Disables certain CMP optimizations to improve fuzzing signal under -O1
and -O2.
Switches all fuzzer tests to -O2 except for a few leak tests where the
leak is optimized out under -O2.
Paths
| Differential D44798
[libFuzzer] Use OptForFuzzing attribute with -fsanitize=fuzzer. ClosedPublic Authored by morehouse on Mar 22 2018, 12:08 PM.
Details
Summary Disables certain CMP optimizations to improve fuzzing signal under -O1 Switches all fuzzer tests to -O2 except for a few leak tests where the
Diff Detail
Event TimelineComment Actions 16-bit variables are switched to 32-bit variables in SwapCmpTest.cpp and SimpleCmpTest.cpp. This is because those tests rely on libFuzzer's TraceCMP heuristic to pass, but 16-bit compares are not considered for the heuristic. The only reason the test used to pass was because under -O0 16-bit compares are promoted to 32-bit compares. vitalybuka added inline comments.
This revision is now accepted and ready to land.Mar 22 2018, 1:58 PM Closed by commit rC328384: [libFuzzer] Use OptForFuzzing attribute with -fsanitize=fuzzer. (authored by morehouse). · Explain WhyMar 23 2018, 4:40 PM This revision was automatically updated to reflect the committed changes.
Revision Contents
Diff 139673 clang/lib/CodeGen/CodeGenFunction.cpp
compiler-rt/test/fuzzer/SimpleCmpTest.cpp
compiler-rt/test/fuzzer/SwapCmpTest.cpp
compiler-rt/test/fuzzer/fuzzer-leak.test
compiler-rt/test/fuzzer/lit.cfg
compiler-rt/test/fuzzer/trace-malloc-threaded.test
|
Maybe instead of new substitutions, better just explicitly add -O0 into tests