Clang's new SanitizerCoverage tool looks very promising: http://clang.llvm.org/docs/SanitizerCoverage.html I'm particularly interested in http://clang.llvm.org/docs/SanitizerCoverage.html#sudden-death -- the problem of losing coverage when a process is signalled is a problem in multi-process gecko.
FYI: For processes that use sandboxing, there's a hook for the sandboxing code to call so the coverage runtime can pre-open any files it needs, etc., before permissions are reduced. I set that up for Linux (GeckoMediaPlugin) and B2G (content) a while ago, ifdef MOZ_ASAN, but I never tested it. Mac and Windows I think don't have it at all yet, so there might be breakage there.
You need to log in before you can comment on or make changes to this bug.