Gather more coverage data

Switch to ForkWithFlags for InitProcess (it will not reset coverage).
Explicitly dump coverage after initial namespace setup.
Return instead of exiting from libunwind sandbox.

PiperOrigin-RevId: 563368599
Change-Id: I3b764db015a71bd091ee7b4b5b614281cbb84832

sandboxed_api/sandbox2/forkserver.cc

@@ -37,8 +37,8 @@
 #include <fstream>
 #include <initializer_list>
 #include <string>
-#include <vector>
 #include <utility>
+#include <vector>
 
 #include "absl/base/attributes.h"
 #include "absl/container/flat_hash_map.h"
@@ -300,7 +300,7 @@ void ForkServer::LaunchChild(const ForkRequest& request, int execve_fd,
   // A custom init process is only needed if a new PID NS is created.
   if (request.clone_flags() & CLONE_NEWPID) {
     // Spawn a child process
-    pid_t child = fork();
+    pid_t child = util::ForkWithFlags(SIGCHLD);
     if (child < 0) {
       SAPI_RAW_PLOG(FATAL, "Could not spawn init process");
     }
@@ -587,6 +587,9 @@ void ForkServer::CreateInitialNamespaces() {
     SAPI_RAW_PCHECK(TEMP_FAILURE_RETRY(read(open_efd.get(), &value,
                                             sizeof(value))) == sizeof(value),
                     "synchronizing initial namespaces creation");
+    SAPI_RAW_PCHECK(chroot("/realroot") == 0,
+                    "chrooting prior to dumping coverage");
+    util::DumpCoverageData();
     _exit(0);
   }
   SAPI_RAW_PCHECK(TEMP_FAILURE_RETRY(read(create_efd.get(), &value,

sandboxed_api/sandbox2/forkserver_bin.cc

@@ -68,7 +68,8 @@ int main() {
     if (child_pid == 0) {
       sandbox2::Client client(&comms);
       client.SandboxMeHere();
-      exit(sandbox2::RunLibUnwindAndSymbolizer(&comms));
+      return sandbox2::RunLibUnwindAndSymbolizer(&comms) ? EXIT_SUCCESS
+                                                         : EXIT_FAILURE;
     }
   }
   SAPI_RAW_VLOG(1, "ForkServer Comms closed. Exiting");

sandboxed_api/sandbox2/util.cc

@@ -74,6 +74,16 @@ extern "C" void __gcov_flush() ABSL_ATTRIBUTE_WEAK;
 extern "C" void __gcov_reset() ABSL_ATTRIBUTE_WEAK;
 #endif
 
+void ResetCoverageData() {
+#ifdef __ELF__
+  if (&__gcov_reset != nullptr) {
+    __gcov_reset();
+  }
+#endif
+}
+
+}  // namespace
+
 void DumpCoverageData() {
 #ifdef __ELF__
   if (&__gcov_dump != nullptr) {
@@ -86,16 +96,6 @@ void DumpCoverageData() {
 #endif
 }
 
-void ResetCoverageData() {
-#ifdef __ELF__
-  if (&__gcov_reset != nullptr) {
-    __gcov_reset();
-  }
-#endif
-}
-
-}  // namespace
-
 void CharPtrArrToVecString(char* const* arr, std::vector<std::string>* vec) {
   *vec = CharPtrArray(arr).ToStringVector();
 }

sandboxed_api/sandbox2/util.h

@@ -29,6 +29,8 @@
 
 namespace sandbox2::util {
 
+void DumpCoverageData();
+
 // Converts an array of char* (terminated by a nullptr, like argv, or environ
 // arrays), to an std::vector<std::string>.
 ABSL_DEPRECATED("Use CharPtrArray(arr).ToStringVector() instead")