search for: sanitizercoverag

...Serebryany via llvm-dev < llvm-dev at lists.llvm.org> wrote: > > > On Thu, Aug 24, 2017 at 3:20 PM, Justin Bogner <mail at justinbogner.com> > wrote: > >> I think the simplest fix is something like this: >> >> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >> index c6f0d17f8fe..e81957ab80a 100644 >> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >> +++ b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >> @@ -256,6 +256,7 @@ SanitizerCoverageM...

...you, kcc. I am unsure if I misunderstand your reply. It seems that trace-bb, rather than trace-pc, fits better for my problem, given that my instrumentation is to put before each conditional statement. Do I misunderstand something here? " Tracing basic blocks <http://clang.llvm.org/docs/SanitizerCoverage.html#id11> With -fsanitize-coverage=trace-bb the compiler will insert __sanitizer_cov_trace_basic_block(s32 *id) before every function, basic block, or edge (depending on the value of -fsanitize-coverage=[func,bb,edge]). " *Thanks,* *Zhoulai* Zhoulai On Fri, Aug 12, 2016 at 1:57...

..._instrum be the instrumented version of P. It is expected that: -- P_instrum(1) prints two "hello"s -- P_instrum(-1) prints one "hello" -- P_instrum(5) prints no "hello" >From my understanding about Clang's sanitizer coverage, <http://clang.llvm.org/docs/SanitizerCoverage.html> we can use a sanitizer to achieve this instrumentation. However, so far I have not found a working example or snippet code to get started. Any idea? Thanks, Zhoulai -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-...

I think the simplest fix is something like this: diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp index c6f0d17f8fe..e81957ab80a 100644 --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp +++ b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp @@ -256,6 +256,7 @@ SanitizerCoverageModule::CreateSecStartEnd(Module &M, const...

Hello All, How can I keep track of the different basic blocks of a program executed over time? Or in other words, how can I annotate the block name (block_a) and the time/cycle at which that blocs (block_a) was executed, and do this for all the blocks on a reasonable simple program? Regards, Raul. -------------- next part -------------- An HTML attachment was scrubbed... URL:

...gt; >>> >>> >>> On Thu, Aug 24, 2017 at 3:20 PM, Justin Bogner <mail at justinbogner.com> >>> wrote: >>> >>>> I think the simplest fix is something like this: >>>> >>>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>>> index c6f0d17f8fe..e81957ab80a 100644 >>>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>>> +++ b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>>&gt...

...Aug 24, 2017 at 3:20 PM, Justin Bogner <mail at justinbogner.com > > > >>>> wrote: > >>>> > >>>>> I think the simplest fix is something like this: > >>>>> > >>>>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp > >>>>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp > >>>>> index c6f0d17f8fe..e81957ab80a 100644 > >>>>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp > >>>>> +++ b/lib/Transforms/Instrumentation/S...

...>> mail at justinbogner.com> >>> >>>> wrote: >>> >>>> >>> >>>>> I think the simplest fix is something like this: >>> >>>>> >>> >>>>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>> >>>>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>> >>>>> index c6f0d17f8fe..e81957ab80a 100644 >>> >>>>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp >>> >>>>> +++ b/...

...une-blocks.sh and ff-http-parser.sh in there - ensure clang and clang++ are in your $PATH - cd /path/to/prune-blocks.sh - ./prune-blocks.sh Let me know how it goes. > Note that I am going to change all of these coverage options soon. > The new thing will be > http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards > It will replace regular (boolean) and 8-bit-counters coverage. > Yay, sounds exciting! I've done a couple experiments to measure the performance and effect of the different coverage options in the recent past. If you're interested, I'd be happy to...

...r.sh in there > - ensure clang and clang++ are in your $PATH > - cd /path/to/prune-blocks.sh > - ./prune-blocks.sh > > Let me know how it goes. > > > Note that I am going to change all of these coverage options soon. > The new thing will be http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards <http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards> > It will replace regular (boolean) and 8-bit-counters coverage. > > Yay, sounds exciting! I've done a couple experiments to measure the performance and effect of the diff...

...e > >> https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs > >> On Wed, Sep 5, 2018 at 7:36 AM Muhui Jiang via llvm-dev > >> <llvm-dev at lists.llvm.org> wrote: > >> > > >> > Hi > >> > > >> > I am using SanitizerCoverage feature supported by clang to get the > basicblock coverage. > >> > > >> > my tested binaries are spec cpu2006. I compiled the binary with the > option > >> > COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto > -fno-strict-aliasing -std=...

Hi, I believe the easiest way to do this is using the new `trace_pc` functionality from SanitizerCoverage. See http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs for some documentation about that. In short: - Compile your program with the `-fsanitize-coverage=trace-pc` flag. - This adds a call to a function called `__sanitizer_cov_trace_pc` to every edge in the control-flow graph. - You c...

...g and clang++ are in your $PATH >> - cd /path/to/prune-blocks.sh >> - ./prune-blocks.sh >> >> Let me know how it goes. >> >> >> Note that I am going to change all of these coverage options soon. >> The new thing will be http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards <http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards> >> It will replace regular (boolean) and 8-bit-counters coverage. >> >> Yay, sounds exciting! I've done a couple experiments to measure the performance and effect...

Hello LLVM devs, I'm running lots of experiments with LibFuzzer these days -- it's an amazing tool! I've noticed something weird while examining the effect of various coverage options: for one of my benchmarks, the fuzzer was achieving a higher total coverage before April 2016, when -sanitizer-coverage-prune-blocks became true by default (commit

> On Aug 24, 2017, at 2:55 PM, Kostya Serebryany <kcc at google.com> wrote: > > Interesting. > This is a relatively new addition (fsanitize-coverage=pc-tables, which is now a part of -fsanitize=fuzzer). > The tests worked (did they? On Mac?) so I thought everything is ok. For tests we never compile the tested target with -O3 (and that wouldn’t be sufficient), and for

...the most popular. A clarification can indeed help here. > > Also, sancov is tightly coupled with LLVM sanitizers (e.g., ASan) which > add > > varying overhead. Extending bcov with additional feedback signals, > similar to > > sancov, is an interesting future work > > SanitizerCoverage is a standalone instrumentation pass > (llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp) > which is not coupled with asan. -fsanitize-coverage= can be used > standalone, or > together with asan, lsan, msan, ubsan, etc. > > Its overhead can be very small, especially if y...

...ective that comes immediately after it. Some of the CFI instructions > have source locations, some don't. But, emitting a source location for a > CFI instruction is inappropriate. It's easy enough to ignore them. > > > > I propose we do 4 things: (1) commit the patch in SanitizerCoverage.cpp > that you found; > done r288568. > (2) cause CFI instructions not to emit any .loc directives; (3) file a bug > to have someone audit LoopVectorizer.cpp to see whether it is using > SetCurrentDebugLocation in the right places; (4) reapply my "line 0" patch, > wh...

Hi I am using SanitizerCoverage feature supported by clang to get the basicblock coverage. my tested binaries are spec cpu2006. I compiled the binary with the option COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto -fno-strict-aliasing -std=gnu89 -gdwarf-3 After the compiling process is end. I run the 400.perl...

...ndeed because of the .cfi directive that comes immediately after it. Some of the CFI instructions have source locations, some don't. But, emitting a source location for a CFI instruction is inappropriate. It's easy enough to ignore them. I propose we do 4 things: (1) commit the patch in SanitizerCoverage.cpp that you found; done r288568. (2) cause CFI instructions not to emit any .loc directives; (3) file a bug to have someone audit LoopVectorizer.cpp to see whether it is using SetCurrentDebugLocation in the right places; (4) reapply my "line 0" patch, which will be the 3rd attempt. P...

...5日 周三下午6:57写道： > This is a known problem in SPECCPU2006, see > https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs > On Wed, Sep 5, 2018 at 7:36 AM Muhui Jiang via llvm-dev > <llvm-dev at lists.llvm.org> wrote: > > > > Hi > > > > I am using SanitizerCoverage feature supported by clang to get the > basicblock coverage. > > > > my tested binaries are spec cpu2006. I compiled the binary with the > option > > COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto > -fno-strict-aliasing -std=gnu89 -gdwarf-3 > > &...