[compiler-rt] 83251a2 - [libFuzzer] Fix incorrect coverage number in fork mode (#82335)

via llvm-commits llvm-commits at lists.llvm.org
Wed Jul 17 15:55:45 PDT 2024 

Author: Scallop Ye
Date: 2024-07-17T15:55:41-07:00
New Revision: 83251a22f623df8d27b6184d19b24c18d314f2bd

URL: https://github.com/llvm/llvm-project/commit/83251a22f623df8d27b6184d19b24c18d314f2bd
DIFF: https://github.com/llvm/llvm-project/commit/83251a22f623df8d27b6184d19b24c18d314f2bd.diff

LOG: [libFuzzer] Fix incorrect coverage number in fork mode (#82335)

Closes #82307.

I built LLVM with the changes and tested fuzzing in fork mode. The
coverage number was correct:
```
[ye at ye-arch ~]$ /home/ye/work/llvm-project/build/bin/clang++ -fsanitize=fuzzer test_fuzzer.cc
[ye at ye-arch ~]$ ./a.out corpus -fork=4
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3152497917
INFO: Loaded 1 modules   (40 inline 8-bit counters): 40 [0x5aa6f7b310d0, 0x5aa6f7b310f8), 
INFO: Loaded 1 PC tables (40 PCs): 40 [0x5aa6f7b310f8,0x5aa6f7b31378), 
INFO: -fork=4: fuzzing in separate process(s)
INFO: -fork=4: 56 seed inputs, starting to fuzz in /tmp/libFuzzerTemp.FuzzWithFork54465.dir
#600649: cov: 36 ft: 224 corp: 56 exec/s: 300324 oom/timeout/crash: 0/0/0 time: 2s job: 1 dft_time: 0
#1548208: cov: 36 ft: 224 corp: 56 exec/s: 315853 oom/timeout/crash: 0/0/0 time: 3s job: 2 dft_time: 0
#2465991: cov: 36 ft: 224 corp: 56 exec/s: 229445 oom/timeout/crash: 0/0/0 time: 4s job: 3 dft_time: 0
#3887877: cov: 36 ft: 224 corp: 56 exec/s: 284377 oom/timeout/crash: 0/0/0 time: 5s job: 4 dft_time: 0
```

Added: 
    

Modified: 
    compiler-rt/lib/fuzzer/FuzzerFork.cpp

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/fuzzer/FuzzerFork.cpp b/compiler-rt/lib/fuzzer/FuzzerFork.cpp
index c248a1d246a30..e544cd846e4db 100644
--- a/compiler-rt/lib/fuzzer/FuzzerFork.cpp
+++ b/compiler-rt/lib/fuzzer/FuzzerFork.cpp
@@ -349,7 +349,7 @@ void FuzzWithFork(Random &Rand, const FuzzingOptions &Options,
                         &NewFeatures, Env.Cov, &NewCov, CFPath,
                         /*Verbose=*/false, /*IsSetCoverMerge=*/false);
     Env.Features.insert(NewFeatures.begin(), NewFeatures.end());
-    Env.Cov.insert(NewFeatures.begin(), NewFeatures.end());
+    Env.Cov.insert(NewCov.begin(), NewCov.end());
     RemoveFile(CFPath);
   }

More information about the llvm-commits mailing list