summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer/FuzzerTracePC.cpp
Commit message (Collapse)AuthorAgeFilesLines
* [libFuzzer] Delete llvm/lib/FuzzerVitaly Buka2017-10-161-583/+0
| | | | | | | | | | | | Summary: Code is already in compiler-rt Reviewers: kcc Subscribers: krytarowski, llvm-commits, hiraditya Differential Revision: https://reviews.llvm.org/D38912 llvm-svn: 315937
* [SanitizerCoverage] Add stack depth tracing instrumentation.Matt Morehouse2017-08-181-2/+11
| | | | | | | | | | | | | | | | | | | | | | Summary: Augment SanitizerCoverage to insert maximum stack depth tracing for use by libFuzzer. The new instrumentation is enabled by the flag -fsanitize-coverage=stack-depth and is compatible with the existing trace-pc-guard coverage. The user must also declare the following global variable in their code: thread_local uintptr_t __sancov_lowest_stack https://bugs.llvm.org/show_bug.cgi?id=33857 Reviewers: vitalybuka, kcc Reviewed By: vitalybuka Subscribers: kubamracek, hiraditya, cfe-commits, llvm-commits Differential Revision: https://reviews.llvm.org/D36839 llvm-svn: 311186
* [libFuzzer] experimental support for Clang's coverage ↵Kostya Serebryany2017-08-111-6/+14
| | | | | | (fprofile-instr-generate), Linux-only llvm-svn: 310771
* [libFuzzer] Update LibFuzzer w.r.t. the new comparisons instrumentation APIAlexander Potapenko2017-08-101-0/+35
| | | | | | | | | | Added the _sanitizer_cov_trace_const_cmp[1248] callbacks. For now they are implemented the same way as _sanitizer_cov_trace_cmp[1248]. For more details, please see https://reviews.llvm.org/D36465. Patch by Victor Chibotaru. llvm-svn: 310592
* [libFuzzer] simplify code, NFCKostya Serebryany2017-08-081-7/+4
| | | | llvm-svn: 310326
* [libFuzzer] remove stale codeKostya Serebryany2017-08-081-2/+0
| | | | llvm-svn: 310325
* [libFuzzer] simplify the implementation of -print_coverage=1Kostya Serebryany2017-08-081-96/+65
| | | | llvm-svn: 310324
* [libFuzzer] print PCs using the in-binary PC-table instead of relying on PCs ↵Kostya Serebryany2017-08-041-15/+36
| | | | | | captured at run-time llvm-svn: 310148
* [libFuzzer] enable -fsanitize-coverage=pc-table for all testsKostya Serebryany2017-08-011-8/+18
| | | | llvm-svn: 309646
* [libFuzzer] implement __sanitizer_cov_pcs_init and add pc-table to build ↵Kostya Serebryany2017-07-311-5/+26
| | | | | | flags for one test (for now) llvm-svn: 309615
* [libFuzzer] improve support for inline-8bit-counters (make it more correct ↵Kostya Serebryany2017-07-281-0/+12
| | | | | | and faster) llvm-svn: 309443
* [libFuzzer] prototype implementation of recursion-depth coverage features ↵Kostya Serebryany2017-07-201-0/+2
| | | | | | (commented out; real implementation needs to use inlined instrumentation) llvm-svn: 308577
* [libFuzzer] simplify the handling of memmem/strstrKostya Serebryany2017-07-141-0/+23
| | | | llvm-svn: 307977
* [libFuzzer] move code around; NFCKostya Serebryany2017-07-131-0/+60
| | | | llvm-svn: 307973
* [libFuzzer] initial support of -fsanitize-coverage=inline-8bit-counters in ↵Kostya Serebryany2017-06-131-0/+23
| | | | | | libFuzzer. This is not fully functional yet, but simple tests work llvm-svn: 305331
* Sort the remaining #include lines in include/... and lib/....Chandler Carruth2017-06-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | I did this a long time ago with a janky python script, but now clang-format has built-in support for this. I fed clang-format every line with a #include and let it re-sort things according to the precise LLVM rules for include ordering baked into clang-format these days. I've reverted a number of files where the results of sorting includes isn't healthy. Either places where we have legacy code relying on particular include ordering (where possible, I'll fix these separately) or where we have particular formatting around #include lines that I didn't want to disturb in this patch. This patch is *entirely* mechanical. If you get merge conflicts or anything, just ignore the changes in this patch and run clang-format over your #include lines in the files. Sorry for any noise here, but it is important to keep these things stable. I was seeing an increasing number of patches with irrelevant re-ordering of #include lines because clang-format was used. This patch at least isolates that churn, makes it easy to skip when resolving conflicts, and gets us to a clean baseline (again). llvm-svn: 304787
* [libFuzzer] best effort support for -fsanitize-coverage=trace-pc ↵Kostya Serebryany2017-03-301-0/+11
| | | | | | instrumentation. It is less efficient and precise than -fsanitize-coverage=trace-pc-guard, but still works llvm-svn: 299046
* [libFuzzer] create experimental support for user-provided coverage signalKostya Serebryany2017-03-231-1/+1
| | | | llvm-svn: 298654
* [libFuzzer] inline the code of __sanitizer_cov_trace_pc_guard into itKostya Serebryany2017-03-171-8/+3
| | | | llvm-svn: 298032
* [libFuzzer] Use stoull instead of stol to ensure 64 bits.Marcos Pividori2017-02-101-2/+2
| | | | | | Differential revision: https://reviews.llvm.org/D29831 llvm-svn: 294769
* [libFuzzer] Use long long to ensure 64 bits.Marcos Pividori2017-02-081-1/+1
| | | | | | | | | | We should always use unsigned long long to ensure 64 bits. On Windows, unsigned long is 4 bytes. This was the reason why value-profile-cmp4.test was failing on Windows. Differential Revision: https://reviews.llvm.org/D29617 llvm-svn: 294390
* [libFuzzer] properly hide the memcmp interceptor from msanKostya Serebryany2017-02-031-1/+1
| | | | llvm-svn: 294061
* [libfuzzer] chromium-related compilation fixesMike Aizatsky2017-02-031-2/+4
| | | | | | | | Reviewers: kcc Differential Revision: https://reviews.llvm.org/D29502 llvm-svn: 294035
* [libFuzzer] reorganize the tracing code to make it easier to experiment with ↵Kostya Serebryany2017-02-021-14/+30
| | | | | | inlined coverage instrumentation. NFC llvm-svn: 293928
* [libFuzzer] simplify the value profiling callback further: don't use (idx ↵Kostya Serebryany2017-01-271-1/+1
| | | | | | MOD prime) on the hot path where it is useless anyway llvm-svn: 293239
* [libFuzzer] make sure (again) that __builtin_popcountl is compiled into popcntKostya Serebryany2017-01-271-0/+8
| | | | llvm-svn: 293237
* [libFuzzer] simplify the value profile code and disable asan/msan on itKostya Serebryany2017-01-271-4/+15
| | | | llvm-svn: 293236
* [libFuzzer] further simplify __sanitizer_cov_trace_pc_guardKostya Serebryany2017-01-261-2/+2
| | | | llvm-svn: 293128
* [libFuzzer] simplify the code for __sanitizer_cov_trace_pc_guard and make ↵Kostya Serebryany2017-01-261-4/+13
| | | | | | sure it is not asan/msan-instrumented llvm-svn: 293125
* [libFuzzer] don't call GetPreviousInstructionPc on the hot path -- only when ↵Kostya Serebryany2017-01-261-18/+22
| | | | | | dumping the PCs llvm-svn: 293117
* [libFuzzer] make sure we use the feedback from std::string operator ==Kostya Serebryany2017-01-231-1/+4
| | | | llvm-svn: 292835
* [libFuzzer] Portably disassemble and find calls to sanitizer_cov_trace_pc_guard.Marcos Pividori2017-01-221-2/+7
| | | | | | | | | | Instead of directly using objdump, which is not present on Windows, we consider different tools depending on the platform. For Windows, we consider dumpbin and llvm-objdump. Differential Revision: https://reviews.llvm.org/D28635 llvm-svn: 292739
* [libFuzzer] Portable implementation of `IsInterestingCoverageFile()`.Marcos Pividori2017-01-221-12/+0
| | | | | | | | For Posix systems and Windows, we need to consider different cases. Differential Revision: https://reviews.llvm.org/D28633 llvm-svn: 292738
* [libFuzzer] Expose Sanitizer Coverage functions from libFuzzer.Marcos Pividori2017-01-221-12/+16
| | | | | | | | | We need to expose Sanitizer Coverage's functions that are rewritten with a different implementation, so compiler-rt's libraries have access to it. Differential Revision: https://reviews.llvm.org/D28618 llvm-svn: 292736
* [libFuzzer] fix gcc buildKostya Serebryany2017-01-211-1/+0
| | | | llvm-svn: 292695
* [libFuzzer] call __sanitizer_dump_coverage via EFKostya Serebryany2017-01-201-1/+2
| | | | llvm-svn: 292681
* [libfuzzer] fixing collected pc addresses for coverageMike Aizatsky2017-01-171-17/+26
| | | | | | | | | | | | Summary: The causes google/ossfuzz#84 Reviewers: kcc Subscribers: mgorny Differential Revision: https://reviews.llvm.org/D28827 llvm-svn: 292289
* [libFuzzer] use table of recent compares for memcmp/strcmp (to unify the ↵Kostya Serebryany2017-01-171-25/+14
| | | | | | code between cmp and memcmp handling) llvm-svn: 292287
* [libFuzzer] disable -print_pcs by default (was enabled by mistake)Kostya Serebryany2017-01-031-0/+2
| | | | llvm-svn: 290899
* [libFuzzer] cleaner implementation of -print_pcs=1Kostya Serebryany2016-12-301-7/+12
| | | | llvm-svn: 290739
* [libFuzzer] make __sanitizer_cov_trace_switch more predictableKostya Serebryany2016-12-291-22/+17
| | | | llvm-svn: 290703
* [libfuzzer] dump_coverage command line flagMike Aizatsky2016-12-191-0/+5
| | | | | | | | Reviewers: kcc, vitalybuka Differential Revision: https://reviews.llvm.org/D27942 llvm-svn: 290138
* [libFuzzer] speed up __sanitizer_cov_trace_switch a bit more (remove DIV)Kostya Serebryany2016-12-171-1/+11
| | | | llvm-svn: 290034
* [libFuzzer] when tracing switch statements, handle only one case at a time ↵Kostya Serebryany2016-12-171-3/+13
| | | | | | (to make things faster). Also ensure that the signals from value profile do not intersect with the regular coverage llvm-svn: 290031
* [libFuzzer] avoid msan false positives in more casesKostya Serebryany2016-12-161-6/+2
| | | | llvm-svn: 289999
* [libFuzzer] disable msan for one more hook that reads target's data that ↵Kostya Serebryany2016-12-141-0/+3
| | | | | | might be uninitialized llvm-svn: 289680
* [libFuzzer] use __sanitizer_get_module_and_offset_for_pc to get the module ↵Kostya Serebryany2016-12-101-7/+12
| | | | | | name while printing the coverage llvm-svn: 289310
* [libFuzzer] refactor the code to allow collecting features in different ↵Kostya Serebryany2016-12-051-35/+0
| | | | | | ways. Also initialize a couple of Fuzzer:: members that might have been used uninitialized :( llvm-svn: 288731
* [libFuzzer] extend -print_coverage to print the comma-separated list of ↵Kostya Serebryany2016-11-301-1/+11
| | | | | | covered dirs. Note: the Windows stub for DirName is left unimplemented llvm-svn: 288276
* [LibFuzzer] Split up some functions among different headers.Zachary Turner2016-11-301-4/+4
| | | | | | | | | | | | | | | | | | | | | In an effort to get libfuzzer working on Windows, we need to make a distinction between what functions require platform specific code (e.g. different code on Windows vs Linux) and what code doesn't. IO functions, for example, tend to be platform specific. This patch separates out some of the functions which will need to have platform specific implementations into different headers, so that we can then provide different implementations for each platform. Aside from that, this patch contains no functional change. It is purely a re-organization. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27230 llvm-svn: 288264
OpenPOWER on IntegriCloud