[libFuzzer] Portably disassemble and find calls to sanitizer_cov_trace_pc_guard.

Instead of directly using objdump, which is not present on Windows, we consider
different tools depending on the platform.
For Windows, we consider dumpbin and llvm-objdump.

Differential Revision: https://reviews.llvm.org/D28635

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@292739 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Fuzzer/FuzzerTracePC.cpp b/lib/Fuzzer/FuzzerTracePC.cpp
index 71f4b66f8bbb1bc320f2d41c3d70bacf04346f2c..53454371f3e3ecd7ab4afaa8b6d870643e31379e 100644 (file)
--- a/lib/Fuzzer/FuzzerTracePC.cpp
+++ b/lib/Fuzzer/FuzzerTracePC.cpp
@@ -18,6 +18,7 @@
 #include "FuzzerExtFunctions.h"
 #include "FuzzerIO.h"
 #include "FuzzerTracePC.h"
+#include "FuzzerUtil.h"
 #include "FuzzerValueBitMap.h"
 #include <map>
 #include <set>
@@ -141,8 +142,8 @@ void TracePC::PrintCoverage() {
     Printf("MODULE_WITH_COVERAGE: %s\n", ModuleName.c_str());
     // sancov does not yet fully support DSOs.
     // std::string Cmd = "sancov -print-coverage-pcs " + ModuleName;
-    std::string Cmd = "objdump -d " + ModuleName +
-        " | grep 'call.*__sanitizer_cov_trace_pc_guard' | awk -F: '{print $1}'";
+    std::string Cmd = DisassembleCmd(ModuleName) + " | " +
+        SearchRegexCmd("call.*__sanitizer_cov_trace_pc_guard");
     std::string SanCovOutput;
     if (!ExecuteCommandAndReadOutput(Cmd, &SanCovOutput)) {
       Printf("INFO: Command failed: %s\n", Cmd.c_str());
@@ -151,6 +152,10 @@ void TracePC::PrintCoverage() {
     std::istringstream ISS(SanCovOutput);
     std::string S;
     while (std::getline(ISS, S, '\n')) {
+      size_t PcOffsetEnd = S.find(':');
+      if (PcOffsetEnd == std::string::npos)
+        continue;
+      S.resize(PcOffsetEnd);
       uintptr_t PcOffset = std::stol(S, 0, 16);
       if (!std::binary_search(CoveredOffsets.begin(), CoveredOffsets.end(),
                               PcOffset)) {

diff --git a/lib/Fuzzer/FuzzerUtil.h b/lib/Fuzzer/FuzzerUtil.h
index 08058c56e4c5e30867f3da949d1c27bd2579b89a..f84fd9ef0fcea9f89c391e16c0d7f55a21c7c2e1 100644 (file)
--- a/lib/Fuzzer/FuzzerUtil.h
+++ b/lib/Fuzzer/FuzzerUtil.h
@@ -67,6 +67,10 @@ inline std::string CloneArgsWithoutX(const std::vector<std::string> &Args,
   return CloneArgsWithoutX(Args, X, X);
 }
 
+std::string DisassembleCmd(const std::string &FileName);
+
+std::string SearchRegexCmd(const std::string &Regex);
+
 }  // namespace fuzzer
 
 #endif  // LLVM_FUZZER_UTIL_H

diff --git a/lib/Fuzzer/FuzzerUtilPosix.cpp b/lib/Fuzzer/FuzzerUtilPosix.cpp
index e8d48dc81a3b87cd09bda334785371d7e4a8d784..0161309fbf86b12f3a4dae0e6c417854dc5d699d 100644 (file)
--- a/lib/Fuzzer/FuzzerUtilPosix.cpp
+++ b/lib/Fuzzer/FuzzerUtilPosix.cpp
@@ -118,6 +118,14 @@ const void *SearchMemory(const void *Data, size_t DataLen, const void *Patt,
   return memmem(Data, DataLen, Patt, PattLen);
 }
 
+std::string DisassembleCmd(const std::string &FileName) {
+  return "objdump -d " + FileName;
+}
+
+std::string SearchRegexCmd(const std::string &Regex) {
+  return "grep '" + Regex + "'";
+}
+
 }  // namespace fuzzer
 
 #endif // LIBFUZZER_POSIX

diff --git a/lib/Fuzzer/FuzzerUtilWindows.cpp b/lib/Fuzzer/FuzzerUtilWindows.cpp
index 3ca1f2c8f562dead764a9f06798c0776135f791b..b9e039f81e53ee9514b4a123a40471813e2922f9 100644 (file)
--- a/lib/Fuzzer/FuzzerUtilWindows.cpp
+++ b/lib/Fuzzer/FuzzerUtilWindows.cpp
@@ -178,6 +178,20 @@ const void *SearchMemory(const void *Data, size_t DataLen, const void *Patt,
   return NULL;
 }
 
+std::string DisassembleCmd(const std::string &FileName) {
+  if (ExecuteCommand("dumpbin > nul") == 0)
+    return "dumpbin /disasm " + FileName;
+  if (ExecuteCommand("llvm-objdump > nul") == 0)
+    return "llvm-objdump -d " + FileName;
+  Printf("libFuzzer: couldn't find tool to disassemble (dumpbin, "
+      "llvm-objdump)\n");
+  exit(1);
+}
+
+std::string SearchRegexCmd(const std::string &Regex) {
+  return "findstr /r \"" + Regex + "\"";
+}
+
 } // namespace fuzzer
 
 #endif // LIBFUZZER_WINDOWS