This is an archive of the discontinued LLVM Phabricator instance.

Differential D28434

[Sanitizer Coverage] Fix Instrumentation to work on Windows.
ClosedPublic

Authored by mpividori on Jan 6 2017, 8:18 PM.

Details

Reviewers
kcc
zturner
aizatsky
rnk
Commits
rGdb5a5655141c: [sanitizer coverage] Fix Instrumentation to work on Windows.
rL293987: [sanitizer coverage] Fix Instrumentation to work on Windows.
Summary

Hi,

I modified Sanitizer Coverage Instrumentation's code, to work on Windows.
In Windows, the symbols "___stop___sancov_guards" and "___start___sancov_guards" are not defined automatically.
So, we need to take a different approach.

As suggested in: https://msdn.microsoft.com/en-us/library/7977wcck.aspx
I define 3 sections: ".SCOV$A", ".SCOV$M" and ".SCOV$Z".

  • Section ".SCOV$A" will only hold a variable ___start___sancov_guard.
  • Section ".SCOV$M" will hold the main data.
  • Section ".SCOV$Z" will only hold a variable ___stop___sancov_guards.

When linking, they will be merged sorted by the characters after the $, so we can use the pointers of the variables ___[start|stop]___sancov_guard to know the actual range of addresses of that section.

___[start|stop]___sancov_guard should be defined only once per module, because of that, I include them inside the static asan runtime: "clang_rt.asan_dynamic_runtime_thunk", that will be included in both, dlls and executables (that changes are in a different diff).

In this diff, I updated the instrumentation to include all the guard arrays in section ".SCOV$M".

Diff Detail

Repository
rL LLVM

Event Timeline

mpividori updated this revision to Diff 83493.Jan 6 2017, 8:18 PM
mpividori retitled this revision from to [Sanitizer Coverage] Fix Instrumentation to work on Windows..
mpividori updated this object.
mpividori added reviewers: kcc, aizatsky, rnk, zturner.
mpividori set the repository for this revision to rL LLVM.
mpividori added a subscriber: llvm-commits.
rnk added inline comments.Jan 9 2017, 1:18 PM
lib/Transforms/Instrumentation/SanitizerCoverage.cpp
372–387 ↗(On Diff #83493)

I don't think we need this dynamic initialization in every TU on Windows. If ___start___sancov_guard is linked statically into every DLL, we can add code to that object file to call __sanitizer_cov_trace_pc_guard_init on Windows.

mpividori added inline comments.Jan 9 2017, 2:42 PM
lib/Transforms/Instrumentation/SanitizerCoverage.cpp
372–387 ↗(On Diff #83493)

@rnk, do you mean register this function in the section ".CRT$XCU" , like you do with register_dso_globals? Yes, I agree.
Here, I just updated the code to do the same than on linux. I think we can improve this as you suggest, also for linux.

mpividori added inline comments.Jan 23 2017, 3:30 PM
lib/Transforms/Instrumentation/SanitizerCoverage.cpp
372–387 ↗(On Diff #83493)

@rnk I think this approach is ok for now, so we do the same than for linux, and we simplify the code.

rnk accepted this revision.Jan 23 2017, 3:37 PM

lgtm

lib/Transforms/Instrumentation/SanitizerCoverage.cpp
372–387 ↗(On Diff #83493)

Yeah, definitely OK for now. Eventually we should do the .CRT$XCU thing, though. It's nicer.

This revision is now accepted and ready to land.Jan 23 2017, 3:37 PM
mpividori updated this revision to Diff 86908.Feb 2 2017, 3:37 PM

Updated diff after rebase. It is slightly different because of some new commits.

Closed by commit rL293987: [sanitizer coverage] Fix Instrumentation to work on Windows. (authored by mpividori). · Explain WhyFeb 2 2017, 5:19 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
llvm/
trunk/
lib/
Transforms/
Instrumentation/
50 lines

Diff 86927

llvm/trunk/lib/Transforms/Instrumentation/SanitizerCoverage.cpp

Show First 20 LinesShow All 132 Lines▼ Show 20 Lines
// The counters are not thread-friendly: // The counters are not thread-friendly:
// - contention on these counters may cause significant slowdown; // - contention on these counters may cause significant slowdown;
// - the counter updates are racy and the results may be inaccurate. // - the counter updates are racy and the results may be inaccurate.
// They are also inaccurate due to 8-bit integer overflow. // They are also inaccurate due to 8-bit integer overflow.
static cl::opt<bool> ClUse8bitCounters("sanitizer-coverage-8bit-counters", static cl::opt<bool> ClUse8bitCounters("sanitizer-coverage-8bit-counters",
cl::desc("Experimental 8-bit counters"), cl::desc("Experimental 8-bit counters"),
cl::Hidden, cl::init(false)); cl::Hidden, cl::init(false));
static StringRef getSanCovTracePCGuardSection(const Module &M) {
return Triple(M.getTargetTriple()).isOSBinFormatMachO()
? "__DATA,__sancov_guards"
: "__sancov_guards";
}
static StringRef getSanCovTracePCGuardSectionStart(const Module &M) {
return Triple(M.getTargetTriple()).isOSBinFormatMachO()
? "\1section$start$__DATA$__sancov_guards"
: "__start___sancov_guards";
}
static StringRef getSanCovTracePCGuardSectionEnd(const Module &M) {
return Triple(M.getTargetTriple()).isOSBinFormatMachO()
? "\1section$end$__DATA$__sancov_guards"
: "__stop___sancov_guards";
}
namespace { namespace {
SanitizerCoverageOptions getOptions(int LegacyCoverageLevel) { SanitizerCoverageOptions getOptions(int LegacyCoverageLevel) {
SanitizerCoverageOptions Res; SanitizerCoverageOptions Res;
switch (LegacyCoverageLevel) { switch (LegacyCoverageLevel) {
case 0: case 0:
Res.CoverageType = SanitizerCoverageOptions::SCK_None; Res.CoverageType = SanitizerCoverageOptions::SCK_None;
break; break;
▲ Show 20 LinesShow All 61 Lines▼ Show 20 Linesprivate:
void SetNoSanitizeMetadata(Instruction *I); void SetNoSanitizeMetadata(Instruction *I);
void InjectCoverageAtBlock(Function &F, BasicBlock &BB, size_t Idx, void InjectCoverageAtBlock(Function &F, BasicBlock &BB, size_t Idx,
bool UseCalls); bool UseCalls);
unsigned NumberOfInstrumentedBlocks() { unsigned NumberOfInstrumentedBlocks() {
return SanCovFunction->getNumUses() + return SanCovFunction->getNumUses() +
SanCovWithCheckFunction->getNumUses() + SanCovTraceBB->getNumUses() + SanCovWithCheckFunction->getNumUses() + SanCovTraceBB->getNumUses() +
SanCovTraceEnter->getNumUses(); SanCovTraceEnter->getNumUses();
} }
StringRef getSanCovTracePCGuardSection() const;
StringRef getSanCovTracePCGuardSectionStart() const;
StringRef getSanCovTracePCGuardSectionEnd() const;
Function *SanCovFunction; Function *SanCovFunction;
Function *SanCovWithCheckFunction; Function *SanCovWithCheckFunction;
Function *SanCovIndirCallFunction, *SanCovTracePCIndir; Function *SanCovIndirCallFunction, *SanCovTracePCIndir;
Function *SanCovTraceEnter, *SanCovTraceBB, *SanCovTracePC, *SanCovTracePCGuard; Function *SanCovTraceEnter, *SanCovTraceBB, *SanCovTracePC, *SanCovTracePCGuard;
Function *SanCovTraceCmpFunction[4]; Function *SanCovTraceCmpFunction[4];
Function *SanCovTraceDivFunction[2]; Function *SanCovTraceDivFunction[2];
Function *SanCovTraceGepFunction; Function *SanCovTraceGepFunction;
Function *SanCovTraceSwitchFunction; Function *SanCovTraceSwitchFunction;
InlineAsm *EmptyAsm; InlineAsm *EmptyAsm;
Type *IntptrTy, *IntptrPtrTy, *Int64Ty, *Int64PtrTy, *Int32Ty, *Int32PtrTy; Type *IntptrTy, *IntptrPtrTy, *Int64Ty, *Int64PtrTy, *Int32Ty, *Int32PtrTy;
Module *CurModule; Module *CurModule;
Triple TargetTriple;
LLVMContext *C; LLVMContext *C;
const DataLayout *DL; const DataLayout *DL;
GlobalVariable *GuardArray; GlobalVariable *GuardArray;
GlobalVariable *FunctionGuardArray; // for trace-pc-guard. GlobalVariable *FunctionGuardArray; // for trace-pc-guard.
GlobalVariable *EightBitCounterArray; GlobalVariable *EightBitCounterArray;
bool HasSancovGuardsSection; bool HasSancovGuardsSection;
SanitizerCoverageOptions Options; SanitizerCoverageOptions Options;
}; };
} // namespace } // namespace
bool SanitizerCoverageModule::runOnModule(Module &M) { bool SanitizerCoverageModule::runOnModule(Module &M) {
if (Options.CoverageType == SanitizerCoverageOptions::SCK_None) if (Options.CoverageType == SanitizerCoverageOptions::SCK_None)
return false; return false;
C = &(M.getContext()); C = &(M.getContext());
DL = &M.getDataLayout(); DL = &M.getDataLayout();
CurModule = &M; CurModule = &M;
TargetTriple = Triple(M.getTargetTriple());
HasSancovGuardsSection = false; HasSancovGuardsSection = false;
IntptrTy = Type::getIntNTy(*C, DL->getPointerSizeInBits()); IntptrTy = Type::getIntNTy(*C, DL->getPointerSizeInBits());
IntptrPtrTy = PointerType::getUnqual(IntptrTy); IntptrPtrTy = PointerType::getUnqual(IntptrTy);
Type *VoidTy = Type::getVoidTy(*C); Type *VoidTy = Type::getVoidTy(*C);
IRBuilder<> IRB(*C); IRBuilder<> IRB(*C);
Type *Int8PtrTy = PointerType::getUnqual(IRB.getInt8Ty()); Type *Int8PtrTy = PointerType::getUnqual(IRB.getInt8Ty());
Int64PtrTy = PointerType::getUnqual(IRB.getInt64Ty()); Int64PtrTy = PointerType::getUnqual(IRB.getInt64Ty());
Int32PtrTy = PointerType::getUnqual(IRB.getInt32Ty()); Int32PtrTy = PointerType::getUnqual(IRB.getInt32Ty());
▲ Show 20 LinesShow All 103 Lines▼ Show 20 Linesbool SanitizerCoverageModule::runOnModule(Module &M) {
GlobalVariable *ModuleName = new GlobalVariable( GlobalVariable *ModuleName = new GlobalVariable(
M, ModNameStrConst->getType(), true, GlobalValue::PrivateLinkage, M, ModNameStrConst->getType(), true, GlobalValue::PrivateLinkage,
ModNameStrConst, "__sancov_gen_modname"); ModNameStrConst, "__sancov_gen_modname");
if (Options.TracePCGuard) { if (Options.TracePCGuard) {
if (HasSancovGuardsSection) { if (HasSancovGuardsSection) {
Function *CtorFunc; Function *CtorFunc;
GlobalVariable *SecStart = new GlobalVariable( GlobalVariable *SecStart = new GlobalVariable(
M, Int32PtrTy, false, GlobalVariable::ExternalLinkage, nullptr, M, Int32PtrTy, false, GlobalVariable::ExternalLinkage, nullptr,
getSanCovTracePCGuardSectionStart(*CurModule)); getSanCovTracePCGuardSectionStart());
SecStart->setVisibility(GlobalValue::HiddenVisibility); SecStart->setVisibility(GlobalValue::HiddenVisibility);
GlobalVariable *SecEnd = new GlobalVariable( GlobalVariable *SecEnd = new GlobalVariable(
M, Int32PtrTy, false, GlobalVariable::ExternalLinkage, nullptr, M, Int32PtrTy, false, GlobalVariable::ExternalLinkage, nullptr,
getSanCovTracePCGuardSectionEnd(*CurModule)); getSanCovTracePCGuardSectionEnd());
SecEnd->setVisibility(GlobalValue::HiddenVisibility); SecEnd->setVisibility(GlobalValue::HiddenVisibility);
std::tie(CtorFunc, std::ignore) = createSanitizerCtorAndInitFunctions( std::tie(CtorFunc, std::ignore) = createSanitizerCtorAndInitFunctions(
M, SanCovModuleCtorName, SanCovTracePCGuardInitName, M, SanCovModuleCtorName, SanCovTracePCGuardInitName,
{Int32PtrTy, Int32PtrTy}, {Int32PtrTy, Int32PtrTy},
{IRB.CreatePointerCast(SecStart, Int32PtrTy), {IRB.CreatePointerCast(SecStart, Int32PtrTy),
IRB.CreatePointerCast(SecEnd, Int32PtrTy)}); IRB.CreatePointerCast(SecEnd, Int32PtrTy)});
▲ Show 20 LinesShow All 131 Lines▼ Show 20 Linesvoid SanitizerCoverageModule::CreateFunctionGuardArray(size_t NumGuards,
if (!Options.TracePCGuard) return; if (!Options.TracePCGuard) return;
HasSancovGuardsSection = true; HasSancovGuardsSection = true;
ArrayType *ArrayOfInt32Ty = ArrayType::get(Int32Ty, NumGuards); ArrayType *ArrayOfInt32Ty = ArrayType::get(Int32Ty, NumGuards);
FunctionGuardArray = new GlobalVariable( FunctionGuardArray = new GlobalVariable(
*CurModule, ArrayOfInt32Ty, false, GlobalVariable::PrivateLinkage, *CurModule, ArrayOfInt32Ty, false, GlobalVariable::PrivateLinkage,
Constant::getNullValue(ArrayOfInt32Ty), "__sancov_gen_"); Constant::getNullValue(ArrayOfInt32Ty), "__sancov_gen_");
if (auto Comdat = F.getComdat()) if (auto Comdat = F.getComdat())
FunctionGuardArray->setComdat(Comdat); FunctionGuardArray->setComdat(Comdat);
FunctionGuardArray->setSection(getSanCovTracePCGuardSection(*CurModule)); FunctionGuardArray->setSection(getSanCovTracePCGuardSection());
} }
bool SanitizerCoverageModule::InjectCoverage(Function &F, bool SanitizerCoverageModule::InjectCoverage(Function &F,
ArrayRef<BasicBlock *> AllBlocks) { ArrayRef<BasicBlock *> AllBlocks) {
if (AllBlocks.empty()) return false; if (AllBlocks.empty()) return false;
switch (Options.CoverageType) { switch (Options.CoverageType) {
case SanitizerCoverageOptions::SCK_None: case SanitizerCoverageOptions::SCK_None:
return false; return false;
▲ Show 20 LinesShow All 221 Lines▼ Show 20 Lines if (Options.Use8bitCounters) {
LoadInst *LI = IRB.CreateLoad(P); LoadInst *LI = IRB.CreateLoad(P);
Value *Inc = IRB.CreateAdd(LI, ConstantInt::get(IRB.getInt8Ty(), 1)); Value *Inc = IRB.CreateAdd(LI, ConstantInt::get(IRB.getInt8Ty(), 1));
StoreInst *SI = IRB.CreateStore(Inc, P); StoreInst *SI = IRB.CreateStore(Inc, P);
SetNoSanitizeMetadata(LI); SetNoSanitizeMetadata(LI);
SetNoSanitizeMetadata(SI); SetNoSanitizeMetadata(SI);
} }
} }
StringRef SanitizerCoverageModule::getSanCovTracePCGuardSection() const {
if (TargetTriple.getObjectFormat() == Triple::COFF)
return ".SCOV$M";
if (TargetTriple.isOSBinFormatMachO())
return "__DATA,__sancov_guards";
return "__sancov_guards";
}
StringRef SanitizerCoverageModule::getSanCovTracePCGuardSectionStart() const {
if (TargetTriple.isOSBinFormatMachO())
return "\1section$start$__DATA$__sancov_guards";
return "__start___sancov_guards";
}
StringRef SanitizerCoverageModule::getSanCovTracePCGuardSectionEnd() const {
if (TargetTriple.isOSBinFormatMachO())
return "\1section$end$__DATA$__sancov_guards";
return "__stop___sancov_guards";
}
char SanitizerCoverageModule::ID = 0; char SanitizerCoverageModule::ID = 0;
INITIALIZE_PASS_BEGIN(SanitizerCoverageModule, "sancov", INITIALIZE_PASS_BEGIN(SanitizerCoverageModule, "sancov",
"SanitizerCoverage: TODO." "SanitizerCoverage: TODO."
"ModulePass", "ModulePass",
false, false) false, false)
INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass) INITIALIZE_PASS_DEPENDENCY(DominatorTreeWrapperPass)
INITIALIZE_PASS_DEPENDENCY(PostDominatorTreeWrapperPass) INITIALIZE_PASS_DEPENDENCY(PostDominatorTreeWrapperPass)
INITIALIZE_PASS_END(SanitizerCoverageModule, "sancov", INITIALIZE_PASS_END(SanitizerCoverageModule, "sancov",
"SanitizerCoverage: TODO." "SanitizerCoverage: TODO."
"ModulePass", "ModulePass",
false, false) false, false)
ModulePass *llvm::createSanitizerCoverageModulePass( ModulePass *llvm::createSanitizerCoverageModulePass(
const SanitizerCoverageOptions &Options) { const SanitizerCoverageOptions &Options) {
return new SanitizerCoverageModule(Options); return new SanitizerCoverageModule(Options);
} }