0873be2ad0
[libFuzzer] experimental support for Clang's coverage (fprofile-instr-generate), Linux-only
...
llvm-svn: 310771
2017-08-11 23:03:22 +00:00
7235bcdf8f
[libFuzzer] Update LibFuzzer w.r.t. the new comparisons instrumentation API
...
Added the _sanitizer_cov_trace_const_cmp[1248] callbacks.
For now they are implemented the same way as _sanitizer_cov_trace_cmp[1248].
For more details, please see https://reviews.llvm.org/D36465 .
Patch by Victor Chibotaru.
llvm-svn: 310592
2017-08-10 14:01:45 +00:00
e863796dca
[libFuzzer] simplify code, NFC
...
llvm-svn: 310326
2017-08-08 00:17:20 +00:00
22e5f9a16a
[libFuzzer] remove stale code
...
llvm-svn: 310325
2017-08-08 00:14:49 +00:00
854be98c93
[libFuzzer] simplify the implementation of -print_coverage=1
...
llvm-svn: 310324
2017-08-08 00:12:09 +00:00
be7a35769d
[libFuzzer] print PCs using the in-binary PC-table instead of relying on PCs captured at run-time
...
llvm-svn: 310148
2017-08-04 23:13:58 +00:00
4f2970037a
[libFuzzer] enable -fsanitize-coverage=pc-table for all tests
...
llvm-svn: 309646
2017-08-01 00:48:44 +00:00
b2a1eba2f5
[libFuzzer] implement __sanitizer_cov_pcs_init and add pc-table to build flags for one test (for now)
...
llvm-svn: 309615
2017-07-31 20:20:59 +00:00
f14996b962
[libFuzzer] improve support for inline-8bit-counters (make it more correct and faster)
...
llvm-svn: 309443
2017-07-28 22:00:56 +00:00
e55828c740
[libFuzzer] prototype implementation of recursion-depth coverage features (commented out; real implementation needs to use inlined instrumentation)
...
llvm-svn: 308577
2017-07-20 01:35:17 +00:00
f64b8487f9
[libFuzzer] simplify the handling of memmem/strstr
...
llvm-svn: 307977
2017-07-14 00:06:27 +00:00
697f2159bb
[libFuzzer] move code around; NFC
...
llvm-svn: 307973
2017-07-13 22:30:23 +00:00
f2d4dcb888
[libFuzzer] initial support of -fsanitize-coverage=inline-8bit-counters in libFuzzer. This is not fully functional yet, but simple tests work
...
llvm-svn: 305331
2017-06-13 22:31:21 +00:00
6bda14b313
Sort the remaining #include lines in include/... and lib/....
...
I did this a long time ago with a janky python script, but now
clang-format has built-in support for this. I fed clang-format every
line with a #include and let it re-sort things according to the precise
LLVM rules for include ordering baked into clang-format these days.
I've reverted a number of files where the results of sorting includes
isn't healthy. Either places where we have legacy code relying on
particular include ordering (where possible, I'll fix these separately)
or where we have particular formatting around #include lines that
I didn't want to disturb in this patch.
This patch is *entirely* mechanical. If you get merge conflicts or
anything, just ignore the changes in this patch and run clang-format
over your #include lines in the files.
Sorry for any noise here, but it is important to keep these things
stable. I was seeing an increasing number of patches with irrelevant
re-ordering of #include lines because clang-format was used. This patch
at least isolates that churn, makes it easy to skip when resolving
conflicts, and gets us to a clean baseline (again).
llvm-svn: 304787
2017-06-06 11:49:48 +00:00
d7d1d517ee
[libFuzzer] best effort support for -fsanitize-coverage=trace-pc instrumentation. It is less efficient and precise than -fsanitize-coverage=trace-pc-guard, but still works
...
llvm-svn: 299046
2017-03-30 01:27:20 +00:00
6ca44f9161
[libFuzzer] create experimental support for user-provided coverage signal
...
llvm-svn: 298654
2017-03-23 22:43:12 +00:00
7acabdc497
[libFuzzer] inline the code of __sanitizer_cov_trace_pc_guard into it
...
llvm-svn: 298032
2017-03-17 01:45:15 +00:00
e81f9cc63d
[libFuzzer] Use stoull instead of stol to ensure 64 bits.
...
Differential revision: https://reviews.llvm.org/D29831
llvm-svn: 294769
2017-02-10 18:44:14 +00:00
5a53567620
[libFuzzer] Use long long to ensure 64 bits.
...
We should always use unsigned long long to ensure 64 bits. On Windows, unsigned
long is 4 bytes. This was the reason why value-profile-cmp4.test was failing on
Windows.
Differential Revision: https://reviews.llvm.org/D29617
llvm-svn: 294390
2017-02-08 00:03:31 +00:00
9f8e47b28c
[libFuzzer] properly hide the memcmp interceptor from msan
...
llvm-svn: 294061
2017-02-03 22:51:38 +00:00
1b65812267
[libfuzzer] chromium-related compilation fixes
...
Reviewers: kcc
Differential Revision: https://reviews.llvm.org/D29502
llvm-svn: 294035
2017-02-03 20:26:44 +00:00
68382d0900
[libFuzzer] reorganize the tracing code to make it easier to experiment with inlined coverage instrumentation. NFC
...
llvm-svn: 293928
2017-02-02 19:56:01 +00:00
70182deaae
[libFuzzer] simplify the value profiling callback further: don't use (idx MOD prime) on the hot path where it is useless anyway
...
llvm-svn: 293239
2017-01-27 00:39:12 +00:00
8e9ac42742
[libFuzzer] make sure (again) that __builtin_popcountl is compiled into popcnt
...
llvm-svn: 293237
2017-01-27 00:20:55 +00:00
7f058972ee
[libFuzzer] simplify the value profile code and disable asan/msan on it
...
llvm-svn: 293236
2017-01-27 00:09:59 +00:00
7856fb36b0
[libFuzzer] further simplify __sanitizer_cov_trace_pc_guard
...
llvm-svn: 293128
2017-01-26 01:34:58 +00:00
d0ecb4c69e
[libFuzzer] simplify the code for __sanitizer_cov_trace_pc_guard and make sure it is not asan/msan-instrumented
...
llvm-svn: 293125
2017-01-26 01:04:54 +00:00
7c021afef2
[libFuzzer] don't call GetPreviousInstructionPc on the hot path -- only when dumping the PCs
...
llvm-svn: 293117
2017-01-26 00:22:08 +00:00
6bdd8fc5b6
[libFuzzer] make sure we use the feedback from std::string operator ==
...
llvm-svn: 292835
2017-01-23 22:11:04 +00:00
62c8fc571a
[libFuzzer] Portably disassemble and find calls to sanitizer_cov_trace_pc_guard.
...
Instead of directly using objdump, which is not present on Windows, we consider
different tools depending on the platform.
For Windows, we consider dumpbin and llvm-objdump.
Differential Revision: https://reviews.llvm.org/D28635
llvm-svn: 292739
2017-01-22 01:58:26 +00:00
60cc2fbba1
[libFuzzer] Portable implementation of `IsInterestingCoverageFile()`.
...
For Posix systems and Windows, we need to consider different cases.
Differential Revision: https://reviews.llvm.org/D28633
llvm-svn: 292738
2017-01-22 01:27:47 +00:00
6137f98c2a
[libFuzzer] Expose Sanitizer Coverage functions from libFuzzer.
...
We need to expose Sanitizer Coverage's functions that are rewritten with a
different implementation, so compiler-rt's libraries have access to it.
Differential Revision: https://reviews.llvm.org/D28618
llvm-svn: 292736
2017-01-22 01:27:38 +00:00
963ffd6485
[libFuzzer] fix gcc build
...
llvm-svn: 292695
2017-01-21 01:08:22 +00:00
eee8b4a617
[libFuzzer] call __sanitizer_dump_coverage via EF
...
llvm-svn: 292681
2017-01-20 23:35:29 +00:00
0e37f8e41d
[libfuzzer] fixing collected pc addresses for coverage
...
Summary: The causes google/ossfuzz#84
Reviewers: kcc
Subscribers: mgorny
Differential Revision: https://reviews.llvm.org/D28827
llvm-svn: 292289
2017-01-17 23:11:32 +00:00
1d8c2ce97e
[libFuzzer] use table of recent compares for memcmp/strcmp (to unify the code between cmp and memcmp handling)
...
llvm-svn: 292287
2017-01-17 23:09:05 +00:00
4986e819dc
[libFuzzer] disable -print_pcs by default (was enabled by mistake)
...
llvm-svn: 290899
2017-01-03 18:51:28 +00:00
11a22bc39d
[libFuzzer] cleaner implementation of -print_pcs=1
...
llvm-svn: 290739
2016-12-30 01:13:07 +00:00
d723804fa2
[libFuzzer] make __sanitizer_cov_trace_switch more predictable
...
llvm-svn: 290703
2016-12-29 02:50:35 +00:00
9b415be1bf
[libfuzzer] dump_coverage command line flag
...
Reviewers: kcc, vitalybuka
Differential Revision: https://reviews.llvm.org/D27942
llvm-svn: 290138
2016-12-19 22:18:08 +00:00
01c82f50f7
[libFuzzer] speed up __sanitizer_cov_trace_switch a bit more (remove DIV)
...
llvm-svn: 290034
2016-12-17 02:23:35 +00:00
00e638e642
[libFuzzer] when tracing switch statements, handle only one case at a time (to make things faster). Also ensure that the signals from value profile do not intersect with the regular coverage
...
llvm-svn: 290031
2016-12-17 02:03:34 +00:00
3a4e2dd92f
[libFuzzer] avoid msan false positives in more cases
...
llvm-svn: 289999
2016-12-16 22:45:25 +00:00
d9d9a54511
[libFuzzer] disable msan for one more hook that reads target's data that might be uninitialized
...
llvm-svn: 289680
2016-12-14 18:13:02 +00:00
1394ce2aa2
[libFuzzer] use __sanitizer_get_module_and_offset_for_pc to get the module name while printing the coverage
...
llvm-svn: 289310
2016-12-10 01:19:35 +00:00
fe1094b811
[libFuzzer] refactor the code to allow collecting features in different ways. Also initialize a couple of Fuzzer:: members that might have been used uninitialized :(
...
llvm-svn: 288731
2016-12-05 23:35:22 +00:00
1cba0a96e7
[libFuzzer] extend -print_coverage to print the comma-separated list of covered dirs. Note: the Windows stub for DirName is left unimplemented
...
llvm-svn: 288276
2016-11-30 21:53:32 +00:00
24a148b1d4
[LibFuzzer] Split up some functions among different headers.
...
In an effort to get libfuzzer working on Windows, we need to make
a distinction between what functions require platform specific
code (e.g. different code on Windows vs Linux) and what code
doesn't. IO functions, for example, tend to be platform
specific.
This patch separates out some of the functions which will need
to have platform specific implementations into different headers,
so that we can then provide different implementations for each
platform.
Aside from that, this patch contains no functional change. It
is purely a re-organization.
Patch by Marcos Pividori
Differential Revision: https://reviews.llvm.org/D27230
llvm-svn: 288264
2016-11-30 19:06:14 +00:00
235679181b
[libFuzzer] do not initialize parts of TracePC -- let them be initialized by the linker. Add no-msan attribute to the memcmp hook.
...
llvm-svn: 286665
2016-11-11 23:06:53 +00:00
94c427c23e
[libFuzzer] speculatively trying to fix the Mac build; second attempt
...
llvm-svn: 285262
2016-10-27 00:36:38 +00:00
Kostya Serebryany