diff options
| author | Kostya Serebryany <kcc@google.com> | 2016-10-05 22:56:21 +0000 |
|---|---|---|
| committer | Kostya Serebryany <kcc@google.com> | 2016-10-05 22:56:21 +0000 |
| commit | 1c73f1bf274edcadfcd4cc95f4adc89dff8cb5fb (patch) | |
| tree | e13ce2de9795de3e90c1ee88707281ae25572d5a /llvm/lib/Fuzzer/FuzzerLoop.cpp | |
| parent | ae34c56ee77ba6f9096dcec543d99d9ab87a6718 (diff) | |
| download | bcm5719-llvm-1c73f1bf274edcadfcd4cc95f4adc89dff8cb5fb.tar.gz bcm5719-llvm-1c73f1bf274edcadfcd4cc95f4adc89dff8cb5fb.zip | |
[libFuzzer] refactoring to make -shrink=1 work for value profile, added a test.
llvm-svn: 283409
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerLoop.cpp')
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerLoop.cpp | 55 |
1 files changed, 21 insertions, 34 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp index 35d68bce694..6c1f376d8ef 100644 --- a/llvm/lib/Fuzzer/FuzzerLoop.cpp +++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp @@ -299,18 +299,18 @@ void Fuzzer::PrintStats(const char *Where, const char *End, size_t Units) { Printf("#%zd\t%s", TotalNumberOfRuns, Where); if (MaxCoverage.BlockCoverage) Printf(" cov: %zd", MaxCoverage.BlockCoverage); + if (size_t N = MaxCoverage.VPMap.GetNumBitsSinceLastMerge()) + Printf(" vp: %zd", N); if (size_t N = TPC.GetTotalPCCoverage()) Printf(" cov: %zd", N); - if (MaxCoverage.VPMap.GetNumBitsSinceLastMerge()) - Printf(" vp: %zd", MaxCoverage.VPMap.GetNumBitsSinceLastMerge()); if (auto TB = MaxCoverage.CounterBitmapBits) Printf(" bits: %zd", TB); - if (auto TB = MaxCoverage.TPCMap.GetNumBitsSinceLastMerge()) - Printf(" bits: %zd", MaxCoverage.TPCMap.GetNumBitsSinceLastMerge()); + if (size_t N = Corpus.NumFeatures()) + Printf( " ft: %zd", N); if (MaxCoverage.CallerCalleeCoverage) Printf(" indir: %zd", MaxCoverage.CallerCalleeCoverage); if (size_t N = Corpus.size()) { - Printf(" corpus: %zd", Corpus.NumActiveUnits()); + Printf(" corp: %zd", Corpus.NumActiveUnits()); if (size_t N = Corpus.SizeInBytes()) { if (N < (1<<14)) Printf("/%zdb", N); @@ -392,8 +392,8 @@ void Fuzzer::RereadOutputCorpus(size_t MaxSize) { if (U.size() > MaxSize) U.resize(MaxSize); if (!Corpus.HasUnit(U)) { - if (RunOne(U)) { - Corpus.AddToCorpus(U); + if (size_t NumFeatures = RunOne(U)) { + Corpus.AddToCorpus(U, NumFeatures); PrintStats("RELOAD"); } } @@ -418,8 +418,8 @@ void Fuzzer::ShuffleAndMinimize(UnitVector *InitialCorpus) { ExecuteCallback(&dummy, 0); for (const auto &U : *InitialCorpus) { - if (RunOne(U)) { - Corpus.AddToCorpus(U); + if (size_t NumFeatures = RunOne(U)) { + Corpus.AddToCorpus(U, NumFeatures); if (Options.Verbosity >= 2) Printf("NEW0: %zd L %zd\n", MaxCoverage.BlockCoverage, U.size()); } @@ -434,27 +434,23 @@ void Fuzzer::ShuffleAndMinimize(UnitVector *InitialCorpus) { } } -bool Fuzzer::RunOne(const uint8_t *Data, size_t Size) { +size_t Fuzzer::RunOne(const uint8_t *Data, size_t Size) { + if (!Size) return 0; TotalNumberOfRuns++; ExecuteCallback(Data, Size); - bool Res = false; - if (TPC.FinalizeTrace(Size)) - if (Options.Shrink) - Res = true; - - if (!Res) { - if (TPC.UpdateCounterMap(&MaxCoverage.TPCMap)) - Res = true; + size_t Res = 0; + if (size_t NumFeatures = TPC.FinalizeTrace(&Corpus, Size, Options.Shrink)) + Res = NumFeatures; + if (!TPC.UsingTracePcGuard()) { if (TPC.UpdateValueProfileMap(&MaxCoverage.VPMap)) - Res = true; + Res = 1; + if (!Res && RecordMaxCoverage(&MaxCoverage)) + Res = 1; } - if (RecordMaxCoverage(&MaxCoverage)) - Res = true; - CheckExitOnSrcPos(); auto TimeOfUnit = duration_cast<seconds>(UnitStopTime - UnitStartTime).count(); @@ -500,16 +496,6 @@ void Fuzzer::ExecuteCallback(const uint8_t *Data, size_t Size) { delete[] DataCopy; } -std::string Fuzzer::Coverage::DebugString() const { - std::string Result = - std::string("Coverage{") + "BlockCoverage=" + - std::to_string(BlockCoverage) + " CallerCalleeCoverage=" + - std::to_string(CallerCalleeCoverage) + " CounterBitmapBits=" + - std::to_string(CounterBitmapBits) + " VPMapBits " + - std::to_string(VPMap.GetNumBitsSinceLastMerge()) + "}"; - return Result; -} - void Fuzzer::WriteToOutputCorpus(const Unit &U) { if (Options.OnlyASCII) assert(IsASCII(U)); @@ -694,8 +680,9 @@ void Fuzzer::MutateAndTestOne() { if (i == 0) StartTraceRecording(); II.NumExecutedMutations++; - if (RunOne(CurrentUnitData, Size)) { - Corpus.AddToCorpus({CurrentUnitData, CurrentUnitData + Size}); + if (size_t NumFeatures = RunOne(CurrentUnitData, Size)) { + Corpus.AddToCorpus({CurrentUnitData, CurrentUnitData + Size}, + NumFeatures); ReportNewCoverage(&II, {CurrentUnitData, CurrentUnitData + Size}); CheckExitOnItem(); } |
