Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 546d2a38205d86f451988ba5e489ce2e887bd932 / . / llvm / lib / Fuzzer / FuzzerTracePC.cpp
blob: 2822725f555cb63909032f72a9ec428e45ef961a [file] [log] [blame]
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]1//===- FuzzerTracePC.cpp - PC tracing--------------------------------------===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9// Trace PCs.
Kostya Serebryanya00b2432016-09-14 02:13:06 +0000[diff] [blame]10// This module implements __sanitizer_cov_trace_pc_guard[_init],
11// the callback required for -fsanitize-coverage=trace-pc-guard instrumentation.
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]12//
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]13//===----------------------------------------------------------------------===//
14
15#include "FuzzerInternal.h"
16
17namespace fuzzer {
Mike Aizatsky1aa501e2016-05-10 23:43:15 +0000[diff] [blame]18
Kostya Serebryanya00b2432016-09-14 02:13:06 +0000[diff] [blame]19TracePC TPC;
Mike Aizatsky1aa501e2016-05-10 23:43:15 +0000[diff] [blame]20
Kostya Serebryanya5277d52016-09-15 01:30:18 +0000[diff] [blame]21void TracePC::HandleTrace(uint8_t *Guard, uintptr_t PC) {
22 if (UseCounters) {
23 uintptr_t GV = *Guard;
24 if (GV == 0)
25 TotalCoverage++;
26 if (GV < 255)
27 GV++;
28 *Guard = GV;
29 } else {
30 *Guard = 0xff;
31 TotalCoverage++;
32 }
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]33}
Kostya Serebryanya5277d52016-09-15 01:30:18 +0000[diff] [blame]34
35void TracePC::HandleInit(uint8_t *Start, uint8_t *Stop) {
36 // TODO: this handles only one DSO/binary.
37 this->Start = Start;
38 this->Stop = Stop;
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]39}
Kostya Serebryanya5277d52016-09-15 01:30:18 +0000[diff] [blame]40
41void TracePC::FinalizeTrace() {
42 if (UseCounters && TotalCoverage) {
43 for (uint8_t *X = Start; X < Stop; X++) {
44 uint8_t Value = *X;
45 size_t Idx = X - Start;
46 if (Value >= 2) {
47 unsigned Bit = 31 - __builtin_clz(Value);
48 assert(Bit < 8);
49 CounterMap.AddValue(Idx * 8 + Bit);
50 }
51 *X = 1;
52 }
53 }
54}
55
56size_t TracePC::UpdateCounterMap(ValueBitMap *Map) {
57 if (!TotalCoverage) return 0;
58 size_t NewTotalCounterBits = Map->MergeFrom(CounterMap);
59 size_t Delta = NewTotalCounterBits - TotalCounterBits;
60 TotalCounterBits = NewTotalCounterBits;
61 return Delta;
62}
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]63
64} // namespace fuzzer
65
Dan Liew59144072016-06-06 20:27:09 +0000[diff] [blame]66extern "C" {
Kostya Serebryany32661f92016-08-18 20:52:52 +0000[diff] [blame]67__attribute__((visibility("default")))
Kostya Serebryanya5277d52016-09-15 01:30:18 +0000[diff] [blame]68void __sanitizer_cov_trace_pc_guard(uint8_t *Guard) {
Kostya Serebryanya00b2432016-09-14 02:13:06 +0000[diff] [blame]69 uintptr_t PC = (uintptr_t)__builtin_return_address(0);
Kostya Serebryanya5277d52016-09-15 01:30:18 +0000[diff] [blame]70 fuzzer::TPC.HandleTrace(Guard, PC);
Kostya Serebryanyda63c1d2016-02-26 21:33:56 +0000[diff] [blame]71}
Dan Liew59144072016-06-06 20:27:09 +0000[diff] [blame]72
Kostya Serebryany32661f92016-08-18 20:52:52 +0000[diff] [blame]73__attribute__((visibility("default")))
Kostya Serebryanya5277d52016-09-15 01:30:18 +0000[diff] [blame]74void __sanitizer_cov_trace_pc_guard_init(uint8_t *Start, uint8_t *Stop) {
75 fuzzer::TPC.HandleInit(Start, Stop);
Dan Liew59144072016-06-06 20:27:09 +0000[diff] [blame]76}
77}