forked from OSchip/llvm-project
Kostya Serebryany
parent
ceb71c2f43
commit
87a598e19f
|
|
@ -85,8 +85,7 @@ bool Fuzzer::RecordMaxCoverage(Fuzzer::Coverage *C) {
|
||||||
|
|
||||||
TPC.FinalizeTrace();
|
TPC.FinalizeTrace();
|
||||||
|
|
||||||
uint64_t NewBlockCoverage =
|
uint64_t NewBlockCoverage = EF->__sanitizer_get_total_unique_coverage();
|
||||||
EF->__sanitizer_get_total_unique_coverage() + TPC.GetTotalCoverage();
|
|
||||||
if (NewBlockCoverage > C->BlockCoverage) {
|
if (NewBlockCoverage > C->BlockCoverage) {
|
||||||
Res = true;
|
Res = true;
|
||||||
C->BlockCoverage = NewBlockCoverage;
|
C->BlockCoverage = NewBlockCoverage;
|
||||||
|
|
@ -163,6 +162,7 @@ Fuzzer::Fuzzer(UserCallback CB, InputCorpus &Corpus, MutationDispatcher &MD,
|
||||||
InitializeTraceState();
|
InitializeTraceState();
|
||||||
assert(!F);
|
assert(!F);
|
||||||
F = this;
|
F = this;
|
||||||
|
TPC.ResetTotalPCCoverage();
|
||||||
ResetCoverage();
|
ResetCoverage();
|
||||||
IsMyThread = true;
|
IsMyThread = true;
|
||||||
if (Options.DetectLeaks && EF->__sanitizer_install_malloc_and_free_hooks)
|
if (Options.DetectLeaks && EF->__sanitizer_install_malloc_and_free_hooks)
|
||||||
|
|
@ -327,6 +327,8 @@ void Fuzzer::PrintStats(const char *Where, const char *End) {
|
||||||
Printf("#%zd\t%s", TotalNumberOfRuns, Where);
|
Printf("#%zd\t%s", TotalNumberOfRuns, Where);
|
||||||
if (MaxCoverage.BlockCoverage)
|
if (MaxCoverage.BlockCoverage)
|
||||||
Printf(" cov: %zd", MaxCoverage.BlockCoverage);
|
Printf(" cov: %zd", MaxCoverage.BlockCoverage);
|
||||||
|
if (size_t N = TPC.GetTotalPCCoverage())
|
||||||
|
Printf(" cov: %zd", N);
|
||||||
if (MaxCoverage.VPMap.GetNumBitsSinceLastMerge())
|
if (MaxCoverage.VPMap.GetNumBitsSinceLastMerge())
|
||||||
Printf(" vp: %zd", MaxCoverage.VPMap.GetNumBitsSinceLastMerge());
|
Printf(" vp: %zd", MaxCoverage.VPMap.GetNumBitsSinceLastMerge());
|
||||||
if (auto TB = MaxCoverage.CounterBitmapBits)
|
if (auto TB = MaxCoverage.CounterBitmapBits)
|
||||||
|
|
|
||||||
|
|
@ -19,31 +19,22 @@
|
||||||
namespace fuzzer {
|
namespace fuzzer {
|
||||||
|
|
||||||
TracePC TPC;
|
TracePC TPC;
|
||||||
const size_t TracePC::kNumCounters;
|
|
||||||
const size_t TracePC::kNumPCs;
|
|
||||||
|
|
||||||
void TracePC::HandleTrace(uintptr_t *Guard, uintptr_t PC) {
|
void TracePC::HandleTrace(uintptr_t *Guard, uintptr_t PC) {
|
||||||
uintptr_t Idx = *Guard;
|
uintptr_t Idx = *Guard;
|
||||||
if (!Idx) return;
|
if (!Idx) return;
|
||||||
if (UseCounters) {
|
uint8_t Counter = Counters[Idx % kNumCounters];
|
||||||
uint8_t Counter = Counters[Idx % kNumCounters];
|
if (Counter == 0) {
|
||||||
if (Counter == 0) {
|
|
||||||
PCs[Idx] = PC;
|
|
||||||
if (TotalCoverageMap.AddValue(Idx)) {
|
|
||||||
TotalCoverage++;
|
|
||||||
AddNewPCID(Idx);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (Counter < 128)
|
|
||||||
Counters[Idx % kNumCounters] = Counter + 1;
|
|
||||||
else
|
|
||||||
*Guard = 0;
|
|
||||||
} else {
|
|
||||||
*Guard = 0;
|
|
||||||
TotalCoverage++;
|
|
||||||
AddNewPCID(Idx);
|
AddNewPCID(Idx);
|
||||||
PCs[Idx] = PC;
|
if (!PCs[Idx]) {
|
||||||
|
TotalPCCoverage++;
|
||||||
|
PCs[Idx] = PC;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
if (Counter < 128)
|
||||||
|
Counters[Idx % kNumCounters] = Counter + 1;
|
||||||
|
if (Counter >= 128 || !UseCounters)
|
||||||
|
*Guard = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
void TracePC::HandleInit(uintptr_t *Start, uintptr_t *Stop) {
|
void TracePC::HandleInit(uintptr_t *Start, uintptr_t *Stop) {
|
||||||
|
|
@ -72,8 +63,8 @@ void TracePC::ResetGuards() {
|
||||||
}
|
}
|
||||||
|
|
||||||
void TracePC::FinalizeTrace() {
|
void TracePC::FinalizeTrace() {
|
||||||
if (UseCounters && TotalCoverage) {
|
if (TotalPCCoverage) {
|
||||||
for (size_t Idx = 1, N = std::min(kNumCounters, NumGuards); Idx < N;
|
for (size_t Idx = 1, N = Min(kNumCounters, NumGuards); Idx < N;
|
||||||
Idx++) {
|
Idx++) {
|
||||||
uint8_t Counter = Counters[Idx];
|
uint8_t Counter = Counters[Idx];
|
||||||
if (!Counter) continue;
|
if (!Counter) continue;
|
||||||
|
|
@ -99,7 +90,7 @@ void TracePC::HandleCallerCallee(uintptr_t Caller, uintptr_t Callee) {
|
||||||
|
|
||||||
void TracePC::PrintCoverage() {
|
void TracePC::PrintCoverage() {
|
||||||
Printf("COVERAGE:\n");
|
Printf("COVERAGE:\n");
|
||||||
for (size_t i = 0; i < std::min(NumGuards, kNumPCs); i++) {
|
for (size_t i = 0; i < Min(NumGuards, kNumPCs); i++) {
|
||||||
if (PCs[i])
|
if (PCs[i])
|
||||||
PrintPC("COVERED: %p %F %L\n", "COVERED: %p\n", PCs[i]);
|
PrintPC("COVERED: %p %F %L\n", "COVERED: %p\n", PCs[i]);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -23,11 +23,12 @@ class TracePC {
|
||||||
void HandleInit(uintptr_t *start, uintptr_t *stop);
|
void HandleInit(uintptr_t *start, uintptr_t *stop);
|
||||||
void HandleCallerCallee(uintptr_t Caller, uintptr_t Callee);
|
void HandleCallerCallee(uintptr_t Caller, uintptr_t Callee);
|
||||||
void HandleValueProfile(size_t Value) { ValueProfileMap.AddValue(Value); }
|
void HandleValueProfile(size_t Value) { ValueProfileMap.AddValue(Value); }
|
||||||
size_t GetTotalCoverage() { return TotalCoverage; }
|
size_t GetTotalPCCoverage() { return TotalPCCoverage; }
|
||||||
|
void ResetTotalPCCoverage() { TotalPCCoverage = 0; }
|
||||||
void SetUseCounters(bool UC) { UseCounters = UC; }
|
void SetUseCounters(bool UC) { UseCounters = UC; }
|
||||||
void SetUseValueProfile(bool VP) { UseValueProfile = VP; }
|
void SetUseValueProfile(bool VP) { UseValueProfile = VP; }
|
||||||
bool UpdateCounterMap(ValueBitMap *MaxCounterMap) {
|
bool UpdateCounterMap(ValueBitMap *MaxCounterMap) {
|
||||||
return UseCounters && MaxCounterMap->MergeFrom(CounterMap);
|
return MaxCounterMap->MergeFrom(CounterMap);
|
||||||
}
|
}
|
||||||
bool UpdateValueProfileMap(ValueBitMap *MaxValueProfileMap) {
|
bool UpdateValueProfileMap(ValueBitMap *MaxValueProfileMap) {
|
||||||
return UseValueProfile && MaxValueProfileMap->MergeFrom(ValueProfileMap);
|
return UseValueProfile && MaxValueProfileMap->MergeFrom(ValueProfileMap);
|
||||||
|
|
@ -43,10 +44,8 @@ class TracePC {
|
||||||
uintptr_t GetPCbyPCID(uintptr_t PCID) { return PCs[PCID]; }
|
uintptr_t GetPCbyPCID(uintptr_t PCID) { return PCs[PCID]; }
|
||||||
|
|
||||||
void Reset() {
|
void Reset() {
|
||||||
TotalCoverage = 0;
|
|
||||||
NumNewPCIDs = 0;
|
NumNewPCIDs = 0;
|
||||||
CounterMap.Reset();
|
CounterMap.Reset();
|
||||||
TotalCoverageMap.Reset();
|
|
||||||
ResetGuards();
|
ResetGuards();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -57,7 +56,7 @@ class TracePC {
|
||||||
private:
|
private:
|
||||||
bool UseCounters = false;
|
bool UseCounters = false;
|
||||||
bool UseValueProfile = false;
|
bool UseValueProfile = false;
|
||||||
size_t TotalCoverage = 0;
|
size_t TotalPCCoverage = 0;
|
||||||
|
|
||||||
static const size_t kMaxNewPCIDs = 64;
|
static const size_t kMaxNewPCIDs = 64;
|
||||||
uintptr_t NewPCIDs[kMaxNewPCIDs];
|
uintptr_t NewPCIDs[kMaxNewPCIDs];
|
||||||
|
|
@ -84,7 +83,6 @@ private:
|
||||||
|
|
||||||
ValueBitMap CounterMap;
|
ValueBitMap CounterMap;
|
||||||
ValueBitMap ValueProfileMap;
|
ValueBitMap ValueProfileMap;
|
||||||
ValueBitMap TotalCoverageMap;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
extern TracePC TPC;
|
extern TracePC TPC;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue