From: Kostya Serebryany <kcc@google.com>
Date: Fri, 23 Sep 2016 01:20:07 +0000 (+0000)
Subject: [libFuzzer] simplify the TracePC logic
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=73508a3cb116c995988db1b8040319681d33be76;p=llvm

[libFuzzer] simplify the TracePC logic

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282222 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp
index 1d714cadd48..0ca03c5fea9 100644
--- a/lib/Fuzzer/FuzzerLoop.cpp
+++ b/lib/Fuzzer/FuzzerLoop.cpp
@@ -85,8 +85,7 @@ bool Fuzzer::RecordMaxCoverage(Fuzzer::Coverage *C) {
 
   TPC.FinalizeTrace();
 
-  uint64_t NewBlockCoverage =
-      EF->__sanitizer_get_total_unique_coverage() + TPC.GetTotalCoverage();
+  uint64_t NewBlockCoverage = EF->__sanitizer_get_total_unique_coverage();
   if (NewBlockCoverage > C->BlockCoverage) {
     Res = true;
     C->BlockCoverage = NewBlockCoverage;
@@ -163,6 +162,7 @@ Fuzzer::Fuzzer(UserCallback CB, InputCorpus &Corpus, MutationDispatcher &MD,
   InitializeTraceState();
   assert(!F);
   F = this;
+  TPC.ResetTotalPCCoverage();
   ResetCoverage();
   IsMyThread = true;
   if (Options.DetectLeaks && EF->__sanitizer_install_malloc_and_free_hooks)
@@ -327,6 +327,8 @@ void Fuzzer::PrintStats(const char *Where, const char *End) {
   Printf("#%zd\t%s", TotalNumberOfRuns, Where);
   if (MaxCoverage.BlockCoverage)
     Printf(" cov: %zd", MaxCoverage.BlockCoverage);
+  if (size_t N = TPC.GetTotalPCCoverage())
+    Printf(" cov: %zd", N);
   if (MaxCoverage.VPMap.GetNumBitsSinceLastMerge())
     Printf(" vp: %zd", MaxCoverage.VPMap.GetNumBitsSinceLastMerge());
   if (auto TB = MaxCoverage.CounterBitmapBits)
diff --git a/lib/Fuzzer/FuzzerTracePC.cpp b/lib/Fuzzer/FuzzerTracePC.cpp
index 5c038cde67f..0df8aba18f6 100644
--- a/lib/Fuzzer/FuzzerTracePC.cpp
+++ b/lib/Fuzzer/FuzzerTracePC.cpp
@@ -19,31 +19,22 @@
 namespace fuzzer {
 
 TracePC TPC;
-const size_t TracePC::kNumCounters;
-const size_t TracePC::kNumPCs;
 
 void TracePC::HandleTrace(uintptr_t *Guard, uintptr_t PC) {
   uintptr_t Idx = *Guard;
   if (!Idx) return;
-  if (UseCounters) {
-    uint8_t Counter = Counters[Idx % kNumCounters];
-    if (Counter == 0) {
+  uint8_t Counter = Counters[Idx % kNumCounters];
+  if (Counter == 0) {
+    AddNewPCID(Idx);
+    if (!PCs[Idx]) {
+      TotalPCCoverage++;
       PCs[Idx] = PC;
-      if (TotalCoverageMap.AddValue(Idx)) {
-        TotalCoverage++;
-        AddNewPCID(Idx);
-      }
     }
-    if (Counter < 128)
-      Counters[Idx % kNumCounters] = Counter + 1;
-    else
-      *Guard = 0;
-  } else {
-    *Guard = 0;
-    TotalCoverage++;
-    AddNewPCID(Idx);
-    PCs[Idx] = PC;
   }
+  if (Counter < 128)
+    Counters[Idx % kNumCounters] = Counter + 1;
+  if (Counter >= 128 || !UseCounters)
+    *Guard = 0;
 }
 
 void TracePC::HandleInit(uintptr_t *Start, uintptr_t *Stop) {
@@ -72,8 +63,8 @@ void TracePC::ResetGuards() {
 }
 
 void TracePC::FinalizeTrace() {
-  if (UseCounters && TotalCoverage) {
-    for (size_t Idx = 1, N = std::min(kNumCounters, NumGuards); Idx < N;
+  if (TotalPCCoverage) {
+    for (size_t Idx = 1, N = Min(kNumCounters, NumGuards); Idx < N;
          Idx++) {
       uint8_t Counter = Counters[Idx];
       if (!Counter) continue;
@@ -99,7 +90,7 @@ void TracePC::HandleCallerCallee(uintptr_t Caller, uintptr_t Callee) {
 
 void TracePC::PrintCoverage() {
   Printf("COVERAGE:\n");
-  for (size_t i = 0; i < std::min(NumGuards, kNumPCs); i++) {
+  for (size_t i = 0; i < Min(NumGuards, kNumPCs); i++) {
     if (PCs[i])
       PrintPC("COVERED: %p %F %L\n", "COVERED: %p\n", PCs[i]);
   }
diff --git a/lib/Fuzzer/FuzzerTracePC.h b/lib/Fuzzer/FuzzerTracePC.h
index f3da724c269..19f67082930 100644
--- a/lib/Fuzzer/FuzzerTracePC.h
+++ b/lib/Fuzzer/FuzzerTracePC.h
@@ -23,11 +23,12 @@ class TracePC {
   void HandleInit(uintptr_t *start, uintptr_t *stop);
   void HandleCallerCallee(uintptr_t Caller, uintptr_t Callee);
   void HandleValueProfile(size_t Value) { ValueProfileMap.AddValue(Value); }
-  size_t GetTotalCoverage() { return TotalCoverage; }
+  size_t GetTotalPCCoverage() { return TotalPCCoverage; }
+  void ResetTotalPCCoverage() { TotalPCCoverage = 0; }
   void SetUseCounters(bool UC) { UseCounters = UC; }
   void SetUseValueProfile(bool VP) { UseValueProfile = VP; }
   bool UpdateCounterMap(ValueBitMap *MaxCounterMap) {
-    return UseCounters && MaxCounterMap->MergeFrom(CounterMap);
+    return MaxCounterMap->MergeFrom(CounterMap);
   }
   bool UpdateValueProfileMap(ValueBitMap *MaxValueProfileMap) {
     return UseValueProfile && MaxValueProfileMap->MergeFrom(ValueProfileMap);
@@ -43,10 +44,8 @@ class TracePC {
   uintptr_t GetPCbyPCID(uintptr_t PCID) { return PCs[PCID]; }
 
   void Reset() {
-    TotalCoverage = 0;
     NumNewPCIDs = 0;
     CounterMap.Reset();
-    TotalCoverageMap.Reset();
     ResetGuards();
   }
 
@@ -57,7 +56,7 @@ class TracePC {
 private:
   bool UseCounters = false;
   bool UseValueProfile = false;
-  size_t TotalCoverage = 0;
+  size_t TotalPCCoverage = 0;
 
   static const size_t kMaxNewPCIDs = 64;
   uintptr_t NewPCIDs[kMaxNewPCIDs];
@@ -84,7 +83,6 @@ private:
 
   ValueBitMap CounterMap;
   ValueBitMap ValueProfileMap;
-  ValueBitMap TotalCoverageMap;
 };
 
 extern TracePC TPC;