summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer/FuzzerTracePC.cpp
diff options
context:
space:
mode:
authorKostya Serebryany <kcc@google.com>2016-10-11 01:14:41 +0000
committerKostya Serebryany <kcc@google.com>2016-10-11 01:14:41 +0000
commitd19919a80e483b75e0c7a6d893688b3f008df6b4 (patch)
tree66aa064ea2c0852309e0cb34b100aedec5435095 /llvm/lib/Fuzzer/FuzzerTracePC.cpp
parent3e0e901a18d8170d0df91b0d067e965b7dc7a77c (diff)
downloadbcm5719-llvm-d19919a80e483b75e0c7a6d893688b3f008df6b4.tar.gz
bcm5719-llvm-d19919a80e483b75e0c7a6d893688b3f008df6b4.zip
[libFuzzer] implement value profile for switch, increase the size of the PCs array, make sure we don't overflow it
llvm-svn: 283841
Diffstat (limited to 'llvm/lib/Fuzzer/FuzzerTracePC.cpp')
-rw-r--r--llvm/lib/Fuzzer/FuzzerTracePC.cpp11
1 files changed, 8 insertions, 3 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerTracePC.cpp b/llvm/lib/Fuzzer/FuzzerTracePC.cpp
index aa5bd9b6087..3b3e1f294e4 100644
--- a/llvm/lib/Fuzzer/FuzzerTracePC.cpp
+++ b/llvm/lib/Fuzzer/FuzzerTracePC.cpp
@@ -27,10 +27,10 @@ void TracePC::HandleTrace(uint32_t *Guard, uintptr_t PC) {
uint8_t *CounterPtr = &Counters[Idx % kNumCounters];
uint8_t Counter = *CounterPtr;
if (Counter == 0) {
- if (!PCs[Idx]) {
+ if (!PCs[Idx % kNumPCs]) {
AddNewPCID(Idx);
TotalPCCoverage++;
- PCs[Idx] = PC;
+ PCs[Idx % kNumPCs] = PC;
}
}
if (UseCounters) {
@@ -227,7 +227,12 @@ void __sanitizer_cov_trace_cmp1(uint8_t Arg1, int8_t Arg2) {
__attribute__((visibility("default")))
void __sanitizer_cov_trace_switch(uint64_t Val, uint64_t *Cases) {
- // TODO(kcc): support value profile here.
+ uint64_t N = Cases[0];
+ uint64_t *Vals = Cases + 2;
+ char *PC = (char*)__builtin_return_address(0);
+ for (size_t i = 0; i < N; i++)
+ if (Val != Vals[i])
+ fuzzer::AddValueForCmp(PC + i, Val, Vals[i]);
}
__attribute__((visibility("default")))
OpenPOWER on IntegriCloud