Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromium / llvm-project / compiler-rt / lib / fuzzer / 98a8624429907ab017bc8c00178ece606f578b32^! / . / FuzzerMerge.cpp
commit98a8624429907ab017bc8c00178ece606f578b32[log] [tgz]
authorkcc <kcc>Fri Feb 15 00:08:16 2019 +0000
committerkcc <kcc>Fri Feb 15 00:08:16 2019 +0000
treef82a0089681a48d0e3808e32a21fdeae7cc9b1ad
parent001e5f7e11e057e7342995d7cd594a0cda3928a5 [diff] [blame]
[libFuzzer] when doing the merge, keep track of the coveraged edges, not just features

git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/fuzzer@354087 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/FuzzerMerge.cpp b/FuzzerMerge.cpp
index 55e5c9a..549d180 100644
--- a/FuzzerMerge.cpp
+++ b/FuzzerMerge.cpp

@@ -77,7 +77,7 @@
   const size_t kInvalidStartMarker = -1;
   size_t LastSeenStartMarker = kInvalidStartMarker;
   Vector<uint32_t> TmpFeatures;
-  Set<uintptr_t> PCs;
+  Set<uint32_t> PCs;
   while (std::getline(IS, Line, '\n')) {
     std::istringstream ISS1(Line);
     std::string Marker;
@@ -106,10 +106,11 @@
         Files[CurrentFileIdx].Features = TmpFeatures;
       }
     } else if (Marker == "COV") {
+      size_t CurrentFileIdx = N;
       if (ParseCoverage)
         while (ISS1 >> std::hex >> N)
           if (PCs.insert(N).second)
-            NumCoveredPCs++;
+            Files[CurrentFileIdx].Cov.push_back(N);
     } else {
       return false;
     }
@@ -130,9 +131,9 @@
 
 // Decides which files need to be merged (add those to NewFiles).
 // Returns the number of new features added.
-size_t Merger::Merge(const Set<uint32_t> &InitialFeatures,
-                     Set<uint32_t> *NewFeatures,
-                     Vector<std::string> *NewFiles) {
+void Merger::Merge(const Set<uint32_t> &InitialFeatures,
+                   Set<uint32_t> *NewFeatures, const Set<uint32_t> &InitialCov,
+                   Set<uint32_t> *NewCov, Vector<std::string> *NewFiles) {
   NewFiles->clear();
   assert(NumFilesInFirstCorpus <= Files.size());
   Set<uint32_t> AllFeatures = InitialFeatures;
@@ -142,8 +143,6 @@
     auto &Cur = Files[i].Features;
     AllFeatures.insert(Cur.begin(), Cur.end());
   }
-  size_t InitialNumFeatures = AllFeatures.size();
-
   // Remove all features that we already know from all other inputs.
   for (size_t i = NumFilesInFirstCorpus; i < Files.size(); i++) {
     auto &Cur = Files[i].Features;
@@ -178,8 +177,10 @@
     }
     if (FoundNewFeatures)
       NewFiles->push_back(Files[i].Name);
+    for (auto Cov : Files[i].Cov)
+      if (InitialCov.find(Cov) == InitialCov.end())
+        NewCov->insert(Cov);
   }
-  return AllFeatures.size() - InitialNumFeatures;
 }
 
 Set<uint32_t> Merger::AllFeatures() const {
@@ -241,7 +242,7 @@
     for (size_t F : UniqFeatures)
       OF << " " << std::hex << F;
     OF << "\n";
-    OF << "COV " << i;
+    OF << "COV " << std::dec << i;
     TPC.ForEachObservedPC([&](const TracePC::PCTableEntry *TE) {
       if (AllPCs.insert(TE).second)
         OF << " " << TPC.PCTableEntryIdx(TE);
@@ -276,7 +277,10 @@
                          const Vector<SizedFile> &NewCorpus,
                          Vector<std::string> *NewFiles,
                          const Set<uint32_t> &InitialFeatures,
-                         Set<uint32_t> *NewFeatures, const std::string &CFPath,
+                         Set<uint32_t> *NewFeatures,
+                         const Set<uint32_t> &InitialCov,
+                         Set<uint32_t> *NewCov,
+                         const std::string &CFPath,
                          bool V /*Verbose*/) {
   if (NewCorpus.empty() && OldCorpus.empty()) return;  // Nothing to merge.
   size_t NumAttempts = 0;
@@ -346,9 +350,10 @@
   VPrintf(V,
           "MERGE-OUTER: consumed %zdMb (%zdMb rss) to parse the control file\n",
           M.ApproximateMemoryConsumption() >> 20, GetPeakRSSMb());
-  size_t NumNewFeatures = M.Merge(InitialFeatures, NewFeatures, NewFiles);
-  VPrintf(V, "MERGE-OUTER: %zd new files with %zd new features added\n",
-         NewFiles->size(), NumNewFeatures);
+  M.Merge(InitialFeatures, NewFeatures, InitialCov, NewCov, NewFiles);
+  VPrintf(V, "MERGE-OUTER: %zd new files with %zd new features added; "
+          "%zd new coverage edges\n",
+         NewFiles->size(), NewFeatures->size(), NewCov->size());
 }
 
 } // namespace fuzzer