| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This test is timing out on Green Dragon http://green.lab.llvm.org/green/job/clang-stage1-cmake-RA-expensive/
and looks like it's not executed on other bots with expensive checks
enabled
http://lab.llvm.org:8011/builders/llvm-clang-x86_64-expensive-checks-ubuntu
http://lab.llvm.org:8011/builders/llvm-clang-x86_64-expensive-checks-win
The test times out at the C++ source file takes too long to build (2+ hours on my machine), as
clang spends a lot of time in IR/MIR verifiers.
Differential Revision: https://reviews.llvm.org/D70024
|
| |
|
|
|
|
| |
Do not add an lld dependency when this target does not exist. In this
case the system installation of lld is used (or whatever is detected
with -fuse-ld=lld by default).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
platforms. Attempt #3.
The main problem here is that `-*-version_min=` was not being passed to
the compiler when building test cases. This can cause problems when
testing on devices running older OSs because Clang would previously
assume the minimum deployment target is the the latest OS in the SDK
which could be much newer than what the device is running.
Previously the generated value looked like this:
`-arch arm64 -isysroot
<path_to_xcode>/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk`
With this change it now looks like:
`-arch arm64 -stdlib=libc++ -miphoneos-version-min=8.0 -isysroot
<path_to_xcode>/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk`
This mirrors the setting of config.target_cflags on macOS.
This change is made for ASan, LibFuzzer, TSan, and UBSan.
To implement this a new `get_test_cflags_for_apple_platform()` function
has been added that when given an Apple platform name and architecture
returns a string containing the C compiler flags to use when building
tests. This also calls a new helper function `is_valid_apple_platform()`
that validates Apple platform names.
This is the third attempt at landing the patch.
The first attempt (r359305) had to be reverted (r359327) due to a buildbot
failure. The problem was that calling `get_test_cflags_for_apple_platform()`
can trigger a CMake error if the provided architecture is not supported by the
current CMake configuration. Previously, this could be triggered by passing
`-DCOMPILER_RT_ENABLE_IOS=OFF` to CMake. The root cause is that we were
generating test configurations for a list of architectures without checking if
the relevant Sanitizer actually supported that architecture. We now intersect
the list of architectures for an Apple platform with
`<SANITIZER>_SUPPORTED_ARCH` (where `<SANITIZER>` is a Sanitizer name) to
iterate through the correct list of architectures.
The second attempt (r363633) had to be reverted (r363779) due to a build
failure. The failed build was using a modified Apple toolchain where the iOS
simulator SDK was missing. This exposed a bug in the existing UBSan test
generation code where it was assumed that `COMPILER_RT_ENABLE_IOS` implied that
the toolchain supported both iOS and the iOS simulator. This is not true. This
has been fixed by using the list `SANITIZER_COMMON_SUPPORTED_OS` for the list
of supported Apple platforms for UBSan. For consistency with the other
Sanitizers we also now intersect the list of architectures with
UBSAN_SUPPORTED_ARCH.
rdar://problem/50124489
Differential Revision: https://reviews.llvm.org/D61242
llvm-svn: 373405
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary: Lazy counters haven't improved performance for large fuzz targets.
Reviewers: kcc
Reviewed By: kcc
Subscribers: llvm-commits
Tags: #llvm
Differential Revision: https://reviews.llvm.org/D67476
llvm-svn: 373403
|
| |
|
|
| |
llvm-svn: 372937
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
The number of features can be different on different platforms.
This should fixed broken builders, e.g.
http://lab.llvm.org:8011/builders/clang-cmake-aarch64-full/builds/7946
Reviewers: Dor1s
Reviewed By: Dor1s
Subscribers: kristof.beyls, delcypher, #sanitizers, llvm-commits
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D67458
llvm-svn: 371647
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This change allows to perform corpus merging in two steps. This is useful when
the user wants to address the following two points simultaneously:
1) Get trustworthy incremental stats for the coverage and corpus size changes
when adding new corpus units.
2) Make sure the shorter units will be preferred when two or more units give the
same unique signal (equivalent to the `REDUCE` logic).
This solution was brainstormed together with @kcc, hopefully it looks good to
the other people too. The proposed use case scenario:
1) We have a `fuzz_target` binary and `existing_corpus` directory.
2) We do fuzzing and write new units into the `new_corpus` directory.
3) We want to merge the new corpus into the existing corpus and satisfy the
points mentioned above.
4) We create an empty directory `merged_corpus` and run the first merge step:
`
./fuzz_target -merge=1 -merge_control_file=MCF ./merged_corpus ./existing_corpus
`
this provides the initial stats for `existing_corpus`, e.g. from the output:
`
MERGE-OUTER: 3 new files with 11 new features added; 11 new coverage edges
`
5) We recreate `merged_corpus` directory and run the second merge step:
`
./fuzz_target -merge=1 -merge_control_file=MCF ./merged_corpus ./existing_corpus ./new_corpus
`
this provides the final stats for the merged corpus, e.g. from the output:
`
MERGE-OUTER: 6 new files with 14 new features added; 14 new coverage edges
`
Alternative solutions to this approach are:
A) Store precise coverage information for every unit (not only unique signal).
B) Execute the same two steps without reusing the control file.
Either of these would be suboptimal as it would impose an extra disk or CPU load
respectively, which is bad given the quadratic complexity in the worst case.
Tested on Linux, Mac, Windows.
Reviewers: morehouse, metzman, hctim, kcc
Reviewed By: morehouse
Subscribers: JDevlieghere, delcypher, mgrang, #sanitizers, llvm-commits, kcc
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D66107
llvm-svn: 371620
|
| |
|
|
|
|
| |
This crashes sporadically on our AArch64 buildbots. Disable for now.
llvm-svn: 366055
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
There's no real reason to use clang-cl on Windows, the clang driver
works just as well. This fixes a test which uses the -O0 flag, which was
recently removed from clang-cl to match MSVC, which lacks this flag.
While I'm here, remove the explicit -std=c++11 flag. Previously, this
flag was necessary when the default C++ standard was C++98. Now that the
default is C++14, this is no longer necessary. It's problematic on
Windows, because the Visual C++ standard library relies on C++14
features, and attempting to compile it with C++11 results in errors.
Rather than adding logic to conditionally set the standard to C++11 only
on non-Win, this flag can be removed.
See http://lab.llvm.org:8011/builders/clang-x64-windows-msvc and
https://reviews.llvm.org/D64506.
Reviewers: morehouse, thakis
Subscribers: #sanitizers, llvm-commits
Tags: #sanitizers, #llvm
Differential Revision: https://reviews.llvm.org/D64587
llvm-svn: 365841
|
| |
|
|
|
|
| |
This reverts commit a2ca358291a3a621bfae66eeb01f51eeb69d2dd4.
llvm-svn: 365375
|
| |
|
|
| |
llvm-svn: 365257
|
| |
|
|
| |
llvm-svn: 365253
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These lit configuration files are really Python source code. Using the
.py file extension helps editors and tools use the correct language
mode. LLVM and Clang already use this convention for lit configuration,
this change simply applies it to all of compiler-rt.
Reviewers: vitalybuka, dberris
Differential Revision: https://reviews.llvm.org/D63658
llvm-svn: 364591
|
| |
|
|
|
|
| |
compiled w/o dfsan to speed things up (~25% speedup)
llvm-svn: 364002
|
| |
|
|
| |
llvm-svn: 363905
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
non-macOS Apple platforms. Attempt #2."
This caused Chromium's clang package to stop building, see comment on
https://reviews.llvm.org/D61242 for details.
> Summary:
> The main problem here is that `-*-version_min=` was not being passed to
> the compiler when building test cases. This can cause problems when
> testing on devices running older OSs because Clang would previously
> assume the minimum deployment target is the the latest OS in the SDK
> which could be much newer than what the device is running.
>
> Previously the generated value looked like this:
>
> `-arch arm64 -isysroot
> <path_to_xcode>/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk`
>
> With this change it now looks like:
>
> `-arch arm64 -stdlib=libc++ -miphoneos-version-min=8.0 -isysroot
> <path_to_xcode>/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk`
>
> This mirrors the setting of `config.target_cflags` on macOS.
>
> This change is made for ASan, LibFuzzer, TSan, and UBSan.
>
> To implement this a new `get_test_cflags_for_apple_platform()` function
> has been added that when given an Apple platform name and architecture
> returns a string containing the C compiler flags to use when building
> tests. This also calls a new helper function `is_valid_apple_platform()`
> that validates Apple platform names.
>
> This is the second attempt at landing the patch. The first attempt (r359305)
> had to be reverted (r359327) due to a buildbot failure. The problem was
> that calling `get_test_cflags_for_apple_platform()` can trigger a CMake
> error if the provided architecture is not supported by the current
> CMake configuration. Previously, this could be triggered by passing
> `-DCOMPILER_RT_ENABLE_IOS=OFF` to CMake. The root cause is that we were
> generating test configurations for a list of architectures without
> checking if the relevant Sanitizer actually supported that architecture.
> We now intersect the list of architectures for an Apple platform
> with `<SANITIZER>_SUPPORTED_ARCH` (where `<SANITIZER>` is a Sanitizer
> name) to iterate through the correct list of architectures.
>
> rdar://problem/50124489
>
> Reviewers: kubamracek, yln, vsk, juliehockett, phosek
>
> Subscribers: mgorny, javed.absar, kristof.beyls, #sanitizers, llvm-commits
>
> Tags: #llvm, #sanitizers
>
> Differential Revision: https://reviews.llvm.org/D61242
llvm-svn: 363779
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
platforms. Attempt #2.
Summary:
The main problem here is that `-*-version_min=` was not being passed to
the compiler when building test cases. This can cause problems when
testing on devices running older OSs because Clang would previously
assume the minimum deployment target is the the latest OS in the SDK
which could be much newer than what the device is running.
Previously the generated value looked like this:
`-arch arm64 -isysroot
<path_to_xcode>/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk`
With this change it now looks like:
`-arch arm64 -stdlib=libc++ -miphoneos-version-min=8.0 -isysroot
<path_to_xcode>/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS12.1.sdk`
This mirrors the setting of `config.target_cflags` on macOS.
This change is made for ASan, LibFuzzer, TSan, and UBSan.
To implement this a new `get_test_cflags_for_apple_platform()` function
has been added that when given an Apple platform name and architecture
returns a string containing the C compiler flags to use when building
tests. This also calls a new helper function `is_valid_apple_platform()`
that validates Apple platform names.
This is the second attempt at landing the patch. The first attempt (r359305)
had to be reverted (r359327) due to a buildbot failure. The problem was
that calling `get_test_cflags_for_apple_platform()` can trigger a CMake
error if the provided architecture is not supported by the current
CMake configuration. Previously, this could be triggered by passing
`-DCOMPILER_RT_ENABLE_IOS=OFF` to CMake. The root cause is that we were
generating test configurations for a list of architectures without
checking if the relevant Sanitizer actually supported that architecture.
We now intersect the list of architectures for an Apple platform
with `<SANITIZER>_SUPPORTED_ARCH` (where `<SANITIZER>` is a Sanitizer
name) to iterate through the correct list of architectures.
rdar://problem/50124489
Reviewers: kubamracek, yln, vsk, juliehockett, phosek
Subscribers: mgorny, javed.absar, kristof.beyls, #sanitizers, llvm-commits
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D61242
llvm-svn: 363633
|
| |
|
|
|
|
| |
-stop_file to allow graceful shutdown of fuzzing. Enhance the logging in the fork mode
llvm-svn: 363470
|
| |
|
|
|
|
| |
mode that traces up to 16 labels at a time and never runs out of labels. Second attempt. This time with a fix for windows (putenv instead of setenv))
llvm-svn: 363445
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Some custom mutators may not peform well when size restriction is
enforced by len_control. Because of that, it's safer to disable len_control
by default in such cases, but still allow users to enable it manually.
Bug example: https://bugs.chromium.org/p/chromium/issues/detail?id=919530.
Tested manually with LPM-based and regular fuzz targets.
Reviewers: kcc, vitalybuka, metzman
Reviewed By: kcc, metzman
Subscribers: delcypher, #sanitizers, llvm-commits
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D63334
llvm-svn: 363443
|
| |
|
|
|
|
|
|
|
|
|
|
| |
faster DFSan mode that traces up to 16 labels at a time and never runs out of labels."
It broke the Windows build:
C:\b\s\w\ir\cache\builder\src\third_party\llvm\compiler-rt\lib\fuzzer\FuzzerDataFlowTrace.cpp(243): error C3861: 'setenv': identifier not found
This also reverts the follow-up r363327.
llvm-svn: 363358
|
| |
|
|
| |
llvm-svn: 363327
|
| |
|
|
|
|
| |
mode that traces up to 16 labels at a time and never runs out of labels.
llvm-svn: 363326
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This class is useful for writing fuzz target that have multiple inputs.
Current CL imports the existing `FuzzedDataProvider` from Chromium
without any modifications. Feel free to review it thoroughly, if you're
interested, but I'd prefer changing the class in a follow up CL.
The CL also introduces an exhaustive test for the library, as the behavior
of `FuzzedDataProvider` must not change over time.
In follow up CLs I'm planning on changing some implementation details
(I can share a doc with some comments to be addressed). After that, we
will document how `FuzzedDataProvider` should be used.
I have tested this on Linux, Windows and Mac platforms.
Reviewers: morehouse, metzman, kcc
Reviewed By: morehouse
Subscribers: metzman, thakis, rnk, mgorny, ormris, delcypher, #sanitizers, llvm-commits
Tags: #llvm, #sanitizers
Differential Revision: https://reviews.llvm.org/D62733
llvm-svn: 363071
|
| |
|
|
|
|
| |
present in the corpus
llvm-svn: 361579
|
| |
|
|
|
|
| |
functionality is now part of libFuzzer proper; also write functions.txt to the disk only if this file doesn't exist yet
llvm-svn: 361452
|
| |
|
|
|
|
| |
if -collect_data_flow= is given
llvm-svn: 361448
|
| |
|
|
|
|
| |
Ensure that log file has been fully updated before trying to read it.
llvm-svn: 361339
|
| |
|
|
|
|
| |
Ensures that parent and all child processes are killed at once.
llvm-svn: 361336
|
| |
|
|
|
|
|
| |
If process $PID has already exited, wait will give a non-zero exit
status.
llvm-svn: 361326
|
| |
|
|
|
|
| |
Double the number of files to merge, and use wait instead of sleep.
llvm-svn: 361313
|
| |
|
|
|
|
| |
Test fails on the clang-cmake-aarch64-lld build and I'm not sure why.
llvm-svn: 361185
|
| |
|
|
|
|
| |
Should help with debugging failures on the bots.
llvm-svn: 361070
|
| |
|
|
|
|
|
|
| |
ShallowOOMDeepCrash.cpp may hit libFuzzer's RSS limit before the SIGUSR2
is delivered, causing the test to be flaky when bots are under load.
SleepOneSecondTest.cpp will keep running until the signal is delivered.
llvm-svn: 361048
|
| |
|
|
|
|
| |
Make buildbot green while I rethink the test.
llvm-svn: 360914
|
| |
|
|
|
|
|
| |
Test is flaky on buildbot at least partially due to the fuzz target not
exiting before we read its output.
llvm-svn: 360848
|
| |
|
|
| |
llvm-svn: 360840
|
| |
|
|
| |
llvm-svn: 360836
|
| |
|
|
|
|
|
|
| |
pkill reads the process name as a pattern, not a raw name. This means
that if the process name contains + or other regex characters, pkill
fails.
llvm-svn: 360835
|
| |
|
|
|
|
| |
Improves debuggability when the fuzz target crashes.
llvm-svn: 360824
|
| |
|
|
|
|
| |
don't need external python scripts
llvm-svn: 360712
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
Fixes an MSan false positive when compiling with
-fsanitize=memory,fuzzer.
See https://github.com/google/oss-fuzz/issues/2369 for more details.
Reviewers: kcc
Reviewed By: kcc
Subscribers: llvm-commits, metzman, eugenis
Tags: #llvm
Differential Revision: https://reviews.llvm.org/D61753
llvm-svn: 360390
|
| |
|
|
| |
llvm-svn: 360385
|
| |
|
|
| |
llvm-svn: 360378
|
| |
|
|
| |
llvm-svn: 360372
|
| |
|
|
|
|
| |
instrumented blocks in a function; update merge_data_flow.py to merge coverage
llvm-svn: 360272
|
| |
|
|
|
|
| |
hopefully fix it on the bot
llvm-svn: 360215
|
| |
|
|
|
|
| |
for every input. An extended test coming in a separte change.
llvm-svn: 360213
|
