PCMapBits = 0;
VPMap.Reset();
VPMapBits = 0;
- PcBufferPos = 0;
}
std::string DebugString() const;
size_t BlockCoverage;
size_t CallerCalleeCoverage;
- size_t PcBufferPos;
// Precalculated number of bits in CounterBitmap.
size_t CounterBitmapBits;
std::vector<uint8_t> CounterBitmap;
void DeathCallback();
void ResetEdgeCoverage();
+ void ResetCounters();
void PrepareCounters(Fuzzer::Coverage *C);
bool RecordMaxCoverage(Fuzzer::Coverage *C);
// For -print_pcs
uintptr_t* PcBuffer = nullptr;
size_t PcBufferLen = 0;
- size_t PrevPcBufferPos;
+ size_t PcBufferPos = 0, PrevPcBufferPos = 0;
// Need to know our own thread.
static thread_local bool IsMyThread;
EF->__sanitizer_reset_coverage();
}
+void Fuzzer::ResetCounters() {
+ if (Options.UseCounters) {
+ EF->__sanitizer_update_counter_bitset_and_clear_counters(0);
+ }
+ if (EF->__sanitizer_get_coverage_pc_buffer_pos)
+ PcBufferPos = EF->__sanitizer_get_coverage_pc_buffer_pos();
+}
+
void Fuzzer::PrepareCounters(Fuzzer::Coverage *C) {
if (Options.UseCounters) {
size_t NumCounters = EF->__sanitizer_get_number_of_counters();
if (EF->__sanitizer_get_coverage_pc_buffer_pos) {
uint64_t NewPcBufferPos = EF->__sanitizer_get_coverage_pc_buffer_pos();
- if (NewPcBufferPos > C->PcBufferPos) {
+ if (NewPcBufferPos > PcBufferPos) {
Res = true;
- C->PcBufferPos = NewPcBufferPos;
+ PcBufferPos = NewPcBufferPos;
}
if (PcBufferLen && NewPcBufferPos >= PcBufferLen) {
}
bool Fuzzer::UpdateMaxCoverage() {
- PrevPcBufferPos = MaxCoverage.PcBufferPos;
+ PrevPcBufferPos = PcBufferPos;
bool Res = RecordMaxCoverage(&MaxCoverage);
return Res;
AssignTaintLabels(DataCopy, Size);
CurrentUnitSize = Size;
AllocTracer.Start();
+ ResetCounters(); // Reset coverage right before the callback.
int Res = CB(DataCopy, Size);
(void)Res;
HasMoreMallocsThanFrees = AllocTracer.Stop();
}
void Fuzzer::PrintNewPCs() {
- if (Options.PrintNewCovPcs && PrevPcBufferPos != MaxCoverage.PcBufferPos) {
- for (size_t I = PrevPcBufferPos; I < MaxCoverage.PcBufferPos; ++I) {
+ if (Options.PrintNewCovPcs && PrevPcBufferPos != PcBufferPos) {
+ int NumPrinted = 0;
+ for (size_t I = PrevPcBufferPos; I < PcBufferPos; ++I) {
+ if (NumPrinted++ > 30) break; // Don't print too many new PCs.
if (EF->__sanitizer_symbolize_pc) {
char PcDescr[1024];
EF->__sanitizer_symbolize_pc(reinterpret_cast<void*>(PcBuffer[I]),
"%p %F %L", PcDescr, sizeof(PcDescr));
+ PcDescr[sizeof(PcDescr) - 1] = 0; // Just in case.
Printf("\tNEW_PC: %s\n", PcDescr);
} else {
Printf("\tNEW_PC: %p\n", PcBuffer[I]);