diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2024-07-22 09:59:09 +0200 |
|---|---|---|
| committer | Aleksandr Nogikh <nogikh@google.com> | 2024-07-22 09:38:18 +0000 |
| commit | f063dfd966f00f90fbae94d179f26cf36fea3f5b (patch) | |
| tree | 2e58f27f65a6f9d2dece091ddcef3a23d8cefbb0 /executor | |
| parent | 7538bc297d62e223e4216db0e039be296aff4553 (diff) | |
executor: fix writing of remote coverage
We never reset remote coverage, so if there is one block,
we will write it after every call and multiple times at the end.
It can lead to "too many calls in output" and just writes quadratic
amount of coverage/signal.
Reset remote coverage after writing.
Diffstat (limited to 'executor')
| -rw-r--r-- | executor/common_test.h | 11 | ||||
| -rw-r--r-- | executor/executor.cc | 5 | ||||
| -rw-r--r-- | executor/executor_test.h | 13 |
3 files changed, 26 insertions, 3 deletions
diff --git a/executor/common_test.h b/executor/common_test.h index dc39fa326..f5f54d9ee 100644 --- a/executor/common_test.h +++ b/executor/common_test.h @@ -180,6 +180,17 @@ static long syz_inject_cover(volatile long a, volatile long b) #endif #endif +#if SYZ_EXECUTOR || __NR_syz_inject_remote_cover +static long syz_inject_remote_cover(volatile long a, volatile long b) +#if SYZ_EXECUTOR + ; // defined in executor_test.h +#else +{ + return 0; +} +#endif +#endif + #if SYZ_EXECUTOR || SYZ_SYSCTL static void setup_sysctl() { diff --git a/executor/executor.cc b/executor/executor.cc index 3a1ce78bd..17de4e87d 100644 --- a/executor/executor.cc +++ b/executor/executor.cc @@ -1001,7 +1001,9 @@ void execute_one() // that we were killed on timeout before we write any. // Check for extra coverage is very cheap, effectively a memory load. const uint64 kSleepMs = 100; - for (uint64 i = 0; i < prog_extra_cover_timeout / kSleepMs; i++) { + for (uint64 i = 0; i < prog_extra_cover_timeout / kSleepMs && + output_data->completed.load(std::memory_order_relaxed) < kMaxCalls; + i++) { sleep_ms(kSleepMs); write_extra_output(); } @@ -1267,6 +1269,7 @@ void write_extra_output() if (!extra_cov.size) return; write_output(-1, &extra_cov, rpc::CallFlag::NONE, 997, all_extra_signal); + cover_reset(&extra_cov); } flatbuffers::span<uint8_t> finish_output(OutputData* output, int proc_id, uint64 req_id, uint64 elapsed, diff --git a/executor/executor_test.h b/executor/executor_test.h index 5e128d851..c94de09a2 100644 --- a/executor/executor_test.h +++ b/executor/executor_test.h @@ -121,9 +121,8 @@ static void cover_unprotect(cover_t* cov) { } -static long syz_inject_cover(volatile long a, volatile long b) +static long inject_cover(cover_t* cov, long a, long b) { - cover_t* cov = ¤t_thread->cov; if (cov->data == nullptr) return ENOENT; uint32 size = std::min((uint32)b, cov->mmap_alloc_size); @@ -132,6 +131,16 @@ static long syz_inject_cover(volatile long a, volatile long b) return 0; } +static long syz_inject_cover(volatile long a, volatile long b) +{ + return inject_cover(¤t_thread->cov, a, b); +} + +static long syz_inject_remote_cover(volatile long a, volatile long b) +{ + return inject_cover(&extra_cov, a, b); +} + static const char* setup_fault() { return nullptr; |