[llvm] r260829 - [libFuzzer] remove std::vector operations from hot paths, NFC
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Sat Feb 13 09:56:51 PST 2016
Author: kcc
Date: Sat Feb 13 11:56:51 2016
New Revision: 260829
URL: http://llvm.org/viewvc/llvm-project?rev=260829&view=rev
Log:
[libFuzzer] remove std::vector operations from hot paths, NFC
Modified:
llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
llvm/trunk/lib/Fuzzer/FuzzerInternal.h
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
llvm/trunk/lib/Fuzzer/FuzzerMutate.cpp
llvm/trunk/lib/Fuzzer/FuzzerUtil.cpp
Modified: llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp?rev=260829&r1=260828&r2=260829&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerDriver.cpp Sat Feb 13 11:56:51 2016
@@ -229,7 +229,7 @@ int RunOneTest(Fuzzer *F, const char *In
Unit U = FileToVector(InputFilePath);
Unit PreciseSizedU(U);
assert(PreciseSizedU.size() == PreciseSizedU.capacity());
- F->ExecuteCallback(PreciseSizedU);
+ F->ExecuteCallback(PreciseSizedU.data(), PreciseSizedU.size());
return 0;
}
Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=260829&r1=260828&r2=260829&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Sat Feb 13 11:56:51 2016
@@ -93,7 +93,7 @@ void ComputeSHA1(const uint8_t *Data, si
// Changes U to contain only ASCII (isprint+isspace) characters.
// Returns true iff U has been changed.
-bool ToASCII(Unit &U);
+bool ToASCII(uint8_t *Data, size_t Size);
bool IsASCII(const Unit &U);
int NumberOfCpuCores();
@@ -251,6 +251,7 @@ private:
std::vector<Mutator> CurrentMutatorSequence;
std::vector<DictionaryEntry *> CurrentDictionaryEntrySequence;
const std::vector<Unit> *Corpus = nullptr;
+ std::vector<uint8_t> MutateInPlaceHere;
static Mutator Mutators[];
};
@@ -318,7 +319,7 @@ public:
static void StaticAlarmCallback();
- void ExecuteCallback(const Unit &U);
+ void ExecuteCallback(const uint8_t *Data, size_t Size);
// Merge Corpora[1:] into Corpora[0].
void Merge(const std::vector<std::string> &Corpora);
@@ -328,8 +329,9 @@ private:
void AlarmCallback();
void MutateAndTestOne();
void ReportNewCoverage(const Unit &U);
- bool RunOne(const Unit &U);
- void RunOneAndUpdateCorpus(Unit &U);
+ bool RunOne(const uint8_t *Data, size_t Size);
+ bool RunOne(const Unit &U) { return RunOne(U.data(), U.size()); }
+ void RunOneAndUpdateCorpus(uint8_t *Data, size_t Size);
void WriteToOutputCorpus(const Unit &U);
void WriteUnitToFileWithPrefix(const Unit &U, const char *Prefix);
void PrintStats(const char *Where, const char *End = "\n");
@@ -376,6 +378,8 @@ private:
return Res;
}
+ std::vector<uint8_t> MutateInPlaceHere;
+
std::piecewise_constant_distribution<double> CorpusDistribution;
UserCallback CB;
MutationDispatcher &MD;
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=260829&r1=260828&r2=260829&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Sat Feb 13 11:56:51 2016
@@ -208,7 +208,7 @@ void Fuzzer::ShuffleAndMinimize() {
size_t Last = std::min(First + Options.MaxLen, C.size());
U.insert(U.begin(), C.begin() + First, C.begin() + Last);
if (Options.OnlyASCII)
- ToASCII(U);
+ ToASCII(U.data(), U.size());
if (RunOne(U)) {
NewCorpus.push_back(U);
if (Options.Verbosity >= 2)
@@ -223,12 +223,12 @@ void Fuzzer::ShuffleAndMinimize() {
PrintStats("INITED");
}
-bool Fuzzer::RunOne(const Unit &U) {
+bool Fuzzer::RunOne(const uint8_t *Data, size_t Size) {
UnitStartTime = system_clock::now();
TotalNumberOfRuns++;
PrepareCoverageBeforeRun();
- ExecuteCallback(U);
+ ExecuteCallback(Data, Size);
bool Res = CheckCoverageAfterRun();
auto UnitStopTime = system_clock::now();
@@ -241,29 +241,29 @@ bool Fuzzer::RunOne(const Unit &U) {
TimeOfUnit >= Options.ReportSlowUnits) {
TimeOfLongestUnitInSeconds = TimeOfUnit;
Printf("Slowest unit: %zd s:\n", TimeOfLongestUnitInSeconds);
- WriteUnitToFileWithPrefix(U, "slow-unit-");
+ WriteUnitToFileWithPrefix({Data, Data + Size}, "slow-unit-");
}
return Res;
}
-void Fuzzer::RunOneAndUpdateCorpus(Unit &U) {
+void Fuzzer::RunOneAndUpdateCorpus(uint8_t *Data, size_t Size) {
if (TotalNumberOfRuns >= Options.MaxNumberOfRuns)
return;
if (Options.OnlyASCII)
- ToASCII(U);
- if (RunOne(U))
- ReportNewCoverage(U);
+ ToASCII(Data, Size);
+ if (RunOne(Data, Size))
+ ReportNewCoverage({Data, Data + Size});
}
-void Fuzzer::ExecuteCallback(const Unit &U) {
+void Fuzzer::ExecuteCallback(const uint8_t *Data, size_t Size) {
// We copy the contents of Unit into a separate heap buffer
// so that we reliably find buffer overflows in it.
- std::unique_ptr<uint8_t[]> Data(new uint8_t[U.size()]);
- memcpy(Data.get(), U.data(), U.size());
- AssignTaintLabels(Data.get(), U.size());
- CurrentUnitData = Data.get();
- CurrentUnitSize = U.size();
- int Res = CB(Data.get(), U.size());
+ std::unique_ptr<uint8_t[]> DataCopy(new uint8_t[Size]);
+ memcpy(DataCopy.get(), Data, Size);
+ AssignTaintLabels(DataCopy.get(), Size);
+ CurrentUnitData = DataCopy.get();
+ CurrentUnitSize = Size;
+ int Res = CB(DataCopy.get(), Size);
(void)Res;
assert(Res == 0);
CurrentUnitData = nullptr;
@@ -411,24 +411,25 @@ void Fuzzer::Merge(const std::vector<std
void Fuzzer::MutateAndTestOne() {
MD.StartMutationSequence();
- auto U = ChooseUnitToMutate();
+ auto &U = ChooseUnitToMutate();
+ MutateInPlaceHere.resize(Options.MaxLen);
+ memcpy(MutateInPlaceHere.data(), U.data(), U.size());
+ size_t Size = U.size();
for (int i = 0; i < Options.MutateDepth; i++) {
- size_t Size = U.size();
- U.resize(Options.MaxLen);
size_t NewSize = 0;
if (LLVMFuzzerCustomMutator)
- NewSize = LLVMFuzzerCustomMutator(U.data(), Size, U.size(),
- MD.GetRand().Rand());
+ NewSize = LLVMFuzzerCustomMutator(MutateInPlaceHere.data(), Size,
+ Options.MaxLen, MD.GetRand().Rand());
else
- NewSize = MD.Mutate(U.data(), Size, U.size());
+ NewSize = MD.Mutate(MutateInPlaceHere.data(), Size, Options.MaxLen);
assert(NewSize > 0 && "Mutator returned empty unit");
assert(NewSize <= (size_t)Options.MaxLen &&
"Mutator return overisized unit");
- U.resize(NewSize);
+ Size = NewSize;
if (i == 0)
StartTraceRecording();
- RunOneAndUpdateCorpus(U);
+ RunOneAndUpdateCorpus(MutateInPlaceHere.data(), Size);
StopTraceRecording();
}
}
Modified: llvm/trunk/lib/Fuzzer/FuzzerMutate.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerMutate.cpp?rev=260829&r1=260828&r2=260829&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerMutate.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerMutate.cpp Sat Feb 13 11:56:51 2016
@@ -176,7 +176,8 @@ size_t MutationDispatcher::Mutate_CrossO
size_t Idx = Rand(Corpus->size());
const Unit &Other = (*Corpus)[Idx];
if (Other.empty()) return 0;
- Unit U(MaxSize);
+ MutateInPlaceHere.resize(MaxSize);
+ auto &U = MutateInPlaceHere;
size_t NewSize =
CrossOver(Data, Size, Other.data(), Other.size(), U.data(), U.size());
assert(NewSize > 0 && "CrossOver returned empty unit");
Modified: llvm/trunk/lib/Fuzzer/FuzzerUtil.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerUtil.cpp?rev=260829&r1=260828&r2=260829&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerUtil.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerUtil.cpp Sat Feb 13 11:56:51 2016
@@ -93,9 +93,10 @@ int ExecuteCommand(const std::string &Co
return system(Command.c_str());
}
-bool ToASCII(Unit &U) {
+bool ToASCII(uint8_t *Data, size_t Size) {
bool Changed = false;
- for (auto &X : U) {
+ for (size_t i = 0; i < Size; i++) {
+ uint8_t &X = Data[i];
auto NewX = X;
NewX &= 127;
if (!isspace(NewX) && !isprint(NewX))
More information about the llvm-commits
mailing list