<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi Kostya,<div class=""><br class=""></div><div class="">I believe this recent change (r231413) caused a subtle change in behavior that is causing a test failure on the Darwin buildbot at <a href="http://lab.llvm.org:8080/green/job/clang-stage1-cmake-RA_check/2083/console" class="">http://lab.llvm.org:8080/green/job/clang-stage1-cmake-RA_check/2083/console</a>.  The test is failing for a few days already, but it’s hard to tell which exact patch caused the regression, because the bot was offline for a day and a half when it occurred.</div><div class=""><br class=""></div><div class="">I think the cause is this:  The old code in CovDump() iterates over the process map, but it intentionally skips over segments that are not executable.  The new code in DumpOffsets() asks GetModuleNameAndOffsetForPC instead, which contains a bug/feature that is triggered for in a 64-bit binary when a 4GB __PAGEZERO (with protection=0) segment is present.  In that case GetModuleNameAndOffsetForPC will say that the resulting offset is larger than 4GB, and the subsequent check in DumpOffsets that asserts `offset > 0xffffffffU` will ignore that item and not print it into the coverage file.</div><div class=""><br class=""></div><div class="">I also realized that simply ignoring __PAGEZERO in the Darwin implementation of process maps is not going to work easily, because there seems to be other code that relies on this behavior (I can’t tell if that’s a bug or a feature).  What do you think would be way to fix this?</div><div class=""><br class=""></div><div class="">Thanks,</div><div class="">Kuba</div><div class=""><br class=""></div><div class=""><blockquote type="cite" class=""><pre style="white-space: pre-wrap; background-color: rgb(255, 255, 255);" class="">Author: kcc
Date: Thu Mar  5 16:19:25 2015
New Revision: 231413

URL: <a href="http://llvm.org/viewvc/llvm-project?rev=231413&view=rev" class="">http://llvm.org/viewvc/llvm-project?rev=231413&view=rev</a>
Log:
[sanitizer] Reconstruct the function that dumps block/edge coverage, hopefully making it more robust. Also increase the allowed coverage size on 32-bit.

Modified:
    compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc
    compiler-rt/trunk/test/asan/TestCases/Linux/<a href="http://coverage-module-unloaded.cc" class="">coverage-module-unloaded.cc</a>
    compiler-rt/trunk/test/asan/TestCases/Linux/<a href="http://coverage-sandboxing.cc" class="">coverage-sandboxing.cc</a>
    compiler-rt/trunk/test/asan/TestCases/Linux/<a href="http://coverage.cc" class="">coverage.cc</a>

Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc
URL: <a href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc?rev=231413&r1=231412&r2=231413&view=diff" class="">http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc?rev=231413&r1=231412&r2=231413&view=diff</a>
==============================================================================
--- compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc (original)
+++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_coverage_libcdep.cc Thu Mar  5 16:19:25 2015
@@ -79,6 +79,8 @@ class CoverageData {
   void DumpTrace();</pre></blockquote><br class=""></div></body></html>