[PATCH] D113447: [sancov] add tracing for loads and store
This revision was landed with ongoing or failed builds.
This revision was automatically updated to reflect the committed changes.
Closed by commit rGb7f3a4f4fa14: [sancov] add tracing for loads and store
(authored by kcc).
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D113447/new/
https://reviews.llvm.org/D113447
Files:
clang/docs/SanitizerCoverage.rst
clang/include/clang/Basic/CodeGenOptions.def
clang/include/clang/Basic/CodeGenOptions.h
clang/include/clang/Driver/Options.td
clang/lib/CodeGen/BackendUtil.cpp
clang/lib/Driver/SanitizerArgs.cpp
clang/test/Driver/fsanitize-coverage.c
compiler-rt/test/sanitizer_common/TestCases/sanitizer_coverage_trace_loads_stores.cpp
llvm/include/llvm/Transforms/Instrumentation.h
llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
Index: llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
===
--- /dev/null
+++ llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
@@ -0,0 +1,33 @@
+; Test -sanitizer-coverage-inline-8bit-counters=1
+; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-loads=1 -S | FileCheck %s --check-prefix=LOADS
+; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-stores=1 -S | FileCheck %s --check-prefix=STORES
+
+target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64"
+target triple = "x86_64-unknown-linux-gnu"
+define void @foo(i8* %p1, i16* %p2, i32* %p4, i64* %p8, i128* %p16) {
+; === loads
+ %1 = load i8, i8* %p1
+ %2 = load i16, i16* %p2
+ %3 = load i32, i32* %p4
+ %4 = load i64, i64* %p8
+ %5 = load i128, i128* %p16
+; LOADS: call void @__sanitizer_cov_load1(i8* %p1)
+; LOADS: call void @__sanitizer_cov_load2(i16* %p2)
+; LOADS: call void @__sanitizer_cov_load4(i32* %p4)
+; LOADS: call void @__sanitizer_cov_load8(i64* %p8)
+; LOADS: call void @__sanitizer_cov_load16(i128* %p16)
+
+; === stores
+ store i8 %1, i8* %p1
+ store i16 %2, i16* %p2
+ store i32 %3, i32* %p4
+ store i64 %4, i64* %p8
+ store i128 %5, i128* %p16
+; STORES: call void @__sanitizer_cov_store1(i8* %p1)
+; STORES: call void @__sanitizer_cov_store2(i16* %p2)
+; STORES: call void @__sanitizer_cov_store4(i32* %p4)
+; STORES: call void @__sanitizer_cov_store8(i64* %p8)
+; STORES: call void @__sanitizer_cov_store16(i128* %p16)
+
+ ret void
+}
Index: llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
===
--- llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
+++ llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
@@ -55,6 +55,16 @@
const char SanCovTraceConstCmp2[] = "__sanitizer_cov_trace_const_cmp2";
const char SanCovTraceConstCmp4[] = "__sanitizer_cov_trace_const_cmp4";
const char SanCovTraceConstCmp8[] = "__sanitizer_cov_trace_const_cmp8";
+const char SanCovLoad1[] = "__sanitizer_cov_load1";
+const char SanCovLoad2[] = "__sanitizer_cov_load2";
+const char SanCovLoad4[] = "__sanitizer_cov_load4";
+const char SanCovLoad8[] = "__sanitizer_cov_load8";
+const char SanCovLoad16[] = "__sanitizer_cov_load16";
+const char SanCovStore1[] = "__sanitizer_cov_store1";
+const char SanCovStore2[] = "__sanitizer_cov_store2";
+const char SanCovStore4[] = "__sanitizer_cov_store4";
+const char SanCovStore8[] = "__sanitizer_cov_store8";
+const char SanCovStore16[] = "__sanitizer_cov_store16";
const char SanCovTraceDiv4[] = "__sanitizer_cov_trace_div4";
const char SanCovTraceDiv8[] = "__sanitizer_cov_trace_div8";
const char SanCovTraceGep[] = "__sanitizer_cov_trace_gep";
@@ -122,6 +132,14 @@
cl::desc("Tracing of DIV instructions"),
cl::Hidden, cl::init(false));
+static cl::opt ClLoadTracing("sanitizer-coverage-trace-loads",
+ cl::desc("Tracing of load instructions"),
+ cl::Hidden, cl::init(false));
+
+static cl::opt ClStoreTracing("sanitizer-coverage-trace-stores",
+cl::desc("Tracing of store instructions"),
+cl::Hidden, cl::init(false));
+
static cl::opt ClGEPTracing("sanitizer-coverage-trace-geps",
cl::desc("Tracing of GEP instructions"),
cl::Hidden, cl::init(false));
@@ -175,9 +193,11 @@
Options.PCTable |= ClCreatePCTable;
Options.NoPrune |= !ClPruneBlocks;
Options.StackDepth |= ClStackDepth;
+ Options.TraceLoads |= ClLoadTracing;
+ Options.TraceStores |= ClStoreTracing;
if (!Options.TracePCGuard && !Options.TracePC &&
[PATCH] D113447: [sancov] add tracing for loads and store
morehouse accepted this revision. morehouse added a comment. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D113447/new/ https://reviews.llvm.org/D113447 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D113447: [sancov] add tracing for loads and store
kcc marked an inline comment as done. kcc added inline comments. Comment at: clang/test/Driver/autocomplete.c:73 // FNOSANICOVERALL-NEXT: trace-pc-guard +// FNOSANICOVERALL-NEXT: trace-loads +// FNOSANICOVERALL-NEXT: trace-stores morehouse wrote: > This check is failing in the harbormaster build: > https://reviews.llvm.org/harbormaster/unit/view/1482705/ removed Comment at: compiler-rt/test/sanitizer_common/TestCases/sanitizer_coverage_trace_loads_stores.cpp:5 +// +// RUN: %clangxx -O0 %s -fsanitize-coverage=func,trace-loads,trace-stores -o %t +// RUN: %run %t 2>&1 | FileCheck %s morehouse wrote: > According to the documentation update in this patch, these flags don't work > without trace-pc or inline-8bit-counters. Right. "func" is sort of synonym for trace-pc,func, but it's not worth the confusion in the test. changed to trace-pc Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D113447/new/ https://reviews.llvm.org/D113447 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D113447: [sancov] add tracing for loads and store
kcc updated this revision to Diff 385883.
kcc added a comment.
addressed review comments
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D113447/new/
https://reviews.llvm.org/D113447
Files:
clang/docs/SanitizerCoverage.rst
clang/include/clang/Basic/CodeGenOptions.def
clang/include/clang/Basic/CodeGenOptions.h
clang/include/clang/Driver/Options.td
clang/lib/CodeGen/BackendUtil.cpp
clang/lib/Driver/SanitizerArgs.cpp
clang/test/Driver/fsanitize-coverage.c
compiler-rt/test/sanitizer_common/TestCases/sanitizer_coverage_trace_loads_stores.cpp
llvm/include/llvm/Transforms/Instrumentation.h
llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
Index: llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
===
--- /dev/null
+++ llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
@@ -0,0 +1,33 @@
+; Test -sanitizer-coverage-inline-8bit-counters=1
+; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-loads=1 -S | FileCheck %s --check-prefix=LOADS
+; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-stores=1 -S | FileCheck %s --check-prefix=STORES
+
+target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64"
+target triple = "x86_64-unknown-linux-gnu"
+define void @foo(i8* %p1, i16* %p2, i32* %p4, i64* %p8, i128* %p16) {
+; === loads
+ %1 = load i8, i8* %p1
+ %2 = load i16, i16* %p2
+ %3 = load i32, i32* %p4
+ %4 = load i64, i64* %p8
+ %5 = load i128, i128* %p16
+; LOADS: call void @__sanitizer_cov_load1(i8* %p1)
+; LOADS: call void @__sanitizer_cov_load2(i16* %p2)
+; LOADS: call void @__sanitizer_cov_load4(i32* %p4)
+; LOADS: call void @__sanitizer_cov_load8(i64* %p8)
+; LOADS: call void @__sanitizer_cov_load16(i128* %p16)
+
+; === stores
+ store i8 %1, i8* %p1
+ store i16 %2, i16* %p2
+ store i32 %3, i32* %p4
+ store i64 %4, i64* %p8
+ store i128 %5, i128* %p16
+; STORES: call void @__sanitizer_cov_store1(i8* %p1)
+; STORES: call void @__sanitizer_cov_store2(i16* %p2)
+; STORES: call void @__sanitizer_cov_store4(i32* %p4)
+; STORES: call void @__sanitizer_cov_store8(i64* %p8)
+; STORES: call void @__sanitizer_cov_store16(i128* %p16)
+
+ ret void
+}
Index: llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
===
--- llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
+++ llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
@@ -55,6 +55,16 @@
const char SanCovTraceConstCmp2[] = "__sanitizer_cov_trace_const_cmp2";
const char SanCovTraceConstCmp4[] = "__sanitizer_cov_trace_const_cmp4";
const char SanCovTraceConstCmp8[] = "__sanitizer_cov_trace_const_cmp8";
+const char SanCovLoad1[] = "__sanitizer_cov_load1";
+const char SanCovLoad2[] = "__sanitizer_cov_load2";
+const char SanCovLoad4[] = "__sanitizer_cov_load4";
+const char SanCovLoad8[] = "__sanitizer_cov_load8";
+const char SanCovLoad16[] = "__sanitizer_cov_load16";
+const char SanCovStore1[] = "__sanitizer_cov_store1";
+const char SanCovStore2[] = "__sanitizer_cov_store2";
+const char SanCovStore4[] = "__sanitizer_cov_store4";
+const char SanCovStore8[] = "__sanitizer_cov_store8";
+const char SanCovStore16[] = "__sanitizer_cov_store16";
const char SanCovTraceDiv4[] = "__sanitizer_cov_trace_div4";
const char SanCovTraceDiv8[] = "__sanitizer_cov_trace_div8";
const char SanCovTraceGep[] = "__sanitizer_cov_trace_gep";
@@ -122,6 +132,14 @@
cl::desc("Tracing of DIV instructions"),
cl::Hidden, cl::init(false));
+static cl::opt ClLoadTracing("sanitizer-coverage-trace-loads",
+ cl::desc("Tracing of load instructions"),
+ cl::Hidden, cl::init(false));
+
+static cl::opt ClStoreTracing("sanitizer-coverage-trace-stores",
+cl::desc("Tracing of store instructions"),
+cl::Hidden, cl::init(false));
+
static cl::opt ClGEPTracing("sanitizer-coverage-trace-geps",
cl::desc("Tracing of GEP instructions"),
cl::Hidden, cl::init(false));
@@ -175,9 +193,11 @@
Options.PCTable |= ClCreatePCTable;
Options.NoPrune |= !ClPruneBlocks;
Options.StackDepth |= ClStackDepth;
+ Options.TraceLoads |= ClLoadTracing;
+ Options.TraceStores |= ClStoreTracing;
if (!Options.TracePCGuard && !Options.TracePC &&
!Options.Inline8bitCounters && !Options.StackDepth &&
- !Options.InlineBoolFlag)
+ !Options.InlineBoolFlag && !Options.TraceLoads
[PATCH] D113447: [sancov] add tracing for loads and store
morehouse accepted this revision. morehouse added inline comments. This revision is now accepted and ready to land. Comment at: clang/test/Driver/autocomplete.c:73 // FNOSANICOVERALL-NEXT: trace-pc-guard +// FNOSANICOVERALL-NEXT: trace-loads +// FNOSANICOVERALL-NEXT: trace-stores This check is failing in the harbormaster build: https://reviews.llvm.org/harbormaster/unit/view/1482705/ Comment at: compiler-rt/test/sanitizer_common/TestCases/sanitizer_coverage_trace_loads_stores.cpp:5 +// +// RUN: %clangxx -O0 %s -fsanitize-coverage=func,trace-loads,trace-stores -o %t +// RUN: %run %t 2>&1 | FileCheck %s According to the documentation update in this patch, these flags don't work without trace-pc or inline-8bit-counters. Comment at: llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp:719-720 + if (Options.TraceStores) +if (StoreInst *LD = dyn_cast()) + Stores.push_back(LD); if (Options.StackDepth) nit Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D113447/new/ https://reviews.llvm.org/D113447 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D113447: [sancov] add tracing for loads and store
kcc created this revision.
kcc added a reviewer: morehouse.
Herald added subscribers: ormris, dexonsmith, dang, hiraditya.
kcc requested review of this revision.
Herald added projects: clang, Sanitizers, LLVM.
Herald added subscribers: llvm-commits, Sanitizers, cfe-commits.
add tracing for loads and stores.
The primary goal is to have more options for data-flow-guided fuzzing,
i.e. use data flow insights to perform better mutations or more agressive
corpus expansion.
But the feature is general puspose, could be used for other things too.
Pipe the flag though clang and clang driver, same as for the other
SanitizerCoverage flags.
While at it, change some plain arrays into std::array.
Tests: clang flags test, LLVM IR test, compiler-rt executable test.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D113447
Files:
clang/docs/SanitizerCoverage.rst
clang/include/clang/Basic/CodeGenOptions.def
clang/include/clang/Basic/CodeGenOptions.h
clang/include/clang/Driver/Options.td
clang/lib/CodeGen/BackendUtil.cpp
clang/lib/Driver/SanitizerArgs.cpp
clang/test/Driver/autocomplete.c
clang/test/Driver/fsanitize-coverage.c
compiler-rt/test/sanitizer_common/TestCases/sanitizer_coverage_trace_loads_stores.cpp
llvm/include/llvm/Transforms/Instrumentation.h
llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
Index: llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
===
--- /dev/null
+++ llvm/test/Instrumentation/SanitizerCoverage/trace-loads-stores.ll
@@ -0,0 +1,33 @@
+; Test -sanitizer-coverage-inline-8bit-counters=1
+; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-loads=1 -S | FileCheck %s --check-prefix=LOADS
+; RUN: opt < %s -passes='module(sancov-module)' -sanitizer-coverage-level=1 -sanitizer-coverage-trace-stores=1 -S | FileCheck %s --check-prefix=STORES
+
+target datalayout = "e-p:64:64:64-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:64-s0:64:64-f80:128:128-n8:16:32:64"
+target triple = "x86_64-unknown-linux-gnu"
+define void @foo(i8* %p1, i16* %p2, i32* %p4, i64* %p8, i128* %p16) {
+; === loads
+ %1 = load i8, i8* %p1
+ %2 = load i16, i16* %p2
+ %3 = load i32, i32* %p4
+ %4 = load i64, i64* %p8
+ %5 = load i128, i128* %p16
+; LOADS: call void @__sanitizer_cov_load1(i8* %p1)
+; LOADS: call void @__sanitizer_cov_load2(i16* %p2)
+; LOADS: call void @__sanitizer_cov_load4(i32* %p4)
+; LOADS: call void @__sanitizer_cov_load8(i64* %p8)
+; LOADS: call void @__sanitizer_cov_load16(i128* %p16)
+
+; === stores
+ store i8 %1, i8* %p1
+ store i16 %2, i16* %p2
+ store i32 %3, i32* %p4
+ store i64 %4, i64* %p8
+ store i128 %5, i128* %p16
+; STORES: call void @__sanitizer_cov_store1(i8* %p1)
+; STORES: call void @__sanitizer_cov_store2(i16* %p2)
+; STORES: call void @__sanitizer_cov_store4(i32* %p4)
+; STORES: call void @__sanitizer_cov_store8(i64* %p8)
+; STORES: call void @__sanitizer_cov_store16(i128* %p16)
+
+ ret void
+}
Index: llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
===
--- llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
+++ llvm/lib/Transforms/Instrumentation/SanitizerCoverage.cpp
@@ -55,6 +55,16 @@
const char SanCovTraceConstCmp2[] = "__sanitizer_cov_trace_const_cmp2";
const char SanCovTraceConstCmp4[] = "__sanitizer_cov_trace_const_cmp4";
const char SanCovTraceConstCmp8[] = "__sanitizer_cov_trace_const_cmp8";
+const char SanCovLoad1[] = "__sanitizer_cov_load1";
+const char SanCovLoad2[] = "__sanitizer_cov_load2";
+const char SanCovLoad4[] = "__sanitizer_cov_load4";
+const char SanCovLoad8[] = "__sanitizer_cov_load8";
+const char SanCovLoad16[] = "__sanitizer_cov_load16";
+const char SanCovStore1[] = "__sanitizer_cov_store1";
+const char SanCovStore2[] = "__sanitizer_cov_store2";
+const char SanCovStore4[] = "__sanitizer_cov_store4";
+const char SanCovStore8[] = "__sanitizer_cov_store8";
+const char SanCovStore16[] = "__sanitizer_cov_store16";
const char SanCovTraceDiv4[] = "__sanitizer_cov_trace_div4";
const char SanCovTraceDiv8[] = "__sanitizer_cov_trace_div8";
const char SanCovTraceGep[] = "__sanitizer_cov_trace_gep";
@@ -122,6 +132,14 @@
cl::desc("Tracing of DIV instructions"),
cl::Hidden, cl::init(false));
+static cl::opt ClLoadTracing("sanitizer-coverage-trace-loads",
+ cl::desc("Tracing of load instructions"),
+ cl::Hidden, cl::init(false));
+
+static cl::opt ClStoreTracing("sanitizer-coverage-trace-stores",
+cl::desc("Tracing of store instructions"),
+cl::Hidden,
