// Experimental. // Fuly reset the current coverage state, run a single unit, // compute a hash function from the full coverage set, // return non-zero if the hash value is new. // This produces tons of new units and as is it's only suitable for small tests, // e.g. test/FullCoverageSetTest.cpp. FIXME: make it scale. size_t Fuzzer::RunOneMaximizeFullCoverageSet(const Unit &U) { __sanitizer_reset_coverage(); ExecuteCallback(U); uintptr_t *PCs; uintptr_t NumPCs =__sanitizer_get_coverage_guards(&PCs); if (FullCoverageSets.insert(HashOfArrayOfPCs(PCs, NumPCs)).second) return FullCoverageSets.size(); return 0; }
// Fuly reset the current coverage state, run a single unit, // compute a hash function from the full coverage set, // return non-zero if the hash value is new. // This produces tons of new units and as is it's only suitable for small tests, // e.g. test/FullCoverageSetTest.cpp. FIXME: make it scale. size_t Fuzzer::RunOneMaximizeFullCoverageSet(const Unit &U) { __sanitizer_reset_coverage(); TestOneInput(U.data(), U.size()); uintptr_t *PCs; uintptr_t NumPCs =__sanitizer_get_coverage_guards(&PCs); if (FullCoverageSets.insert(HashOfArrayOfPCs(PCs, NumPCs)).second) return FullCoverageSets.size(); return 0; }