[llvm-dev] A "hello world" coverage sanitizer

Kostya Serebryany via llvm-dev llvm-dev at lists.llvm.org
Tue Aug 16 14:22:30 PDT 2016 

On Mon, Aug 15, 2016 at 11:38 PM, Zhoulai <zell08v at gmail.com> wrote:

> KCC, thank you.  Please allow me to ask  one related question:
>
> Now I would like to print out the execution trace (rather than "hello" as
> in my previous question). An identifier sequence of  of the basic blocks
> or  conditional statements will be sufficient for my purpose. For example,
> consider again the function P:
>
>     int P(int x) {
> l_0:     if (x<3)
> l_1:        if (x>0)
>                 return 1;
>            return 0;
>     }
>
> where l_0 and l_1 are identifiers for the two conditional statements. Let
> P_instrum be the instrumented version of P.  It is expected that:
>
> -- P_instrum(1)  prints l_0, l_1
> -- P_instrum(-1) prints  l_0
> -- P_instrum(5)  prints nothing
>
> *Question*: Is there any built-in sanitizer coverage  for implementing
> this ?
>

Yes, trace-pc
Since you define your own implementation of __sanitizer_cov_trace_pc you
can print there anything you like,
including the PC of the caller (using __builtin_return_address(0)).


>
> For information, I did have checked http://clang.llvm.org/docs/
> SanitizerCoverage.html, but that page seems to lack some details (e.g.
> what is the difference between -fsanitize-coverage=bb and
> -fsanitize-coverage=trace-bb)
>
> Thanks,
>
> Zhoulai
>
> Zhoulai
>
> On Fri, Aug 12, 2016 at 9:01 PM, Kostya Serebryany <kcc at google.com> wrote:
>
>> I did mean trace-pc.
>> trace-bb inserts callbacks to the existing run-time function that does
>> some bookkeeping; you can not (easily) redefine it.
>> trace-pc inserts callbacks to user-defined functions -- you can implement
>> those functions to do whatever you need to.
>>
>> --kcc
>>
>> On Fri, Aug 12, 2016 at 7:40 PM, Zhoulai <zell08v at gmail.com> wrote:
>>
>>> Thank you, kcc. I am unsure if I misunderstand your reply. It seems that
>>> trace-bb, rather than trace-pc,  fits better for my problem, given that my
>>> instrumentation is to put before each conditional statement. Do I
>>> misunderstand something here?
>>>
>>>  "
>>> Tracing basic blocks
>>> <http://clang.llvm.org/docs/SanitizerCoverage.html#id11>
>>> With -fsanitize-coverage=trace-bb the compiler will insert
>>> __sanitizer_cov_trace_basic_block(s32 *id) before every function, basic
>>> block, or edge (depending on the value of -fsanitize-coverage=[func,bb,e
>>> dge]).
>>> "
>>>
>>>
>>> *Thanks,*
>>>
>>> *Zhoulai*
>>>
>>>
>>>
>>>
>>>
>>> Zhoulai
>>>
>>> On Fri, Aug 12, 2016 at 1:57 PM, Kostya Serebryany <kcc at google.com>
>>> wrote:
>>>
>>>> Hi Zhoulai,
>>>> The closest you can get is http://clang.llvm.org/docs/
>>>> SanitizerCoverage.html#tracing-pcs
>>>> With this flavor of instrumentation the compiler inserts calls to
>>>> __sanitizer_cov_trace_pc into the control flow.
>>>> The users (you) needs to define the function __sanitizer_cov_trace_pc
>>>> and so you can call printf there.
>>>>
>>>> By default, not all edges in the control flow are instrumented
>>>> This is an optimization, you can disable it by -mllvm
>>>> -sanitizer-coverage-prune-blocks=0
>>>>
>>>> --kcc
>>>>
>>>> On Fri, Aug 12, 2016 at 11:46 AM, Zhoulai via llvm-dev <
>>>> llvm-dev at lists.llvm.org> wrote:
>>>>
>>>>> Hi, all
>>>>>
>>>>> I want to instrument a program automatically so that it prints "hello"
>>>>> before each conditional statement. For example, consider the function P
>>>>> below.
>>>>>
>>>>>     int P(int x) {
>>>>>      if (x<3)
>>>>>         if (x>0)
>>>>>            return 1;
>>>>>      return 0;
>>>>>    }
>>>>>
>>>>> Let P_instrum be the instrumented version of P.  It is expected that:
>>>>>
>>>>> -- P_instrum(1)  prints two "hello"s
>>>>> -- P_instrum(-1) prints one "hello"
>>>>> -- P_instrum(5)  prints no "hello"
>>>>>
>>>>> From my understanding about Clang's sanitizer coverage,
>>>>> <http://clang.llvm.org/docs/SanitizerCoverage.html> we can use a
>>>>> sanitizer to achieve this instrumentation.  However, so far I have not
>>>>> found a working example or snippet code to get started. Any idea?
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Zhoulai
>>>>>
>>>>> _______________________________________________
>>>>> LLVM Developers mailing list
>>>>> llvm-dev at lists.llvm.org
>>>>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160816/929a2c0c/attachment.html>

More information about the llvm-dev mailing list