| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 1 | //===- FuzzerTracePC.cpp - PC tracing--------------------------------------===// |
| 2 | // |
| 3 | // The LLVM Compiler Infrastructure |
| 4 | // |
| 5 | // This file is distributed under the University of Illinois Open Source |
| 6 | // License. See LICENSE.TXT for details. |
| 7 | // |
| 8 | //===----------------------------------------------------------------------===// |
| 9 | // Trace PCs. |
| Kostya Serebryany | a00b243 | 2016-09-14 02:13:06 +0000 | [diff] [blame] | 10 | // This module implements __sanitizer_cov_trace_pc_guard[_init], |
| 11 | // the callback required for -fsanitize-coverage=trace-pc-guard instrumentation. |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 12 | // |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 13 | //===----------------------------------------------------------------------===// |
| 14 | |
| 15 | #include "FuzzerInternal.h" |
| 16 | |
| 17 | namespace fuzzer { |
| Mike Aizatsky | 1aa501e | 2016-05-10 23:43:15 +0000 | [diff] [blame] | 18 | |
| Kostya Serebryany | a00b243 | 2016-09-14 02:13:06 +0000 | [diff] [blame] | 19 | TracePC TPC; |
| Mike Aizatsky | 1aa501e | 2016-05-10 23:43:15 +0000 | [diff] [blame] | 20 | |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 21 | void TracePC::HandleTrace(uint64_t *Guard, uintptr_t PC) { |
| 22 | const uint64_t kBit63 = 1ULL << 63; |
| 23 | uint64_t Value = *Guard; |
| 24 | if (Value & kBit63) return; |
| 25 | // Printf(" >> %16zx %p\n", Value, Guard); |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 26 | if (UseCounters) { |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 27 | uint64_t Counter = Value & 0xff; |
| 28 | if (Counter == 0) { |
| 29 | size_t Idx = Value >> 32; |
| Kostya Serebryany | 5350178 | 2016-09-15 04:36:45 +0000 | [diff] [blame] | 30 | if (TotalCoverageMap.AddValue(Idx)) { |
| 31 | TotalCoverage++; |
| 32 | AddNewPC(PC); |
| 33 | } |
| 34 | } |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 35 | if (Counter < 255) |
| 36 | Value++; |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 37 | } else { |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 38 | Value |= kBit63; |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 39 | TotalCoverage++; |
| Kostya Serebryany | 5350178 | 2016-09-15 04:36:45 +0000 | [diff] [blame] | 40 | AddNewPC(PC); |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 41 | } |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 42 | // Printf(" << %16zx\n", Value); |
| 43 | *Guard = Value; |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 44 | } |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 45 | |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 46 | void TracePC::HandleInit(uint64_t *Start, uint64_t *Stop) { |
| 47 | if (Start == Stop || *Start) return; |
| 48 | assert(NumModules < sizeof(Modules) / sizeof(Modules[0])); |
| 49 | for (uint64_t *P = Start; P < Stop; P++) |
| 50 | *P = (++NumGuards) << 32; |
| 51 | Modules[NumModules].Start = Start; |
| 52 | Modules[NumModules].Stop = Stop; |
| 53 | NumModules++; |
| 54 | } |
| 55 | |
| 56 | void TracePC::PrintModuleInfo() { |
| 57 | Printf("INFO: Loaded %zd modules (%zd guards): ", NumModules, NumGuards); |
| 58 | for (size_t i = 0; i < NumModules; i++) |
| 59 | Printf("[%p, %p), ", Modules[i].Start, Modules[i].Stop); |
| 60 | Printf("\n"); |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 61 | } |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 62 | |
| 63 | void TracePC::FinalizeTrace() { |
| 64 | if (UseCounters && TotalCoverage) { |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 65 | for (size_t M = 0; M < NumModules; M++) { |
| 66 | for (uint64_t *X = Modules[M].Start; X < Modules[M].Stop; X++) { |
| 67 | uint64_t Value = *X & 0xff; |
| 68 | uint64_t Idx = *X >> 32; |
| 69 | if (Value >= 1) { |
| 70 | unsigned Bit = 0; |
| 71 | /**/ if (Value >= 128) Bit = 7; |
| 72 | else if (Value >= 32) Bit = 6; |
| 73 | else if (Value >= 16) Bit = 5; |
| 74 | else if (Value >= 8) Bit = 4; |
| 75 | else if (Value >= 4) Bit = 3; |
| 76 | else if (Value >= 3) Bit = 2; |
| 77 | else if (Value >= 2) Bit = 1; |
| 78 | CounterMap.AddValue(Idx * 8 + Bit); |
| 79 | } |
| 80 | *X = Idx << 32; |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 81 | } |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 82 | } |
| 83 | } |
| 84 | } |
| 85 | |
| 86 | size_t TracePC::UpdateCounterMap(ValueBitMap *Map) { |
| 87 | if (!TotalCoverage) return 0; |
| 88 | size_t NewTotalCounterBits = Map->MergeFrom(CounterMap); |
| 89 | size_t Delta = NewTotalCounterBits - TotalCounterBits; |
| 90 | TotalCounterBits = NewTotalCounterBits; |
| 91 | return Delta; |
| 92 | } |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 93 | |
| Kostya Serebryany | 0984517 | 2016-09-15 22:16:15 +0000 | [diff] [blame] | 94 | void TracePC::HandleCallerCallee(uintptr_t Caller, uintptr_t Callee) { |
| 95 | const uintptr_t kBits = 12; |
| 96 | const uintptr_t kMask = (1 << kBits) - 1; |
| 97 | CounterMap.AddValue((Caller & kMask) | ((Callee & kMask) << kBits)); |
| 98 | } |
| 99 | |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 100 | } // namespace fuzzer |
| 101 | |
| Dan Liew | 5914407 | 2016-06-06 20:27:09 +0000 | [diff] [blame] | 102 | extern "C" { |
| Kostya Serebryany | 32661f9 | 2016-08-18 20:52:52 +0000 | [diff] [blame] | 103 | __attribute__((visibility("default"))) |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 104 | void __sanitizer_cov_trace_pc_guard(uint64_t *Guard) { |
| Kostya Serebryany | a00b243 | 2016-09-14 02:13:06 +0000 | [diff] [blame] | 105 | uintptr_t PC = (uintptr_t)__builtin_return_address(0); |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 106 | fuzzer::TPC.HandleTrace(Guard, PC); |
| Kostya Serebryany | da63c1d | 2016-02-26 21:33:56 +0000 | [diff] [blame] | 107 | } |
| Dan Liew | 5914407 | 2016-06-06 20:27:09 +0000 | [diff] [blame] | 108 | |
| Kostya Serebryany | 32661f9 | 2016-08-18 20:52:52 +0000 | [diff] [blame] | 109 | __attribute__((visibility("default"))) |
| Kostya Serebryany | 3e36ec1 | 2016-09-17 05:04:47 +0000 | [diff] [blame^] | 110 | void __sanitizer_cov_trace_pc_guard_init(uint64_t *Start, uint64_t *Stop) { |
| Kostya Serebryany | a5277d5 | 2016-09-15 01:30:18 +0000 | [diff] [blame] | 111 | fuzzer::TPC.HandleInit(Start, Stop); |
| Dan Liew | 5914407 | 2016-06-06 20:27:09 +0000 | [diff] [blame] | 112 | } |
| Kostya Serebryany | 0984517 | 2016-09-15 22:16:15 +0000 | [diff] [blame] | 113 | |
| 114 | __attribute__((visibility("default"))) |
| 115 | void __sanitizer_cov_trace_pc_indir(uintptr_t Callee) { |
| 116 | uintptr_t PC = (uintptr_t)__builtin_return_address(0); |
| 117 | fuzzer::TPC.HandleCallerCallee(PC, Callee); |
| 118 | } |
| Dan Liew | 5914407 | 2016-06-06 20:27:09 +0000 | [diff] [blame] | 119 | } |