From 140c81ebe12daaf9b4caacf171ba7a85b2fc76ed Mon Sep 17 00:00:00 2001 From: Eugene Zelenko Date: Wed, 23 Jan 2019 20:39:07 +0000 Subject: [Documentation] Use HTTPS whenever possible Differential revision: https://reviews.llvm.org/D56946 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@351976 91177308-0d34-0410-b5e6-96231b3b80d8 --- docs/SanitizerCoverage.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs/SanitizerCoverage.rst') diff --git a/docs/SanitizerCoverage.rst b/docs/SanitizerCoverage.rst index f3f13c8317..728aa2f77f 100644 --- a/docs/SanitizerCoverage.rst +++ b/docs/SanitizerCoverage.rst @@ -222,9 +222,9 @@ It contains 3 basic blocks, let's name them A, B, C: If blocks A, B, and C are all covered we know for certain that the edges A=>B and B=>C were executed, but we still don't know if the edge A=>C was executed. Such edges of control flow graph are called -`critical `_. The -edge-level coverage simply splits all critical -edges by introducing new dummy blocks and then instruments those blocks: +`critical `_. +The edge-level coverage simply splits all critical edges by introducing new +dummy blocks and then instruments those blocks: .. code-block:: none -- cgit v1.2.3 From e547ac93b1f29de11229551510baa6ee6ac3b8d6 Mon Sep 17 00:00:00 2001 From: Kostya Serebryany Date: Thu, 31 Jan 2019 23:43:00 +0000 Subject: [sanitizer-coverage] prune trace-cmp instrumentation for CMP isntructions that feed into the backedge branch. Instrumenting these CMP instructions is almost always useless (and harmful) for fuzzing git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@352818 91177308-0d34-0410-b5e6-96231b3b80d8 --- docs/SanitizerCoverage.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs/SanitizerCoverage.rst') diff --git a/docs/SanitizerCoverage.rst b/docs/SanitizerCoverage.rst index 728aa2f77f..c5c50a5dd9 100644 --- a/docs/SanitizerCoverage.rst +++ b/docs/SanitizerCoverage.rst @@ -248,6 +248,9 @@ and with ``-fsanitize-coverage=trace-gep`` -- the `LLVM GEP instructions `_ (to capture array indices). +Unless ``no-prune`` option is provided, some of the comparison instructions +will not be instrumented. + .. code-block:: c++ // Called before a comparison instruction. -- cgit v1.2.3 From aa117bd55e0d8e249f08c7072dda226804066438 Mon Sep 17 00:00:00 2001 From: Max Moroz Date: Fri, 1 Feb 2019 17:12:35 +0000 Subject: Update SanitizerCoverage doc regarding the issue with pc-table and gc-sections. Summary: There is a bug for this: https://bugs.llvm.org/show_bug.cgi?id=34636 But it would be also helpful to leave a note in the docs to prevent users from running into issues, e.g. https://crbug.com/926588. Reviewers: morehouse Reviewed By: morehouse Subscribers: cfe-commits, llvm-commits, kcc Tags: #clang Differential Revision: https://reviews.llvm.org/D57474 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@352890 91177308-0d34-0410-b5e6-96231b3b80d8 --- docs/SanitizerCoverage.rst | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docs/SanitizerCoverage.rst') diff --git a/docs/SanitizerCoverage.rst b/docs/SanitizerCoverage.rst index c5c50a5dd9..c7cd853dd6 100644 --- a/docs/SanitizerCoverage.rst +++ b/docs/SanitizerCoverage.rst @@ -144,6 +144,11 @@ PC-Table **Experimental, may change or disappear in future** +**Note:** this instrumentation might be incompatible with dead code stripping +(``-Wl,-gc-sections``) for linkers other than LLD, thus resulting in a +significant binary size overhead. For more information, see +`Bug 34636 `_. + With ``-fsanitize-coverage=pc-table`` the compiler will create a table of instrumented PCs. Requires either ``-fsanitize-coverage=inline-8bit-counters`` or ``-fsanitize-coverage=trace-pc-guard``. -- cgit v1.2.3