syz-manager, pkg/cover: normalize signals between VM instances

Adjust signal creation in syz-executor so hash is independent of module offsets. This allows for canonicalization of the signal between VMs. Added signals to canonicalization/decanonicalization between instances. Coverts serialized Signal values as they have already been serialized in rpc.go. Added a function in signal.go to update serial signal elements.
author: Liz Prucka <lizprucka@google.com> 2023-05-02 11:19:00 -0500
committer: Aleksandr Nogikh <wp32pw@gmail.com> 2023-06-12 15:29:38 +0200
commit: aaed018397bf51a5aaff9a072ba223d81cd3c107 (patch)
tree: bbd1998a43a248ac96c446ac06c8c9f211f53e72 /executor/executor.cc
parent: 49519f067f7fc9bfbf869e6851a4d398a9f7863f (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/executor/executor.cc b/executor/executor.cc
index 585dd6f66..f6b09f30a 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -1011,9 +1011,12 @@ void write_coverage_signal(cover_t* cov, uint32* signal_count_pos, uint32* cover
 		bool prev_filter = true;
 		for (uint32 i = 0; i < cov->size; i++) {
 			cover_data_t pc = cover_data[i] + cov->pc_offset;
-			uint32 sig = pc;
-			if (use_cover_edges(pc))
-				sig ^= hash(prev_pc);
+			uint32 sig = pc & 0xFFFFF000;
+			if (use_cover_edges(pc)) {
+				// Only hash the lower 12 bits so the hash is
+				// independent of any module offsets.
+				sig |= (pc & 0xFFF) ^ (hash(prev_pc & 0xFFF) & 0xFFF);
+			}
 			bool filter = coverage_filter(pc);
 			// Ignore the edge only if both current and previous PCs are filtered out
 			// to capture all incoming and outcoming edges into the interesting code.
author	Liz Prucka <lizprucka@google.com>	2023-05-02 11:19:00 -0500
committer	Aleksandr Nogikh <wp32pw@gmail.com>	2023-06-12 15:29:38 +0200
commit	aaed018397bf51a5aaff9a072ba223d81cd3c107 (patch)
tree	bbd1998a43a248ac96c446ac06c8c9f211f53e72 /executor/executor.cc
parent	49519f067f7fc9bfbf869e6851a4d398a9f7863f (diff)