diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2018-04-20 19:19:09 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2018-04-20 20:14:10 +0200 |
| commit | 9b895661a91af7586711090302f1703333ae7a4e (patch) | |
| tree | d3d10cd4ddca2d8e609008261c70768d02cfb45d | |
| parent | bf2018dd07bfcbc1a7bb593656e9818253920dae (diff) | |
syz-manager: fix coverage report for archs other than amd64
| -rw-r--r-- | syz-manager/cover.go | 29 | ||||
| -rw-r--r-- | syz-manager/manager.go | 2 |
2 files changed, 25 insertions, 6 deletions
diff --git a/syz-manager/cover.go b/syz-manager/cover.go index 6ce2ab35c..a2663314f 100644 --- a/syz-manager/cover.go +++ b/syz-manager/cover.go @@ -64,7 +64,7 @@ const ( callLen = 5 // length of a call instruction, x86-ism ) -func initAllCover(vmlinux string) { +func initAllCover(os, arch, vmlinux string) { // Running objdump on vmlinux takes 20-30 seconds, so we do it asynchronously on start. // Running nm on vmlinux may takes 200 microsecond and being called during symbolization of every crash, // so also do it asynchronously on start and reuse the value during each crash. @@ -76,7 +76,7 @@ func initAllCover(vmlinux string) { if vmlinux == "" { return } - pcs, err := coveredPCs(vmlinux) + pcs, err := coveredPCs(arch, vmlinux) if err == nil { sort.Sort(uint64Array(pcs)) allCoverPCs = pcs @@ -306,7 +306,7 @@ func uncoveredPcsInFuncs(vmlinux string, pcs []uint64) ([]uint64, error) { } // coveredPCs returns list of PCs of __sanitizer_cov_trace_pc calls in binary bin. -func coveredPCs(bin string) ([]uint64, error) { +func coveredPCs(arch, bin string) ([]uint64, error) { cmd := osutil.Command("objdump", "-d", "--no-show-raw-insn", bin) stdout, err := cmd.StdoutPipe() if err != nil { @@ -319,9 +319,28 @@ func coveredPCs(bin string) ([]uint64, error) { defer cmd.Wait() var pcs []uint64 s := bufio.NewScanner(stdout) - // A line looks as: "ffffffff8100206a: callq ffffffff815cc1d0 <__sanitizer_cov_trace_pc>" - callInsn := []byte("callq ") traceFunc := []byte(" <__sanitizer_cov_trace_pc>") + var callInsn []byte + switch arch { + case "amd64": + // ffffffff8100206a: callq ffffffff815cc1d0 <__sanitizer_cov_trace_pc> + callInsn = []byte("\tcallq ") + case "386": + // c1000102: call c10001f0 <__sanitizer_cov_trace_pc> + callInsn = []byte("\tcall ") + case "arm64": + // ffff0000080d9cc0: bl ffff00000820f478 <__sanitizer_cov_trace_pc> + callInsn = []byte("\tbl\t") + case "arm": + // 8010252c: bl 801c3280 <__sanitizer_cov_trace_pc> + callInsn = []byte("\tbl\t") + case "ppc64le": + // c00000000006d904: bl c000000000350780 <.__sanitizer_cov_trace_pc> + callInsn = []byte("\tbl ") + traceFunc = []byte(" <.__sanitizer_cov_trace_pc>") + default: + panic("unknown arch") + } for s.Scan() { ln := s.Bytes() if pos := bytes.Index(ln, callInsn); pos == -1 { diff --git a/syz-manager/manager.go b/syz-manager/manager.go index 32b30417d..ab53c106d 100644 --- a/syz-manager/manager.go +++ b/syz-manager/manager.go @@ -134,7 +134,7 @@ func main() { if err != nil { Fatalf("%v", err) } - initAllCover(cfg.Vmlinux) + initAllCover(cfg.TargetOS, cfg.TargetVMArch, cfg.Vmlinux) RunManager(cfg, target, syscalls) } |