diff options
3 files changed, 13 insertions, 4 deletions
diff --git a/compiler-rt/include/sanitizer/coverage_interface.h b/compiler-rt/include/sanitizer/coverage_interface.h index 404b71e3086..b93111b859b 100644 --- a/compiler-rt/include/sanitizer/coverage_interface.h +++ b/compiler-rt/include/sanitizer/coverage_interface.h @@ -27,9 +27,11 @@ extern "C" { // descriptor. Returns -1 on failure, or if coverage dumping is disabled. // This is intended for use by sandboxing code. intptr_t __sanitizer_maybe_open_cov_file(const char *name); - // Get the number of total unique covered entities (blocks, edges, calls). + // Get the number of unique covered blocks (or edges). // This can be useful for coverage-directed in-process fuzzers. uintptr_t __sanitizer_get_total_unique_coverage(); + // Get the number of unique indirect caller-callee pairs. + uintptr_t __sanitizer_get_total_unique_caller_callee_pairs(); // Reset the basic-block (edge) coverage to the initial state. // Useful for in-process fuzzing to start collecting coverage from scratch. diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc b/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc index 4775bd296b1..9098cec91f2 100644 --- a/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc +++ b/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc @@ -53,6 +53,7 @@ static const u64 kMagic32 = 0xC0BFFFFFFFFFFF32ULL; static atomic_uint32_t dump_once_guard; // Ensure that CovDump runs only once. static atomic_uintptr_t coverage_counter; +static atomic_uintptr_t caller_callee_counter; // pc_array is the array containing the covered PCs. // To make the pc_array thread- and async-signal-safe it has to be large enough. @@ -435,7 +436,7 @@ void CoverageData::IndirCall(uptr caller, uptr callee, uptr callee_cache[], uptr was = 0; if (atomic_compare_exchange_strong(&atomic_callee_cache[i], &was, callee, memory_order_seq_cst)) { - atomic_fetch_add(&coverage_counter, 1, memory_order_relaxed); + atomic_fetch_add(&caller_callee_counter, 1, memory_order_relaxed); return; } if (was == callee) // Already have this callee. @@ -908,6 +909,11 @@ uptr __sanitizer_get_total_unique_coverage() { } SANITIZER_INTERFACE_ATTRIBUTE +uptr __sanitizer_get_total_unique_caller_callee_pairs() { + return atomic_load(&caller_callee_counter, memory_order_relaxed); +} + +SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_trace_func_enter(s32 *id) { coverage_data.TraceBasicBlock(id); } diff --git a/compiler-rt/test/asan/TestCases/coverage-caller-callee-total-count.cc b/compiler-rt/test/asan/TestCases/coverage-caller-callee-total-count.cc index 2d063ff1f34..955ffe5a904 100644 --- a/compiler-rt/test/asan/TestCases/coverage-caller-callee-total-count.cc +++ b/compiler-rt/test/asan/TestCases/coverage-caller-callee-total-count.cc @@ -17,13 +17,14 @@ struct Foo2 : Foo {virtual void f() {if (P) printf("%d\n", __LINE__);}}; Foo *foo[3] = {new Foo, new Foo1, new Foo2}; uintptr_t CheckNewTotalUniqueCoverageIsLargerAndReturnIt(uintptr_t old_total) { - uintptr_t new_total = __sanitizer_get_total_unique_coverage(); + uintptr_t new_total = __sanitizer_get_total_unique_caller_callee_pairs(); + fprintf(stderr, "Caller-Callee: old %zd new %zd\n", old_total, new_total); assert(new_total > old_total); return new_total; } int main(int argc, char **argv) { - uintptr_t total = CheckNewTotalUniqueCoverageIsLargerAndReturnIt(0); + uintptr_t total = __sanitizer_get_total_unique_caller_callee_pairs(); foo[0]->f(); total = CheckNewTotalUniqueCoverageIsLargerAndReturnIt(total); foo[1]->f(); |
