This is an archive of the discontinued LLVM Phabricator instance.

Differential D26758

[sancov] __sanitizer_dump_coverage api
ClosedPublic

Authored by aizatsky on Nov 16 2016, 11:42 AM.

Details

Reviewers
kcc
Commits
rGaaa637001a93: [sancov] __sanitizer_dump_coverage api
rCRT289498: [sancov] __sanitizer_dump_coverage api
rL289498: [sancov] __sanitizer_dump_coverage api

Diff Detail

Repository
rL LLVM

Event Timeline

aizatsky updated this revision to Diff 78233.Nov 16 2016, 11:42 AM
aizatsky retitled this revision from to [sancov] __sanitizer_dump_coverage api.
aizatsky updated this object.
Herald added subscribers: mgorny, kubamracek. · View Herald TranscriptNov 16 2016, 11:42 AM
aizatsky updated this revision to Diff 78238.Nov 16 2016, 11:45 AM

rebase

kcc added a subscriber: kcc.Nov 17 2016, 8:54 AM
kcc added inline comments.
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
67 ↗(On Diff #78238)

I don't think this code belongs here.

As I've mentioned before, we need to implement this using a public interface (which needs to be implemented).

We already have sanitizer_symbolize_pc which can give you the module and the offset,
but in an inefficient way (via converting to and from strings, etc).
Just need to implement a special interface, e.g.
int __sanitizer_get_module_and_offset_for_pc(uptr pc, char module_path[], uptr module_path_len, uptr *offset)

Symbolizer::FindModuleForAddress does what you need (or almost).
If you need more sorting/bsearching it belongs there or in LoadedModule::containsAddress

123 ↗(On Diff #78238)

avoid comment like this, if possible.

kcc added a comment.Nov 17 2016, 9:07 AM

I frankly don't remember your arguments and so I don't remember why (and if) I agreed.
Can you repeat the arguments?

kcc added a comment.Nov 17 2016, 9:20 AM

[please reply in phab, it doesn't properly line up the replies done in e-mail :( ]

I already need this API in libFuzzer.
The API could be simple, as described above (sanitizer_get_module_and_offset_for_pc())

then let's design and implement it in a separate CL.

Yes. And test.

you wanted trace-pc-guard deployed as soon as possible.

Yes, but that not a good reason to duplicate the code, and the patch partially duplicates the existing code in sanitizer_common.

To do what you are asking me to do would require changing the way LoadedModules stores the information.

Probably yes.

kcc added a comment.Nov 17 2016, 9:38 AM

Also, I suggest to implement the API w/o changing the internals, test it and submit.
Then see if it needs performance improvements.

aizatsky updated this revision to Diff 80832.Dec 8 2016, 2:58 PM

next iteration

Herald added subscribers: srhines, danalbert. · View Herald TranscriptDec 8 2016, 2:58 PM
aizatsky updated this revision to Diff 80833.Dec 8 2016, 3:09 PM

removed binary search.

aizatsky added a comment.Dec 8 2016, 3:12 PM

Kostya,

Please take another look. This is now fully functional with test passing.

I can't use __sanitizer_get_module_and_offset_for_pc because it returns char* module_name, and organizing lookup by name is problematic.

kcc added a comment.Dec 8 2016, 3:24 PM

please add a test with at least one (better, two) DSOs

lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
9 ↗(On Diff #80832)

Coverage dumper used with -fsanitize-coverage=tarce-pc-guards
(or some such)

55 ↗(On Diff #80832)

I am confused.
I thought you were going to use __sanitizer_get_module_and_offset_for_pc here.

125 ↗(On Diff #80832)

Hm... Why?
The function should be fully executed once for every DSO
(called once per every comp unit)

127 ↗(On Diff #80832)

use CHECK_NE

140 ↗(On Diff #80832)

technically speaking, this does not prevent us from a race of another sort:
we may have two threads running the same code and so they will increment pc_array_index twice for the same PC
and so you will get the same PC twice.

BTW, if something needs to be atomic, that's the *guard

I had another scheme in mind (and in the docs):

  • allocate the array of PCs according to the amount of PCs deducted from __sanitizer_cov_trace_pc_guard_init.
  • set guards to consecutive numbers starting from 1
  • here do this uptr Idx = atomic_exchange(*guard, 0); if (Idx) pc_array[Idx] = pc;
test/sanitizer_common/TestCases/sanitizer_coverage_trace_pc_guard.cc
6 ↗(On Diff #80832)

shouldn't you run this test in a separate scratch dir?
This way it may race with another test that creates sancov files.

10 ↗(On Diff #80832)

Mmm. really? I thought I've fixed it.
I guess you need to fix it before submitting this test.

kcc added a comment.Dec 8 2016, 3:26 PM
In D26758#617736, @aizatsky wrote:

Kostya,

Please take another look. This is now fully functional with test passing.

I can't use __sanitizer_get_module_and_offset_for_pc because it returns char* module_name, and organizing lookup by name is problematic.

You should not need to do any lookup by name.... See my other comments.

aizatsky added inline comments.Dec 8 2016, 3:48 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
9 ↗(On Diff #80832)

I'll have to rename the file then. I told me this will be the basis for all sanitizer coverage implementations in the future. Is this sanitizer-coverage_libcdep_tracepcguard.cc?

55 ↗(On Diff #80832)

That's why I didn't want to create it in the first place. It is useless for me right now.

I suggest we change it to return module base address, not the 'pc - base'. This way I will be able to identify module by base address.

125 ↗(On Diff #80832)

I have a check below in __sanitizer function. I'd prefer this detail to be handled over there.

140 ↗(On Diff #80832)

this would create sparse pc_array. Not sure if we want this. Besides the code now is dead-simple. I like it this way.

You are right that sometimes we can get same PC twice, but I don't think we really care about this race. What's the problem of having some PC listed twice in .sancov file? Looks harmless.

67 ↗(On Diff #78238)

see above suggestion how we can modify public API to be useful here.

aizatsky updated this revision to Diff 80847.Dec 8 2016, 4:52 PM

fixing test, sorting pcs, using api only.

aizatsky marked 2 inline comments as done.Dec 8 2016, 4:54 PM

PTAL. Sancov test works, using only api functions now.

test/sanitizer_common/TestCases/sanitizer_coverage_trace_pc_guard.cc
10 ↗(On Diff #80832)

Ahh. Missing -1 :)) Works now.

kcc added inline comments.Dec 9 2016, 1:00 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
11 ↗(On Diff #80847)

remove comment

64 ↗(On Diff #80847)

allow a special case of a zero pc (just ignore it)

84 ↗(On Diff #80847)

is this one syscall per offset?
This actually may become a perf problem.
We need a single WriteToFile per file.

96 ↗(On Diff #80847)

did you see my previous comment about DSOs?

9 ↗(On Diff #80832)

file name is fine.

test/sanitizer_common/TestCases/sanitizer_coverage_trace_pc_guard.cc
23 ↗(On Diff #80847)

I thought I added a commend asking to extend the test to have DSOs, but I can't find it now.

kcc added inline comments.Dec 9 2016, 1:23 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
140 ↗(On Diff #80832)

what's wrong with sparse array?
Its size will be limited by the total number of PCs, i.e. known at the module load time.
And it will make the code even simpler and more correct.

aizatsky updated this revision to Diff 80956.Dec 9 2016, 2:06 PM
aizatsky marked 6 inline comments as done.

multi-dso test; writing in a single call.

aizatsky added a comment.Dec 9 2016, 2:07 PM

Added a dso test, writing in a single call.

kcc added inline comments.Dec 9 2016, 2:28 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
110 ↗(On Diff #80956)

We used exactly this approach in the previous implementation.
But I continue to think that instead we need to use an array indexed by the guard (from 1 to NumPCs), see my other unresolved comment.

aizatsky updated this revision to Diff 81134.Dec 12 2016, 1:42 PM

using InternalMmapVector rather than fixed memory set.

aizatsky updated this revision to Diff 81135.Dec 12 2016, 1:43 PM

format

aizatsky added a comment.Dec 12 2016, 1:44 PM

Using InternalMmapVector for pc storage. PTAL.

kcc added inline comments.Dec 12 2016, 2:02 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
118 ↗(On Diff #81135)

hm... Why i + end - start?

The invariant here is that pc_vector.size() is max_guard_value + 1,
i.e. pc_vector[max_guard_value] is the last element.

122 ↗(On Diff #81135)

Let's do proper atomics here.
I suggest

idx = atomic_exchange(guard, 0, memory_order_acquire);
if (!idx) return;
....
kcc added inline comments.Dec 12 2016, 2:23 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
122 ↗(On Diff #81135)

memory_order_relaxed, of course

aizatsky updated this revision to Diff 81143.Dec 12 2016, 2:33 PM
aizatsky marked 3 inline comments as done.

atomic

lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
118 ↗(On Diff #81135)

obviously. The line was before the loop, I moved it below and forgot to fix it. Done.

kcc added inline comments.Dec 12 2016, 2:57 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
118 ↗(On Diff #81135)

Still hmmmm.
if the vector's size is 'i' we can't use pc_vector[i]

and just doing pc_vector.resize(i+1) won't work too, because next time you call it you will do

u32 i = pc_vector.size();

and so new 'i' will be old_i+1, which is not what you want.

I would decouple the counter and the vector size and just have another data member in TracePcGuardController

for (u32* p = start; p < end; p++) *p = ++num_guards;
pc_vector.resize(num_guards + 1);

aizatsky added inline comments.Dec 12 2016, 3:10 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
118 ↗(On Diff #81135)

I think this is exactly what I need. Let's say we call it twice. First time len=2, second time len=3.

  1. i = 0, we write 1 & 2 to *p, size = 2 afterwards
  1. i = 2, we write 3, 4, 5 to *p, size = 5
  2. i = 5 we'll write 6 to guards.
kcc added inline comments.Dec 12 2016, 3:14 PM
lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
118 ↗(On Diff #81135)

i = 0, we write 1 & 2 to *p, size = 2 afterwards

But that's wrong! :)
size of pc_vector to be 3, because few lines later you do

pc_vector[idx] = pc;

where idx is either 1 or 2.

aizatsky updated this revision to Diff 81151.Dec 12 2016, 3:17 PM

using idx - 1

lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc
118 ↗(On Diff #81135)

I see what you mean. It's actually correct to do

pc_vector[idx - 1] = pc, since we start idx from 1. Fixed. I'll try to trigger it in the test.

kcc accepted this revision.Dec 12 2016, 3:29 PM
kcc added a reviewer: kcc.

LGTM

This revision is now accepted and ready to land.Dec 12 2016, 3:29 PM
Closed by commit rL289498: [sancov] __sanitizer_dump_coverage api (authored by aizatsky). · Explain WhyDec 12 2016, 3:55 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
compiler-rt/
trunk/
include/
sanitizer/
5 lines
lib/
sanitizer_common/
1 line
7 lines
5 lines
165 lines
11 lines
test/
sanitizer_common/
TestCases/
72 lines
35 lines

Diff 81157

compiler-rt/trunk/include/sanitizer/coverage_interface.h

Show All 17 Lines
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
// Initialize coverage. // Initialize coverage.
void __sanitizer_cov_init(); void __sanitizer_cov_init();
// Record and dump coverage info. // Record and dump coverage info.
void __sanitizer_cov_dump(); void __sanitizer_cov_dump();
// Dump collected coverage info. Sorts pcs by module into individual
// .sancov files.
void __sanitizer_dump_coverage(const uintptr_t *pcs, uintptr_t len);
// Open <name>.sancov.packed in the coverage directory and return the file // Open <name>.sancov.packed in the coverage directory and return the file
// descriptor. Returns -1 on failure, or if coverage dumping is disabled. // descriptor. Returns -1 on failure, or if coverage dumping is disabled.
// This is intended for use by sandboxing code. // This is intended for use by sandboxing code.
intptr_t __sanitizer_maybe_open_cov_file(const char *name); intptr_t __sanitizer_maybe_open_cov_file(const char *name);
// Get the number of unique covered blocks (or edges). // Get the number of unique covered blocks (or edges).
// This can be useful for coverage-directed in-process fuzzers. // This can be useful for coverage-directed in-process fuzzers.
uintptr_t __sanitizer_get_total_unique_coverage(); uintptr_t __sanitizer_get_total_unique_coverage();
// Get the number of unique indirect caller-callee pairs. // Get the number of unique indirect caller-callee pairs.
Show All 33 Lines

compiler-rt/trunk/lib/sanitizer_common/CMakeLists.txt

Show First 20 LinesShow All 47 Lines▼ Show 20 Lines
# SANITIZER_LIBCDEP_SOURCES when sanitizer_common library must not depend on # SANITIZER_LIBCDEP_SOURCES when sanitizer_common library must not depend on
# libc. # libc.
set(SANITIZER_NOLIBC_SOURCES set(SANITIZER_NOLIBC_SOURCES
sanitizer_common_nolibc.cc) sanitizer_common_nolibc.cc)
set(SANITIZER_LIBCDEP_SOURCES set(SANITIZER_LIBCDEP_SOURCES
sanitizer_common_libcdep.cc sanitizer_common_libcdep.cc
sanitizer_coverage_libcdep.cc sanitizer_coverage_libcdep.cc
sanitizer_coverage_libcdep_new.cc
sanitizer_coverage_mapping_libcdep.cc sanitizer_coverage_mapping_libcdep.cc
sanitizer_linux_libcdep.cc sanitizer_linux_libcdep.cc
sanitizer_posix_libcdep.cc sanitizer_posix_libcdep.cc
sanitizer_stacktrace_libcdep.cc sanitizer_stacktrace_libcdep.cc
sanitizer_stoptheworld_linux_libcdep.cc sanitizer_stoptheworld_linux_libcdep.cc
sanitizer_symbolizer_libcdep.cc sanitizer_symbolizer_libcdep.cc
sanitizer_symbolizer_posix_libcdep.cc sanitizer_symbolizer_posix_libcdep.cc
sanitizer_unwind_linux_libcdep.cc) sanitizer_unwind_linux_libcdep.cc)
▲ Show 20 LinesShow All 125 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_common.h

Show First 20 LinesShow All 541 Lines▼ Show 20 Lines const T *data() const {
return data_; return data_;
} }
T *data() { T *data() {
return data_; return data_;
} }
uptr capacity() const { uptr capacity() const {
return capacity_; return capacity_;
} }
void resize(uptr new_size) {
Resize(new_size);
if (new_size > size_) {
internal_memset(&data_[size_], 0, sizeof(T) * (new_size - size_));
}
size_ = new_size;
}
void clear() { size_ = 0; } void clear() { size_ = 0; }
bool empty() const { return size() == 0; } bool empty() const { return size() == 0; }
const T *begin() const { const T *begin() const {
return data(); return data();
} }
T *begin() { T *begin() {
▲ Show 20 LinesShow All 320 LinesShow Last 20 Lines

compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc

Show First 20 LinesShow All 948 Lines▼ Show 20 Lines
} }
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_init() { SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_init() {
coverage_enabled = true; coverage_enabled = true;
coverage_dir = common_flags()->coverage_dir; coverage_dir = common_flags()->coverage_dir;
coverage_data.Init(); coverage_data.Init();
} }
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_dump() { SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_dump() {
coverage_data.DumpAll(); coverage_data.DumpAll();
__sanitizer_dump_trace_pc_guard_coverage();
} }
SANITIZER_INTERFACE_ATTRIBUTE void SANITIZER_INTERFACE_ATTRIBUTE void
__sanitizer_cov_module_init(s32 *guards, uptr npcs, u8 *counters, __sanitizer_cov_module_init(s32 *guards, uptr npcs, u8 *counters,
const char *comp_unit_name) { const char *comp_unit_name) {
coverage_data.InitializeGuards(guards, npcs, comp_unit_name, GET_CALLER_PC()); coverage_data.InitializeGuards(guards, npcs, comp_unit_name, GET_CALLER_PC());
coverage_data.InitializeCounters(counters, npcs); coverage_data.InitializeCounters(counters, npcs);
if (!common_flags()->coverage_direct) return; if (!common_flags()->coverage_direct) return;
if (SANITIZER_ANDROID && coverage_enabled) { if (SANITIZER_ANDROID && coverage_enabled) {
▲ Show 20 LinesShow All 66 Lines▼ Show 20 Lines
void __sanitizer_cov_trace_switch() {} void __sanitizer_cov_trace_switch() {}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_cov_trace_div4() {} void __sanitizer_cov_trace_div4() {}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_cov_trace_div8() {} void __sanitizer_cov_trace_div8() {}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_cov_trace_gep() {} void __sanitizer_cov_trace_gep() {}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_cov_trace_pc_guard() {}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_cov_trace_pc_indir() {} void __sanitizer_cov_trace_pc_indir() {}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_cov_trace_pc_guard_init() {}
#endif // !SANITIZER_WINDOWS #endif // !SANITIZER_WINDOWS
} // extern "C" } // extern "C"

compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep_new.cc

//===-- sanitizer_coverage_libcdep_new.cc ---------------------------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
// Sanitizer Coverage Controller for Trace PC Guard.
#include "sanitizer_allocator_internal.h"
#include "sanitizer_atomic.h"
#include "sanitizer_common.h"
#include "sanitizer_symbolizer.h"
using namespace __sanitizer;
using AddressRange = LoadedModule::AddressRange;
namespace {
static const u64 Magic64 = 0xC0BFFFFFFFFFFF64ULL;
static const u64 Magic32 = 0xC0BFFFFFFFFFFF32ULL;
static const u64 Magic = SANITIZER_WORDSIZE == 64 ? Magic64 : Magic32;
static fd_t OpenFile(const char* path) {
error_t err;
fd_t fd = OpenFile(path, WrOnly, &err);
if (fd == kInvalidFd)
Report("SanitizerCoverage: failed to open %s for writing (reason: %d)\n",
path, err);
return fd;
}
static void GetCoverageFilename(char* path, const char* name,
const char* extension) {
CHECK(name);
internal_snprintf(path, kMaxPathLength, "%s/%s.%zd.%s",
common_flags()->coverage_dir, name, internal_getpid(),
extension);
}
static void WriteModuleCoverage(char* file_path, const char* module_name,
const uptr* pcs, uptr len) {
GetCoverageFilename(file_path, StripModuleName(module_name), "sancov");
fd_t fd = OpenFile(file_path);
WriteToFile(fd, &Magic, sizeof(Magic));
WriteToFile(fd, pcs, len * sizeof(*pcs));
CloseFile(fd);
Printf("SanitizerCoverage: %s %zd PCs written\n", file_path, len);
}
static void SanitizerDumpCoverage(const uptr* unsorted_pcs, uptr len) {
if (!len) return;
char* file_path = static_cast<char*>(InternalAlloc(kMaxPathLength));
char* module_name = static_cast<char*>(InternalAlloc(kMaxPathLength));
uptr* pcs = static_cast<uptr*>(InternalAlloc(len * sizeof(uptr)));
internal_memcpy(pcs, unsorted_pcs, len * sizeof(uptr));
SortArray(pcs, len);
bool module_found = false;
uptr last_base = 0;
uptr module_start_idx = 0;
for (uptr i = 0; i < len; ++i) {
const uptr pc = pcs[i];
if (!pc) continue;
if (!__sanitizer_get_module_and_offset_for_pc(pc, nullptr, 0, &pcs[i])) {
Printf("ERROR: bad pc %x\n", pc);
continue;
}
uptr module_base = pc - pcs[i];
if (module_base != last_base || !module_found) {
if (module_found) {
WriteModuleCoverage(file_path, module_name, &pcs[module_start_idx],
i - module_start_idx);
}
last_base = module_base;
module_start_idx = i;
module_found = true;
__sanitizer_get_module_and_offset_for_pc(pc, module_name, kMaxPathLength,
&pcs[i]);
}
}
if (module_found) {
WriteModuleCoverage(file_path, module_name, &pcs[module_start_idx],
len - module_start_idx);
}
InternalFree(file_path);
InternalFree(module_name);
InternalFree(pcs);
}
// Collects trace-pc guard coverage.
// This class relies on zero-initialization.
class TracePcGuardController {
public:
void Initialize() {
CHECK(!initialized);
initialized = true;
pc_vector.Initialize(0);
}
void InitTracePcGuard(u32* start, u32* end) {
if (!initialized) Initialize();
CHECK(!*start);
CHECK_NE(start, end);
u32 i = pc_vector.size();
for (u32* p = start; p < end; p++) *p = ++i;
pc_vector.resize(i);
}
void TracePcGuard(u32* guard, uptr pc) {
atomic_uint32_t* guard_ptr = reinterpret_cast<atomic_uint32_t*>(guard);
u32 idx = atomic_exchange(guard_ptr, 0, memory_order_relaxed);
if (!idx) return;
// we start indices from 1.
pc_vector[idx - 1] = pc;
}
void Dump() {
if (!initialized) return;
__sanitizer_dump_coverage(pc_vector.data(), pc_vector.size());
}
private:
bool initialized;
InternalMmapVectorNoCtor<uptr> pc_vector;
};
static TracePcGuardController pc_guard_controller;
}; // namespace
extern "C" {
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_dump_coverage( // NOLINT
const uptr* pcs, uptr len) {
return SanitizerDumpCoverage(pcs, len);
}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE void
__sanitizer_cov_trace_pc_guard(u32* guard) {
if (!*guard) return;
pc_guard_controller.TracePcGuard(guard, GET_CALLER_PC() - 1);
}
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE void
__sanitizer_cov_trace_pc_guard_init(u32* start, u32* end) {
if (start == end || *start) return;
pc_guard_controller.InitTracePcGuard(start, end);
}
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_dump_trace_pc_guard_coverage() {
pc_guard_controller.Dump();
}
} // extern "C"

compiler-rt/trunk/lib/sanitizer_common/sanitizer_interface_internal.h

Show All 40 Lines SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE void
__sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args); __sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args);
// This function is called by the tool when it has just finished reporting // This function is called by the tool when it has just finished reporting
// an error. 'error_summary' is a one-line string that summarizes // an error. 'error_summary' is a one-line string that summarizes
// the error message. This function can be overridden by the client. // the error message. This function can be overridden by the client.
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_WEAK_ATTRIBUTE
void __sanitizer_report_error_summary(const char *error_summary); void __sanitizer_report_error_summary(const char *error_summary);
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_dump();
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_init(); SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_init();
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_dump();
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_dump_coverage(
const __sanitizer::uptr *pcs, const __sanitizer::uptr len);
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_dump_trace_pc_guard_coverage();
SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov(__sanitizer::u32 *guard); SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov(__sanitizer::u32 *guard);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
void __sanitizer_annotate_contiguous_container(const void *beg, void __sanitizer_annotate_contiguous_container(const void *beg,
const void *end, const void *end,
const void *old_mid, const void *old_mid,
const void *new_mid); const void *new_mid);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
int __sanitizer_verify_contiguous_container(const void *beg, const void *mid, int __sanitizer_verify_contiguous_container(const void *beg, const void *mid,
const void *end); const void *end);
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
const void *__sanitizer_contiguous_container_find_bad_address( const void *__sanitizer_contiguous_container_find_bad_address(
const void *beg, const void *mid, const void *end); const void *beg, const void *mid, const void *end);
SANITIZER_INTERFACE_ATTRIBUTE
int __sanitizer_get_module_and_offset_for_pc(
__sanitizer::uptr pc, char *module_path,
__sanitizer::uptr module_path_len, __sanitizer::uptr *pc_offset);
} // extern "C" } // extern "C"
#endif // SANITIZER_INTERFACE_INTERNAL_H #endif // SANITIZER_INTERFACE_INTERNAL_H

compiler-rt/trunk/test/sanitizer_common/TestCases/sanitizer_coverage_trace_pc_guard-dso.cc

// Tests trace pc guard coverage collection.
//
// REQUIRES: has_sancovcc
// XFAIL: tsan
//
// RUN: DIR=%t_workdir
// RUN: CLANG_ARGS="-O0 -fsanitize-coverage=trace-pc-guard"
// RUN: rm -rf $DIR
// RUN: mkdir -p $DIR
// RUN: cd $DIR
// RUN: %clangxx -DSHARED1 $CLANG_ARGS -shared %s -o %t_1.so -fPIC
// RUN: %clangxx -DSHARED2 $CLANG_ARGS -shared %s -o %t_2.so -fPIC
// RUN: %clangxx -DMAIN $CLANG_ARGS %s -o %t %t_1.so %t_2.so
// RUN: %env_tool_opts=coverage=1 %t 2>&1 | FileCheck %s
// RUN: %sancovcc -covered-functions -strip_path_prefix=TestCases/ *.sancov \
// RUN: %t %t_1.so %t_2.so 2>&1 | \
// RUN: FileCheck --check-prefix=CHECK-SANCOV %s
// RUN: rm -rf $DIR
#include <stdio.h>
extern "C" {
int bar();
int baz();
}
#ifdef MAIN
int foo() {
fprintf(stderr, "foo\n");
return 1;
}
int main() {
fprintf(stderr, "main\n");
foo();
bar();
baz();
}
#endif // MAIN
extern "C" {
#ifdef SHARED1
int bar() {
fprintf(stderr, "bar\n");
return 1;
}
#endif
#ifdef SHARED2
int baz() {
fprintf(stderr, "baz\n");
return 1;
}
#endif
} // extern "C"
// CHECK: main
// CHECK-NEXT: foo
// CHECK-NEXT: bar
// CHECK-NEXT: baz
// CHECK-NEXT: SanitizerCoverage: ./sanitizer_coverage_trace_pc_guard-dso.{{.*}}.sancov 2 PCs written
// CHECK-NEXT: SanitizerCoverage: ./sanitizer_coverage_trace_pc_guard-dso.{{.*}}_2.so.{{.*}}.sancov 1 PCs written
// CHECK-NEXT: SanitizerCoverage: ./sanitizer_coverage_trace_pc_guard-dso.{{.*}}_1.so.{{.*}}.sancov 1 PCs written
//
// CHECK-SANCOV: Ignoring {{.*}}_1.so and its coverage because __sanitizer_cov* functions were not found.
// CHECK-SANCOV: Ignoring {{.*}}_2.so and its coverage because __sanitizer_cov* functions were not found.
// CHECK-SANCOV-NEXT: sanitizer_coverage_trace_pc_guard-dso.cc:29 foo
// CHECK-SANCOV-NEXT: sanitizer_coverage_trace_pc_guard-dso.cc:34 main

compiler-rt/trunk/test/sanitizer_common/TestCases/sanitizer_coverage_trace_pc_guard.cc

// Tests trace pc guard coverage collection.
//
// REQUIRES: has_sancovcc
// XFAIL: tsan
//
// RUN: DIR=%t_workdir
// RUN: rm -rf $DIR
// RUN: mkdir -p $DIR
// RUN: cd $DIR
// RUN: %clangxx -O0 -fsanitize-coverage=trace-pc-guard %s -ldl -o %t
// RUN: %env_tool_opts=coverage=1 %t 2>&1 | FileCheck %s
// RUN: %sancovcc -covered-functions -strip_path_prefix=TestCases/ *.sancov %t 2>&1 | \
// RUN: FileCheck --check-prefix=CHECK-SANCOV %s
// RUN: rm -rf $DIR
#include <stdio.h>
int foo() {
fprintf(stderr, "foo\n");
return 1;
}
int main() {
fprintf(stderr, "main\n");
foo();
foo();
}
// CHECK: main
// CHECK-NEXT: foo
// CHECK-NEXT: foo
// CHECK-NEXT: SanitizerCoverage: ./sanitizer_coverage_trace_pc_guard.{{.*}}.sancov 2 PCs written
//
// CHECK-SANCOV: sanitizer_coverage_trace_pc_guard.cc:18 foo
// CHECK-SANCOV-NEXT: sanitizer_coverage_trace_pc_guard.cc:23 main