skip unchanged interrupts
This commit is contained in:
parent
eb04325f09
commit
a3e38b6abb
@ -207,7 +207,8 @@ where
|
|||||||
.get(corpus_idx)?
|
.get(corpus_idx)?
|
||||||
.borrow_mut().clone();
|
.borrow_mut().clone();
|
||||||
let mut newinput = _input.input_mut().as_mut().unwrap().clone();
|
let mut newinput = _input.input_mut().as_mut().unwrap().clone();
|
||||||
let mut tmpinput = _input.input_mut().as_mut().unwrap().clone();
|
// let mut tmpinput = _input.input_mut().as_mut().unwrap().clone();
|
||||||
|
let mut do_rerun = false;
|
||||||
{
|
{
|
||||||
// need our own random generator, because borrowing rules
|
// need our own random generator, because borrowing rules
|
||||||
let mut myrand = StdRand::new();
|
let mut myrand = StdRand::new();
|
||||||
@ -230,11 +231,10 @@ where
|
|||||||
for j in 0 as usize..4 as usize {
|
for j in 0 as usize..4 as usize {
|
||||||
t[j]=target_bytes[i*4+j];
|
t[j]=target_bytes[i*4+j];
|
||||||
}
|
}
|
||||||
if i == 0 {
|
if i == 0 || true {
|
||||||
start_tick = u32::from_le_bytes(t);
|
start_tick = u32::from_le_bytes(t);
|
||||||
} else {
|
} else {
|
||||||
// start_tick = u32::saturating_add(start_tick,max(MINIMUM_INTER_ARRIVAL_TIME,u32::from_le_bytes(t)));
|
start_tick = u32::saturating_add(start_tick,max(MINIMUM_INTER_ARRIVAL_TIME,u32::from_le_bytes(t)));
|
||||||
start_tick = u32::from_le_bytes(t);
|
|
||||||
}
|
}
|
||||||
interrupt_offsets[i] = start_tick;
|
interrupt_offsets[i] = start_tick;
|
||||||
num_interrupts = i+1;
|
num_interrupts = i+1;
|
||||||
@ -243,7 +243,7 @@ where
|
|||||||
}
|
}
|
||||||
interrupt_offsets.sort();
|
interrupt_offsets.sort();
|
||||||
|
|
||||||
println!("Vor Mutator: {:?}", interrupt_offsets[0..num_interrupts].to_vec());
|
// println!("Vor Mutator: {:?}", interrupt_offsets[0..num_interrupts].to_vec());
|
||||||
// let num_i = min(target_bytes.len() / 4, DO_NUM_INTERRUPT);
|
// let num_i = min(target_bytes.len() / 4, DO_NUM_INTERRUPT);
|
||||||
let mut suffix = target_bytes.split_off(4 * num_interrupts);
|
let mut suffix = target_bytes.split_off(4 * num_interrupts);
|
||||||
let mut prefix : Vec<[u8; 4]> = vec![];
|
let mut prefix : Vec<[u8; 4]> = vec![];
|
||||||
@ -262,10 +262,10 @@ where
|
|||||||
let m = interrupt_offsets[0..num_interrupts].iter().any(|x| (curr.start_tick..curr.end_tick).contains(&(*x as u64)));
|
let m = interrupt_offsets[0..num_interrupts].iter().any(|x| (curr.start_tick..curr.end_tick).contains(&(*x as u64)));
|
||||||
if m {
|
if m {
|
||||||
marks.push((curr, i, 1));
|
marks.push((curr, i, 1));
|
||||||
println!("1: {}",curr.current_task.task_name);
|
// println!("1: {}",curr.current_task.task_name);
|
||||||
} else if last_m {
|
} else if last_m {
|
||||||
marks.push((curr, i, 2));
|
marks.push((curr, i, 2));
|
||||||
println!("2: {}",curr.current_task.task_name);
|
// println!("2: {}",curr.current_task.task_name);
|
||||||
} else {
|
} else {
|
||||||
marks.push((curr, i, 0));
|
marks.push((curr, i, 0));
|
||||||
}
|
}
|
||||||
@ -293,6 +293,7 @@ where
|
|||||||
};
|
};
|
||||||
// find reachable alternatives
|
// find reachable alternatives
|
||||||
let alternatives : Vec<_> = marks.iter().filter(|x|
|
let alternatives : Vec<_> = marks.iter().filter(|x|
|
||||||
|
x.2 != 2 &&
|
||||||
(
|
(
|
||||||
x.0.start_tick < (lb as u64) && (lb as u64) < x.0.end_tick
|
x.0.start_tick < (lb as u64) && (lb as u64) < x.0.end_tick
|
||||||
|| x.0.start_tick < (ub as u64) && (ub as u64) < x.0.end_tick )
|
|| x.0.start_tick < (ub as u64) && (ub as u64) < x.0.end_tick )
|
||||||
@ -308,18 +309,19 @@ where
|
|||||||
let choice = myrand.choose(untouched);
|
let choice = myrand.choose(untouched);
|
||||||
interrupt_offsets[i] = myrand.between(choice.0.start_tick, choice.0.end_tick)
|
interrupt_offsets[i] = myrand.between(choice.0.start_tick, choice.0.end_tick)
|
||||||
.try_into().expect("tick > u32");
|
.try_into().expect("tick > u32");
|
||||||
println!("no alternatives, choose random i: {} {} -> {}",i,tmp,interrupt_offsets[i]);
|
do_rerun = true;
|
||||||
|
// println!("no alternatives, choose random i: {} {} -> {}",i,tmp,interrupt_offsets[i]);
|
||||||
continue;
|
continue;
|
||||||
} else {
|
} else {
|
||||||
// do nothing
|
// do nothing
|
||||||
println!("no alternatives, do nothing i: {} {}",i,interrupt_offsets[i]);
|
// println!("no alternatives, do nothing i: {} {}",i,interrupt_offsets[i]);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
let replacement = myrand.choose(alternatives);
|
let replacement = myrand.choose(alternatives);
|
||||||
if (old_hit.map_or(false, |x| x == replacement)) {
|
if (old_hit.map_or(false, |x| x == replacement)) {
|
||||||
// use the old value
|
// use the old value
|
||||||
println!("chose old value, do nothing i: {} {}",i,interrupt_offsets[i]);
|
// println!("chose old value, do nothing i: {} {}",i,interrupt_offsets[i]);
|
||||||
continue;
|
continue;
|
||||||
} else {
|
} else {
|
||||||
let extra = if (old_hit.map_or(false, |x| x.1 < replacement.1)) {
|
let extra = if (old_hit.map_or(false, |x| x.1 < replacement.1)) {
|
||||||
@ -329,12 +331,13 @@ where
|
|||||||
let tmp = interrupt_offsets[i];
|
let tmp = interrupt_offsets[i];
|
||||||
interrupt_offsets[i] = (myrand.between(replacement.0.start_tick,
|
interrupt_offsets[i] = (myrand.between(replacement.0.start_tick,
|
||||||
replacement.0.end_tick) + extra).try_into().expect("ticks > u32");
|
replacement.0.end_tick) + extra).try_into().expect("ticks > u32");
|
||||||
println!("chose new alternative, i: {} {} -> {}",i,tmp, interrupt_offsets[i]);
|
// println!("chose new alternative, i: {} {} -> {}",i,tmp, interrupt_offsets[i]);
|
||||||
|
do_rerun = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
let mut numbers : Vec<u32> = interrupt_offsets[0..num_interrupts].to_vec();
|
let mut numbers : Vec<u32> = interrupt_offsets[0..num_interrupts].to_vec();
|
||||||
numbers.sort();
|
numbers.sort();
|
||||||
println!("Mutator: {:?}", numbers);
|
// println!("Mutator: {:?}", numbers);
|
||||||
let mut start : u32 = 0;
|
let mut start : u32 = 0;
|
||||||
// for i in 0..numbers.len() {
|
// for i in 0..numbers.len() {
|
||||||
// let tmp = numbers[i];
|
// let tmp = numbers[i];
|
||||||
@ -353,7 +356,9 @@ where
|
|||||||
newinput.bytes_mut().append(&mut n);
|
newinput.bytes_mut().append(&mut n);
|
||||||
}
|
}
|
||||||
// InterruptShifterMutator::mutate(&mut mymut, state, &mut input, 0)?;
|
// InterruptShifterMutator::mutate(&mut mymut, state, &mut input, 0)?;
|
||||||
|
if do_rerun {
|
||||||
let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, newinput)?;
|
let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, newinput)?;
|
||||||
|
}
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user