maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
244,958 Commits 23 Branches 0 Tags 2.2 GiB
Commit Graph

13 Commits

Author SHA1 Message Date
Kostya Serebryany 60cdd6113f [sanitizer-coverage] add yet another flavour of coverage instrumentation: trace-pc-guard. The intent is to eventually replace all of {bool coverage, 8bit-counters, trace-pc} with just this one. Clang part 
llvm-svn: 281432
 2016-09-14 01:39:49 +00:00
Kostya Serebryany 3b41971763 [sanitizer-coverage] add two more modes of instrumentation: trace-div and trace-gep, mostly usaful for value-profile-based fuzzing; clang part 
llvm-svn: 280044
 2016-08-30 01:27:03 +00:00
Evgeniy Stepanov 5b49eb42c5 [sanitizer] Allow sanitize coverage w/o sanitizers. 
The reason is that this (a) seems to work just fine and (b) useful when building stuff with
sanitizer+coverage, but need to exclude the sanitizer for a particular source file.

llvm-svn: 272717
 2016-06-14 21:33:40 +00:00
Kostya Serebryany f5b25f83e3 [sanitizer-coverage] make sure coverage flags are not passed to clang if the driver thinks they are unused 
llvm-svn: 266673
 2016-04-18 21:30:17 +00:00
Kostya Serebryany 578787ad30 [libFuzzer] allow -fsanitize-coverage=0 (disables all coverage) 
llvm-svn: 262503
 2016-03-02 19:16:54 +00:00
Nico Weber 4152f522aa Make deprecation message for -fsanitize-coverage= with numeric argument friendlier. 
http://reviews.llvm.org/D17397

llvm-svn: 261247
 2016-02-18 19:32:54 +00:00
Kostya Serebryany 52e86493e3 [sanitizer-coverage] allow -fsanitize-coverage=trace-pc w/o any other sanitizer and w/o ...=[func,bb,edge]. This makes this syntax a superset of the GCC's syntax 
llvm-svn: 261182
 2016-02-18 00:49:23 +00:00
Kostya Serebryany 8e3061b865 [sanitizer-coverage] add a deprecation warning for -fsanitize-coverage=[1234] 
llvm-svn: 261178
 2016-02-17 23:57:17 +00:00
Kostya Serebryany d4590c7304 [sanitizer-coverage] implement -fsanitize-coverage=trace-pc. This is similar to trace-bb, but has a different API. We already use the equivalent flag in GCC for Linux kernel fuzzing. We may be able to use this flag with AFL too 
llvm-svn: 261159
 2016-02-17 21:34:43 +00:00
Alexey Samsonov c079df09a6 Add target flag to clang-cl invocation in this test. 
llvm-svn: 246804
 2015-09-03 20:53:14 +00:00
Alexey Samsonov de0aff3e91 [Driver] Improve unused-argument diagnostic for extra sanitizer features. 
Don't print unused-argument warning for sanitizer-specific feature flag
if this sanitizer was eanbled, and later disabled in the command line.
For example, now:
  clang -fsanitize=address -fsanitize-coverage=bb -fno-sanitize=address a.cc
doesn't print warning, but
  clang -fsanitize-coverage=bb
does. Same holds for -fsanitize-address-field-padding= and
-fsanitize-memory-track-origins= flags.

Fixes PR23604.

llvm-svn: 237870
 2015-05-21 01:07:52 +00:00
Alexey Samsonov dfa908c8d5 [SanitizerCoverage] Implement user-friendly -fsanitize-coverage= flags. 
Summary:
Possible coverage levels are:
  * -fsanitize-coverage=func - function-level coverage
  * -fsanitize-coverage=bb - basic-block-level coverage
  * -fsanitize-coverage=edge - edge-level coverage

Extra features are:
  * -fsanitize-coverage=indirect-calls - coverage for indirect calls
  * -fsanitize-coverage=trace-bb - tracing for basic blocks
  * -fsanitize-coverage=trace-cmp - tracing for cmp instructions
  * -fsanitize-coverage=8bit-counters - frequency counters

Levels and features can be combined in comma-separated list, and
can be disabled by subsequent -fno-sanitize-coverage= flags, e.g.:
  -fsanitize-coverage=bb,trace-bb,8bit-counters -fno-sanitize-coverage=trace-bb
is equivalient to:
  -fsanitize-coverage=bb,8bit-counters

Original semantics of -fsanitize-coverage flag is preserved:
  * -fsanitize-coverage=0 disables the coverage
  * -fsanitize-coverage=1 is a synonym for -fsanitize-coverage=func
  * -fsanitize-coverage=2 is a synonym for -fsanitize-coverage=bb
  * -fsanitize-coverage=3 is a synonym for -fsanitize-coverage=edge
  * -fsanitize-coverage=4 is a synonym for -fsanitize-coverage=edge,indirect-calls

Driver tries to diagnose invalid flag usage, in particular:
  * At most one level (func,bb,edge) must be specified.
  * "trace-bb" and "8bit-counters" features require some level to be specified.

See test case for more examples.

Test Plan: regression test suite

Reviewers: kcc

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D9577

llvm-svn: 236790
 2015-05-07 22:34:06 +00:00
Alexey Samsonov 3f3b3abe2b [SanitizerCoverage] Give clang-cc1 the power to precisly specify needed sanitizier coverage mode. 
Summary:
The next step is to add user-friendly control over these options
to driver via -fsanitize-coverage= option.

Test Plan: regression test suite

Reviewers: kcc

Subscribers: cfe-commits

Differential Revision: http://reviews.llvm.org/D9545

llvm-svn: 236756
 2015-05-07 18:31:29 +00:00