[compiler-rt] r360385 - [libFuzzer] perform more agressive value profiling in memcmp
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Thu May 9 15:09:25 PDT 2019
Author: kcc
Date: Thu May 9 15:09:25 2019
New Revision: 360385
URL: http://llvm.org/viewvc/llvm-project?rev=360385&view=rev
Log:
[libFuzzer] perform more agressive value profiling in memcmp
Modified:
compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp
compiler-rt/trunk/test/fuzzer/SingleMemcmpTest.cpp
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp?rev=360385&r1=360384&r2=360385&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp Thu May 9 15:09:25 2019
@@ -369,11 +369,16 @@ void TracePC::AddValueForMemcmp(void *ca
Hash ^= (T << 8) | B2[i];
}
size_t I = 0;
- for (; I < Len; I++)
- if (B1[I] != B2[I] || (StopAtZero && B1[I] == 0))
+ uint8_t HammingDistance = 0;
+ for (; I < Len; I++) {
+ if (B1[I] != B2[I] || (StopAtZero && B1[I] == 0)) {
+ HammingDistance = Popcountll(B1[I] ^ B2[I]);
break;
+ }
+ }
size_t PC = reinterpret_cast<size_t>(caller_pc);
size_t Idx = (PC & 4095) | (I << 12);
+ Idx += HammingDistance;
ValueProfileMap.AddValue(Idx);
TORCW.Insert(Idx ^ Hash, Word(B1, Len), Word(B2, Len));
}
Modified: compiler-rt/trunk/test/fuzzer/SingleMemcmpTest.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/fuzzer/SingleMemcmpTest.cpp?rev=360385&r1=360384&r2=360385&view=diff
==============================================================================
--- compiler-rt/trunk/test/fuzzer/SingleMemcmpTest.cpp (original)
+++ compiler-rt/trunk/test/fuzzer/SingleMemcmpTest.cpp Thu May 9 15:09:25 2019
@@ -10,7 +10,8 @@
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
const char *S = (const char*)Data;
- if (Size >= 6 && !memcmp(S, "qwerty", 6)) {
+ const char *Needle = "Some long string";
+ if (Size >= strlen(Needle) && !memcmp(S, Needle, strlen(Needle))) {
fprintf(stderr, "BINGO\n");
exit(1);
}
More information about the llvm-commits
mailing list