Skip to content

Commit 7b1eff1

Browse files
keeskees
committed
[sancov] Document -fsanitize-coverage=stack-depth
Add documentation to detail the behaviors of the stack-depth tracer, including the new -fsanitize-coverage-stack-depth-callback-min=N argument.
1 parent 03e2eea commit 7b1eff1

File tree

1 file changed

+43
-0
lines changed

1 file changed

+43
-0
lines changed

clang/docs/SanitizerCoverage.rst

+43
Original file line numberDiff line numberDiff line change
@@ -385,6 +385,49 @@ Users need to implement a single function to capture the CF table at startup:
385385
// the collected control flow.
386386
}
387387
388+
Tracing Stack Depth
389+
===================
390+
391+
With ``-fsanitize-coverage=stack-depth`` the compiler will track how much
392+
stack space has been used for a function call chain. Leaf functions are
393+
not included in this tracing.
394+
395+
The maximum depth of a function call graph is stored in the thread-local
396+
``__sancov_lowest_stack`` variable. Instrumentation is inserted in every
397+
non-leaf function to check the stack pointer against this variable,
398+
and if it is lower, store the current stack pointer. This effectively
399+
inserts the following:
400+
401+
.. code-block:: c++
402+
403+
thread_local uintptr_t __sancov_lowest_stack;
404+
405+
uintptr_t stack = (uintptr_t)__builtin_frame_address(0);
406+
if (stack < __sancov_lowest_stack)
407+
__sancov_lowest_stack = stack;
408+
409+
If ``-fsanitize-coverage-stack-depth-callback-min=N`` is also used, the
410+
tracking is delegated to a callback, ``__sanitizer_cov_stack_depth``,
411+
instead of adding instrumentation to update ``__sancov_lowest_stack``.
412+
The ``N`` of the argument is used to determine which functions to
413+
instrument. Only functions estimated to be using ``N`` bytes or more of
414+
stack space will be instrumented to call the tracing callback. In the
415+
case of a dynamically sized stack, the callback is unconditionally added.
416+
417+
The callback takes no arguments and is responsible for determining the
418+
stack pointer and doing any needed comparisons and storage. A roughtly
419+
equivalent implementation of ``__sancov_lowest_stack`` using the callback
420+
would look like this:
421+
422+
.. code-block:: c++
423+
424+
void __sanitizer_cov_stack_depth(void) {
425+
uintptr_t stack = (uintptr_t)__builtin_frame_address(0);
426+
427+
if (stack < __sancov_lowest_stack)
428+
__sancov_lowest_stack = stack;
429+
}
430+
388431
Gated Trace Callbacks
389432
=====================
390433

0 commit comments

Comments
 (0)