[sanitizer-coverage] introduce __sanitizer_get_total_unique_caller_callee_pairs

git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@251071 91177308-0d34-0410-b5e6-96231b3b80d8

3 files changed, 13 insertions, 4 deletions

diff --git a/include/sanitizer/coverage_interface.h b/include/sanitizer/coverage_interface.h
index 404b71e30..b93111b85 100644
--- a/include/sanitizer/coverage_interface.h
+++ b/include/sanitizer/coverage_interface.h
@@ -27,9 +27,11 @@ extern "C" {
   // descriptor. Returns -1 on failure, or if coverage dumping is disabled.
   // This is intended for use by sandboxing code.
   intptr_t __sanitizer_maybe_open_cov_file(const char *name);
-  // Get the number of total unique covered entities (blocks, edges, calls).
+  // Get the number of unique covered blocks (or edges).
   // This can be useful for coverage-directed in-process fuzzers.
   uintptr_t __sanitizer_get_total_unique_coverage();
+  // Get the number of unique indirect caller-callee pairs.
+  uintptr_t __sanitizer_get_total_unique_caller_callee_pairs();
 
   // Reset the basic-block (edge) coverage to the initial state.
   // Useful for in-process fuzzing to start collecting coverage from scratch.
diff --git a/lib/sanitizer_common/sanitizer_coverage_libcdep.cc b/lib/sanitizer_common/sanitizer_coverage_libcdep.cc
index 4775bd296..9098cec91 100644
--- a/lib/sanitizer_common/sanitizer_coverage_libcdep.cc
+++ b/lib/sanitizer_common/sanitizer_coverage_libcdep.cc
@@ -53,6 +53,7 @@ static const u64 kMagic32 = 0xC0BFFFFFFFFFFF32ULL;
 static atomic_uint32_t dump_once_guard;  // Ensure that CovDump runs only once.
 
 static atomic_uintptr_t coverage_counter;
+static atomic_uintptr_t caller_callee_counter;
 
 // pc_array is the array containing the covered PCs.
 // To make the pc_array thread- and async-signal-safe it has to be large enough.
@@ -435,7 +436,7 @@ void CoverageData::IndirCall(uptr caller, uptr callee, uptr callee_cache[],
     uptr was = 0;
     if (atomic_compare_exchange_strong(&atomic_callee_cache[i], &was, callee,
                                        memory_order_seq_cst)) {
-      atomic_fetch_add(&coverage_counter, 1, memory_order_relaxed);
+      atomic_fetch_add(&caller_callee_counter, 1, memory_order_relaxed);
       return;
     }
     if (was == callee)  // Already have this callee.
@@ -908,6 +909,11 @@ uptr __sanitizer_get_total_unique_coverage() {
 }
 
 SANITIZER_INTERFACE_ATTRIBUTE
+uptr __sanitizer_get_total_unique_caller_callee_pairs() {
+  return atomic_load(&caller_callee_counter, memory_order_relaxed);
+}
+
+SANITIZER_INTERFACE_ATTRIBUTE
 void __sanitizer_cov_trace_func_enter(s32 *id) {
   coverage_data.TraceBasicBlock(id);
 }
diff --git a/test/asan/TestCases/coverage-caller-callee-total-count.cc b/test/asan/TestCases/coverage-caller-callee-total-count.cc
index 2d063ff1f..955ffe5a9 100644
--- a/test/asan/TestCases/coverage-caller-callee-total-count.cc
+++ b/test/asan/TestCases/coverage-caller-callee-total-count.cc
@@ -17,13 +17,14 @@ struct Foo2 : Foo {virtual void f() {if (P) printf("%d\n", __LINE__);}};
 Foo *foo[3] = {new Foo, new Foo1, new Foo2};
 
 uintptr_t CheckNewTotalUniqueCoverageIsLargerAndReturnIt(uintptr_t old_total) {
-  uintptr_t new_total = __sanitizer_get_total_unique_coverage();
+  uintptr_t new_total = __sanitizer_get_total_unique_caller_callee_pairs();
+  fprintf(stderr, "Caller-Callee: old %zd new %zd\n", old_total, new_total);
   assert(new_total > old_total);
   return new_total;
 }
 
 int main(int argc, char **argv) {
-  uintptr_t total = CheckNewTotalUniqueCoverageIsLargerAndReturnIt(0);
+  uintptr_t total = __sanitizer_get_total_unique_caller_callee_pairs();
   foo[0]->f();
   total = CheckNewTotalUniqueCoverageIsLargerAndReturnIt(total);
   foo[1]->f();