diff options
| author | Kostya Serebryany <kcc@google.com> | 2016-09-15 04:36:45 +0000 |
|---|---|---|
| committer | Kostya Serebryany <kcc@google.com> | 2016-09-15 04:36:45 +0000 |
| commit | 53501784879cffea4154fcd187adc185ab05d72f (patch) | |
| tree | 847c8968b470a8359b17f8e8d550d893a59aa827 /llvm/lib/Fuzzer/FuzzerLoop.cpp | |
| parent | 546d2a38205d86f451988ba5e489ce2e887bd932 (diff) | |
| download | bcm5719-llvm-53501784879cffea4154fcd187adc185ab05d72f.tar.gz bcm5719-llvm-53501784879cffea4154fcd187adc185ab05d72f.zip | |
[libFuzzer] implement print_pcs with trace-pc-guard. Change the trace-pc-guard heuristic for 8-bit counters to look more like in AFL (not that it's provable better, but the existin test preferes this heuristic)
llvm-svn: 281577
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerLoop.cpp')
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerLoop.cpp | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp index 54e748fb796..7cb1d4906a5 100644 --- a/llvm/lib/Fuzzer/FuzzerLoop.cpp +++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp @@ -63,6 +63,7 @@ void Fuzzer::ResetCounters() { } if (EF->__sanitizer_get_coverage_pc_buffer_pos) PcBufferPos = EF->__sanitizer_get_coverage_pc_buffer_pos(); + TPC.GetNewPCsAndFlush(); } void Fuzzer::PrepareCounters(Fuzzer::Coverage *C) { @@ -556,22 +557,31 @@ void Fuzzer::PrintStatusForNewUnit(const Unit &U) { } } +void Fuzzer::PrintOneNewPC(uintptr_t PC) { + if (EF->__sanitizer_symbolize_pc) { + char PcDescr[1024]; + EF->__sanitizer_symbolize_pc(reinterpret_cast<void*>(PC), + "%p %F %L", PcDescr, sizeof(PcDescr)); + PcDescr[sizeof(PcDescr) - 1] = 0; // Just in case. + Printf("\tNEW_PC: %s\n", PcDescr); + } else { + Printf("\tNEW_PC: %p\n", PC); + } +} + void Fuzzer::PrintNewPCs() { - if (Options.PrintNewCovPcs && PrevPcBufferPos != PcBufferPos) { + if (!Options.PrintNewCovPcs) return; + if (PrevPcBufferPos != PcBufferPos) { int NumPrinted = 0; for (size_t I = PrevPcBufferPos; I < PcBufferPos; ++I) { if (NumPrinted++ > 30) break; // Don't print too many new PCs. - if (EF->__sanitizer_symbolize_pc) { - char PcDescr[1024]; - EF->__sanitizer_symbolize_pc(reinterpret_cast<void*>(PcBuffer[I]), - "%p %F %L", PcDescr, sizeof(PcDescr)); - PcDescr[sizeof(PcDescr) - 1] = 0; // Just in case. - Printf("\tNEW_PC: %s\n", PcDescr); - } else { - Printf("\tNEW_PC: %p\n", PcBuffer[I]); - } + PrintOneNewPC(PcBuffer[I]); } } + uintptr_t *PCs; + if (size_t NumNewPCs = TPC.GetNewPCsAndFlush(&PCs)) + for (size_t i = 0; i < NumNewPCs; i++) + PrintOneNewPC(PCs[i]); } void Fuzzer::ReportNewCoverage(const Unit &U) { |
