[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN][PATCH v2] coverage: extend coverage on .init and lib code

  • To: Jan Beulich <jbeulich@xxxxxxxx>, Grygorii Strashko <grygorii_strashko@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Tue, 9 Dec 2025 15:03:22 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qG3xqfQOpQ/MM+TfmY3It2bUE9accSpebY+kr3jsJ+Y=; b=GpmWv90rT9PUbzI/FC99sU6RmbES7yfU6k96oEZxYsIpBiAu7j4T3+MnluiN36ZtDyIeP8ItfXviTqvM/GfSSkrodEDIaFHutEwXqRy5hG3ovKKXKfJmNoaVWrwOtXBcSVs7mZXP2Q0hN565vglOSx3ykyKzo1jV3DyvbVT/0Yk5Nr2KfLpMYe765wRLOwe9iIPOl53vE0ghkEsE9BeTyBxc29r9CFLbKbGxQ6SYlcFB8VvBuE8uQUKQYHSRK7a9xNfxXAPVNzp3zokz2t7rJP3Xzd9/pA2b+U6k5Mv0sgCj7tFVGAWGhr4AGcAbjnC2D9LyLvCycR3+gvhllhDa0g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=a/JnIYMu0ysZffp2YQBoELvxpvcHkRjeYahpteeb9BLzbplfjlakTIeB84qYu8WeCuD1V+YwGGOIFNIBdQY3fWS5w0Ko60hBx+k78GfMASat+DWKjgiojWRjC99IBd13/8sOVwlaGqXqs4GC+zoy/DLn0ba4Me3G4BJJfx2bYykEjdkIpFYrrXXjufN/S4zpK28QITP/7vAThsJhx3qcUXsfkdU7PX7b01tYL4NB/LqRs10xX0QUqcggb/APWVnTbfv/wl1HRv4ze0muNy3f7yNGmIMtR6PwzIh0eVkulRFC6kLEUJwt/7adu3EQmm+SM/efIegJfc0BeITFjMHNlg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: andrew.cooper3@xxxxxxxxxx, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Jason Andryuk <jason.andryuk@xxxxxxx>, Victor Lira <victorm.lira@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 09 Dec 2025 15:03:42 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 09/12/2025 2:28 pm, Jan Beulich wrote:
> On 09.12.2025 15:21, Grygorii Strashko wrote:
>>
>> On 09.12.25 15:19, Andrew Cooper wrote:
>>> On 08/12/2025 6:49 pm, Grygorii Strashko wrote:
>>>> Hi Andrew,
>>>>
>>>> On 06.12.25 16:21, Andrew Cooper wrote:
>>>>> On 06/12/2025 2:15 pm, Andrew Cooper wrote:
>>>>>> On 06/12/2025 9:10 am, Grygorii Strashko wrote:
>>>>>>> On 05.12.25 22:00, Andrew Cooper wrote:
>>>>>>>> On 05/12/2025 7:34 pm, Grygorii Strashko wrote:
>>>>>>>>> From: Grygorii Strashko <grygorii_strashko@xxxxxxxx>
>>>>>>>>>
>>>>>>>>> Extend coverage support on .init and lib code.
>>>>>>>>> Add two hidden Kconfig options:
>>>>>>>>> - RELAX_INIT_CHECK "Relax strict check for .init sections only in
>>>>>>>>> %.init.o
>>>>>>>>> files"
>>>>>>>>> - DO_NOT_FREE_INIT_MEMORY "Prevent freeing of .init sections at the
>>>>>>>>> end of
>>>>>>>>> Xen boot."
>>>>>>>>>
>>>>>>>>> Both selected selected when COVERAGE=y, as getting coverage
>>>>>>>>> report for
>>>>>>>>> ".init" code is required:
>>>>>>>>> - to bypass strict check for .init sections only in %.init.o files;
>>>>>>>>> - the .init code stay in memory after Xen boot.
>>>>>>>>>
>>>>>>>>> RELAX_INIT_CHECK/DO_NOT_FREE_INIT_MEMORY could be used by other
>>>>>>>>> debug
>>>>>>>>> features in the future.
>>>>>>>>>
>>>>>>>>> Signed-off-by: Grygorii Strashko <grygorii_strashko@xxxxxxxx>
>>>>>>>>> ---
>>>>>>>>> changes in v2:
>>>>>>>>>     - add RELAX_INIT_CHECK and DO_NOT_FREE_INIT_MEMORY, those are two
>>>>>>>>> different things,
>>>>>>>>>       both potentially reusable
>>>>>>>>>     - enable coverage for libfdt/libelf always
>>>>>>>>>     - enable colverage for .init always
>>>>>>>> This is a lot nicer (i.e. more simple).
>>>>>>>>
>>>>>>>> But, I still don't know why we need to avoid freeing init memory
>>>>>>>> to make
>>>>>>>> this work.  What explodes if we dont?
>>>>>>>>
>>>>>>> It will just crash when coverage data is collected.
>>>>>>>
>>>>>>> First I made changes in make file to get .init covered
>>>>>>> then I hit a crash
>>>>>>> then I checked %.init.o
>>>>>>> conclusion was obvious.
>>>>>>>
>>>>>>> For example:
>>>>>>> objdump -x bzimage.init.o | grep gcov
>>>>>>>
>>>>>>> 0000000000000010 l     O .bss    0000000000000028
>>>>>>> __gcov0.bzimage_check
>>>>>>> 0000000000000040 l     O .bss    0000000000000040
>>>>>>> __gcov0.bzimage_headroom
>>>>>>> 0000000000000000 l     O .bss    0000000000000008
>>>>>>> __gcov0.output_length
>>>>>>> 0000000000000080 l     O .bss    0000000000000060
>>>>>>> __gcov0.bzimage_parse
>>>>>>> 0000000000000098 l     O .init.data.rel.local    0000000000000028
>>>>>>> __gcov_.bzimage_parse
>>>>>>> 0000000000000070 l     O .init.data.rel.local    0000000000000028
>>>>>>> __gcov_.bzimage_headroom
>>>>>>> 0000000000000048 l     O .init.data.rel.local    0000000000000028
>>>>>>> __gcov_.bzimage_check
>>>>>>> 0000000000000020 l     O .init.data.rel.local    0000000000000028
>>>>>>> __gcov_.output_length
>>>>>>> 0000000000000000         *UND*    0000000000000000 __gcov_init
>>>>>>> 0000000000000000         *UND*    0000000000000000 __gcov_exit
>>>>>>> 0000000000000000         *UND*    0000000000000000 __gcov_merge_add
>>>>>>> 0000000000000008 R_X86_64_PLT32    __gcov_init-0x0000000000000004
>>>>>>> 0000000000000012 R_X86_64_PLT32    __gcov_exit-0x0000000000000004
>>>>>>> 0000000000000020 R_X86_64_64       __gcov_merge_add
>>>>>>>
>>>>>> Aah, we should exclude the OJBCOPY too.  That's what's moving
>>>>>> .data.rel.local amongst other sections we target with attributes
>>>>>> directly.
>>>>> we can't target.
>>>> I've come up with below diff - seems it's working without
>>>> DO_NOT_FREE_INIT_MEMORY.
>>>> Is this what you have in mind?
>>>>
>>>> diff --git a/xen/Kconfig.debug b/xen/Kconfig.debug
>>>> index 8fc201d12c2c..16b1a82db46e 100644
>>>> --- a/xen/Kconfig.debug
>>>> +++ b/xen/Kconfig.debug
>>>> @@ -40,7 +40,6 @@ config COVERAGE
>>>>          depends on SYSCTL && !LIVEPATCH
>>>>          select SUPPRESS_DUPLICATE_SYMBOL_WARNINGS if
>>>> !ENFORCE_UNIQUE_SYMBOLS
>>>>          select RELAX_INIT_CHECK
>>>> -       select DO_NOT_FREE_INIT_MEMORY
>>>>          help
>>>>            Enable code coverage support.
>>>>   
>>>> diff --git a/xen/Rules.mk b/xen/Rules.mk
>>>> index 8c4861a427e6..47fdcc1d23b5 100644
>>>> --- a/xen/Rules.mk
>>>> +++ b/xen/Rules.mk
>>>> @@ -33,11 +33,15 @@ cov-cflags-y :=
>>>>   nocov-y :=
>>>>   noubsan-y :=
>>>>   
>>>> +# when coverage is enabled the gcc internal section should stay in
>>>> memory
>>>> +# after Xen boot
>>>> +ifneq ($(CONFIG_COVERAGE),y)
>>>>   SPECIAL_DATA_SECTIONS := rodata $(foreach a,1 2 4 8 16, \
>>>>                                               $(foreach w,1 2 4, \
>>>>                                                          
>>>> rodata.str$(w).$(a)) \
>>>>                                               rodata.cst$(a)) \
>>>>                            $(foreach r,rel rel.ro,data.$(r).local)
>>>> +endif
>>>>   
>>>>   # The filename build.mk has precedence over Makefile
>>>>   include $(firstword $(wildcard $(srcdir)/build.mk) $(srcdir)/Makefile)
>>>> diff --git a/xen/common/libelf/Makefile b/xen/common/libelf/Makefile
>>>> index 60b3ae40728f..8180c78f1510 100644
>>>> --- a/xen/common/libelf/Makefile
>>>> +++ b/xen/common/libelf/Makefile
>>>> @@ -1,8 +1,10 @@
>>>>   obj-bin-y := libelf.o
>>>>   libelf-objs := libelf-tools.o libelf-loader.o libelf-dominfo.o
>>>>   
>>>> +ifneq ($(CONFIG_COVERAGE),y)
>>>>   SECTIONS := text data $(SPECIAL_DATA_SECTIONS)
>>>>   OBJCOPYFLAGS := $(foreach s,$(SECTIONS),--rename-section
>>>> .$(s)=.init.$(s))
>>>> +endif
>>>>   
>>>>   CFLAGS-y += -Wno-pointer-sign
>>>>   
>>>> diff --git a/xen/common/libfdt/Makefile b/xen/common/libfdt/Makefile
>>>> index ae0f69c01373..fb26e5bff0fd 100644
>>>> --- a/xen/common/libfdt/Makefile
>>>> +++ b/xen/common/libfdt/Makefile
>>>> @@ -4,7 +4,9 @@ SECTIONS := text data $(SPECIAL_DATA_SECTIONS)
>>>>   
>>>>   # For CONFIG_OVERLAY_DTB, libfdt functionalities will be needed
>>>> during runtime.
>>>>   ifneq ($(CONFIG_OVERLAY_DTB),y)
>>>> -OBJCOPYFLAGS := $(foreach s,$(SECTIONS),--rename-section
>>>> .$(s)=.init.$(s))
>>>> +       ifneq ($(CONFIG_COVERAGE),y)
>>>> +               OBJCOPYFLAGS := $(foreach
>>>> s,$(SECTIONS),--rename-section .$(s)=.init.$(s))
>>>> +       endif
>>>>   endif
>>> This is the (aforementioned) non-standard way of doing .init.o, which is
>>> why it doesn't play nicely.
>>>
>>> I suggest that we first convert libelf and libfdt to the standard way of
>>> doing .init.
>> I assume the rest is ok.
>>
>>> For libelf this means we need regular __init annotations, but #undef'd
>>> outside of __XEN__ (when we're doing the userspace build).
>>>
>> Need clarification here - this are imported libraries and changing their code
>> directly was not welcome before. Therefore there is Xen specific magic in 
>> Makefiles.
>> :(
> I can't and won't speak for libfdt, but for libelf I think we should really
> consider this ours (not imported) the latest as of the re-work for XSA-55.

Agreed.  libelf was already modified for Xen, and then XSA-55 made it
entirely unrecognisable.  It's very much our code now.

If we really don't want to modify libfdt's source, we should make a
standard way of init-ing code like this, so we can move the custom logic
out of libfdt's Makefile.

The problem really is custom local logic; that's what we need to fix.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.