/* * We adjust linker script modification to place all of the stuff that needs to * persist across fuzzing runs into a contiguous section of memory. Then, it is * easy to re-map the counter-related memory as shared. */ SECTIONS { .data.fuzz_start : ALIGN(4K) { __FUZZ_COUNTERS_START = .; __start___sancov_cntrs = .; *(_*sancov_cntrs); __stop___sancov_cntrs = .; /* Lowest stack counter */ *(__sancov_lowest_stack); } } INSERT AFTER .data; SECTIONS { .data.fuzz_ordered : { /* * Coverage counters. They're not necessary for fuzzing, but are useful * for analyzing the fuzzing performance */ __start___llvm_prf_cnts = .; *(*llvm_prf_cnts); __stop___llvm_prf_cnts = .; /* Internal Libfuzzer TracePC object which contains the ValueProfileMap */ FuzzerTracePC*(.bss*); /* * In case the above line fails, explicitly specify the (mangled) name of * the object we care about */ *(.bss._ZN6fuzzer3TPCE); } } INSERT AFTER .data.fuzz_start; SECTIONS { .data.fuzz_end : ALIGN(4K) { __FUZZ_COUNTERS_END = .; } } /* * Don't overwrite the SECTIONS in the default linker script. Instead insert the * above into the default script */ INSERT AFTER .data.fuzz_ordered;