| #
8ad41557 |
| 17-Sep-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage] change trace-pc to use 8-byte guards
llvm-svn: 281809
|
| #
66a9c175 |
| 15-Sep-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage] make trace-pc-guard and indirect-call work together
llvm-svn: 281665
|
| #
da718e55 |
| 14-Sep-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage] add yet another flavour of coverage instrumentation: trace-pc-guard. The intent is to eventually replace all of {bool coverage, 8bit-counters, trace-pc} with just this one. LLVM
[sanitizer-coverage] add yet another flavour of coverage instrumentation: trace-pc-guard. The intent is to eventually replace all of {bool coverage, 8bit-counters, trace-pc} with just this one. LLVM part
llvm-svn: 281431
show more ...
|
| #
5ac427b8 |
| 30-Aug-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage] add two more modes of instrumentation: trace-div and trace-gep, mostly usaful for value-profile-based fuzzing; llvm part
llvm-svn: 280043
|
|
Revision tags: llvmorg-3.9.0, llvmorg-3.9.0-rc3, llvmorg-3.9.0-rc2 |
|
| #
524c3f32 |
| 18-Aug-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage/libFuzzer] instrument comparisons with __sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these
[sanitizer-coverage/libFuzzer] instrument comparisons with __sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these new callbacks in libFuzzer
llvm-svn: 279027
show more ...
|
|
Revision tags: llvmorg-3.9.0-rc1 |
|
| #
dd5c7f93 |
| 14-Jul-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage] make sure that calls to __sanitizer_cov_trace_pc are not merged (otherwise different calls get the same PC and confuse fuzzers)
llvm-svn: 275449
|
|
Revision tags: llvmorg-3.8.1, llvmorg-3.8.1-rc1 |
|
| #
70ea4530 |
| 06-Apr-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] enabling coverage edge pruning by default.
Differential Revision: http://reviews.llvm.org/D18844
llvm-svn: 265615
|
| #
800f87a8 |
| 06-Apr-2016 |
JF Bastien <jfb@google.com> |
NFC: make AtomicOrdering an enum class
Summary:
In the context of http://wg21.link/lwg2445 C++ uses the concept of
'stronger' ordering but doesn't define it properly. This should be fixed
in C++17 b
NFC: make AtomicOrdering an enum class
Summary:
In the context of http://wg21.link/lwg2445 C++ uses the concept of
'stronger' ordering but doesn't define it properly. This should be fixed
in C++17 barring a small question that's still open.
The code currently plays fast and loose with the AtomicOrdering
enum. Using an enum class is one step towards tightening things. I later
also want to tighten related enums, such as clang's
AtomicOrderingKind (which should be shared with LLVM as a 'C++ ABI'
enum).
This change touches a few lines of code which can be improved later, I'd
like to keep it as NFC for now as it's already quite complex. I have
related changes for clang.
As a follow-up I'll add:
bool operator<(AtomicOrdering, AtomicOrdering) = delete;
bool operator>(AtomicOrdering, AtomicOrdering) = delete;
bool operator<=(AtomicOrdering, AtomicOrdering) = delete;
bool operator>=(AtomicOrdering, AtomicOrdering) = delete;
This is separate so that clang and LLVM changes don't need to be in sync.
Reviewers: jyknight, reames
Subscribers: jyknight, llvm-commits
Differential Revision: http://reviews.llvm.org/D18775
llvm-svn: 265602
show more ...
|
| #
01c0f8d8 |
| 01-Apr-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] save entry block from pruning (it is always full dominator)
llvm-svn: 265168
|
| #
9987f43f |
| 23-Mar-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] code readability improvement.
Summary: Reply to http://reviews.llvm.org/D18341
Differential Revision: http://reviews.llvm.org/D18406
llvm-svn: 264213
|
| #
602f7927 |
| 21-Mar-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] do not instrument nodes that are full pre-dominators
Summary:
Without tree pruning clang has 2,667,552 points.
Wiht only dominators pruning: 1,515,586.
With both dominators & predominators
[sancov] do not instrument nodes that are full pre-dominators
Summary:
Without tree pruning clang has 2,667,552 points.
Wiht only dominators pruning: 1,515,586.
With both dominators & predominators pruning: 1,340,534.
Resubmit of r262103.
Differential Revision: http://reviews.llvm.org/D18341
llvm-svn: 264003
show more ...
|
| #
759aca01 |
| 18-Mar-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] clang-formatting SanitizerCoverage.cpp and fully pleasing clang-tidy.
Differential Revision: http://reviews.llvm.org/D18288
llvm-svn: 263852
|
| #
3006115c |
| 18-Mar-2016 |
Chandler Carruth <chandlerc@gmail.com> |
Revert "Revert "[sancov] specifying sanitizer coverage dependencies.""
This reverts commit r263825, re-instating r263797.
llvm-svn: 263847
|
| #
e2b7021a |
| 18-Mar-2016 |
Chandler Carruth <chandlerc@gmail.com> |
[sancov] Fix the sancov pass to initialize itself inside its
constructor. This should fix the recent crashes on certain
architectures.
llvm-svn: 263845
|
| #
075ed3ee |
| 18-Mar-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
Revert "[sancov] specifying sanitizer coverage dependencies."
This fails on arm.
This reverts commit 52c8e0f7119d1ea1050c0708565a8c92b73386d2.
llvm-svn: 263825
|
| #
4f7994c8 |
| 18-Mar-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] specifying sanitizer coverage dependencies.
Summary:
These dependencies would be used in the future to reduce the number
of instrumented blocks(http://reviews.llvm.org/rL262103)
This is su
[sancov] specifying sanitizer coverage dependencies.
Summary:
These dependencies would be used in the future to reduce the number
of instrumented blocks(http://reviews.llvm.org/rL262103)
This is submitted as a separate CL because of previous problems with
ARM.
Subscribers: aemerson
Differential Revision: http://reviews.llvm.org/D18227
llvm-svn: 263797
show more ...
|
| #
adebb937 |
| 11-Mar-2016 |
Pete Cooper <peter_cooper@apple.com> |
Remove llvm::getDISubprogram in favor of Function::getSubprogram
llvm::getDISubprogram walks the instructions in a function, looking for one in the scope of the current function, so that it can find
Remove llvm::getDISubprogram in favor of Function::getSubprogram
llvm::getDISubprogram walks the instructions in a function, looking for one in the scope of the current function, so that it can find the !dbg entry for the subprogram itself.
Now that !dbg is attached to functions, this should not be necessary. This patch changes all uses to just query the subprogram directly on the function.
Ideally this should be NFC, but in reality its possible that a function:
has no !dbg (in which case there's likely a bug somewhere in an opt pass), or
that none of the instructions had a scope referencing the function, so we used to not find the !dbg on the function but now we will
Reviewed by Duncan Exon Smith.
Differential Revision: http://reviews.llvm.org/D18074
llvm-svn: 263184
show more ...
|
|
Revision tags: llvmorg-3.8.0 |
|
| #
9a5419ec |
| 27-Feb-2016 |
Renato Golin <renato.golin@linaro.org> |
Revert "[sancov] do not instrument nodes that are full pre-dominators"
This reverts commit r262103, as it broke all ARM and AArch64 bots.
llvm-svn: 262139
|
| #
90562849 |
| 27-Feb-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] properly initializing pass.
llvm-svn: 262111
|
| #
3c767db3 |
| 27-Feb-2016 |
Kostya Serebryany <kcc@google.com> |
[libFuzzer] don't emit callbacks to sanitizer run-time in -fsanitize-coverage=trace-pc mode; update libFuzzer doc for previous commit
llvm-svn: 262110
|
| #
9b53ab71 |
| 27-Feb-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] do not instrument nodes that are full pre-dominators
Summary:
Without tree pruning clang has 2,667,552 points.
Wiht only dominators pruning: 1,515,586.
With both dominators & predominators
[sancov] do not instrument nodes that are full pre-dominators
Summary:
Without tree pruning clang has 2,667,552 points.
Wiht only dominators pruning: 1,515,586.
With both dominators & predominators pruning: 1,340,534.
Differential Revision: http://reviews.llvm.org/D17671
llvm-svn: 262103
show more ...
|
| #
5971f181 |
| 26-Feb-2016 |
Mike Aizatsky <aizatsky@chromium.org> |
[sancov] Pruning full dominator blocks from instrumentation.
Summary:
This is the first simple attempt to reduce number of coverage-
instrumented blocks.
If a basic block dominates all its successo
[sancov] Pruning full dominator blocks from instrumentation.
Summary:
This is the first simple attempt to reduce number of coverage-
instrumented blocks.
If a basic block dominates all its successors, then its coverage
information is useless to us. Ingore such blocks if
santizer-coverage-prune-tree option is set.
Differential Revision: http://reviews.llvm.org/D17626
llvm-svn: 261949
show more ...
|
|
Revision tags: llvmorg-3.8.0-rc3 |
|
| #
d4590c73 |
| 17-Feb-2016 |
Kostya Serebryany <kcc@google.com> |
[sanitizer-coverage] implement -fsanitize-coverage=trace-pc. This is similar to trace-bb, but has a different API. We already use the equivalent flag in GCC for Linux kernel fuzzing. We may be able t
[sanitizer-coverage] implement -fsanitize-coverage=trace-pc. This is similar to trace-bb, but has a different API. We already use the equivalent flag in GCC for Linux kernel fuzzing. We may be able to use this flag with AFL too
llvm-svn: 261159
show more ...
|
|
Revision tags: llvmorg-3.8.0-rc2, llvmorg-3.8.0-rc1 |
|
| #
da00f2fd |
| 14-Jan-2016 |
Rui Ueyama <ruiu@google.com> |
Update to use new name alignTo().
llvm-svn: 257804
|
| #
af674fbf |
| 14-Dec-2015 |
Sanjay Patel <spatel@rotateright.com> |
getParent() ^ 3 == getModule() ; NFCI
llvm-svn: 255511
|