/art/tools/dexfuzz/src/dexfuzz/program/mutators/ |
D | BranchShifter.java | 75 private void generateCachedBranchInsns(MutatableCode mutatableCode) { in generateCachedBranchInsns() argument 82 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedBranchInsns() 90 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 92 if (mutatableCode.getInstructionCount() == 1) { in canMutate() 96 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 107 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 108 generateCachedBranchInsns(mutatableCode); in generateMutation() 116 int oldTargetInsnIdx = mutatableCode.getInstructionIndex(oldTargetInsn); in generateMutation() 135 } else if (newTargetIdx >= mutatableCode.getInstructionCount()) { in generateMutation() 136 newTargetIdx = mutatableCode.getInstructionCount() - 1; in generateMutation() [all …]
|
D | InstructionDeleter.java | 65 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 66 if (mutatableCode.getInstructionCount() < 4) { in canMutate() 76 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 78 int insnIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 81 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 90 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 93 mutatableCode.getInstructionAt(mutation.insnToDeleteIdx); in applyMutation() 100 mutatableCode.deleteInstruction(mutation.insnToDeleteIdx); in applyMutation() 108 mutatableCode.deleteInstruction(dataInsn); in applyMutation() 119 for (MInsn mInsn : mutatableCode.getInstructions()) { in applyMutation() [all …]
|
D | NonsenseStringPrinter.java | 71 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 77 insertionIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 79 mutatableCode.getInstructionAt(insertionIdx); in generateMutation() 89 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 99 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 101 int outFieldIdx = mutatableCode.program.getNewItemCreator().findOrCreateFieldId( in applyMutation() 105 int printMethodIdx = mutatableCode.program.getNewItemCreator().findOrCreateMethodId( in applyMutation() 109 int nonsenseStringIdx = mutatableCode.program.getNewItemCreator().findOrCreateString( in applyMutation() 112 MInsn insertionPoint = mutatableCode.getInstructionAt(mutation.insertionIdx); in applyMutation() 114 mutatableCode.allocateTemporaryVRegs(2); in applyMutation() [all …]
|
D | InstructionSwapper.java | 69 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 70 if (mutatableCode.getInstructionCount() == 1) { in canMutate() 79 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 89 swapInsnIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 90 MInsn toBeSwapped = mutatableCode.getInstructionAt(swapInsnIdx); in generateMutation() 112 } else if (swapWithInsnIdx >= mutatableCode.getInstructionCount()) { in generateMutation() 118 if (mutatableCode.getInstructionAt(swapWithInsnIdx).insn.justRaw) { in generateMutation() 136 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 146 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 148 MInsn toBeSwapped = mutatableCode.getInstructionAt(mutation.swapInsnIdx); in applyMutation() [all …]
|
D | FieldFlagChanger.java | 78 private void generateCachedFieldInsns(MutatableCode mutatableCode) { in generateCachedFieldInsns() argument 85 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedFieldInsns() 86 if (isFileDefinedFieldInstruction(mInsn, mutatableCode)) { in generateCachedFieldInsns() 93 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 94 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 95 if (isFileDefinedFieldInstruction(mInsn, mutatableCode)) { in canMutate() 105 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 106 generateCachedFieldInsns(mutatableCode); in generateMutation() 113 EncodedField encodedField = mutatableCode.program.getEncodedField(fieldIdx); in generateMutation() 122 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local [all …]
|
D | SwitchBranchShifter.java | 78 private void generateCachedSwitchInsns(MutatableCode mutatableCode) { in generateCachedSwitchInsns() argument 85 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedSwitchInsns() 93 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 94 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 105 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 106 generateCachedSwitchInsns(mutatableCode); in generateMutation() 117 int oldTargetInsnIdx = mutatableCode.getInstructionIndex(oldTargetInsn); in generateMutation() 136 } else if (newTargetIdx >= mutatableCode.getInstructionCount()) { in generateMutation() 137 newTargetIdx = mutatableCode.getInstructionCount() - 1; in generateMutation() 142 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local [all …]
|
D | CodeMutator.java | 88 public boolean attemptToMutate(MutatableCode mutatableCode) { in attemptToMutate() argument 89 if (shouldMutate(mutatableCode)) { in attemptToMutate() 90 generateAndApplyMutation(mutatableCode); in attemptToMutate() 112 private boolean shouldMutate(MutatableCode mutatableCode) { in shouldMutate() argument 113 return ((rng.nextInt(100) < likelihood) && canMutate(mutatableCode)); in shouldMutate() 116 private void generateAndApplyMutation(MutatableCode mutatableCode) { in generateAndApplyMutation() argument 117 Mutation mutation = generateMutation(mutatableCode); in generateAndApplyMutation() 127 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 131 protected abstract Mutation generateMutation(MutatableCode mutatableCode); in generateMutation() argument
|
D | ConversionRepeater.java | 71 private void generateCachedConversionInsns(MutatableCode mutatableCode) { in generateCachedConversionInsns() argument 78 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedConversionInsns() 86 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 87 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 98 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 99 generateCachedConversionInsns(mutatableCode); in generateMutation() 102 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 111 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 113 generateCachedConversionInsns(mutatableCode); in applyMutation() 179 int originalInsnIdx = mutatableCode.getInstructionIndex(originalInsn); in applyMutation() [all …]
|
D | TryBlockShifter.java | 83 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 84 if (mutatableCode.triesSize > 0) { in canMutate() 93 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 95 int tryIdx = rng.nextInt(mutatableCode.triesSize); in generateMutation() 96 MTryBlock tryBlock = mutatableCode.mutatableTries.get(tryIdx); in generateMutation() 138 int oldInsnIdx = mutatableCode.getInstructionIndex(oldInsn); in generateMutation() 157 } else if (newInsnIdx >= mutatableCode.getInstructionCount()) { in generateMutation() 158 newInsnIdx = mutatableCode.getInstructionCount() - 1; in generateMutation() 163 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 177 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local [all …]
|
D | ValuePrinter.java | 66 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 67 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 78 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 84 printedOutputIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 86 mutatableCode.getInstructionAt(printedOutputIdx); in generateMutation() 100 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 109 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 112 mutatableCode.getInstructionAt(mutation.printedOutputIdx); in applyMutation() 114 int outFieldIdx = mutatableCode.program.getNewItemCreator().findOrCreateFieldId( in applyMutation() 125 int printMethodIdx = mutatableCode.program.getNewItemCreator().findOrCreateMethodId( in applyMutation() [all …]
|
D | InstructionDuplicator.java | 65 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 71 insnIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 72 MInsn oldInsn = mutatableCode.getInstructionAt(insnIdx); in generateMutation() 83 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 92 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 94 MInsn oldInsn = mutatableCode.getInstructionAt(mutation.insnToDuplicateIdx); in applyMutation() 102 mutatableCode.insertInstructionAt(newInsn, mutation.insnToDuplicateIdx); in applyMutation()
|
D | CmpBiasChanger.java | 71 private void generateCachedCmpBiasInsns(MutatableCode mutatableCode) { in generateCachedCmpBiasInsns() argument 78 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedCmpBiasInsns() 86 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 87 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 98 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 99 generateCachedCmpBiasInsns(mutatableCode); in generateMutation() 104 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 113 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 115 generateCachedCmpBiasInsns(mutatableCode); in applyMutation()
|
D | PoolIndexChanger.java | 76 private void generateCachedPoolIndexInsns(MutatableCode mutatableCode) { in generateCachedPoolIndexInsns() argument 82 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedPoolIndexInsns() 90 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 94 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 112 int numPoolIndices = mutatableCode.program.getTotalPoolIndicesByKind(kind); in canMutate() 127 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 128 generateCachedPoolIndexInsns(mutatableCode); in generateMutation() 154 maxPoolIndex = mutatableCode.program.getTotalPoolIndicesByKind(poolIndexKind); in generateMutation() 167 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 177 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local [all …]
|
D | VRegChanger.java | 78 private void generateCachedVRegInsns(MutatableCode mutatableCode) { in generateCachedVRegInsns() argument 84 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedVRegInsns() 92 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 93 if (mutatableCode.registersSize < 2) { in canMutate() 98 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 108 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 109 generateCachedVRegInsns(mutatableCode); in generateMutation() 141 newVregValue = rng.nextInt(mutatableCode.registersSize); in generateMutation() 145 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 156 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local [all …]
|
D | ConstantValueChanger.java | 75 private void generateCachedConstInsns(MutatableCode mutatableCode) { in generateCachedConstInsns() argument 81 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedConstInsns() 89 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 90 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 101 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 102 generateCachedConstInsns(mutatableCode); in generateMutation() 120 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 130 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 132 generateCachedConstInsns(mutatableCode); in applyMutation()
|
D | RandomInstructionGenerator.java | 109 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 115 insertionIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 117 mutatableCode.getInstructionAt(insertionIdx); in generateMutation() 151 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 165 int maxPoolIndex = mutatableCode.program.getTotalPoolIndicesByKind(poolIndexKind); in generateMutation() 172 if (mutatableCode.registersSize == 0) { in generateMutation() 173 mutatableCode.registersSize = 1; in generateMutation() 181 mutation.vregC = rng.nextInt(mutatableCode.registersSize); in generateMutation() 184 mutation.vregB = rng.nextInt(mutatableCode.registersSize); in generateMutation() 187 mutation.vregA = rng.nextInt(mutatableCode.registersSize); in generateMutation() [all …]
|
D | NewMethodCaller.java | 105 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 111 insertionIdx = rng.nextInt(mutatableCode.getInstructionCount()); in generateMutation() 113 mutatableCode.getInstructionAt(insertionIdx); in generateMutation() 123 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 141 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 167 int methodIdx = mutatableCode.program.getNewItemCreator() in applyMutation() 177 mutatableCode.getInstructionAt(mutation.insertionIdx); in applyMutation() 184 mutatableCode.insertInstructionAt(newInsn, mutation.insertionIdx); in applyMutation()
|
D | ArithOpChanger.java | 77 private void generateCachedArithmeticInsns(MutatableCode mutatableCode) { in generateCachedArithmeticInsns() argument 84 for (MInsn mInsn : mutatableCode.getInstructions()) { in generateCachedArithmeticInsns() 92 protected boolean canMutate(MutatableCode mutatableCode) { in canMutate() argument 93 for (MInsn mInsn : mutatableCode.getInstructions()) { in canMutate() 104 protected Mutation generateMutation(MutatableCode mutatableCode) { in generateMutation() argument 105 generateCachedArithmeticInsns(mutatableCode); in generateMutation() 120 mutation.setup(this.getClass(), mutatableCode); in generateMutation() local 130 MutatableCode mutatableCode = mutation.mutatableCode; in applyMutation() local 132 generateCachedArithmeticInsns(mutatableCode); in applyMutation()
|
/art/tools/dexfuzz/src/dexfuzz/program/ |
D | CodeTranslator.java | 55 MutatableCode mutatableCode = new MutatableCode(program); in codeItemToMutatableCode() local 57 codeItem.registerMutatableCode(mutatableCode); in codeItemToMutatableCode() 59 mutatableCode.name = codeItem.meta.methodName; in codeItemToMutatableCode() 60 mutatableCode.shorty = codeItem.meta.shorty; in codeItemToMutatableCode() 61 mutatableCode.isStatic = codeItem.meta.isStatic; in codeItemToMutatableCode() 63 mutatableCode.codeItemIdx = codeItemIdx; in codeItemToMutatableCode() 65 mutatableCode.mutatableCodeIdx = mutatableCodeIdx; in codeItemToMutatableCode() 67 mutatableCode.registersSize = codeItem.registersSize; in codeItemToMutatableCode() 68 mutatableCode.insSize = codeItem.insSize; in codeItemToMutatableCode() 69 mutatableCode.outsSize = codeItem.outsSize; in codeItemToMutatableCode() [all …]
|
D | Mutation.java | 28 public MutatableCode mutatableCode; field in Mutation 37 public void setup(Class<? extends CodeMutator> mutatorClass, MutatableCode mutatableCode) { in setup() argument 39 this.mutatableCode = mutatableCode; in setup() 40 this.mutatableCodeIdx = mutatableCode.mutatableCodeIdx; in setup()
|
D | Program.java | 386 private boolean mutateAMutatableCode(MutatableCode mutatableCode) { in mutateAMutatableCode() argument 389 Log.info("Attempting " + mutations + " mutations for method " + mutatableCode.name); in mutateAMutatableCode() 401 if (mutator.attemptToMutate(mutatableCode)) { in mutateAMutatableCode() 415 mutatedCodes.add(mutatableCode); in mutateAMutatableCode() 447 for (MutatableCode mutatableCode : mutatableCodes) { in mutateTheProgram() 448 if (mutatableCode == null) { in mutateTheProgram() 451 mutateAMutatableCode(mutatableCode); in mutateTheProgram() 459 MutatableCode mutatableCode = mutatableCodes.get(randomMethodIdx); in mutateTheProgram() local 460 if (mutatableCode == null) { in mutateTheProgram() 463 if (!mutatedCodes.contains(mutatableCode)) { in mutateTheProgram() [all …]
|
D | MutationSerializer.java | 87 mutation.mutatableCode = null; in readMutation()
|
/art/tools/dexfuzz/src/dexfuzz/rawdex/ |
D | CodeItem.java | 37 private MutatableCode mutatableCode; field in CodeItem 121 public void registerMutatableCode(MutatableCode mutatableCode) { in registerMutatableCode() argument 122 this.mutatableCode = mutatableCode; in registerMutatableCode() 144 if (mutatableCode != null) { in incrementIndex() 145 insnsToIncrement = mutatableCode.requestLatestInstructions(); in incrementIndex()
|