[llvm] r281016 - [libFuzzer] improve -print_pcs to not print new PCs coming from libFuzzer itself
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Thu Sep 8 19:38:29 PDT 2016
Author: kcc
Date: Thu Sep 8 21:38:28 2016
New Revision: 281016
URL: http://llvm.org/viewvc/llvm-project?rev=281016&view=rev
Log:
[libFuzzer] improve -print_pcs to not print new PCs coming from libFuzzer itself
Modified:
llvm/trunk/lib/Fuzzer/FuzzerInternal.h
llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=281016&r1=281015&r2=281016&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Thu Sep 8 21:38:28 2016
@@ -374,14 +374,12 @@ public:
PCMapBits = 0;
VPMap.Reset();
VPMapBits = 0;
- PcBufferPos = 0;
}
std::string DebugString() const;
size_t BlockCoverage;
size_t CallerCalleeCoverage;
- size_t PcBufferPos;
// Precalculated number of bits in CounterBitmap.
size_t CounterBitmapBits;
std::vector<uint8_t> CounterBitmap;
@@ -486,6 +484,7 @@ private:
void DeathCallback();
void ResetEdgeCoverage();
+ void ResetCounters();
void PrepareCounters(Fuzzer::Coverage *C);
bool RecordMaxCoverage(Fuzzer::Coverage *C);
@@ -518,7 +517,7 @@ private:
// For -print_pcs
uintptr_t* PcBuffer = nullptr;
size_t PcBufferLen = 0;
- size_t PrevPcBufferPos;
+ size_t PcBufferPos = 0, PrevPcBufferPos = 0;
// Need to know our own thread.
static thread_local bool IsMyThread;
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=281016&r1=281015&r2=281016&view=diff
==============================================================================
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Thu Sep 8 21:38:28 2016
@@ -57,6 +57,14 @@ void Fuzzer::ResetEdgeCoverage() {
EF->__sanitizer_reset_coverage();
}
+void Fuzzer::ResetCounters() {
+ if (Options.UseCounters) {
+ EF->__sanitizer_update_counter_bitset_and_clear_counters(0);
+ }
+ if (EF->__sanitizer_get_coverage_pc_buffer_pos)
+ PcBufferPos = EF->__sanitizer_get_coverage_pc_buffer_pos();
+}
+
void Fuzzer::PrepareCounters(Fuzzer::Coverage *C) {
if (Options.UseCounters) {
size_t NumCounters = EF->__sanitizer_get_number_of_counters();
@@ -109,9 +117,9 @@ bool Fuzzer::RecordMaxCoverage(Fuzzer::C
if (EF->__sanitizer_get_coverage_pc_buffer_pos) {
uint64_t NewPcBufferPos = EF->__sanitizer_get_coverage_pc_buffer_pos();
- if (NewPcBufferPos > C->PcBufferPos) {
+ if (NewPcBufferPos > PcBufferPos) {
Res = true;
- C->PcBufferPos = NewPcBufferPos;
+ PcBufferPos = NewPcBufferPos;
}
if (PcBufferLen && NewPcBufferPos >= PcBufferLen) {
@@ -417,7 +425,7 @@ void Fuzzer::ShuffleAndMinimize() {
}
bool Fuzzer::UpdateMaxCoverage() {
- PrevPcBufferPos = MaxCoverage.PcBufferPos;
+ PrevPcBufferPos = PcBufferPos;
bool Res = RecordMaxCoverage(&MaxCoverage);
return Res;
@@ -470,6 +478,7 @@ void Fuzzer::ExecuteCallback(const uint8
AssignTaintLabels(DataCopy, Size);
CurrentUnitSize = Size;
AllocTracer.Start();
+ ResetCounters(); // Reset coverage right before the callback.
int Res = CB(DataCopy, Size);
(void)Res;
HasMoreMallocsThanFrees = AllocTracer.Stop();
@@ -535,12 +544,15 @@ void Fuzzer::PrintStatusForNewUnit(const
}
void Fuzzer::PrintNewPCs() {
- if (Options.PrintNewCovPcs && PrevPcBufferPos != MaxCoverage.PcBufferPos) {
- for (size_t I = PrevPcBufferPos; I < MaxCoverage.PcBufferPos; ++I) {
+ if (Options.PrintNewCovPcs && PrevPcBufferPos != PcBufferPos) {
+ int NumPrinted = 0;
+ for (size_t I = PrevPcBufferPos; I < PcBufferPos; ++I) {
+ if (NumPrinted++ > 30) break; // Don't print too many new PCs.
if (EF->__sanitizer_symbolize_pc) {
char PcDescr[1024];
EF->__sanitizer_symbolize_pc(reinterpret_cast<void*>(PcBuffer[I]),
"%p %F %L", PcDescr, sizeof(PcDescr));
+ PcDescr[sizeof(PcDescr) - 1] = 0; // Just in case.
Printf("\tNEW_PC: %s\n", PcDescr);
} else {
Printf("\tNEW_PC: %p\n", PcBuffer[I]);
More information about the llvm-commits
mailing list