sanitizer_coverage_fuchsia.cpp source code [compiler-rt/lib/sanitizer_common/sanitizer_coverage_fuchsia.cpp]

1	//===-- sanitizer_coverage_fuchsia.cpp ------------------------------------===//
2	//
3	// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4	// See https://llvm.org/LICENSE.txt for license information.
5	// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6	//
7	//===----------------------------------------------------------------------===//
8	//
9	// Sanitizer Coverage Controller for Trace PC Guard, Fuchsia-specific version.
10	//
11	// This Fuchsia-specific implementation uses the same basic scheme and the
12	// same simple '.sancov' file format as the generic implementation. The
13	// difference is that we just produce a single blob of output for the whole
14	// program, not a separate one per DSO. We do not sort the PC table and do
15	// not prune the zeros, so the resulting file is always as large as it
16	// would be to report 100% coverage. Implicit tracing information about
17	// the address ranges of DSOs allows offline tools to split the one big
18	// blob into separate files that the 'sancov' tool can understand.
19	//
20	// Unlike the traditional implementation that uses an atexit hook to write
21	// out data files at the end, the results on Fuchsia do not go into a file
22	// per se. The 'coverage_dir' option is ignored. Instead, they are stored
23	// directly into a shared memory object (a Zircon VMO). At exit, that VMO
24	// is handed over to a system service that's responsible for getting the
25	// data out to somewhere that it can be fed into the sancov tool (where and
26	// how is not our problem).
27
28	#include "sanitizer_platform.h"
29	#if SANITIZER_FUCHSIA
30	#include <zircon/process.h>
31	#include <zircon/sanitizer.h>
32	#include <zircon/syscalls.h>
33
34	#include "sanitizer_atomic.h"
35	#include "sanitizer_common.h"
36	#include "sanitizer_interface_internal.h"
37	#include "sanitizer_internal_defs.h"
38	# include "sanitizer_symbolizer_markup_constants.h"
39
40	using namespace __sanitizer;
41
42	namespace __sancov {
43	namespace {
44
45	// TODO(mcgrathr): Move the constant into a header shared with other impls.
46	constexpr u64 Magic64 = `0xC0BFFFFFFFFFFF64ULL`;
47	static_assert(SANITIZER_WORDSIZE == `64`, "Fuchsia is always LP64");
48
49	constexpr const char kSancovSinkName[] = "sancov";
50
51	// Collects trace-pc guard coverage.
52	// This class relies on zero-initialization.
53	class TracePcGuardController final {
54	public:
55	constexpr TracePcGuardController() {}
56
57	// For each PC location being tracked, there is a u32 reserved in global
58	// data called the "guard". At startup, we assign each guard slot a
59	// unique index into the big results array. Later during runtime, the
60	// first call to TracePcGuard (below) will store the corresponding PC at
61	// that index in the array. (Each later call with the same guard slot is
62	// presumed to be from the same PC.) Then it clears the guard slot back
63	// to zero, which tells the compiler not to bother calling in again. At
64	// the end of the run, we have a big array where each element is either
65	// zero or is a tracked PC location that was hit in the trace.
66
67	// This is called from global constructors. Each translation unit has a
68	// contiguous array of guard slots, and a constructor that calls here
69	// with the bounds of its array. Those constructors are allowed to call
70	// here more than once for the same array. Usually all of these
71	// constructors run in the initial thread, but it's possible that a
72	// dlopen call on a secondary thread will run constructors that get here.
73	void InitTracePcGuard(u32 start, u32 end) {
74	if (end > start && *start == `0` && common_flags()->coverage) {
75	// Complete the setup before filling in any guards with indices.
76	// This avoids the possibility of code called from Setup reentering
77	// TracePcGuard.
78	u32 idx = Setup(end - start);
79	for (u32 *p = start; p < end; ++p) {
80	*p = idx++;
81	}
82	}
83	}
84
85	void TracePcGuard(u32 *guard, uptr pc) {
86	atomic_uint32_t guard_ptr = reinterpret_cast<atomic_uint32_t >(guard);
87	u32 idx = atomic_exchange(guard_ptr, `0`, memory_order_relaxed);
88	if (idx > `0`)
89	array_[idx] = pc;
90	}
91
92	void Dump() {
93	Lock locked(&setup_lock_);
94	if (array_) {
95	CHECK_NE(vmo_, ZX_HANDLE_INVALID);
96
97	// Publish the VMO to the system, where it can be collected and
98	// analyzed after this process exits. This always consumes the VMO
99	// handle. Any failure is just logged and not indicated to us.
100	__sanitizer_publish_data(kSancovSinkName, vmo_);
101	vmo_ = ZX_HANDLE_INVALID;
102
103	// This will route to __sanitizer_log_write, which will ensure that
104	// information about shared libraries is written out. This message
105	// uses the `dumpfile` symbolizer markup element to highlight the
106	// dump. See the explanation for this in:
107	// https://fuchsia.googlesource.com/zircon/+/master/docs/symbolizer_markup.md
108	Printf("SanitizerCoverage: " FORMAT_DUMPFILE " with up to %u PCs\n",
109	kSancovSinkName, vmo_name_, next_index_ - `1`);
110	}
111	}
112
113	private:
114	// We map in the largest possible view into the VMO: one word
115	// for every possible 32-bit index value. This avoids the need
116	// to change the mapping when increasing the size of the VMO.
117	// We can always spare the 32G of address space.
118	static constexpr size_t MappingSize = sizeof(uptr) << `32`;
119
120	Mutex setup_lock_;
121	uptr array_ = nullptr*;
122	u32 next_index_ = `0`;
123	zx_handle_t vmo_ = {};
124	char vmo_name_[ZX_MAX_NAME_LEN] = {};
125
126	size_t DataSize() const { return next_index_ * sizeof(uintptr_t); }
127
128	u32 Setup(u32 num_guards) {
129	Lock locked(&setup_lock_);
130	DCHECK(common_flags()->coverage);
131
132	if (next_index_ == `0`) {
133	CHECK_EQ(vmo_, ZX_HANDLE_INVALID);
134	CHECK_EQ(array_, nullptr);
135
136	// The first sample goes at [1] to reserve [0] for the magic number.
137	next_index_ = `1` + num_guards;
138
139	zx_status_t status = _zx_vmo_create(DataSize(), ZX_VMO_RESIZABLE, &vmo_);
140	CHECK_EQ(status, ZX_OK);
141
142	// Give the VMO a name including our process KOID so it's easy to spot.
143	internal_snprintf(vmo_name_, sizeof(vmo_name_), "%s.%zu", kSancovSinkName,
144	internal_getpid());
145	_zx_object_set_property(vmo_, ZX_PROP_NAME, vmo_name_,
146	internal_strlen(vmo_name_));
147	uint64_t size = DataSize();
148	status = _zx_object_set_property(vmo_, ZX_PROP_VMO_CONTENT_SIZE, &size,
149	sizeof(size));
150	CHECK_EQ(status, ZX_OK);
151
152	// Map the largest possible view we might need into the VMO. Later
153	// we might need to increase the VMO's size before we can use larger
154	// indices, but we'll never move the mapping address so we don't have
155	// any multi-thread synchronization issues with that.
156	uintptr_t mapping;
157	status =
158	_zx_vmar_map(_zx_vmar_root_self(), ZX_VM_PERM_READ \| ZX_VM_PERM_WRITE,
159	`0`, vmo_, `0`, MappingSize, &mapping);
160	CHECK_EQ(status, ZX_OK);
161
162	// Hereafter other threads are free to start storing into
163	// elements [1, next_index_) of the big array.
164	array_ = reinterpret_cast<uptr *>(mapping);
165
166	// Store the magic number.
167	// Hereafter, the VMO serves as the contents of the '.sancov' file.
168	array_[`0`] = Magic64;
169
170	return `1`;
171	} else {
172	// The VMO is already mapped in, but it's not big enough to use the
173	// new indices. So increase the size to cover the new maximum index.
174
175	CHECK_NE(vmo_, ZX_HANDLE_INVALID);
176	CHECK_NE(array_, nullptr);
177
178	uint32_t first_index = next_index_;
179	next_index_ += num_guards;
180
181	zx_status_t status = _zx_vmo_set_size(vmo_, DataSize());
182	CHECK_EQ(status, ZX_OK);
183	uint64_t size = DataSize();
184	status = _zx_object_set_property(vmo_, ZX_PROP_VMO_CONTENT_SIZE, &size,
185	sizeof(size));
186	CHECK_EQ(status, ZX_OK);
187
188	return first_index;
189	}
190	}
191	};
192
193	static TracePcGuardController pc_guard_controller;
194
195	} // namespace
196	} // namespace __sancov
197
198	namespace __sanitizer {
199	void InitializeCoverage(bool enabled, const char *dir) {
200	CHECK_EQ(enabled, common_flags()->coverage);
201	CHECK_EQ(dir, common_flags()->coverage_dir);
202
203	static bool coverage_enabled = false;
204	if (!coverage_enabled) {
205	coverage_enabled = enabled;
206	Atexit(__sanitizer_cov_dump);
207	AddDieCallback(__sanitizer_cov_dump);
208	}
209	}
210	} // namespace __sanitizer
211
212	extern "C" {
213	SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_dump_coverage(const uptr *pcs,
214	uptr len) {
215	UNIMPLEMENTED();
216	}
217
218	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_pc_guard, u32 *guard) {
219	if (!*guard)
220	return;
221	__sancov::pc_guard_controller.TracePcGuard(guard, GET_CALLER_PC() - `1`);
222	}
223
224	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_pc_guard_init,
225	u32 start, u32 end) {
226	if (start == end \|\| *start)
227	return;
228	__sancov::pc_guard_controller.InitTracePcGuard(start, end);
229	}
230
231	SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_dump_trace_pc_guard_coverage() {
232	__sancov::pc_guard_controller.Dump();
233	}
234	SANITIZER_INTERFACE_ATTRIBUTE void __sanitizer_cov_dump() {
235	__sanitizer_dump_trace_pc_guard_coverage();
236	}
237	// Default empty implementations (weak). Users should redefine them.
238	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_cmp, void) {}
239	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_cmp1, void) {}
240	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_cmp2, void) {}
241	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_cmp4, void) {}
242	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_cmp8, void) {}
243	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_const_cmp1, void) {}
244	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_const_cmp2, void) {}
245	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_const_cmp4, void) {}
246	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_const_cmp8, void) {}
247	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_switch, void) {}
248	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_div4, void) {}
249	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_div8, void) {}
250	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_gep, void) {}
251	SANITIZER_INTERFACE_WEAK_DEF(void, __sanitizer_cov_trace_pc_indir, void) {}
252	} // extern "C"
253
254	#endif // !SANITIZER_FUCHSIA
255

source code of compiler-rt/lib/sanitizer_common/sanitizer_coverage_fuchsia.cpp