[llvm] r284508 - [libFuzzer] reshuffle the code for -exit_on_src_pos and -exit_on_item

[Kostya Serebryany via llvm-commits]

Author: kcc
Date: Tue Oct 18 13:06:05 2016
New Revision: 284508

URL: http://llvm.org/viewvc/llvm-project?rev=284508&view=rev
Log:
[libFuzzer] reshuffle the code for -exit_on_src_pos and -exit_on_item

Modified:
    llvm/trunk/lib/Fuzzer/FuzzerInternal.h
    llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp

Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=284508&r1=284507&r2=284508&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Tue Oct 18 13:06:05 2016
@@ -119,8 +119,7 @@ private:
   void TryDetectingAMemoryLeak(const uint8_t *Data, size_t Size,
                                bool DuringInitialCorpusExecution);
   void AddToCorpus(const Unit &U);
-  void CheckExitOnSrcPos();
-  void CheckExitOnItem();
+  void CheckExitOnSrcPosOrItem();
 
   // Trace-based fuzzing: we run a unit with some kind of tracing
   // enabled and record potentially useful mutations. Then

Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=284508&r1=284507&r2=284508&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Tue Oct 18 13:06:05 2016
@@ -379,17 +379,7 @@ void Fuzzer::SetMaxMutationLen(size_t Ma
   this->MaxMutationLen = MaxMutationLen;
 }
 
-void Fuzzer::CheckExitOnItem() {
-  if (!Options.ExitOnItem.empty()) {
-    if (Corpus.HasUnit(Options.ExitOnItem)) {
-      Printf("INFO: found item with checksum '%s', exiting.\n",
-             Options.ExitOnItem.c_str());
-      _Exit(0);
-    }
-  }
-}
-
-void Fuzzer::CheckExitOnSrcPos() {
+void Fuzzer::CheckExitOnSrcPosOrItem() {
   if (!Options.ExitOnSrcPos.empty()) {
     uintptr_t *PCIDs;
     if (size_t NumNewPCIDs = TPC.GetNewPCIDs(&PCIDs)) {
@@ -403,6 +393,13 @@ void Fuzzer::CheckExitOnSrcPos() {
       }
     }
   }
+  if (!Options.ExitOnItem.empty()) {
+    if (Corpus.HasUnit(Options.ExitOnItem)) {
+      Printf("INFO: found item with checksum '%s', exiting.\n",
+             Options.ExitOnItem.c_str());
+      _Exit(0);
+    }
+  }
 }
 
 void Fuzzer::RereadOutputCorpus(size_t MaxSize) {
@@ -419,6 +416,7 @@ void Fuzzer::RereadOutputCorpus(size_t M
       U.resize(MaxSize);
     if (!Corpus.HasUnit(U)) {
       if (size_t NumFeatures = RunOne(U)) {
+        CheckExitOnSrcPosOrItem();
         Corpus.AddToCorpus(U, NumFeatures);
         Reloaded = true;
       }
@@ -447,6 +445,7 @@ void Fuzzer::ShuffleAndMinimize(UnitVect
 
   for (const auto &U : *InitialCorpus) {
     if (size_t NumFeatures = RunOne(U)) {
+      CheckExitOnSrcPosOrItem();
       Corpus.AddToCorpus(U, NumFeatures);
       if (Options.Verbosity >= 2)
         Printf("NEW0: %zd L %zd\n", MaxCoverage.BlockCoverage, U.size());
@@ -482,7 +481,6 @@ size_t Fuzzer::RunOne(const uint8_t *Dat
   if (Res && Options.UseCmp)
     TPC.ProcessTORC(MD.GetTraceCmpDictionary(), CurrentUnitData, Size);
 
-  CheckExitOnSrcPos();
   auto TimeOfUnit =
       duration_cast<seconds>(UnitStopTime - UnitStartTime).count();
   if (!(TotalNumberOfRuns & (TotalNumberOfRuns - 1)) &&
@@ -726,7 +724,7 @@ void Fuzzer::MutateAndTestOne() {
       Corpus.AddToCorpus({CurrentUnitData, CurrentUnitData + Size}, NumFeatures,
                          /*MayDeleteFile=*/true);
       ReportNewCoverage(&II, {CurrentUnitData, CurrentUnitData + Size});
-      CheckExitOnItem();
+      CheckExitOnSrcPosOrItem();
     }
     StopTraceRecording();
     TryDetectingAMemoryLeak(CurrentUnitData, Size,