summaryrefslogtreecommitdiffstats
path: root/llvm/test/Instrumentation/SanitizerCoverage/coverage.ll
Commit message (Collapse)AuthorAgeFilesLines
* [sanitizer-coverage] remove stale code (old coverage); llvm part Kostya Serebryany2017-05-311-11/+0
| | | | llvm-svn: 304319
* Revert "Fixes for tests for r303698"George Karpenkov2017-05-241-4/+2
| | | | | | This reverts commit 69bfaf72e7502eb08bbca88a57925fa31c6295c6. llvm-svn: 303709
* Fixes for tests for r303698George Karpenkov2017-05-231-2/+4
| | | | llvm-svn: 303701
* [sanitizer-coverage] remove some more stale codeKostya Serebryany2017-04-191-12/+0
| | | | llvm-svn: 300778
* [sanitizer-coverage] remove stale codeKostya Serebryany2017-04-191-20/+0
| | | | llvm-svn: 300769
* [sancov] using comdat only when it is enabledMike Aizatsky2017-02-081-13/+0
| | | | | | Differential Revision: https://reviews.llvm.org/D29733 llvm-svn: 294529
* [sancov] specifying comdat for sancov constructorsMike Aizatsky2017-02-081-1/+13
| | | | | | Differential Revision: https://reviews.llvm.org/D29662 llvm-svn: 294517
* [sanitizer-coverage] emit __sanitizer_cov_trace_pc_guard w/o a preceding ↵Kostya Serebryany2017-01-241-1/+1
| | | | | | 'if' by default. Update the docs, also add deprecation notes around other parts of sanitizer coverage llvm-svn: 292862
* [sancov] Name the global containing the main source file nameReid Kleckner2016-11-161-1/+1
| | | | | | | If the global name doesn't start with __sancov_gen, ASan will insert unecessary red zones around it. llvm-svn: 287117
* [sanitizer-coverage] make trace-pc-guard and indirect-call work togetherKostya Serebryany2016-09-151-0/+1
| | | | llvm-svn: 281665
* [sanitizer-coverage] make sure that calls to __sanitizer_cov_trace_pc are ↵Kostya Serebryany2016-07-141-5/+10
| | | | | | not merged (otherwise different calls get the same PC and confuse fuzzers) llvm-svn: 275449
* [sancov] enabling coverage edge pruning by default.Mike Aizatsky2016-04-061-4/+2
| | | | | | Differential Revision: http://reviews.llvm.org/D18844 llvm-svn: 265615
* [sancov] save entry block from pruning (it is always full dominator)Mike Aizatsky2016-04-011-3/+2
| | | | llvm-svn: 265168
* [sancov] Pruning full dominator blocks from instrumentation.Mike Aizatsky2016-02-261-0/+9
| | | | | | | | | | | | | | Summary: This is the first simple attempt to reduce number of coverage- instrumented blocks. If a basic block dominates all its successors, then its coverage information is useless to us. Ingore such blocks if santizer-coverage-prune-tree option is set. Differential Revision: http://reviews.llvm.org/D17626 llvm-svn: 261949
* [sanitizer-coverage] implement -fsanitize-coverage=trace-pc. This is similar ↵Kostya Serebryany2016-02-171-0/+6
| | | | | | to trace-bb, but has a different API. We already use the equivalent flag in GCC for Linux kernel fuzzing. We may be able to use this flag with AFL too llvm-svn: 261159
* Create llvm.global_ctors in the new format.Rafael Espindola2015-12-061-2/+2
| | | | llvm-svn: 254878
* [SanitizerCoverage] Don't add instrumentation to unreachable blocks.Alexey Samsonov2015-06-301-0/+9
| | | | llvm-svn: 241127
* [sanitizer] fix instrumentation with -mllvm ↵Kostya Serebryany2015-03-101-0/+5
| | | | | | -sanitizer-coverage-block-threshold=0 to actually do something useful. llvm-svn: 231736
* [sanitizer] add nosanitize metadata to more coverage instrumentation ↵Kostya Serebryany2015-03-051-8/+8
| | | | | | instructions llvm-svn: 231333
* [sanitizer/coverage] Add AFL-style coverage counters (search heuristic for ↵Kostya Serebryany2015-03-031-3/+19
| | | | | | | | | | | | | | | | | | | | | | | | | fuzzing). Introduce -mllvm -sanitizer-coverage-8bit-counters=1 which adds imprecise thread-unfriendly 8-bit coverage counters. The run-time library maps these 8-bit counters to 8-bit bitsets in the same way AFL (http://lcamtuf.coredump.cx/afl/technical_details.txt) does: counter values are divided into 8 ranges and based on the counter value one of the bits in the bitset is set. The AFL ranges are used here: 1, 2, 3, 4-7, 8-15, 16-31, 32-127, 128+. These counters provide a search heuristic for single-threaded coverage-guided fuzzers, we do not expect them to be useful for other purposes. Depending on the value of -fsanitize-coverage=[123] flag, these counters will be added to the function entry blocks (=1), every basic block (=2), or every edge (=3). Use these counters as an optional search heuristic in the Fuzzer library. Add a test where this heuristic is critical. llvm-svn: 231166
* [opaque pointer type] Add textual IR support for explicit type parameter to ↵David Blaikie2015-02-271-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | load instruction Essentially the same as the GEP change in r230786. A similar migration script can be used to update test cases, though a few more test case improvements/changes were required this time around: (r229269-r229278) import fileinput import sys import re pat = re.compile(r"((?:=|:|^)\s*load (?:atomic )?(?:volatile )?(.*?))(| addrspace\(\d+\) *)\*($| *(?:%|@|null|undef|blockaddress|getelementptr|addrspacecast|bitcast|inttoptr|\[\[[a-zA-Z]|\{\{).*$)") for line in sys.stdin: sys.stdout.write(re.sub(pat, r"\1, \2\3*\4", line)) Reviewers: rafael, dexonsmith, grosser Differential Revision: http://reviews.llvm.org/D7649 llvm-svn: 230794
* [sanitizer] fix a test broken by r229940Kostya Serebryany2015-02-201-2/+2
| | | | llvm-svn: 229951
* [sanitizer] add another workaround for PR 17409: when over a threshold emit ↵Kostya Serebryany2015-02-041-2/+5
| | | | | | coverage instrumentation as calls. llvm-svn: 228102
* [sancov] Fix unspecified constructor order between sancov and asan.Evgeniy Stepanov2015-01-271-0/+4
| | | | | | | Sanitizer coverage constructor must run after asan constructor (for each DSO). Bump constructor priority to guarantee that. llvm-svn: 227195
* [asan] change _sanitizer_cov_module_init to accept int* instead of int**Kostya Serebryany2014-12-301-1/+1
| | | | llvm-svn: 224999
* [asan] change the coverage collection scheme so that we can easily emit ↵Kostya Serebryany2014-12-231-5/+5
| | | | | | coverage for the entire process as a single bit set, and if coverage_bitset=1 actually emit that bitset llvm-svn: 224789
* [sanitizer] prevent function call merging for sanitizer-coverage callbacksKostya Serebryany2014-12-161-0/+4
| | | | llvm-svn: 224372
* [msan] allow -fsanitize-coverage=N together with -fsanitize=memory, llvm partKostya Serebryany2014-12-031-1/+1
| | | | llvm-svn: 223312
* [asan/coverage] change the way asan coverage instrumentation is done: ↵Kostya Serebryany2014-11-241-2/+2
| | | | | | instead of setting the guard to 1 in the generated code, pass the pointer to guard to __sanitizer_cov and set it there. No user-visible functionality change expected llvm-svn: 222675
* [asan] add experimental basic-block tracing to asan-coverage; also fix ↵Kostya Serebryany2014-11-191-0/+1
| | | | | | -fsanitize-coverage=3 which was broken by r221718 llvm-svn: 222290
* Move asan-coverage into a separate phase.Kostya Serebryany2014-11-111-0/+88
Summary: This change moves asan-coverage instrumentation into a separate Module pass. The other part of the change in clang introduces a new flag -fsanitize-coverage=N. Another small patch will update tests in compiler-rt. With this patch no functionality change is expected except for the flag name. The following changes will make the coverage instrumentation work with tsan/msan Test Plan: Run regression tests, chromium. Reviewers: nlewycky, samsonov Reviewed By: nlewycky, samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D6152 llvm-svn: 221718
OpenPOWER on IntegriCloud