Skip to content

Commit

Permalink
executor: fix coverfilter header size
Browse files Browse the repository at this point in the history
Manager was switched to 64-bit PCs, but executor still expected
4-byte PC start in the header.
Fix it and switch size to uint64 for simplicity as well.
  • Loading branch information
dvyukov committed May 28, 2024
1 parent f550015 commit 34889ee
Show file tree
Hide file tree
Showing 4 changed files with 25 additions and 27 deletions.
17 changes: 8 additions & 9 deletions executor/cov_filter.h
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
#include <sys/stat.h>

struct cov_filter_t {
uint32 pcstart;
uint32 pcsize;
uint64 pcstart;
uint64 pcsize;
uint8 bitmap[];
};

Expand All @@ -31,7 +31,7 @@ static void init_coverage_filter(char* filename)
cov_filter = (cov_filter_t*)mmap(preferred, st.st_size, PROT_READ, MAP_PRIVATE, f, 0);
if (cov_filter != preferred)
failmsg("failed to mmap coverage filter bitmap", "want=%p, got=%p", preferred, cov_filter);
if ((uint32)st.st_size != sizeof(uint32) * 2 + ((cov_filter->pcsize >> 4) / 8 + 2))
if ((uint32)st.st_size != sizeof(uint64) * 2 + ((cov_filter->pcsize >> 4) / 8 + 2))
fail("bad coverage filter bitmap size");
close(f);
}
Expand All @@ -43,14 +43,13 @@ static bool coverage_filter(uint64 pc)
if (cov_filter == NULL)
fail("coverage filter was enabled but bitmap initialization failed");
// Prevent out of bound while searching bitmap.
uint32 pc32 = (uint32)(pc & 0xffffffff);
if (pc32 < cov_filter->pcstart || pc32 > cov_filter->pcstart + cov_filter->pcsize)
if (pc < cov_filter->pcstart || pc > cov_filter->pcstart + cov_filter->pcsize)
return false;
// For minimizing the size of bitmap, the lowest 4-bit will be dropped.
pc32 -= cov_filter->pcstart;
pc32 = pc32 >> 4;
uint32 idx = pc32 / 8;
uint32 shift = pc32 % 8;
pc -= cov_filter->pcstart;
pc = pc >> 4;
uint64 idx = pc / 8;
uint64 shift = pc % 8;
return (cov_filter->bitmap[idx] & (1 << shift)) > 0;
}

Expand Down
19 changes: 9 additions & 10 deletions executor/test.h
Original file line number Diff line number Diff line change
Expand Up @@ -205,30 +205,29 @@ static int test_csum_inet_acc()
static int test_coverage_filter()
{
struct tmp_cov_filter_t {
uint32 pcstart;
uint32 pcsize;
uint64 pcstart;
uint64 pcsize;
uint8 bitmap[((0x1000 >> 4) + 7) / 8];
};
static struct tmp_cov_filter_t tmp_cov_filter;
tmp_cov_filter.pcstart = 0x81000000;
tmp_cov_filter.pcstart = 0xffffffff81000000;
tmp_cov_filter.pcsize = 0x1000;
cov_filter = (cov_filter_t*)&tmp_cov_filter;
flag_coverage_filter = true;

uint64 full_enable_pc = 0xffffffff81000765;
uint64 full_disable_pc = 0xffffffff81000627;
uint64 full_out_pc = 0xffffffff82000000;
uint64 enable_pc = 0xffffffff81000765;
uint64 disable_pc = 0xffffffff81000627;
uint64 out_pc = 0xffffffff82000000;

uint32 enable_pc = (uint32)full_enable_pc & 0xffffffff;
uint32 idx = ((enable_pc - cov_filter->pcstart) >> 4) / 8;
uint32 shift = ((enable_pc - cov_filter->pcstart) >> 4) % 8;
cov_filter->bitmap[idx] |= (1 << shift);

if (!coverage_filter(full_enable_pc))
if (!coverage_filter(enable_pc))
return 1;
if (coverage_filter(full_disable_pc))
if (coverage_filter(disable_pc))
return 1;
if (coverage_filter(full_out_pc))
if (coverage_filter(out_pc))
return 1;

cov_filter = NULL;
Expand Down
14 changes: 7 additions & 7 deletions syz-manager/covfilter.go
Original file line number Diff line number Diff line change
Expand Up @@ -141,16 +141,16 @@ func createCoverageBitmap(cfg *mgrconfig.Config, pcs map[uint64]uint32) []byte {
return nil
}
start, size := coverageFilterRegion(pcs)
log.Logf(0, "coverage filter from 0x%x to 0x%x, size 0x%x, pcs %v", start, start+uint64(size), size, len(pcs))
// The file starts with two uint32: covFilterStart and covFilterSize,
log.Logf(2, "coverage filter from 0x%x to 0x%x, size 0x%x, pcs %v", start, start+size, size, len(pcs))
// The file starts with two uint64: covFilterStart and covFilterSize,
// and a bitmap with size ((covFilterSize>>4)/8+2 bytes follow them.
// 8-bit = 1-byte
data := make([]byte, 12+((size>>4)/8+2))
data := make([]byte, 16+((size>>4)/8+2))
order := cfg.SysTarget.HostEndian
order.PutUint64(data, start)
order.PutUint32(data[8:], size)
order.PutUint64(data[8:], size)

bitmap := data[12:]
bitmap := data[16:]
for pc := range pcs {
// The lowest 4-bit is dropped.
pc = backend.NextInstructionPC(cfg.SysTarget, cfg.Type, pc)
Expand All @@ -160,7 +160,7 @@ func createCoverageBitmap(cfg *mgrconfig.Config, pcs map[uint64]uint32) []byte {
return data
}

func coverageFilterRegion(pcs map[uint64]uint32) (uint64, uint32) {
func coverageFilterRegion(pcs map[uint64]uint32) (uint64, uint64) {
start, end := ^uint64(0), uint64(0)
for pc := range pcs {
if start > pc {
Expand All @@ -170,7 +170,7 @@ func coverageFilterRegion(pcs map[uint64]uint32) (uint64, uint32) {
end = pc
}
}
return start, uint32(end - start)
return start, end - start
}

func compileRegexps(regexpStrings []string) ([]*regexp.Regexp, error) {
Expand Down
2 changes: 1 addition & 1 deletion syz-manager/covfilter_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ func TestCreateBitmap(t *testing.T) {
if start != 0x81000002 || size != 0x20001b {
t.Fatalf("bad region 0x%x/0x%x", start, size)
}
for i, byte := range bitmap[12:] {
for i, byte := range bitmap[16:] {
var expect uint8
switch i {
case 0:
Expand Down

0 comments on commit 34889ee

Please sign in to comment.