Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/contrib/llvm-project/compiler-rt/lib/fuzzer/FuzzerCorpus.h
35262 views
1
//===- FuzzerCorpus.h - Internal header for the Fuzzer ----------*- C++ -* ===//

2
//

3
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.

4
// See https://llvm.org/LICENSE.txt for license information.

5
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception

6
//

7
//===----------------------------------------------------------------------===//

8
// fuzzer::InputCorpus

9
//===----------------------------------------------------------------------===//

10


11
#ifndef LLVM_FUZZER_CORPUS

12
#define LLVM_FUZZER_CORPUS

13


14
#include "FuzzerDataFlowTrace.h"

15
#include "FuzzerDefs.h"

16
#include "FuzzerIO.h"

17
#include "FuzzerRandom.h"

18
#include "FuzzerSHA1.h"

19
#include "FuzzerTracePC.h"

20
#include <algorithm>

21
#include <bitset>

22
#include <chrono>

23
#include <numeric>

24
#include <random>

25
#include <unordered_set>

26


27
namespace fuzzer {

28


29
struct InputInfo {

30
  Unit U;  // The actual input data.

31
  std::chrono::microseconds TimeOfUnit;

32
  uint8_t Sha1[kSHA1NumBytes];  // Checksum.

33
  // Number of features that this input has and no smaller input has.

34
  size_t NumFeatures = 0;

35
  size_t Tmp = 0; // Used by ValidateFeatureSet.

36
  // Stats.

37
  size_t NumExecutedMutations = 0;

38
  size_t NumSuccessfullMutations = 0;

39
  bool NeverReduce = false;

40
  bool MayDeleteFile = false;

41
  bool Reduced = false;

42
  bool HasFocusFunction = false;

43
  std::vector<uint32_t> UniqFeatureSet;

44
  std::vector<uint8_t> DataFlowTraceForFocusFunction;

45
  // Power schedule.

46
  bool NeedsEnergyUpdate = false;

47
  double Energy = 0.0;

48
  double SumIncidence = 0.0;

49
  std::vector<std::pair<uint32_t, uint16_t>> FeatureFreqs;

50


51
  // Delete feature Idx and its frequency from FeatureFreqs.

52
  bool DeleteFeatureFreq(uint32_t Idx) {

53
    if (FeatureFreqs.empty())

54
      return false;

55


56
    // Binary search over local feature frequencies sorted by index.

57
    auto Lower = std::lower_bound(FeatureFreqs.begin(), FeatureFreqs.end(),

58
                                  std::pair<uint32_t, uint16_t>(Idx, 0));

59


60
    if (Lower != FeatureFreqs.end() && Lower->first == Idx) {

61
      FeatureFreqs.erase(Lower);

62
      return true;

63
    }

64
    return false;

65
  }

66


67
  // Assign more energy to a high-entropy seed, i.e., that reveals more

68
  // information about the globally rare features in the neighborhood of the

69
  // seed. Since we do not know the entropy of a seed that has never been

70
  // executed we assign fresh seeds maximum entropy and let II->Energy approach

71
  // the true entropy from above. If ScalePerExecTime is true, the computed

72
  // entropy is scaled based on how fast this input executes compared to the

73
  // average execution time of inputs. The faster an input executes, the more

74
  // energy gets assigned to the input.

75
  void UpdateEnergy(size_t GlobalNumberOfFeatures, bool ScalePerExecTime,

76
                    std::chrono::microseconds AverageUnitExecutionTime) {

77
    Energy = 0.0;

78
    SumIncidence = 0.0;

79


80
    // Apply add-one smoothing to locally discovered features.

81
    for (const auto &F : FeatureFreqs) {

82
      double LocalIncidence = F.second + 1;

83
      Energy -= LocalIncidence * log(LocalIncidence);

84
      SumIncidence += LocalIncidence;

85
    }

86


87
    // Apply add-one smoothing to locally undiscovered features.

88
    //   PreciseEnergy -= 0; // since log(1.0) == 0)

89
    SumIncidence +=

90
        static_cast<double>(GlobalNumberOfFeatures - FeatureFreqs.size());

91


92
    // Add a single locally abundant feature apply add-one smoothing.

93
    double AbdIncidence = static_cast<double>(NumExecutedMutations + 1);

94
    Energy -= AbdIncidence * log(AbdIncidence);

95
    SumIncidence += AbdIncidence;

96


97
    // Normalize.

98
    if (SumIncidence != 0)

99
      Energy = Energy / SumIncidence + log(SumIncidence);

100


101
    if (ScalePerExecTime) {

102
      // Scaling to favor inputs with lower execution time.

103
      uint32_t PerfScore = 100;

104
      if (TimeOfUnit.count() > AverageUnitExecutionTime.count() * 10)

105
        PerfScore = 10;

106
      else if (TimeOfUnit.count() > AverageUnitExecutionTime.count() * 4)

107
        PerfScore = 25;

108
      else if (TimeOfUnit.count() > AverageUnitExecutionTime.count() * 2)

109
        PerfScore = 50;

110
      else if (TimeOfUnit.count() * 3 > AverageUnitExecutionTime.count() * 4)

111
        PerfScore = 75;

112
      else if (TimeOfUnit.count() * 4 < AverageUnitExecutionTime.count())

113
        PerfScore = 300;

114
      else if (TimeOfUnit.count() * 3 < AverageUnitExecutionTime.count())

115
        PerfScore = 200;

116
      else if (TimeOfUnit.count() * 2 < AverageUnitExecutionTime.count())

117
        PerfScore = 150;

118


119
      Energy *= PerfScore;

120
    }

121
  }

122


123
  // Increment the frequency of the feature Idx.

124
  void UpdateFeatureFrequency(uint32_t Idx) {

125
    NeedsEnergyUpdate = true;

126


127
    // The local feature frequencies is an ordered vector of pairs.

128
    // If there are no local feature frequencies, push_back preserves order.

129
    // Set the feature frequency for feature Idx32 to 1.

130
    if (FeatureFreqs.empty()) {

131
      FeatureFreqs.push_back(std::pair<uint32_t, uint16_t>(Idx, 1));

132
      return;

133
    }

134


135
    // Binary search over local feature frequencies sorted by index.

136
    auto Lower = std::lower_bound(FeatureFreqs.begin(), FeatureFreqs.end(),

137
                                  std::pair<uint32_t, uint16_t>(Idx, 0));

138


139
    // If feature Idx32 already exists, increment its frequency.

140
    // Otherwise, insert a new pair right after the next lower index.

141
    if (Lower != FeatureFreqs.end() && Lower->first == Idx) {

142
      Lower->second++;

143
    } else {

144
      FeatureFreqs.insert(Lower, std::pair<uint32_t, uint16_t>(Idx, 1));

145
    }

146
  }

147
};

148


149
struct EntropicOptions {

150
  bool Enabled;

151
  size_t NumberOfRarestFeatures;

152
  size_t FeatureFrequencyThreshold;

153
  bool ScalePerExecTime;

154
};

155


156
class InputCorpus {

157
  static const uint32_t kFeatureSetSize = 1 << 21;

158
  static const uint8_t kMaxMutationFactor = 20;

159
  static const size_t kSparseEnergyUpdates = 100;

160


161
  size_t NumExecutedMutations = 0;

162


163
  EntropicOptions Entropic;

164


165
public:

166
  InputCorpus(const std::string &OutputCorpus, EntropicOptions Entropic)

167
      : Entropic(Entropic), OutputCorpus(OutputCorpus) {

168
    memset(InputSizesPerFeature, 0, sizeof(InputSizesPerFeature));

169
    memset(SmallestElementPerFeature, 0, sizeof(SmallestElementPerFeature));

170
  }

171
  ~InputCorpus() {

172
    for (auto II : Inputs)

173
      delete II;

174
  }

175
  size_t size() const { return Inputs.size(); }

176
  size_t SizeInBytes() const {

177
    size_t Res = 0;

178
    for (auto II : Inputs)

179
      Res += II->U.size();

180
    return Res;

181
  }

182
  size_t NumActiveUnits() const {

183
    size_t Res = 0;

184
    for (auto II : Inputs)

185
      Res += !II->U.empty();

186
    return Res;

187
  }

188
  size_t MaxInputSize() const {

189
    size_t Res = 0;

190
    for (auto II : Inputs)

191
        Res = std::max(Res, II->U.size());

192
    return Res;

193
  }

194
  void IncrementNumExecutedMutations() { NumExecutedMutations++; }

195


196
  size_t NumInputsThatTouchFocusFunction() {

197
    return std::count_if(Inputs.begin(), Inputs.end(), [](const InputInfo *II) {

198
      return II->HasFocusFunction;

199
    });

200
  }

201


202
  size_t NumInputsWithDataFlowTrace() {

203
    return std::count_if(Inputs.begin(), Inputs.end(), [](const InputInfo *II) {

204
      return !II->DataFlowTraceForFocusFunction.empty();

205
    });

206
  }

207


208
  bool empty() const { return Inputs.empty(); }

209
  const Unit &operator[] (size_t Idx) const { return Inputs[Idx]->U; }

210
  InputInfo *AddToCorpus(const Unit &U, size_t NumFeatures, bool MayDeleteFile,

211
                         bool HasFocusFunction, bool NeverReduce,

212
                         std::chrono::microseconds TimeOfUnit,

213
                         const std::vector<uint32_t> &FeatureSet,

214
                         const DataFlowTrace &DFT, const InputInfo *BaseII) {

215
    assert(!U.empty());

216
    if (FeatureDebug)

217
      Printf("ADD_TO_CORPUS %zd NF %zd\n", Inputs.size(), NumFeatures);

218
    // Inputs.size() is cast to uint32_t below.

219
    assert(Inputs.size() < std::numeric_limits<uint32_t>::max());

220
    Inputs.push_back(new InputInfo());

221
    InputInfo &II = *Inputs.back();

222
    II.U = U;

223
    II.NumFeatures = NumFeatures;

224
    II.NeverReduce = NeverReduce;

225
    II.TimeOfUnit = TimeOfUnit;

226
    II.MayDeleteFile = MayDeleteFile;

227
    II.UniqFeatureSet = FeatureSet;

228
    II.HasFocusFunction = HasFocusFunction;

229
    // Assign maximal energy to the new seed.

230
    II.Energy = RareFeatures.empty() ? 1.0 : log(RareFeatures.size());

231
    II.SumIncidence = static_cast<double>(RareFeatures.size());

232
    II.NeedsEnergyUpdate = false;

233
    std::sort(II.UniqFeatureSet.begin(), II.UniqFeatureSet.end());

234
    ComputeSHA1(U.data(), U.size(), II.Sha1);

235
    auto Sha1Str = Sha1ToString(II.Sha1);

236
    Hashes.insert(Sha1Str);

237
    if (HasFocusFunction)

238
      if (auto V = DFT.Get(Sha1Str))

239
        II.DataFlowTraceForFocusFunction = *V;

240
    // This is a gross heuristic.

241
    // Ideally, when we add an element to a corpus we need to know its DFT.

242
    // But if we don't, we'll use the DFT of its base input.

243
    if (II.DataFlowTraceForFocusFunction.empty() && BaseII)

244
      II.DataFlowTraceForFocusFunction = BaseII->DataFlowTraceForFocusFunction;

245
    DistributionNeedsUpdate = true;

246
    PrintCorpus();

247
    // ValidateFeatureSet();

248
    return &II;

249
  }

250


251
  // Debug-only

252
  void PrintUnit(const Unit &U) {

253
    if (!FeatureDebug) return;

254
    for (uint8_t C : U) {

255
      if (C != 'F' && C != 'U' && C != 'Z')

256
        C = '.';

257
      Printf("%c", C);

258
    }

259
  }

260


261
  // Debug-only

262
  void PrintFeatureSet(const std::vector<uint32_t> &FeatureSet) {

263
    if (!FeatureDebug) return;

264
    Printf("{");

265
    for (uint32_t Feature: FeatureSet)

266
      Printf("%u,", Feature);

267
    Printf("}");

268
  }

269


270
  // Debug-only

271
  void PrintCorpus() {

272
    if (!FeatureDebug) return;

273
    Printf("======= CORPUS:\n");

274
    int i = 0;

275
    for (auto II : Inputs) {

276
      if (std::find(II->U.begin(), II->U.end(), 'F') != II->U.end()) {

277
        Printf("[%2d] ", i);

278
        Printf("%s sz=%zd ", Sha1ToString(II->Sha1).c_str(), II->U.size());

279
        PrintUnit(II->U);

280
        Printf(" ");

281
        PrintFeatureSet(II->UniqFeatureSet);

282
        Printf("\n");

283
      }

284
      i++;

285
    }

286
  }

287


288
  void Replace(InputInfo *II, const Unit &U,

289
               std::chrono::microseconds TimeOfUnit) {

290
    assert(II->U.size() > U.size());

291
    Hashes.erase(Sha1ToString(II->Sha1));

292
    DeleteFile(*II);

293
    ComputeSHA1(U.data(), U.size(), II->Sha1);

294
    Hashes.insert(Sha1ToString(II->Sha1));

295
    II->U = U;

296
    II->Reduced = true;

297
    II->TimeOfUnit = TimeOfUnit;

298
    DistributionNeedsUpdate = true;

299
  }

300


301
  bool HasUnit(const Unit &U) { return Hashes.count(Hash(U)); }

302
  bool HasUnit(const std::string &H) { return Hashes.count(H); }

303
  InputInfo &ChooseUnitToMutate(Random &Rand) {

304
    InputInfo &II = *Inputs[ChooseUnitIdxToMutate(Rand)];

305
    assert(!II.U.empty());

306
    return II;

307
  }

308


309
  InputInfo &ChooseUnitToCrossOverWith(Random &Rand, bool UniformDist) {

310
    if (!UniformDist) {

311
      return ChooseUnitToMutate(Rand);

312
    }

313
    InputInfo &II = *Inputs[Rand(Inputs.size())];

314
    assert(!II.U.empty());

315
    return II;

316
  }

317


318
  // Returns an index of random unit from the corpus to mutate.

319
  size_t ChooseUnitIdxToMutate(Random &Rand) {

320
    UpdateCorpusDistribution(Rand);

321
    size_t Idx = static_cast<size_t>(CorpusDistribution(Rand));

322
    assert(Idx < Inputs.size());

323
    return Idx;

324
  }

325


326
  void PrintStats() {

327
    for (size_t i = 0; i < Inputs.size(); i++) {

328
      const auto &II = *Inputs[i];

329
      Printf("  [% 3zd %s] sz: % 5zd runs: % 5zd succ: % 5zd focus: %d\n", i,

330
             Sha1ToString(II.Sha1).c_str(), II.U.size(),

331
             II.NumExecutedMutations, II.NumSuccessfullMutations,

332
             II.HasFocusFunction);

333
    }

334
  }

335


336
  void PrintFeatureSet() {

337
    for (size_t i = 0; i < kFeatureSetSize; i++) {

338
      if(size_t Sz = GetFeature(i))

339
        Printf("[%zd: id %zd sz%zd] ", i, SmallestElementPerFeature[i], Sz);

340
    }

341
    Printf("\n\t");

342
    for (size_t i = 0; i < Inputs.size(); i++)

343
      if (size_t N = Inputs[i]->NumFeatures)

344
        Printf(" %zd=>%zd ", i, N);

345
    Printf("\n");

346
  }

347


348
  void DeleteFile(const InputInfo &II) {

349
    if (!OutputCorpus.empty() && II.MayDeleteFile)

350
      RemoveFile(DirPlusFile(OutputCorpus, Sha1ToString(II.Sha1)));

351
  }

352


353
  void DeleteInput(size_t Idx) {

354
    InputInfo &II = *Inputs[Idx];

355
    DeleteFile(II);

356
    Unit().swap(II.U);

357
    II.Energy = 0.0;

358
    II.NeedsEnergyUpdate = false;

359
    DistributionNeedsUpdate = true;

360
    if (FeatureDebug)

361
      Printf("EVICTED %zd\n", Idx);

362
  }

363


364
  void AddRareFeature(uint32_t Idx) {

365
    // Maintain *at least* TopXRarestFeatures many rare features

366
    // and all features with a frequency below ConsideredRare.

367
    // Remove all other features.

368
    while (RareFeatures.size() > Entropic.NumberOfRarestFeatures &&

369
           FreqOfMostAbundantRareFeature > Entropic.FeatureFrequencyThreshold) {

370


371
      // Find most and second most abbundant feature.

372
      uint32_t MostAbundantRareFeatureIndices[2] = {RareFeatures[0],

373
                                                    RareFeatures[0]};

374
      size_t Delete = 0;

375
      for (size_t i = 0; i < RareFeatures.size(); i++) {

376
        uint32_t Idx2 = RareFeatures[i];

377
        if (GlobalFeatureFreqs[Idx2] >=

378
            GlobalFeatureFreqs[MostAbundantRareFeatureIndices[0]]) {

379
          MostAbundantRareFeatureIndices[1] = MostAbundantRareFeatureIndices[0];

380
          MostAbundantRareFeatureIndices[0] = Idx2;

381
          Delete = i;

382
        }

383
      }

384


385
      // Remove most abundant rare feature.

386
      IsRareFeature[Delete] = false;

387
      RareFeatures[Delete] = RareFeatures.back();

388
      RareFeatures.pop_back();

389


390
      for (auto II : Inputs) {

391
        if (II->DeleteFeatureFreq(MostAbundantRareFeatureIndices[0]))

392
          II->NeedsEnergyUpdate = true;

393
      }

394


395
      // Set 2nd most abundant as the new most abundant feature count.

396
      FreqOfMostAbundantRareFeature =

397
          GlobalFeatureFreqs[MostAbundantRareFeatureIndices[1]];

398
    }

399


400
    // Add rare feature, handle collisions, and update energy.

401
    RareFeatures.push_back(Idx);

402
    IsRareFeature[Idx] = true;

403
    GlobalFeatureFreqs[Idx] = 0;

404
    for (auto II : Inputs) {

405
      II->DeleteFeatureFreq(Idx);

406


407
      // Apply add-one smoothing to this locally undiscovered feature.

408
      // Zero energy seeds will never be fuzzed and remain zero energy.

409
      if (II->Energy > 0.0) {

410
        II->SumIncidence += 1;

411
        II->Energy += log(II->SumIncidence) / II->SumIncidence;

412
      }

413
    }

414


415
    DistributionNeedsUpdate = true;

416
  }

417


418
  bool AddFeature(size_t Idx, uint32_t NewSize, bool Shrink) {

419
    assert(NewSize);

420
    Idx = Idx % kFeatureSetSize;

421
    uint32_t OldSize = GetFeature(Idx);

422
    if (OldSize == 0 || (Shrink && OldSize > NewSize)) {

423
      if (OldSize > 0) {

424
        size_t OldIdx = SmallestElementPerFeature[Idx];

425
        InputInfo &II = *Inputs[OldIdx];

426
        assert(II.NumFeatures > 0);

427
        II.NumFeatures--;

428
        if (II.NumFeatures == 0)

429
          DeleteInput(OldIdx);

430
      } else {

431
        NumAddedFeatures++;

432
        if (Entropic.Enabled)

433
          AddRareFeature((uint32_t)Idx);

434
      }

435
      NumUpdatedFeatures++;

436
      if (FeatureDebug)

437
        Printf("ADD FEATURE %zd sz %d\n", Idx, NewSize);

438
      // Inputs.size() is guaranteed to be less than UINT32_MAX by AddToCorpus.

439
      SmallestElementPerFeature[Idx] = static_cast<uint32_t>(Inputs.size());

440
      InputSizesPerFeature[Idx] = NewSize;

441
      return true;

442
    }

443
    return false;

444
  }

445


446
  // Increment frequency of feature Idx globally and locally.

447
  void UpdateFeatureFrequency(InputInfo *II, size_t Idx) {

448
    uint32_t Idx32 = Idx % kFeatureSetSize;

449


450
    // Saturated increment.

451
    if (GlobalFeatureFreqs[Idx32] == 0xFFFF)

452
      return;

453
    uint16_t Freq = GlobalFeatureFreqs[Idx32]++;

454


455
    // Skip if abundant.

456
    if (Freq > FreqOfMostAbundantRareFeature || !IsRareFeature[Idx32])

457
      return;

458


459
    // Update global frequencies.

460
    if (Freq == FreqOfMostAbundantRareFeature)

461
      FreqOfMostAbundantRareFeature++;

462


463
    // Update local frequencies.

464
    if (II)

465
      II->UpdateFeatureFrequency(Idx32);

466
  }

467


468
  size_t NumFeatures() const { return NumAddedFeatures; }

469
  size_t NumFeatureUpdates() const { return NumUpdatedFeatures; }

470


471
private:

472


473
  static const bool FeatureDebug = false;

474


475
  uint32_t GetFeature(size_t Idx) const { return InputSizesPerFeature[Idx]; }

476


477
  void ValidateFeatureSet() {

478
    if (FeatureDebug)

479
      PrintFeatureSet();

480
    for (size_t Idx = 0; Idx < kFeatureSetSize; Idx++)

481
      if (GetFeature(Idx))

482
        Inputs[SmallestElementPerFeature[Idx]]->Tmp++;

483
    for (auto II: Inputs) {

484
      if (II->Tmp != II->NumFeatures)

485
        Printf("ZZZ %zd %zd\n", II->Tmp, II->NumFeatures);

486
      assert(II->Tmp == II->NumFeatures);

487
      II->Tmp = 0;

488
    }

489
  }

490


491
  // Updates the probability distribution for the units in the corpus.

492
  // Must be called whenever the corpus or unit weights are changed.

493
  //

494
  // Hypothesis: inputs that maximize information about globally rare features

495
  // are interesting.

496
  void UpdateCorpusDistribution(Random &Rand) {

497
    // Skip update if no seeds or rare features were added/deleted.

498
    // Sparse updates for local change of feature frequencies,

499
    // i.e., randomly do not skip.

500
    if (!DistributionNeedsUpdate &&

501
        (!Entropic.Enabled || Rand(kSparseEnergyUpdates)))

502
      return;

503


504
    DistributionNeedsUpdate = false;

505


506
    size_t N = Inputs.size();

507
    assert(N);

508
    Intervals.resize(N + 1);

509
    Weights.resize(N);

510
    std::iota(Intervals.begin(), Intervals.end(), 0);

511


512
    std::chrono::microseconds AverageUnitExecutionTime(0);

513
    for (auto II : Inputs) {

514
      AverageUnitExecutionTime += II->TimeOfUnit;

515
    }

516
    AverageUnitExecutionTime /= N;

517


518
    bool VanillaSchedule = true;

519
    if (Entropic.Enabled) {

520
      for (auto II : Inputs) {

521
        if (II->NeedsEnergyUpdate && II->Energy != 0.0) {

522
          II->NeedsEnergyUpdate = false;

523
          II->UpdateEnergy(RareFeatures.size(), Entropic.ScalePerExecTime,

524
                           AverageUnitExecutionTime);

525
        }

526
      }

527


528
      for (size_t i = 0; i < N; i++) {

529


530
        if (Inputs[i]->NumFeatures == 0) {

531
          // If the seed doesn't represent any features, assign zero energy.

532
          Weights[i] = 0.;

533
        } else if (Inputs[i]->NumExecutedMutations / kMaxMutationFactor >

534
                   NumExecutedMutations / Inputs.size()) {

535
          // If the seed was fuzzed a lot more than average, assign zero energy.

536
          Weights[i] = 0.;

537
        } else {

538
          // Otherwise, simply assign the computed energy.

539
          Weights[i] = Inputs[i]->Energy;

540
        }

541


542
        // If energy for all seeds is zero, fall back to vanilla schedule.

543
        if (Weights[i] > 0.0)

544
          VanillaSchedule = false;

545
      }

546
    }

547


548
    if (VanillaSchedule) {

549
      for (size_t i = 0; i < N; i++)

550
        Weights[i] =

551
            Inputs[i]->NumFeatures

552
                ? static_cast<double>((i + 1) *

553
                                      (Inputs[i]->HasFocusFunction ? 1000 : 1))

554
                : 0.;

555
    }

556


557
    if (FeatureDebug) {

558
      for (size_t i = 0; i < N; i++)

559
        Printf("%zd ", Inputs[i]->NumFeatures);

560
      Printf("SCORE\n");

561
      for (size_t i = 0; i < N; i++)

562
        Printf("%f ", Weights[i]);

563
      Printf("Weights\n");

564
    }

565
    CorpusDistribution = std::piecewise_constant_distribution<double>(

566
        Intervals.begin(), Intervals.end(), Weights.begin());

567
  }

568
  std::piecewise_constant_distribution<double> CorpusDistribution;

569


570
  std::vector<double> Intervals;

571
  std::vector<double> Weights;

572


573
  std::unordered_set<std::string> Hashes;

574
  std::vector<InputInfo *> Inputs;

575


576
  size_t NumAddedFeatures = 0;

577
  size_t NumUpdatedFeatures = 0;

578
  uint32_t InputSizesPerFeature[kFeatureSetSize];

579
  uint32_t SmallestElementPerFeature[kFeatureSetSize];

580


581
  bool DistributionNeedsUpdate = true;

582
  uint16_t FreqOfMostAbundantRareFeature = 0;

583
  uint16_t GlobalFeatureFreqs[kFeatureSetSize] = {};

584
  std::vector<uint32_t> RareFeatures;

585
  std::bitset<kFeatureSetSize> IsRareFeature;

586


587
  std::string OutputCorpus;

588
};

589


590
}  // namespace fuzzer

591


592
#endif  // LLVM_FUZZER_CORPUS

593


594