fix rng seed
This commit is contained in:
parent
7f987b037d
commit
10b5fe8a74
@ -34,11 +34,13 @@ use libafl_qemu::{
|
|||||||
edges, edges::QemuEdgeCoverageHelper, elf::EasyElf, emu::Emulator, GuestPhysAddr, QemuExecutor,
|
edges, edges::QemuEdgeCoverageHelper, elf::EasyElf, emu::Emulator, GuestPhysAddr, QemuExecutor,
|
||||||
QemuHooks, Regs, QemuInstrumentationFilter, GuestAddr,
|
QemuHooks, Regs, QemuInstrumentationFilter, GuestAddr,
|
||||||
};
|
};
|
||||||
|
use rand::{SeedableRng, StdRng, Rng};
|
||||||
use crate::{
|
use crate::{
|
||||||
clock::{QemuClockObserver, ClockTimeFeedback, QemuClockIncreaseFeedback, IcHist},
|
clock::{QemuClockObserver, ClockTimeFeedback, QemuClockIncreaseFeedback, IcHist},
|
||||||
qemustate::QemuStateRestoreHelper,
|
qemustate::QemuStateRestoreHelper,
|
||||||
systemstate::{helpers::QemuSystemStateHelper, observers::QemuSystemStateObserver, feedbacks::{DumpSystraceFeedback, NovelSystemStateFeedback}, graph::{SysMapFeedback, SysGraphFeedbackState, GraphMaximizerCorpusScheduler}}, worst::{TimeMaximizerCorpusScheduler, ExecTimeIncFeedback, TimeStateMaximizerCorpusScheduler},
|
systemstate::{helpers::QemuSystemStateHelper, observers::QemuSystemStateObserver, feedbacks::{DumpSystraceFeedback, NovelSystemStateFeedback}, graph::{SysMapFeedback, SysGraphFeedbackState, GraphMaximizerCorpusScheduler}}, worst::{TimeMaximizerCorpusScheduler, ExecTimeIncFeedback, TimeStateMaximizerCorpusScheduler},
|
||||||
};
|
};
|
||||||
|
pub const RNG_SEED: u64 = 1;
|
||||||
|
|
||||||
pub const MAX_NUM_INTERRUPT: usize = 32;
|
pub const MAX_NUM_INTERRUPT: usize = 32;
|
||||||
pub const DO_NUM_INTERRUPT: usize = 32;
|
pub const DO_NUM_INTERRUPT: usize = 32;
|
||||||
@ -274,7 +276,7 @@ pub fn fuzz() {
|
|||||||
let mut state = state.unwrap_or_else(|| {
|
let mut state = state.unwrap_or_else(|| {
|
||||||
StdState::new(
|
StdState::new(
|
||||||
// RNG
|
// RNG
|
||||||
StdRand::with_seed(current_nanos()),
|
StdRand::with_seed(RNG_SEED),
|
||||||
// Corpus that will be evolved, we keep it in memory for performance
|
// Corpus that will be evolved, we keep it in memory for performance
|
||||||
InMemoryCorpus::new(),
|
InMemoryCorpus::new(),
|
||||||
// Corpus in which we store solutions (crashes in this example),
|
// Corpus in which we store solutions (crashes in this example),
|
||||||
@ -408,10 +410,11 @@ pub fn fuzz() {
|
|||||||
// let mut generator = RandBytesGenerator::new(MAX_INPUT_SIZE);
|
// let mut generator = RandBytesGenerator::new(MAX_INPUT_SIZE);
|
||||||
let target_duration = Duration::from_secs(num);
|
let target_duration = Duration::from_secs(num);
|
||||||
let start_time = std::time::Instant::now();
|
let start_time = std::time::Instant::now();
|
||||||
|
let mut rng = StdRng::seed_from_u64(RNG_SEED);
|
||||||
while start_time.elapsed() < target_duration {
|
while start_time.elapsed() < target_duration {
|
||||||
// let inp = generator.generate(&mut state).unwrap();
|
// let inp = generator.generate(&mut state).unwrap();
|
||||||
// libafl's generator is too slow
|
// libafl's generator is too slow
|
||||||
let inp = BytesInput::new(vec![rand::random::<u8>(); MAX_INPUT_SIZE]);
|
let inp = BytesInput::new(vec![rng.gen::<u8>(); MAX_INPUT_SIZE]);
|
||||||
fuzzer.evaluate_input(&mut state, &mut executor, &mut mgr, inp).unwrap();
|
fuzzer.evaluate_input(&mut state, &mut executor, &mut mgr, inp).unwrap();
|
||||||
}
|
}
|
||||||
}} else {
|
}} else {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user