802 pMutation->pFuzzer = pThis; 803 pMutation->cRefs = 1; 804 pMutation->iLvl = 0; 805 pMutation->offMutation = offMutation; 806 pMutation->pMutationParent = pMutationParent; 807 pMutation->cbMutation = cbAdditional; 808 pMutation->fInTree = false; 809 pMutation->fCached = false; 810 pMutation->pvInput = NULL; 811 pMutation->cbInput = 0; 812 pMutation->cbAlloc = 0; 813 814 if (pMutationParent) 815 pMutation->iLvl = pMutationParent->iLvl + 1; 816 if (ppvMutation) 817 *ppvMutation = &pMutation->abMutation[0]; 818 } 819 820 return pMutation; 846 DECLINLINE(PRTFUZZMUTATION) rtFuzzMutationCreate(PRTFUZZCTXINT pThis, uint64_t offMutation, PRTFUZZMUTATION pMutationParent, 847 size_t cbAdditional, void **ppvMutation) 848 { 849 uint64_t offMutNew = pMutationParent ? pMutationParent->offMutStartNew : pThis->offMutStart; 850 uint64_t cbMutNew = pMutationParent ? pMutationParent->cbMutNew : pThis->cbMutRange; 851 852 return rtFuzzMutationCreateEx(pThis, offMutation, pMutationParent, offMutNew, cbMutNew, cbAdditional, ppvMutation); 821 853 } 822 854 … … 1422 1454 pThis->cbMutationsAllocMax = _1G; 1423 1455 pThis->cbMemTotal = 0; 1456 pThis->offMutStart = 0; 1457 pThis->cbMutRange = UINT64_MAX; 1424 1458 RTListInit(&pThis->LstMutationsAlloc); 1425 1459 … … 1788 1822 AssertReturn(cbInput, VERR_INVALID_POINTER); 1789 1823 1824 return RTFuzzCtxCorpusInputAddEx(hFuzzCtx, pvInput, cbInput, pThis->offMutStart, pThis->cbMutRange); 1825 } 1826 1827 1828 RTDECL(int) RTFuzzCtxCorpusInputAddEx(RTFUZZCTX hFuzzCtx, const void *pvInput, size_t cbInput, 1829 uint64_t offMutStart, uint64_t cbMutRange) 1830 { 1831 PRTFUZZCTXINT pThis = hFuzzCtx; 1832 AssertPtrReturn(pThis, VERR_INVALID_POINTER); 1833 AssertPtrReturn(pvInput, VERR_INVALID_POINTER); 1834 AssertReturn(cbInput, VERR_INVALID_POINTER); 1835 1790 1836 int rc = VINF_SUCCESS; 1791 1837 void *pvCorpus = NULL; 1792 PRTFUZZMUTATION pMutation = rtFuzzMutationCreate(pThis, 0, NULL, cbInput, &pvCorpus); 1838 PRTFUZZMUTATION pMutation = rtFuzzMutationCreateEx(pThis, 0, NULL, offMutStart, cbMutRange, 1839 cbInput, &pvCorpus); 1793 1840 if (RT_LIKELY(pMutation)) 1794 1841 { … … 1814 1861 AssertPtrReturn(pszFilename, VERR_INVALID_POINTER); 1815 1862 1863 return RTFuzzCtxCorpusInputAddFromFileEx(hFuzzCtx, pszFilename, pThis->offMutStart, pThis->cbMutRange); 1864 } 1865 1866 1867 RTDECL(int) RTFuzzCtxCorpusInputAddFromFileEx(RTFUZZCTX hFuzzCtx, const char *pszFilename, 1868 uint64_t offMutStart, uint64_t cbMutRange) 1869 { 1870 PRTFUZZCTXINT pThis = hFuzzCtx; 1871 AssertPtrReturn(pThis, VERR_INVALID_POINTER); 1872 AssertPtrReturn(pszFilename, VERR_INVALID_POINTER); 1873 1816 1874 void *pv = NULL; 1817 1875 size_t cb = 0; … … 1819 1877 if (RT_SUCCESS(rc)) 1820 1878 { 1821 rc = RTFuzzCtxCorpusInputAdd (hFuzzCtx, pv, cb);1879 rc = RTFuzzCtxCorpusInputAddEx(hFuzzCtx, pv, cb, offMutStart, cbMutRange); 1822 1880 RTFileReadAllFree(pv, cb); 1823 1881 } … … 1828 1886 1829 1887 RTDECL(int) RTFuzzCtxCorpusInputAddFromVfsFile(RTFUZZCTX hFuzzCtx, RTVFSFILE hVfsFile) 1888 { 1889 PRTFUZZCTXINT pThis = hFuzzCtx; 1890 AssertPtrReturn(pThis, VERR_INVALID_HANDLE); 1891 AssertReturn(hVfsFile != NIL_RTVFSFILE, VERR_INVALID_HANDLE); 1892 1893 return RTFuzzCtxCorpusInputAddFromVfsFileEx(hFuzzCtx, hVfsFile, pThis->offMutStart, pThis->cbMutRange); 1894 } 1895 1896 1897 RTDECL(int) RTFuzzCtxCorpusInputAddFromVfsFileEx(RTFUZZCTX hFuzzCtx, RTVFSFILE hVfsFile, 1898 uint64_t offMutStart, uint64_t cbMutRange) 1830 1899 { 1831 1900 PRTFUZZCTXINT pThis = hFuzzCtx; … … 1838 1907 if (RT_SUCCESS(rc)) 1839 1908 { 1840 PRTFUZZMUTATION pMutation = rtFuzzMutationCreate(pThis, 0, NULL, cbFile, &pvCorpus); 1909 PRTFUZZMUTATION pMutation = rtFuzzMutationCreateEx(pThis, 0, NULL, offMutStart, cbMutRange, 1910 cbFile, &pvCorpus); 1841 1911 if (RT_LIKELY(pMutation)) 1842 1912 { … … 1851 1921 rtFuzzMutationDestroy(pMutation); 1852 1922 } 1923 else 1924 rc = VERR_NO_MEMORY; 1853 1925 } 1854 1926 … … 1967 2039 1968 2040 2041 RTDECL(int) RTFuzzCtxCfgSetMutationRange(RTFUZZCTX hFuzzCtx, uint64_t offStart, uint64_t cbRange) 2042 { 2043 PRTFUZZCTXINT pThis = hFuzzCtx; 2044 AssertPtrReturn(pThis, VERR_INVALID_POINTER); 2045 2046 pThis->offMutStart = offStart; 2047 pThis->cbMutRange = cbRange; 2048 return VINF_SUCCESS; 2049 } 2050 2051 1969 2052 RTDECL(int) RTFuzzCtxReseed(RTFUZZCTX hFuzzCtx, uint64_t uSeed) 1970 2053 { … … 1994 2077 uint64_t offStart = 0; 1995 2078 if (!(pMutator->fFlags & RTFUZZMUTATOR_F_END_OF_BUF)) 1996 offStart = RTRandAdvU64Ex(pThis->hRand, 0, pMutationParent->cbInput - 1); 2079 { 2080 uint64_t offMax = pMutationParent->cbInput - 1; 2081 if ( pMutation->cbMutNew != UINT64_MAX 2082 && pMutation->offMutStartNew + pMutation->cbMutNew < offMax) 2083 offMax = pMutation->offMutStartNew + pMutation->cbMutNew - 1; 2084 2085 offStart = RTRandAdvU64Ex(pThis->hRand, pMutation->offMutStartNew, offMax); 2086 } 1997 2087 else 1998 2088 offStart = pMutationParent->cbInput;
Note:
See TracChangeset
for help on using the changeset viewer.