From ac40b8cc849c3f4663295a1cc4d0a88fc400f5ef Mon Sep 17 00:00:00 2001
From: Alexander Egorenkov <Alexander.Egorenkov@ibm.com>
Date: Thu, 25 Jun 2020 20:50:10 +0200
Subject: executor: fix write_output_64

The output pointer was not updated after writing.

Signed-off-by: Alexander Egorenkov <Alexander.Egorenkov@ibm.com>
---
 executor/executor.cc | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'executor')

diff --git a/executor/executor.cc b/executor/executor.cc
index 19aa45e81..1a2b641ff 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -284,6 +284,8 @@ struct kcov_comparison_t {
 	bool operator<(const struct kcov_comparison_t& other) const;
 };
 
+static_assert(sizeof(kcov_comparison_t) == 4 * sizeof(uint64), "invalid size of kcov_comparison_t");
+
 struct feature_t {
 	const char* name;
 	void (*setup)();
@@ -1315,7 +1317,8 @@ uint32* write_output_64(uint64 v)
 		fail("output overflow: pos=%p region=[%p:%p]",
 		     output_pos, output_data, (char*)output_data + kMaxOutput);
 	*(uint64*)output_pos = v;
-	return output_pos + 2;
+	output_pos += 2;
+	return output_pos;
 }
 
 void write_completed(uint32 completed)
@@ -1327,6 +1330,9 @@ void write_completed(uint32 completed)
 #if SYZ_EXECUTOR_USES_SHMEM
 void kcov_comparison_t::write()
 {
+	if (type > (KCOV_CMP_CONST | KCOV_CMP_SIZE_MASK))
+		fail("invalid kcov comp type %llx", type);
+
 	// Write order: type arg1 arg2 pc.
 	write_output((uint32)type);
 
-- 
cgit mrf-deployment