| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Differential Revision: https://reviews.llvm.org/D29733
llvm-svn: 294529
|
| |
|
|
|
|
| |
Differential Revision: https://reviews.llvm.org/D29662
llvm-svn: 294517
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On Windows, the symbols "___stop___sancov_guards" and "___start___sancov_guards"
are not defined automatically. So, we need to take a different approach.
We define 3 sections:
Section ".SCOV$A" will only hold a variable ___start___sancov_guard.
Section ".SCOV$M" will hold the main data.
Section ".SCOV$Z" will only hold a variable ___stop___sancov_guards.
When linking, they will be merged sorted by the characters after the $, so we
can use the pointers of the variables ___[start|stop]___sancov_guard to know the
actual range of addresses of that section.
In this diff, I updated instrumentation to include all the guard arrays in
section ".SCOV$M".
Differential Revision: https://reviews.llvm.org/D28434
llvm-svn: 293987
|
| |
|
|
|
|
|
| |
MachO's sections need a segment as well as a section name, and the
section start and end symbols are spelled differently than on ELF.
llvm-svn: 293733
|
| |
|
|
|
|
| |
'if' by default. Update the docs, also add deprecation notes around other parts of sanitizer coverage
llvm-svn: 292862
|
| |
|
|
| |
llvm-svn: 290628
|
| |
|
|
| |
llvm-svn: 288568
|
| |
|
|
|
|
|
| |
If the global name doesn't start with __sancov_gen, ASan will insert
unecessary red zones around it.
llvm-svn: 287117
|
| |
|
|
|
|
| |
(reported in https://github.com/google/oss-fuzz/issues/84)
llvm-svn: 287030
|
| |
|
|
|
|
|
|
| |
They get called before initialization, which is a problem for winasan.
Test coming in compiler-rt.
llvm-svn: 286615
|
| |
|
|
|
|
| |
commented-out code.
llvm-svn: 283924
|
| |
|
|
| |
llvm-svn: 283004
|
| |
|
|
|
|
| |
one array of guards per function, instead of one guard per BB. reorganize the code so that trace-pc-guard does not create unneeded globals
llvm-svn: 282735
|
| |
|
|
| |
llvm-svn: 282467
|
| |
|
|
|
|
| |
instrumented
llvm-svn: 282465
|
| |
|
|
| |
llvm-svn: 281952
|
| |
|
|
|
|
| |
the guard type to intptr_t; use separate array for 8-bit counters
llvm-svn: 281845
|
| |
|
|
| |
llvm-svn: 281809
|
| |
|
|
| |
llvm-svn: 281665
|
| |
|
|
|
|
| |
trace-pc-guard. The intent is to eventually replace all of {bool coverage, 8bit-counters, trace-pc} with just this one. LLVM part
llvm-svn: 281431
|
| |
|
|
|
|
| |
trace-gep, mostly usaful for value-profile-based fuzzing; llvm part
llvm-svn: 280043
|
| |
|
|
|
|
| |
__sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these new callbacks in libFuzzer
llvm-svn: 279027
|
| |
|
|
|
|
| |
not merged (otherwise different calls get the same PC and confuse fuzzers)
llvm-svn: 275449
|
| |
|
|
|
|
| |
Differential Revision: http://reviews.llvm.org/D18844
llvm-svn: 265615
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
In the context of http://wg21.link/lwg2445 C++ uses the concept of
'stronger' ordering but doesn't define it properly. This should be fixed
in C++17 barring a small question that's still open.
The code currently plays fast and loose with the AtomicOrdering
enum. Using an enum class is one step towards tightening things. I later
also want to tighten related enums, such as clang's
AtomicOrderingKind (which should be shared with LLVM as a 'C++ ABI'
enum).
This change touches a few lines of code which can be improved later, I'd
like to keep it as NFC for now as it's already quite complex. I have
related changes for clang.
As a follow-up I'll add:
bool operator<(AtomicOrdering, AtomicOrdering) = delete;
bool operator>(AtomicOrdering, AtomicOrdering) = delete;
bool operator<=(AtomicOrdering, AtomicOrdering) = delete;
bool operator>=(AtomicOrdering, AtomicOrdering) = delete;
This is separate so that clang and LLVM changes don't need to be in sync.
Reviewers: jyknight, reames
Subscribers: jyknight, llvm-commits
Differential Revision: http://reviews.llvm.org/D18775
llvm-svn: 265602
|
| |
|
|
| |
llvm-svn: 265168
|
| |
|
|
|
|
|
|
| |
Summary: Reply to http://reviews.llvm.org/D18341
Differential Revision: http://reviews.llvm.org/D18406
llvm-svn: 264213
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Without tree pruning clang has 2,667,552 points.
Wiht only dominators pruning: 1,515,586.
With both dominators & predominators pruning: 1,340,534.
Resubmit of r262103.
Differential Revision: http://reviews.llvm.org/D18341
llvm-svn: 264003
|
| |
|
|
|
|
| |
Differential Revision: http://reviews.llvm.org/D18288
llvm-svn: 263852
|
| |
|
|
|
|
| |
This reverts commit r263825, re-instating r263797.
llvm-svn: 263847
|
| |
|
|
|
|
|
| |
constructor. This should fix the recent crashes on certain
architectures.
llvm-svn: 263845
|
| |
|
|
|
|
|
|
| |
This fails on arm.
This reverts commit 52c8e0f7119d1ea1050c0708565a8c92b73386d2.
llvm-svn: 263825
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
These dependencies would be used in the future to reduce the number
of instrumented blocks(http://reviews.llvm.org/rL262103)
This is submitted as a separate CL because of previous problems with
ARM.
Subscribers: aemerson
Differential Revision: http://reviews.llvm.org/D18227
llvm-svn: 263797
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
llvm::getDISubprogram walks the instructions in a function, looking for one in the scope of the current function, so that it can find the !dbg entry for the subprogram itself.
Now that !dbg is attached to functions, this should not be necessary. This patch changes all uses to just query the subprogram directly on the function.
Ideally this should be NFC, but in reality its possible that a function:
has no !dbg (in which case there's likely a bug somewhere in an opt pass), or
that none of the instructions had a scope referencing the function, so we used to not find the !dbg on the function but now we will
Reviewed by Duncan Exon Smith.
Differential Revision: http://reviews.llvm.org/D18074
llvm-svn: 263184
|
| |
|
|
|
|
| |
This reverts commit r262103, as it broke all ARM and AArch64 bots.
llvm-svn: 262139
|
| |
|
|
| |
llvm-svn: 262111
|
| |
|
|
|
|
| |
-fsanitize-coverage=trace-pc mode; update libFuzzer doc for previous commit
llvm-svn: 262110
|
| |
|
|
|
|
|
|
|
|
|
| |
Summary:
Without tree pruning clang has 2,667,552 points.
Wiht only dominators pruning: 1,515,586.
With both dominators & predominators pruning: 1,340,534.
Differential Revision: http://reviews.llvm.org/D17671
llvm-svn: 262103
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This is the first simple attempt to reduce number of coverage-
instrumented blocks.
If a basic block dominates all its successors, then its coverage
information is useless to us. Ingore such blocks if
santizer-coverage-prune-tree option is set.
Differential Revision: http://reviews.llvm.org/D17626
llvm-svn: 261949
|
| |
|
|
|
|
| |
to trace-bb, but has a different API. We already use the equivalent flag in GCC for Linux kernel fuzzing. We may be able to use this flag with AFL too
llvm-svn: 261159
|
| |
|
|
| |
llvm-svn: 257804
|
| |
|
|
| |
llvm-svn: 255511
|
| |
|
|
|
|
| |
No functionality change is intended.
llvm-svn: 254562
|
| |
|
|
|
|
| |
not in addition to, regular coverage. Do the regular coverage in the run-time instead
llvm-svn: 254482
|
| |
|
|
| |
llvm-svn: 250186
|
| |
|
|
|
|
|
| |
Splitting basic blocks really messes up WinEHPrepare. We can remove this
change when SEH uses the new EH IR.
llvm-svn: 246799
|
| |
|
|
| |
llvm-svn: 245072
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Summary: Similar to the change we applied to ASan. The same test case works.
Reviewers: samsonov
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D11961
llvm-svn: 245067
|
| |
|
|
| |
llvm-svn: 244544
|
| |
|
|
|
|
| |
expected case values
llvm-svn: 243726
|
