Displaying 20 results from an estimated 31 matches for "sanitizercoverage".
2017 Aug 24
4
Building LLVM's fuzzers
...Serebryany via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
>
>
> On Thu, Aug 24, 2017 at 3:20 PM, Justin Bogner <mail at justinbogner.com>
> wrote:
>
>> I think the simplest fix is something like this:
>>
>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>> index c6f0d17f8fe..e81957ab80a 100644
>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>> +++ b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>> @@ -256,6 +256,7 @@ SanitizerCoverageMo...
2016 Aug 13
2
A "hello world" coverage sanitizer
...you, kcc. I am unsure if I misunderstand your reply. It seems that
trace-bb, rather than trace-pc, fits better for my problem, given that my
instrumentation is to put before each conditional statement. Do I
misunderstand something here?
"
Tracing basic blocks
<http://clang.llvm.org/docs/SanitizerCoverage.html#id11>
With -fsanitize-coverage=trace-bb the compiler will insert
__sanitizer_cov_trace_basic_block(s32 *id) before every function, basic
block, or edge (depending on the value of -fsanitize-coverage=[func,bb,edge]).
"
*Thanks,*
*Zhoulai*
Zhoulai
On Fri, Aug 12, 2016 at 1:57 P...
2016 Aug 12
2
A "hello world" coverage sanitizer
..._instrum be the instrumented version of P. It is expected that:
-- P_instrum(1) prints two "hello"s
-- P_instrum(-1) prints one "hello"
-- P_instrum(5) prints no "hello"
>From my understanding about Clang's sanitizer coverage,
<http://clang.llvm.org/docs/SanitizerCoverage.html> we can use a sanitizer
to achieve this instrumentation. However, so far I have not found a
working example or snippet code to get started. Any idea?
Thanks,
Zhoulai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-d...
2017 Aug 24
2
Building LLVM's fuzzers
I think the simplest fix is something like this:
diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
index c6f0d17f8fe..e81957ab80a 100644
--- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
+++ b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
@@ -256,6 +256,7 @@ SanitizerCoverageModule::CreateSecStartEnd(Module &M, const...
2016 Oct 28
2
Basic block execution over time
Hello All,
How can I keep track of the different basic blocks of a program executed over time?
Or in other words, how can I annotate the block name (block_a) and the time/cycle at which that blocs (block_a) was executed, and do this for all the blocks on a reasonable simple program?
Regards, Raul.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2017 Aug 24
3
Building LLVM's fuzzers
...gt;
>>>
>>>
>>> On Thu, Aug 24, 2017 at 3:20 PM, Justin Bogner <mail at justinbogner.com>
>>> wrote:
>>>
>>>> I think the simplest fix is something like this:
>>>>
>>>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>>> index c6f0d17f8fe..e81957ab80a 100644
>>>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>>> +++ b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>>>...
2017 Aug 25
2
Building LLVM's fuzzers
...Aug 24, 2017 at 3:20 PM, Justin Bogner <mail at justinbogner.com
> >
> >>>> wrote:
> >>>>
> >>>>> I think the simplest fix is something like this:
> >>>>>
> >>>>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
> >>>>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
> >>>>> index c6f0d17f8fe..e81957ab80a 100644
> >>>>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
> >>>>> +++ b/lib/Transforms/Instrumentation/Sa...
2017 Sep 11
2
Building LLVM's fuzzers
...>> mail at justinbogner.com>
>>> >>>> wrote:
>>> >>>>
>>> >>>>> I think the simplest fix is something like this:
>>> >>>>>
>>> >>>>> diff --git a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>> >>>>> b/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>> >>>>> index c6f0d17f8fe..e81957ab80a 100644
>>> >>>>> --- a/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
>>> >>>>> +++ b/l...
2016 Sep 21
3
-sanitizer-coverage-prune-blocks=true and LibFuzzer
...une-blocks.sh and
ff-http-parser.sh in there
- ensure clang and clang++ are in your $PATH
- cd /path/to/prune-blocks.sh
- ./prune-blocks.sh
Let me know how it goes.
> Note that I am going to change all of these coverage options soon.
> The new thing will be
> http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards
> It will replace regular (boolean) and 8-bit-counters coverage.
>
Yay, sounds exciting! I've done a couple experiments to measure the
performance and effect of the different coverage options in the recent
past. If you're interested, I'd be happy to d...
2016 Sep 21
2
-sanitizer-coverage-prune-blocks=true and LibFuzzer
...r.sh in there
> - ensure clang and clang++ are in your $PATH
> - cd /path/to/prune-blocks.sh
> - ./prune-blocks.sh
>
> Let me know how it goes.
>
>
> Note that I am going to change all of these coverage options soon.
> The new thing will be http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards <http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards>
> It will replace regular (boolean) and 8-bit-counters coverage.
>
> Yay, sounds exciting! I've done a couple experiments to measure the performance and effect of the diffe...
2018 Sep 05
2
AddressSanitizer on SPECCPU2006
...e
> >> https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs
> >> On Wed, Sep 5, 2018 at 7:36 AM Muhui Jiang via llvm-dev
> >> <llvm-dev at lists.llvm.org> wrote:
> >> >
> >> > Hi
> >> >
> >> > I am using SanitizerCoverage feature supported by clang to get the
> basicblock coverage.
> >> >
> >> > my tested binaries are spec cpu2006. I compiled the binary with the
> option
> >> > COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto
> -fno-strict-aliasing -std=g...
2016 Oct 29
0
Basic block execution over time
Hi,
I believe the easiest way to do this is using the new `trace_pc`
functionality from SanitizerCoverage. See
http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs for some
documentation about that.
In short:
- Compile your program with the `-fsanitize-coverage=trace-pc` flag.
- This adds a call to a function called `__sanitizer_cov_trace_pc` to every
edge in the control-flow graph.
- You ca...
2016 Sep 21
2
-sanitizer-coverage-prune-blocks=true and LibFuzzer
...g and clang++ are in your $PATH
>> - cd /path/to/prune-blocks.sh
>> - ./prune-blocks.sh
>>
>> Let me know how it goes.
>>
>>
>> Note that I am going to change all of these coverage options soon.
>> The new thing will be http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards <http://clang.llvm.org/docs/SanitizerCoverage.html#tracing-pcs-with-guards>
>> It will replace regular (boolean) and 8-bit-counters coverage.
>>
>> Yay, sounds exciting! I've done a couple experiments to measure the performance and effect...
2016 Sep 20
2
-sanitizer-coverage-prune-blocks=true and LibFuzzer
Hello LLVM devs,
I'm running lots of experiments with LibFuzzer these days -- it's an
amazing tool!
I've noticed something weird while examining the effect of various coverage
options: for one of my benchmarks, the fuzzer was achieving a higher total
coverage before April 2016, when -sanitizer-coverage-prune-blocks became
true by default (commit
2017 Aug 24
3
Building LLVM's fuzzers
> On Aug 24, 2017, at 2:55 PM, Kostya Serebryany <kcc at google.com> wrote:
>
> Interesting.
> This is a relatively new addition (fsanitize-coverage=pc-tables, which is now a part of -fsanitize=fuzzer).
> The tests worked (did they? On Mac?) so I thought everything is ok.
For tests we never compile the tested target with -O3 (and that wouldn’t be sufficient),
and for
2020 Jun 28
3
Introducing the binary-level coverage analysis tool bcov
...the most popular. A clarification can indeed help here.
> > Also, sancov is tightly coupled with LLVM sanitizers (e.g., ASan) which
> add
> > varying overhead. Extending bcov with additional feedback signals,
> similar to
> > sancov, is an interesting future work
>
> SanitizerCoverage is a standalone instrumentation pass
> (llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp)
> which is not coupled with asan. -fsanitize-coverage= can be used
> standalone, or
> together with asan, lsan, msan, ubsan, etc.
>
> Its overhead can be very small, especially if yo...
2016 Dec 03
0
Libfuzzer depending on uninitialized debug info
...ective that comes immediately after it. Some of the CFI instructions
> have source locations, some don't. But, emitting a source location for a
> CFI instruction is inappropriate. It's easy enough to ignore them.
>
>
>
> I propose we do 4 things: (1) commit the patch in SanitizerCoverage.cpp
> that you found;
>
done r288568.
> (2) cause CFI instructions not to emit any .loc directives; (3) file a bug
> to have someone audit LoopVectorizer.cpp to see whether it is using
> SetCurrentDebugLocation in the right places; (4) reapply my "line 0" patch,
> whi...
2018 Sep 05
2
AddressSanitizer on SPECCPU2006
Hi
I am using SanitizerCoverage feature supported by clang to get the
basicblock coverage.
my tested binaries are spec cpu2006. I compiled the binary with the option
COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto
-fno-strict-aliasing -std=gnu89 -gdwarf-3
After the compiling process is end. I run the 400.perlb...
2016 Dec 12
1
Libfuzzer depending on uninitialized debug info
...ndeed because of the .cfi directive that comes immediately after it. Some of the CFI instructions have source locations, some don't. But, emitting a source location for a CFI instruction is inappropriate. It's easy enough to ignore them.
I propose we do 4 things: (1) commit the patch in SanitizerCoverage.cpp that you found;
done r288568.
(2) cause CFI instructions not to emit any .loc directives; (3) file a bug to have someone audit LoopVectorizer.cpp to see whether it is using SetCurrentDebugLocation in the right places; (4) reapply my "line 0" patch, which will be the 3rd attempt.
Pl...
2018 Sep 05
2
AddressSanitizer on SPECCPU2006
...5日 周三下午6:57写道:
> This is a known problem in SPECCPU2006, see
> https://github.com/google/sanitizers/wiki/AddressSanitizerFoundBugs
> On Wed, Sep 5, 2018 at 7:36 AM Muhui Jiang via llvm-dev
> <llvm-dev at lists.llvm.org> wrote:
> >
> > Hi
> >
> > I am using SanitizerCoverage feature supported by clang to get the
> basicblock coverage.
> >
> > my tested binaries are spec cpu2006. I compiled the binary with the
> option
> > COPTIMIZE = -O0 -fsanitize=address -fsanitize-coverage=bb -flto
> -fno-strict-aliasing -std=gnu89 -gdwarf-3
> >
&g...