1
0
mirror of https://github.com/RPCS3/llvm-mirror.git synced 2024-11-25 04:02:41 +01:00
Commit Graph

754 Commits

Author SHA1 Message Date
Vitaly Buka
0d2cb47e64 [libFuzzer] Delete llvm/lib/Fuzzer
Summary: Code is already in compiler-rt

Reviewers: kcc

Subscribers: krytarowski, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D38912

llvm-svn: 315937
2017-10-16 20:48:19 +00:00
Tim Shen
8fdf405e3b [FuzzerUtil] Partially revert D38481 on FuzzerUtil
This is because lib/Fuzzer doesn't really depend on llvm infrastucture.
It's not easy to access the llvm hardware_concurrency here.

Differential Reivision: https://reviews.llvm.org/D38481

llvm-svn: 314870
2017-10-04 01:05:34 +00:00
Rafael Espindola
129f5a2768 Use sched_getaffinity instead of std:🧵:hardware_concurrency.
The issue with std:🧵:hardware_concurrency is that it forwards
to libc and some implementations (like glibc) don't take thread
affinity into consideration.

With this change a llvm program that can execute in only 2 cores will
use 2 threads, even if the machine has 32 cores.

This makes benchmarking a lot easier, but should also help if someone
doesn't want to use all cores for compilation for example.

llvm-svn: 314809
2017-10-03 16:25:15 +00:00
George Karpenkov
c42d7fd6e2 Moving libFuzzer from LLVM to compiler-rt.
This change only removes libFuzzer tests and CMake machinery,
the source copy temporarily remains at the old location.

Differential Revision: https://reviews.llvm.org/D36980

llvm-svn: 311405
2017-08-21 23:25:12 +00:00
George Karpenkov
932ef24e95 Always compile libFuzzer with no coverage
Do not compile libFuzzer itself with coverage, regardless of LLVM variables

Differential Revision: https://reviews.llvm.org/D36887

llvm-svn: 311374
2017-08-21 20:12:58 +00:00
Kuba Mracek
461c2e711a Get rid of even more "%T" expansions, see <https://reviews.llvm.org/D35396>.
llvm-svn: 311294
2017-08-20 17:05:22 +00:00
Matt Morehouse
38756d86aa [SanitizerCoverage] Add stack depth tracing instrumentation.
Summary:
Augment SanitizerCoverage to insert maximum stack depth tracing for
use by libFuzzer.  The new instrumentation is enabled by the flag
-fsanitize-coverage=stack-depth and is compatible with the existing
trace-pc-guard coverage.  The user must also declare the following
global variable in their code:
  thread_local uintptr_t __sancov_lowest_stack

https://bugs.llvm.org/show_bug.cgi?id=33857

Reviewers: vitalybuka, kcc

Reviewed By: vitalybuka

Subscribers: kubamracek, hiraditya, cfe-commits, llvm-commits

Differential Revision: https://reviews.llvm.org/D36839

llvm-svn: 311186
2017-08-18 18:43:30 +00:00
Petr Hosek
2139b710bd [CMake] Add install target for LLVMFuzzer
This allows including LLVMFuzzer as distribution component.

Differential Revision: https://reviews.llvm.org/D36540

llvm-svn: 310897
2017-08-14 23:37:31 +00:00
Kostya Serebryany
1b05ee2bf2 [libFuzzer] try to use less RAM while processing the initial corpus
llvm-svn: 310881
2017-08-14 20:34:35 +00:00
Kostya Serebryany
1fe69e2954 [libFuzzer] explicitly use -fsanitize-coverage=trace-pc-guard in test/dump_coverage.test; mark print_coverage/dump_coverage as To-be-deprecated
llvm-svn: 310877
2017-08-14 19:55:23 +00:00
Kostya Serebryany
a2bcec7132 [libFuzzer] experimental support for Clang's coverage (fprofile-instr-generate), Linux-only
llvm-svn: 310771
2017-08-11 23:03:22 +00:00
George Karpenkov
dd6730b275 [libFuzzer] Re-enable coverage.test on Darwin.
llvm-svn: 310750
2017-08-11 20:30:52 +00:00
Alexander Potapenko
11dfd067f6 [libFuzzer] Update LibFuzzer w.r.t. the new comparisons instrumentation API
Added the _sanitizer_cov_trace_const_cmp[1248] callbacks.
For now they are implemented the same way as _sanitizer_cov_trace_cmp[1248].
For more details, please see https://reviews.llvm.org/D36465.

Patch by Victor Chibotaru.

llvm-svn: 310592
2017-08-10 14:01:45 +00:00
Kostya Serebryany
44a45ec57c [libFuzzer] simplify code, NFC
llvm-svn: 310326
2017-08-08 00:17:20 +00:00
Kostya Serebryany
1e78953438 [libFuzzer] remove stale code
llvm-svn: 310325
2017-08-08 00:14:49 +00:00
Kostya Serebryany
7c5009600e [libFuzzer] simplify the implementation of -print_coverage=1
llvm-svn: 310324
2017-08-08 00:12:09 +00:00
George Karpenkov
bafcff4bfa Do not instrument libFuzzer itself when built with -DLLVM_USE_SANITIZE_COVERAGE
Fixes regression from https://reviews.llvm.org/D36295

Differential Revision: https://reviews.llvm.org/D36428

llvm-svn: 310305
2017-08-07 20:56:11 +00:00
Kostya Serebryany
611872e92b [libFuzzer] use the in-binary pc table (instead of PCs captured at run-time) to implement -exit_on_src_pos
llvm-svn: 310151
2017-08-04 23:49:53 +00:00
Kostya Serebryany
8a7d3f0c48 [libFuzzer] print PCs using the in-binary PC-table instead of relying on PCs captured at run-time
llvm-svn: 310148
2017-08-04 23:13:58 +00:00
Kostya Serebryany
8d2f9dcb82 [libFuzzer] re-enable fuzzer-printcovpcs.test
llvm-svn: 310126
2017-08-04 20:47:22 +00:00
Kostya Serebryany
196da07da0 [libFuzzer] make a test more robust
llvm-svn: 310113
2017-08-04 20:09:15 +00:00
Kostya Serebryany
2159f7f15d [libFuzzer] remove the now redundant 'LLVMFuzzer-' prefix from libFuzzer tests
llvm-svn: 310110
2017-08-04 20:05:25 +00:00
Kostya Serebryany
9cb37f0db2 [libFuzzer] split one test into several
llvm-svn: 310106
2017-08-04 20:01:04 +00:00
George Karpenkov
fc2861a8a6 [libFuzzer tests] Only enable libFuzzer tests if
-DLIBFUZZER_ENABLE_TESTS=ON is set.

llvm-svn: 310100
2017-08-04 19:29:16 +00:00
Kostya Serebryany
6e37795482 [libFuzzer] make trace-pc.test more reliable
llvm-svn: 310091
2017-08-04 18:43:39 +00:00
George Karpenkov
3c817816f0 Fixing buildbots: do not register check-fuzzer if clang or asan are not
present.

llvm-svn: 310077
2017-08-04 17:43:29 +00:00
George Karpenkov
9f35a83dd0 Drop Windows support from libFuzzer tests.
Differential Revision: https://reviews.llvm.org/D36205

llvm-svn: 310076
2017-08-04 17:43:28 +00:00
George Karpenkov
3dd8ddb890 Port libFuzzer tests to LIT. Do not require two-stage build for check-fuzzer.
This revision ports all libFuzzer tests apart from the unittest to LIT.
The advantages of doing so include:

 - Tests being self-contained
 - Much easier debugging of a single test
 - No need for using a two-stage compilation

The unit-test is still compiled using CMake, but it does not need a
freshly built compiler.

NOTE: The previous two-stage bot configuration will NOT work, as in the
second stage build LLVM_USE_SANITIZER is set, which disables ASAN from
being built.
Thus bots will be reconfigured in the next few commits.

Differential Revision: https://reviews.llvm.org/D36295

llvm-svn: 310075
2017-08-04 17:19:45 +00:00
George Karpenkov
456e82a17f Disable libFuzzer tests on Windows
Differential Revision: https://reviews.llvm.org/D36297

llvm-svn: 310009
2017-08-04 00:26:12 +00:00
George Karpenkov
1070fdcf79 [libFuzzer] Un-reverting change in tests after fixing the failure on Linux.
Differential Revision: https://reviews.llvm.org/D36242

llvm-svn: 309982
2017-08-03 20:28:16 +00:00
George Karpenkov
b4b6297ed7 Revert "[libFuzzer tests] Use substring comparison in libFuzzer tests"
This reverts commit 3592d8049660dcdd07f7c2e797f2de9790f93111.

Breaks the bots, reverting for now.

llvm-svn: 309899
2017-08-02 23:09:57 +00:00
George Karpenkov
af8c691e9b [libFuzzer tests] Use substring comparison in libFuzzer tests
LIT launches executables with absolute, and not relative, path.
strncmp would try to do exact comparison and fail.

Differential Revision: https://reviews.llvm.org/D36242

llvm-svn: 309889
2017-08-02 21:38:50 +00:00
Kostya Serebryany
d056e401d1 [libFuzzer] temporarty remove pc-tables and disable test/fuzzer-printcovpcs.test until this can be fixed on Windows
llvm-svn: 309716
2017-08-01 18:02:19 +00:00
Kostya Serebryany
66066b6fb8 [libFuzzer] implement more correct way of computing feature index for Inline8bitCounters
llvm-svn: 309647
2017-08-01 01:16:26 +00:00
Kostya Serebryany
cdca55c896 [libFuzzer] enable -fsanitize-coverage=pc-table for all tests
llvm-svn: 309646
2017-08-01 00:48:44 +00:00
Kostya Serebryany
56717948c7 [libFuzzer] implement __sanitizer_cov_pcs_init and add pc-table to build flags for one test (for now)
llvm-svn: 309615
2017-07-31 20:20:59 +00:00
Kostya Serebryany
0b6cd623bd [libFuzzer] improve support for inline-8bit-counters (make it more correct and faster)
llvm-svn: 309443
2017-07-28 22:00:56 +00:00
Kostya Serebryany
68381b63b8 [libFuzzer] don't disable msan for TracePC::CollectFeatures: this started to cause false positives in msan. No tests for libFuzzer+msan yet -- tests will need to wait until we move libFuzzer to compiler-rt
llvm-svn: 309038
2017-07-25 22:05:31 +00:00
Kostya Serebryany
b2de8fb7b9 [libFuzzer] make one test faster, fix compiler warnings in tests
llvm-svn: 308945
2017-07-25 02:09:46 +00:00
George Karpenkov
f437c5c0ea Revert "Revert "[libFuzzer] Add a dependency on symbolizer from libFuzzer tests""
This reverts commit 15425f2bc6eac6249ee957a2a280511306c07547.

Should work now that atos is a default symbolizer on Darwin.

llvm-svn: 308910
2017-07-24 18:38:14 +00:00
Kostya Serebryany
2634a37d75 [libFuzzer] reimplement experimental_len_control=1: bump the temporary max_len every time we failed to find new coverage during the last 1000 runs and 1 second. Also fix FileToVector to not load unfinished files
llvm-svn: 308811
2017-07-22 00:10:29 +00:00
Matt Morehouse
8883497952 Generate error reports when a fuzz target exits.
Summary:
Implements https://github.com/google/sanitizers/issues/835.

Flush stdout before exiting in test cases.

Since the atexit hook is used for exit reports, pending prints to
stdout can be lost if they aren't flushed before calling exit().

Expect tests to have non-zero exit code if exit() is called.

Reviewers: vitalybuka, kcc

Reviewed By: kcc

Subscribers: eraman, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D35602

llvm-svn: 308669
2017-07-20 20:43:39 +00:00
Kostya Serebryany
cc67440948 [libFuzzer] delete stale code
llvm-svn: 308663
2017-07-20 20:15:13 +00:00
Kostya Serebryany
bbaa26af71 [libFuzzer] make sure CheckExitOnSrcPosOrItem is called after the new input is saved to the corpus
llvm-svn: 308653
2017-07-20 18:53:25 +00:00
Kostya Serebryany
de5f18254f [libFuzzer] prototype implementation of recursion-depth coverage features (commented out; real implementation needs to use inlined instrumentation)
llvm-svn: 308577
2017-07-20 01:35:17 +00:00
Kostya Serebryany
ba325f3855 [libFuzzer] add DeepRecursionTest, inspired by https://guidovranken.wordpress.com/2017/07/08/libfuzzer-gv-new-techniques-for-dramatically-faster-fuzzing/ (Stack-depth-guided fuzzing). libFuzzer does not solve it yet.
llvm-svn: 308571
2017-07-20 00:37:08 +00:00
Reid Kleckner
a40b249e42 Try to deflake fuzzer-oom.test on Windows
llvm-svn: 308568
2017-07-20 00:11:39 +00:00
Kostya Serebryany
d82115a678 [libFuzzer] simplify two more tests
llvm-svn: 308560
2017-07-19 23:52:54 +00:00
Kostya Serebryany
0c59ac7af0 [libFuzzer] change several tests to not limit the max len: with reduce_inputs=1 they are now fast enough even w/o this
llvm-svn: 308553
2017-07-19 23:45:46 +00:00
Reid Kleckner
e52092d1ed Fix fuzzer-flags.test on Windows
The optional external function callbacks have to be exported in order
for them to be called. The test was failing because libFuzzer wasn't
calling LLVMFuzzerInitialize.

We can reconsider if this is the best way to mark these optional
callbacks exported later.

llvm-svn: 308548
2017-07-19 23:22:06 +00:00