summaryrefslogtreecommitdiffstats
path: root/llvm/test/Instrumentation
Commit message (Collapse)AuthorAgeFilesLines
* Revert r307342, r307343.Evgeniy Stepanov2017-07-071-48/+0
| | | | | | | | | | Revert "Copy arguments passed by value into explicit allocas for ASan." Revert "[asan] Add end-to-end tests for overflows of byval arguments." Build failure on lldb-x86_64-ubuntu-14.04-buildserver. Test failure on clang-cmake-aarch64-42vma and sanitizer-x86_64-linux-android. llvm-svn: 307345
* Copy arguments passed by value into explicit allocas for ASan.Evgeniy Stepanov2017-07-071-0/+48
| | | | | | | | | | | | | | ASan determines the stack layout from alloca instructions. Since arguments marked as "byval" do not have an explicit alloca instruction, ASan does not produce red zones for them. This commit produces an explicit alloca instruction and copies the byval argument into the allocated memory so that red zones are produced. Patch by Matt Morehouse. Differential revision: https://reviews.llvm.org/D34789 llvm-svn: 307342
* fix trivial typos, NFCHiroshi Inoue2017-07-011-2/+2
| | | | llvm-svn: 306952
* Fixing section name for Darwin platforms for sanitizer coverageGeorge Karpenkov2017-06-141-1/+1
| | | | | | On Darwin, section names have a 16char length limit. llvm-svn: 305429
* [InstrProf] Don't take the address of alwaysinline available_externally ↵Vedant Kumar2017-06-131-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | functions Doing so breaks compilation of the following C program (under -fprofile-instr-generate): __attribute__((always_inline)) inline int foo() { return 0; } int main() { return foo(); } At link time, we fail because taking the address of an available_externally function creates an undefined external reference, which the TU cannot provide. Emitting the function definition into the object file at all appears to be a violation of the langref: "Globals with 'available_externally' linkage are never emitted into the object file corresponding to the LLVM module." Differential Revision: https://reviews.llvm.org/D34134 llvm-svn: 305327
* [sanitizer-coverage] one more flavor of coverage: ↵Kostya Serebryany2017-06-081-0/+13
| | | | | | -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. Reapplying revisions 304630, 304631, 304632, 304673, see PR33308 llvm-svn: 305026
* Revert "[sanitizer-coverage] one more flavor of coverage: ↵Renato Golin2017-06-051-13/+0
| | | | | | | | -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet." This reverts commit r304630, as it broke ARM/AArch64 bots for 2 days. llvm-svn: 304698
* [X86] Replace 'REQUIRES: x86' in tests with 'REQUIRES: ↵Craig Topper2017-06-047-7/+7
| | | | | | x86-registered-target' which seems to be the correct way to make them run on an x86 build. llvm-svn: 304682
* [sanitizer-coverage] one more flavor of coverage: ↵Kostya Serebryany2017-06-031-0/+13
| | | | | | -fsanitize-coverage=inline-8bit-counters. Experimental so far, not documenting yet. llvm-svn: 304630
* [sanitizer-coverage] remove stale code (old coverage); llvm part Kostya Serebryany2017-05-313-14/+2
| | | | llvm-svn: 304319
* Fix coverage check for full post-dominator basic blocks.George Karpenkov2017-05-252-0/+118
| | | | | | | | | | | Coverage instrumentation which does not instrument full post-dominators and full-dominators may skip valid paths, as the reasoning for skipping blocks may become circular. This patch fixes that, by only skipping full post-dominators with multiple predecessors, as such predecessors by definition can not be full-dominators. llvm-svn: 303827
* Revert "Disable coverage opt-out for strong postdominator blocks."George Karpenkov2017-05-241-27/+0
| | | | | | | This reverts commit 2ed06f05fc10869dd1239cff96fcdea2ee8bf4ef. Buildbots do not like this on Linux. llvm-svn: 303710
* Revert "Fixes for tests for r303698"George Karpenkov2017-05-242-7/+2
| | | | | | This reverts commit 69bfaf72e7502eb08bbca88a57925fa31c6295c6. llvm-svn: 303709
* Fixes for tests for r303698George Karpenkov2017-05-232-2/+7
| | | | llvm-svn: 303701
* Disable coverage opt-out for strong postdominator blocks.George Karpenkov2017-05-231-0/+27
| | | | | | | | | | | | | | | | Coverage instrumentation has an optimization not to instrument extra blocks, if the pass is already "accounted for" by a successor/predecessor basic block. However (https://github.com/google/sanitizers/issues/783) this reasoning may become circular, which stops valid paths from having coverage. In the worst case this can cause fuzzing to stop working entirely. This change simplifies logic to something which trivially can not have such circular reasoning, as losing valid paths does not seem like a good trade-off for a ~15% decrease in the # of instrumented basic blocks. llvm-svn: 303698
* Update three tests I missed in r302979 and r302990Justin Bogner2017-05-181-0/+1
| | | | llvm-svn: 303319
* MSan: Mark MemorySanitizer tests that use x86 intrinsics as REQUIRES: x86Justin Bogner2017-05-137-64/+73
| | | | | | | Tests that use target intrinsics are inherently target specific. Mark them as such. llvm-svn: 302990
* [msan] Fix PR32842Alexander Potapenko2017-05-111-0/+20
| | | | | | | | | | | | | | | | | | | | It turned out that MSan was incorrectly calculating the shadow for int comparisons: it was done by truncating the result of (Shadow1 OR Shadow2) to i1, effectively rendering all bits except LSB useless. This approach doesn't work e.g. in the case where the values being compared are even (i.e. have the LSB of the shadow equal to zero). Instead, if CreateShadowCast() has to cast a bigger int to i1, we replace the truncation with an ICMP to 0. This patch doesn't affect the code generated for SPEC 2006 binaries, i.e. there's no performance impact. For the test case reported in PR32842 MSan with the patch generates a slightly more efficient code: orq %rcx, %rax jne .LBB0_6 , instead of: orl %ecx, %eax testb $1, %al jne .LBB0_6 llvm-svn: 302787
* [asan] Fix dead stripping of globals on Linux.Evgeniy Stepanov2017-04-275-14/+20
| | | | | | | | | | | | | | | | | | | | | | Use a combination of !associated, comdat, @llvm.compiler.used and custom sections to allow dead stripping of globals and their asan metadata. Sometimes. Currently this works on LLD, which supports SHF_LINK_ORDER with sh_link pointing to the associated section. This also works on BFD, which seems to treat comdats as all-or-nothing with respect to linker GC. There is a weird quirk where the "first" global in each link is never GC-ed because of the section symbols. At this moment it does not work on Gold (as in the globals are never stripped). This is a second re-land of r298158. This time, this feature is limited to -fdata-sections builds. llvm-svn: 301587
* [asan] Put ctor/dtor in comdat.Evgeniy Stepanov2017-04-272-1/+13
| | | | | | | | | | | | | | | | | | | | When possible, put ASan ctor/dtor in comdat. The only reason not to is global registration, which can be TU-specific. This is not the case when there are no instrumented globals. This is also limited to ELF targets, because MachO does not have comdat, and COFF linkers may GC comdat constructors. The benefit of this is a lot less __asan_init() calls: one per DSO instead of one per TU. It's also necessary for the upcoming gc-sections-for-globals change on Linux, where multiple references to section start symbols trigger quadratic behaviour in gold linker. This is a second re-land of r298756. This time with a flag to disable the whole thing to avoid a bug in the gold linker: https://sourceware.org/bugzilla/show_bug.cgi?id=19002 llvm-svn: 301586
* [asan] Let the frontend disable gc-sections optimization for asan globals.Evgeniy Stepanov2017-04-241-0/+68
| | | | | | Also extend -asan-globals-live-support flag to all binary formats. llvm-svn: 301226
* [sanitizer-coverage] remove some more stale codeKostya Serebryany2017-04-191-12/+0
| | | | llvm-svn: 300778
* [sanitizer-coverage] remove stale codeKostya Serebryany2017-04-192-35/+0
| | | | llvm-svn: 300769
* PR32382: Fix emitting complex DWARF expressions.Adrian Prantl2017-04-181-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The DWARF specification knows 3 kinds of non-empty simple location descriptions: 1. Register location descriptions - describe a variable in a register - consist of only a DW_OP_reg 2. Memory location descriptions - describe the address of a variable 3. Implicit location descriptions - describe the value of a variable - end with DW_OP_stack_value & friends The existing DwarfExpression code is pretty much ignorant of these restrictions. This used to not matter because we only emitted very short expressions that we happened to get right by accident. This patch makes DwarfExpression aware of the rules defined by the DWARF standard and now chooses the right kind of location description for each expression being emitted. This would have been an NFC commit (for the existing testsuite) if not for the way that clang describes captured block variables. Based on how the previous code in LLVM emitted locations, DW_OP_deref operations that should have come at the end of the expression are put at its beginning. Fixing this means changing the semantics of DIExpression, so this patch bumps the version number of DIExpression and implements a bitcode upgrade. There are two major changes in this patch: I had to fix the semantics of dbg.declare for describing function arguments. After this patch a dbg.declare always takes the *address* of a variable as the first argument, even if the argument is not an alloca. When lowering a DBG_VALUE, the decision of whether to emit a register location description or a memory location description depends on the MachineLocation — register machine locations may get promoted to memory locations based on their DIExpression. (Future) optimization passes that want to salvage implicit debug location for variables may do so by appending a DW_OP_stack_value. For example: DBG_VALUE, [RBP-8] --> DW_OP_fbreg -8 DBG_VALUE, RAX --> DW_OP_reg0 +0 DBG_VALUE, RAX, DIExpression(DW_OP_deref) --> DW_OP_reg0 +0 All testcases that were modified were regenerated from clang. I also added source-based testcases for each of these to the debuginfo-tests repository over the last week to make sure that no synchronized bugs slip in. The debuginfo-tests compile from source and run the debugger. https://bugs.llvm.org/show_bug.cgi?id=32382 <rdar://problem/31205000> Differential Revision: https://reviews.llvm.org/D31439 llvm-svn: 300522
* [Profile] PE binary coverage bug fixXinliang David Li2017-04-131-2/+2
| | | | | | | | PR/32584 Differential Revision: https://reviews.llvm.org/D32023 llvm-svn: 300277
* [asan] Give global metadata private linkage.Evgeniy Stepanov2017-04-111-1/+1
| | | | | | | Internal linkage preserves names like "__asan_global_foo" which may account to 2% of unstripped binary size. llvm-svn: 299995
* Revert "[asan] Put ctor/dtor in comdat."Evgeniy Stepanov2017-04-102-13/+1
| | | | | | This reverts commit r299696, which is causing mysterious test failures. llvm-svn: 299880
* Revert "[asan] Fix dead stripping of globals on Linux."Evgeniy Stepanov2017-04-103-15/+9
| | | | | | This reverts commit r299697, which caused a big increase in object file size. llvm-svn: 299879
* Add address space mangling to lifetime intrinsicsMatt Arsenault2017-04-1011-81/+81
| | | | | | In preparation for allowing allocas to have non-0 addrspace. llvm-svn: 299876
* [asan] Fix dead stripping of globals on Linux.Evgeniy Stepanov2017-04-063-9/+15
| | | | | | | | | | | | | | | | | | | | | | | Use a combination of !associated, comdat, @llvm.compiler.used and custom sections to allow dead stripping of globals and their asan metadata. Sometimes. Currently this works on LLD, which supports SHF_LINK_ORDER with sh_link pointing to the associated section. This also works on BFD, which seems to treat comdats as all-or-nothing with respect to linker GC. There is a weird quirk where the "first" global in each link is never GC-ed because of the section symbols. At this moment it does not work on Gold (as in the globals are never stripped). This is a re-land of r298158 rebased on D31358. This time, asan.module_ctor is put in a comdat as well to avoid quadratic behavior in Gold. llvm-svn: 299697
* [asan] Put ctor/dtor in comdat.Evgeniy Stepanov2017-04-062-1/+13
| | | | | | | | | | | | | | | | | | When possible, put ASan ctor/dtor in comdat. The only reason not to is global registration, which can be TU-specific. This is not the case when there are no instrumented globals. This is also limited to ELF targets, because MachO does not have comdat, and COFF linkers may GC comdat constructors. The benefit of this is a lot less __asan_init() calls: one per DSO instead of one per TU. It's also necessary for the upcoming gc-sections-for-globals change on Linux, where multiple references to section start symbols trigger quadratic behaviour in gold linker. This is a rebase of r298756. llvm-svn: 299696
* [asan] Delay creation of asan ctor.Evgeniy Stepanov2017-04-061-2/+2
| | | | | | | | | | | Create the constructor in the module pass. This in needed for the GC-friendly globals change, where the constructor can be put in a comdat in some cases, but we don't know about that in the function pass. This is a rebase of r298731 which was reverted due to a false alarm. llvm-svn: 299695
* Revert "[asan] Delay creation of asan ctor."Alex Shlyapnikov2017-03-271-2/+2
| | | | | | | | Speculative revert. Some libfuzzer tests are affected. This reverts commit r298731. llvm-svn: 298890
* Revert "[asan] Put ctor/dtor in comdat."Alex Shlyapnikov2017-03-272-13/+1
| | | | | | | | Speculative revert, some libfuzzer tests are affected. This reverts commit r298756. llvm-svn: 298889
* [asan] Put ctor/dtor in comdat.Evgeniy Stepanov2017-03-252-1/+13
| | | | | | | | | | | | | | | | When possible, put ASan ctor/dtor in comdat. The only reason not to is global registration, which can be TU-specific. This is not the case when there are no instrumented globals. This is also limited to ELF targets, because MachO does not have comdat, and COFF linkers may GC comdat constructors. The benefit of this is a lot less __asan_init() calls: one per DSO instead of one per TU. It's also necessary for the upcoming gc-sections-for-globals change on Linux, where multiple references to section start symbols trigger quadratic behaviour in gold linker. llvm-svn: 298756
* [asan] Delay creation of asan ctor.Evgeniy Stepanov2017-03-241-2/+2
| | | | | | | | | Create the constructor in the module pass. This in needed for the GC-friendly globals change, where the constructor can be put in a comdat in some cases, but we don't know about that in the function pass. llvm-svn: 298731
* [sancov] Don't instrument blocks with no insertion pointReid Kleckner2017-03-231-0/+111
| | | | | | | | | | | | | This prevents crashes when attempting to instrument functions containing C++ try. Sanitizer coverage will still fail at runtime when an exception is thrown through a sancov instrumented function, but that seems marginally better than what we have now. The full solution is to color the blocks in LLVM IR and only instrument blocks that have an unambiguous color, using the appropriate token. llvm-svn: 298662
* Revert r298158.Evgeniy Stepanov2017-03-203-15/+9
| | | | | | | | Revert "[asan] Fix dead stripping of globals on Linux." OOM in gold linker. llvm-svn: 298288
* [asan] Fix dead stripping of globals on Linux.Evgeniy Stepanov2017-03-173-9/+15
| | | | | | | | | | | | | | | | | | | | | Use a combination of !associated, comdat, @llvm.compiler.used and custom sections to allow dead stripping of globals and their asan metadata. Sometimes. Currently this works on LLD, which supports SHF_LINK_ORDER with sh_link pointing to the associated section. This also works on BFD, which seems to treat comdats as all-or-nothing with respect to linker GC. There is a weird quirk where the "first" global in each link is never GC-ed because of the section symbols. At this moment it does not work on Gold (as in the globals are never stripped). Differential Revision: https://reviews.llvm.org/D30121 llvm-svn: 298158
* Resubmit r297897: [PGO] Value profile for size of memory intrinsic callsRong Xu2017-03-162-5/+5
| | | | | | | R297897 inadvertently enabled annotation for memop profiling. This new patch fixed it. llvm-svn: 297996
* Revert "[PGO] Value profile for size of memory intrinsic calls"Eric Liu2017-03-162-5/+5
| | | | | | This commit reverts r297897 and r297909. llvm-svn: 297951
* [PGO] Value profile for size of memory intrinsic callsRong Xu2017-03-152-5/+5
| | | | | | | | | This patch adds the value profile support to profile the size parameter of memory intrinsic calls: memcpy, memcmp, and memmov. Differential Revision: http://reviews.llvm.org/D28965 llvm-svn: 297897
* [msan] Handle x86_sse_stmxcsr and x86_sse_ldmxcsr.Evgeniy Stepanov2017-03-031-0/+52
| | | | llvm-svn: 296848
* [msan] Fix instrumentation of array allocas.Evgeniy Stepanov2017-02-241-0/+59
| | | | | | | Before this, MSan poisoned exactly one element of any array alloca, even if the number of elements was zero. llvm-svn: 296050
* [AddressSanitizer] Add PS4 offsetFilipe Cabecinhas2017-02-231-0/+14
| | | | llvm-svn: 295994
* opt: Rename -default-data-layout flag to -data-layout and make it always ↵Peter Collingbourne2017-02-171-2/+2
| | | | | | | | | | override the layout. There isn't much point in a flag that only works if the data layout is empty. Differential Revision: https://reviews.llvm.org/D30014 llvm-svn: 295468
* AddressSanitizer: don't track swifterror memory addressesArnold Schwaighofer2017-02-151-0/+26
| | | | | | | | | | | | | | They are register promoted by ISel and so it makes no sense to treat them as memory. Inserting calls to the thread sanitizer would also generate invalid IR. You would hit: "swifterror value can only be loaded and stored from, or as a swifterror argument!" llvm-svn: 295230
* ThreadSanitizer: don't track swifterror memory addressesArnold Schwaighofer2017-02-151-0/+24
| | | | | | | | | | | | | | They are register promoted by ISel and so it makes no sense to treat them as memory. Inserting calls to the thread sanitizer would also generate invalid IR. You would hit: "swifterror value can only be loaded and stored from, or as a swifterror argument!" llvm-svn: 295215
* Re-apply "[profiling] Remove dead profile name vars after emitting name data"Vedant Kumar2017-02-143-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | This reverts 295092 (re-applies 295084), with a fix for dangling references from the array of coverage names passed down from frontends. I missed this in my initial testing because I only checked test/Profile, and not test/CoverageMapping as well. Original commit message: The profile name variables passed to counter increment intrinsics are dead after we emit the finalized name data in __llvm_prf_nm. However, we neglect to erase these name variables. This causes huge size increases in the __TEXT,__const section as well as slowdowns when linker dead stripping is disabled. Some affected projects are so massive that they fail to link on Darwin, because only the small code model is supported. Fix the issue by throwing away the name constants as soon as we're done with them. Differential Revision: https://reviews.llvm.org/D29921 llvm-svn: 295099
* Revert "[profiling] Remove dead profile name vars after emitting name data"Vedant Kumar2017-02-143-7/+7
| | | | | | | | This reverts commit r295084. There is a test failure on: http://lab.llvm.org:8011/builders/clang-atom-d525-fedora-rel/builds/2620/ llvm-svn: 295092
OpenPOWER on IntegriCloud