From aaed018397bf51a5aaff9a072ba223d81cd3c107 Mon Sep 17 00:00:00 2001
From: Liz Prucka <lizprucka@google.com>
Date: Tue, 2 May 2023 11:19:00 -0500
Subject: syz-manager, pkg/cover: normalize signals between VM instances

Adjust signal creation in syz-executor so hash
is independent of module offsets. This allows
for canonicalization of the signal between VMs.

Added signals to canonicalization/decanonicalization
between instances.

Coverts serialized Signal values as they have already
been serialized in rpc.go. Added a function in signal.go
to update serial signal elements.
---
 executor/executor.cc | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'executor/executor.cc')

diff --git a/executor/executor.cc b/executor/executor.cc
index 585dd6f66..f6b09f30a 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -1011,9 +1011,12 @@ void write_coverage_signal(cover_t* cov, uint32* signal_count_pos, uint32* cover
 		bool prev_filter = true;
 		for (uint32 i = 0; i < cov->size; i++) {
 			cover_data_t pc = cover_data[i] + cov->pc_offset;
-			uint32 sig = pc;
-			if (use_cover_edges(pc))
-				sig ^= hash(prev_pc);
+			uint32 sig = pc & 0xFFFFF000;
+			if (use_cover_edges(pc)) {
+				// Only hash the lower 12 bits so the hash is
+				// independent of any module offsets.
+				sig |= (pc & 0xFFF) ^ (hash(prev_pc & 0xFFF) & 0xFFF);
+			}
 			bool filter = coverage_filter(pc);
 			// Ignore the edge only if both current and previous PCs are filtered out
 			// to capture all incoming and outcoming edges into the interesting code.
-- 
cgit mrf-deployment