diff options
author | Robert Swiecki <robert@swiecki.net> | 2019-04-01 15:28:38 +0200 |
---|---|---|
committer | Robert Swiecki <robert@swiecki.net> | 2019-04-01 15:28:38 +0200 |
commit | 3b34547a5538a6545cebde225cc910fc68b9cc42 (patch) | |
tree | 96a6be64038004cb75597168bb97605c0d5fb3a6 | |
parent | 71280828c2037a91dc20204cf6f9cfd014cb2963 (diff) | |
download | honggfuzz-3b34547a5538a6545cebde225cc910fc68b9cc42.tar.gz |
fuzz: add the _HF_STATE_DYNAMIC_SWITCH_TO_MAIN state
-rw-r--r-- | display.c | 8 | ||||
-rw-r--r-- | fuzz.c | 22 | ||||
-rw-r--r-- | honggfuzz.h | 3 |
3 files changed, 22 insertions, 11 deletions
@@ -175,10 +175,14 @@ static void display_displayLocked(honggfuzz_t* hfuzz) { display_put("\n Mode : " ESC_BOLD "Static" ESC_RESET "\n"); break; case _HF_STATE_DYNAMIC_DRY_RUN: - display_put("\n Mode [1/2] : " ESC_BOLD "Feedback Driven Dry Run" ESC_RESET "\n"); + display_put("\n Mode [1/3] : " ESC_BOLD "Feedback Driven Dry Run" ESC_RESET "\n"); + break; + case _HF_STATE_DYNAMIC_SWITCH_TO_MAIN: + display_put("\n Mode [2/3] : " ESC_BOLD + "Switching to the Feedback Driven Mode" ESC_RESET "\n"); break; case _HF_STATE_DYNAMIC_MAIN: - display_put("\n Mode [2/2] : " ESC_BOLD "Feedback Driven Mode" ESC_RESET "\n"); + display_put("\n Mode [3/3] : " ESC_BOLD "Feedback Driven Mode" ESC_RESET "\n"); break; default: display_put("\n Mode : " ESC_BOLD "Unknown" ESC_RESET "\n"); @@ -152,6 +152,9 @@ static void fuzz_setDynamicMainState(run_t* run) { return; } + LOG_I("Entering phase 2/3: Switching to the Dynamic Main"); + ATOMIC_SET(run->global->feedback.state, _HF_STATE_DYNAMIC_SWITCH_TO_MAIN); + for (;;) { /* Check if all threads have already reported in for changing state */ if (ATOMIC_GET(cnt) == run->global->threads.threadsMax) { @@ -163,7 +166,7 @@ static void fuzz_setDynamicMainState(run_t* run) { usleep(1000 * 10); /* Check every 10ms */ } - LOG_I("Entering phase 2/2: Dynamic Main"); + LOG_I("Entering phase 3/3: Dynamic Main"); snprintf(run->origFileName, sizeof(run->origFileName), "[DYNAMIC]"); ATOMIC_SET(run->global->feedback.state, _HF_STATE_DYNAMIC_MAIN); @@ -307,13 +310,16 @@ static bool fuzz_runVerifier(run_t* run) { } static bool fuzz_fetchInput(run_t* run) { - if (fuzz_getState(run->global) == _HF_STATE_DYNAMIC_DRY_RUN) { - run->mutationsPerRun = 0U; - if (input_prepareStaticFile(run, /* rewind= */ false)) { - return true; + { + fuzzState_t st = fuzz_getState(run->global); + if (st == _HF_STATE_DYNAMIC_DRY_RUN || st == _HF_STATE_DYNAMIC_SWITCH_TO_MAIN) { + run->mutationsPerRun = 0U; + if (input_prepareStaticFile(run, /* rewind= */ false)) { + return true; + } + fuzz_setDynamicMainState(run); + run->mutationsPerRun = run->global->mutate.mutationsPerRun; } - fuzz_setDynamicMainState(run); - run->mutationsPerRun = run->global->mutate.mutationsPerRun; } if (fuzz_getState(run->global) == _HF_STATE_DYNAMIC_MAIN) { @@ -527,7 +533,7 @@ void fuzz_threadsStart(honggfuzz_t* hfuzz) { LOG_I("Entering phase - Feedback Driven Mode (SocketFuzzer)"); hfuzz->feedback.state = _HF_STATE_DYNAMIC_MAIN; } else if (hfuzz->feedback.dynFileMethod != _HF_DYNFILE_NONE) { - LOG_I("Entering phase 1/2: Dry Run"); + LOG_I("Entering phase 1/3: Dry Run"); hfuzz->feedback.state = _HF_STATE_DYNAMIC_DRY_RUN; } else { LOG_I("Entering phase: Static"); diff --git a/honggfuzz.h b/honggfuzz.h index a6147c30..5847c036 100644 --- a/honggfuzz.h +++ b/honggfuzz.h @@ -149,7 +149,8 @@ typedef enum { _HF_STATE_UNSET = 0, _HF_STATE_STATIC = 1, _HF_STATE_DYNAMIC_DRY_RUN = 2, - _HF_STATE_DYNAMIC_MAIN = 3, + _HF_STATE_DYNAMIC_SWITCH_TO_MAIN = 3, + _HF_STATE_DYNAMIC_MAIN = 4, } fuzzState_t; struct dynfile_t { |