/art/tools/dexfuzz/src/dexfuzz/program/ |
Mutation.java | 28 public MutatableCode mutatableCode; 37 public void setup(Class<? extends CodeMutator> mutatorClass, MutatableCode mutatableCode) { 39 this.mutatableCode = mutatableCode; 40 this.mutatableCodeIdx = mutatableCode.mutatableCodeIdx;
|
CodeTranslator.java | 38 * Translates from a CodeItem (the raw list of Instructions) to MutatableCode 44 * Given a raw DEX file's CodeItem, produce a MutatableCode object, that CodeMutators 47 * @return A new MutatableCode object, which contains all relevant information 50 public MutatableCode codeItemToMutatableCode(Program program, CodeItem codeItem, 53 + " (" + codeItem.meta.methodName + ") to MutatableCode"); 55 MutatableCode mutatableCode = new MutatableCode(program); 57 codeItem.registerMutatableCode(mutatableCode); 59 mutatableCode.name = codeItem.meta.methodName [all...] |
Program.java | 96 * The system responsible for translating from CodeItems to MutatableCode and vice-versa. 106 * A list of all the MutatableCode that the CodeTranslator produced from 109 private List<MutatableCode> mutatableCodes; 112 * A list of all MutatableCode items that were mutated when mutateTheProgram() 116 private List<MutatableCode> mutatedCodes; 190 mutatableCodes = new ArrayList<MutatableCode>(); 191 mutatedCodes = new ArrayList<MutatableCode>(); 399 private boolean mutateAMutatableCode(MutatableCode mutatableCode) { 402 Log.info("Attempting " + mutations + " mutations for method " + mutatableCode.name) [all...] |
/art/tools/dexfuzz/src/dexfuzz/program/mutators/ |
CodeMutator.java | 22 import dexfuzz.program.MutatableCode; 88 public boolean attemptToMutate(MutatableCode mutatableCode) { 89 if (shouldMutate(mutatableCode)) { 90 generateAndApplyMutation(mutatableCode); 112 private boolean shouldMutate(MutatableCode mutatableCode) { 113 return ((rng.nextInt(100) < likelihood) && canMutate(mutatableCode)); 116 private void generateAndApplyMutation(MutatableCode mutatableCode) { [all...] |
NewArrayLengthChanger.java | 22 import dexfuzz.program.MutatableCode; 71 private void generateCachedArrayLengthInsns(MutatableCode mutatableCode) { 78 for (MInsn mInsn : mutatableCode.getInstructions()) { 86 protected boolean canMutate(MutatableCode mutatableCode) { 87 for (MInsn mInsn : mutatableCode.getInstructions()) { 99 protected Mutation generateMutation(MutatableCode mutatableCode) { 100 generateCachedArrayLengthInsns(mutatableCode); [all...] |
InstructionDeleter.java | 23 import dexfuzz.program.MutatableCode; 65 protected boolean canMutate(MutatableCode mutatableCode) { 66 if (mutatableCode.getInstructionCount() < 4) { 76 protected Mutation generateMutation(MutatableCode mutatableCode) { 78 int insnIdx = rng.nextInt(mutatableCode.getInstructionCount()); 81 mutation.setup(this.getClass(), mutatableCode); 90 MutatableCode mutatableCode = mutation.mutatableCode [all...] |
RegisterClobber.java | 22 import dexfuzz.program.MutatableCode; 68 protected boolean canMutate(MutatableCode mutatableCode) { 69 return mutatableCode.registersSize > 0; 73 protected Mutation generateMutation(MutatableCode mutatableCode) { 74 int insertionIdx = rng.nextInt(mutatableCode.getInstructionCount()); 77 mutation.setup(this.getClass(), mutatableCode); 85 MutatableCode mutatableCode = mutation.mutatableCode [all...] |
BranchShifter.java | 23 import dexfuzz.program.MutatableCode; 75 private void generateCachedBranchInsns(MutatableCode mutatableCode) { 82 for (MInsn mInsn : mutatableCode.getInstructions()) { 90 protected boolean canMutate(MutatableCode mutatableCode) { 92 if (mutatableCode.getInstructionCount() == 1) { 96 for (MInsn mInsn : mutatableCode.getInstructions()) { 107 protected Mutation generateMutation(MutatableCode mutatableCode) { [all...] |
CmpBiasChanger.java | 22 import dexfuzz.program.MutatableCode; 71 private void generateCachedCmpBiasInsns(MutatableCode mutatableCode) { 78 for (MInsn mInsn : mutatableCode.getInstructions()) { 86 protected boolean canMutate(MutatableCode mutatableCode) { 87 for (MInsn mInsn : mutatableCode.getInstructions()) { 98 protected Mutation generateMutation(MutatableCode mutatableCode) { 99 generateCachedCmpBiasInsns(mutatableCode); [all...] |
ConstantValueChanger.java | 22 import dexfuzz.program.MutatableCode; 75 private void generateCachedConstInsns(MutatableCode mutatableCode) { 81 for (MInsn mInsn : mutatableCode.getInstructions()) { 89 protected boolean canMutate(MutatableCode mutatableCode) { 90 for (MInsn mInsn : mutatableCode.getInstructions()) { 101 protected Mutation generateMutation(MutatableCode mutatableCode) { 102 generateCachedConstInsns(mutatableCode); [all...] |
IfBranchChanger.java | 22 import dexfuzz.program.MutatableCode; 78 private void generateCachedifBranchInsns(MutatableCode mutatableCode) { 85 for (MInsn mInsn : mutatableCode.getInstructions()) { 93 protected boolean canMutate(MutatableCode mutatableCode) { 94 for (MInsn mInsn : mutatableCode.getInstructions()) { 105 protected Mutation generateMutation(MutatableCode mutatableCode) { 106 generateCachedifBranchInsns(mutatableCode); [all...] |
FieldFlagChanger.java | 22 import dexfuzz.program.MutatableCode; 78 private void generateCachedFieldInsns(MutatableCode mutatableCode) { 85 for (MInsn mInsn : mutatableCode.getInstructions()) { 86 if (isFileDefinedFieldInstruction(mInsn, mutatableCode)) { 93 protected boolean canMutate(MutatableCode mutatableCode) { 94 for (MInsn mInsn : mutatableCode.getInstructions()) { 95 if (isFileDefinedFieldInstruction(mInsn, mutatableCode)) { 105 protected Mutation generateMutation(MutatableCode mutatableCode) [all...] |
InstructionDuplicator.java | 22 import dexfuzz.program.MutatableCode; 65 protected Mutation generateMutation(MutatableCode mutatableCode) { 71 insnIdx = rng.nextInt(mutatableCode.getInstructionCount()); 72 MInsn oldInsn = mutatableCode.getInstructionAt(insnIdx); 83 mutation.setup(this.getClass(), mutatableCode); 92 MutatableCode mutatableCode = mutation.mutatableCode; 94 MInsn oldInsn = mutatableCode.getInstructionAt(mutation.insnToDuplicateIdx) [all...] |
InstructionSwapper.java | 22 import dexfuzz.program.MutatableCode; 69 protected boolean canMutate(MutatableCode mutatableCode) { 70 if (mutatableCode.getInstructionCount() == 1) { 79 protected Mutation generateMutation(MutatableCode mutatableCode) { 89 swapInsnIdx = rng.nextInt(mutatableCode.getInstructionCount()); 90 MInsn toBeSwapped = mutatableCode.getInstructionAt(swapInsnIdx); 112 } else if (swapWithInsnIdx >= mutatableCode.getInstructionCount()) { 118 if (mutatableCode.getInstructionAt(swapWithInsnIdx).insn.justRaw) [all...] |
ConversionRepeater.java | 22 import dexfuzz.program.MutatableCode; 71 private void generateCachedConversionInsns(MutatableCode mutatableCode) { 78 for (MInsn mInsn : mutatableCode.getInstructions()) { 86 protected boolean canMutate(MutatableCode mutatableCode) { 87 for (MInsn mInsn : mutatableCode.getInstructions()) { 98 protected Mutation generateMutation(MutatableCode mutatableCode) { 99 generateCachedConversionInsns(mutatableCode); [all...] |
InvokeChanger.java | 22 import dexfuzz.program.MutatableCode; 89 private void generateCachedinvokeCallInsns(MutatableCode mutatableCode) { 96 for (MInsn mInsn : mutatableCode.getInstructions()) { 104 protected boolean canMutate(MutatableCode mutatableCode) { 105 for (MInsn mInsn : mutatableCode.getInstructions()) { 116 protected Mutation generateMutation(MutatableCode mutatableCode) { 117 generateCachedinvokeCallInsns(mutatableCode); [all...] |
PoolIndexChanger.java | 22 import dexfuzz.program.MutatableCode; 76 private void generateCachedPoolIndexInsns(MutatableCode mutatableCode) { 82 for (MInsn mInsn : mutatableCode.getInstructions()) { 90 protected boolean canMutate(MutatableCode mutatableCode) { 94 for (MInsn mInsn : mutatableCode.getInstructions()) { 112 int numPoolIndices = mutatableCode.program.getTotalPoolIndicesByKind(kind); 127 protected Mutation generateMutation(MutatableCode mutatableCode) { [all...] |
SwitchBranchShifter.java | 23 import dexfuzz.program.MutatableCode; 78 private void generateCachedSwitchInsns(MutatableCode mutatableCode) { 85 for (MInsn mInsn : mutatableCode.getInstructions()) { 93 protected boolean canMutate(MutatableCode mutatableCode) { 94 for (MInsn mInsn : mutatableCode.getInstructions()) { 105 protected Mutation generateMutation(MutatableCode mutatableCode) { 106 generateCachedSwitchInsns(mutatableCode); [all...] |
VRegChanger.java | 22 import dexfuzz.program.MutatableCode; 78 private void generateCachedVRegInsns(MutatableCode mutatableCode) { 84 for (MInsn mInsn : mutatableCode.getInstructions()) { 92 protected boolean canMutate(MutatableCode mutatableCode) { 93 if (mutatableCode.registersSize < 2) { 98 for (MInsn mInsn : mutatableCode.getInstructions()) { 108 protected Mutation generateMutation(MutatableCode mutatableCode) { [all...] |
NewInstanceChanger.java | 22 import dexfuzz.program.MutatableCode; 82 private void generateCachedNewInstanceInsns(MutatableCode mutatableCode) { 89 for (MInsn mInsn : mutatableCode.getInstructions()) { 97 protected boolean canMutate(MutatableCode mutatableCode) { 99 if (mutatableCode.program.getTotalPoolIndicesByKind(PoolIndexKind.Type) < 2) { 104 for (MInsn mInsn : mutatableCode.getInstructions()) { 114 protected Mutation generateMutation(MutatableCode mutatableCode) { [all...] |
TryBlockShifter.java | 23 import dexfuzz.program.MutatableCode; 83 protected boolean canMutate(MutatableCode mutatableCode) { 84 if (mutatableCode.triesSize == 0) { 88 if (mutatableCode.getInstructionCount() <= 1) { 96 protected Mutation generateMutation(MutatableCode mutatableCode) { 98 int tryIdx = rng.nextInt(mutatableCode.triesSize); 99 MTryBlock tryBlock = mutatableCode.mutatableTries.get(tryIdx); 141 int oldInsnIdx = mutatableCode.getInstructionIndex(oldInsn) [all...] |
NewMethodCaller.java | 22 import dexfuzz.program.MutatableCode; 105 protected Mutation generateMutation(MutatableCode mutatableCode) { 111 insertionIdx = rng.nextInt(mutatableCode.getInstructionCount()); 113 mutatableCode.getInstructionAt(insertionIdx); 123 mutation.setup(this.getClass(), mutatableCode); 141 MutatableCode mutatableCode = mutation.mutatableCode; 167 int methodIdx = mutatableCode.program.getNewItemCreator( [all...] |
NonsenseStringPrinter.java | 22 import dexfuzz.program.MutatableCode; 71 protected Mutation generateMutation(MutatableCode mutatableCode) { 77 insertionIdx = rng.nextInt(mutatableCode.getInstructionCount()); 79 mutatableCode.getInstructionAt(insertionIdx); 89 mutation.setup(this.getClass(), mutatableCode); 99 MutatableCode mutatableCode = mutation.mutatableCode; 101 int outFieldIdx = mutatableCode.program.getNewItemCreator().findOrCreateFieldId [all...] |
ValuePrinter.java | 22 import dexfuzz.program.MutatableCode; 66 protected boolean canMutate(MutatableCode mutatableCode) { 67 for (MInsn mInsn : mutatableCode.getInstructions()) { 78 protected Mutation generateMutation(MutatableCode mutatableCode) { 84 printedOutputIdx = rng.nextInt(mutatableCode.getInstructionCount()); 86 mutatableCode.getInstructionAt(printedOutputIdx); 100 mutation.setup(this.getClass(), mutatableCode); 109 MutatableCode mutatableCode = mutation.mutatableCode [all...] |
/art/tools/dexfuzz/src/dexfuzz/rawdex/ |
CodeItem.java | 20 import dexfuzz.program.MutatableCode; 37 private MutatableCode mutatableCode; 121 public void registerMutatableCode(MutatableCode mutatableCode) { 122 this.mutatableCode = mutatableCode; 140 // If we have an associated MutatableCode, then it may have created some new insns 144 if (mutatableCode != null) { 145 insnsToIncrement = mutatableCode.requestLatestInstructions() [all...] |