aboutsummaryrefslogtreecommitdiff
path: root/llvm/lib/Fuzzer/FuzzerTracePC.cpp
AgeCommit message (Collapse)AuthorFilesLines
2017-10-16[libFuzzer] Delete llvm/lib/FuzzerVitaly Buka1-583/+0
Summary: Code is already in compiler-rt Reviewers: kcc Subscribers: krytarowski, llvm-commits, hiraditya Differential Revision: https://reviews.llvm.org/D38912 llvm-svn: 315937
2017-08-18[SanitizerCoverage] Add stack depth tracing instrumentation.Matt Morehouse1-2/+11
Summary: Augment SanitizerCoverage to insert maximum stack depth tracing for use by libFuzzer. The new instrumentation is enabled by the flag -fsanitize-coverage=stack-depth and is compatible with the existing trace-pc-guard coverage. The user must also declare the following global variable in their code: thread_local uintptr_t __sancov_lowest_stack https://bugs.llvm.org/show_bug.cgi?id=33857 Reviewers: vitalybuka, kcc Reviewed By: vitalybuka Subscribers: kubamracek, hiraditya, cfe-commits, llvm-commits Differential Revision: https://reviews.llvm.org/D36839 llvm-svn: 311186
2017-08-11[libFuzzer] experimental support for Clang's coverage ↵Kostya Serebryany1-6/+14
(fprofile-instr-generate), Linux-only llvm-svn: 310771
2017-08-10[libFuzzer] Update LibFuzzer w.r.t. the new comparisons instrumentation APIAlexander Potapenko1-0/+35
Added the _sanitizer_cov_trace_const_cmp[1248] callbacks. For now they are implemented the same way as _sanitizer_cov_trace_cmp[1248]. For more details, please see https://reviews.llvm.org/D36465. Patch by Victor Chibotaru. llvm-svn: 310592
2017-08-08[libFuzzer] simplify code, NFCKostya Serebryany1-7/+4
llvm-svn: 310326
2017-08-08[libFuzzer] remove stale codeKostya Serebryany1-2/+0
llvm-svn: 310325
2017-08-08[libFuzzer] simplify the implementation of -print_coverage=1Kostya Serebryany1-96/+65
llvm-svn: 310324
2017-08-04[libFuzzer] print PCs using the in-binary PC-table instead of relying on PCs ↵Kostya Serebryany1-15/+36
captured at run-time llvm-svn: 310148
2017-08-01[libFuzzer] enable -fsanitize-coverage=pc-table for all testsKostya Serebryany1-8/+18
llvm-svn: 309646
2017-07-31[libFuzzer] implement __sanitizer_cov_pcs_init and add pc-table to build ↵Kostya Serebryany1-5/+26
flags for one test (for now) llvm-svn: 309615
2017-07-28[libFuzzer] improve support for inline-8bit-counters (make it more correct ↵Kostya Serebryany1-0/+12
and faster) llvm-svn: 309443
2017-07-20[libFuzzer] prototype implementation of recursion-depth coverage features ↵Kostya Serebryany1-0/+2
(commented out; real implementation needs to use inlined instrumentation) llvm-svn: 308577
2017-07-14[libFuzzer] simplify the handling of memmem/strstrKostya Serebryany1-0/+23
llvm-svn: 307977
2017-07-13[libFuzzer] move code around; NFCKostya Serebryany1-0/+60
llvm-svn: 307973
2017-06-13[libFuzzer] initial support of -fsanitize-coverage=inline-8bit-counters in ↵Kostya Serebryany1-0/+23
libFuzzer. This is not fully functional yet, but simple tests work llvm-svn: 305331
2017-06-06Sort the remaining #include lines in include/... and lib/....Chandler Carruth1-1/+1
I did this a long time ago with a janky python script, but now clang-format has built-in support for this. I fed clang-format every line with a #include and let it re-sort things according to the precise LLVM rules for include ordering baked into clang-format these days. I've reverted a number of files where the results of sorting includes isn't healthy. Either places where we have legacy code relying on particular include ordering (where possible, I'll fix these separately) or where we have particular formatting around #include lines that I didn't want to disturb in this patch. This patch is *entirely* mechanical. If you get merge conflicts or anything, just ignore the changes in this patch and run clang-format over your #include lines in the files. Sorry for any noise here, but it is important to keep these things stable. I was seeing an increasing number of patches with irrelevant re-ordering of #include lines because clang-format was used. This patch at least isolates that churn, makes it easy to skip when resolving conflicts, and gets us to a clean baseline (again). llvm-svn: 304787
2017-03-30[libFuzzer] best effort support for -fsanitize-coverage=trace-pc ↵Kostya Serebryany1-0/+11
instrumentation. It is less efficient and precise than -fsanitize-coverage=trace-pc-guard, but still works llvm-svn: 299046
2017-03-23[libFuzzer] create experimental support for user-provided coverage signalKostya Serebryany1-1/+1
llvm-svn: 298654
2017-03-17[libFuzzer] inline the code of __sanitizer_cov_trace_pc_guard into itKostya Serebryany1-8/+3
llvm-svn: 298032
2017-02-10[libFuzzer] Use stoull instead of stol to ensure 64 bits.Marcos Pividori1-2/+2
Differential revision: https://reviews.llvm.org/D29831 llvm-svn: 294769
2017-02-08[libFuzzer] Use long long to ensure 64 bits.Marcos Pividori1-1/+1
We should always use unsigned long long to ensure 64 bits. On Windows, unsigned long is 4 bytes. This was the reason why value-profile-cmp4.test was failing on Windows. Differential Revision: https://reviews.llvm.org/D29617 llvm-svn: 294390
2017-02-03[libFuzzer] properly hide the memcmp interceptor from msanKostya Serebryany1-1/+1
llvm-svn: 294061
2017-02-03[libfuzzer] chromium-related compilation fixesMike Aizatsky1-2/+4
Reviewers: kcc Differential Revision: https://reviews.llvm.org/D29502 llvm-svn: 294035
2017-02-02[libFuzzer] reorganize the tracing code to make it easier to experiment with ↵Kostya Serebryany1-14/+30
inlined coverage instrumentation. NFC llvm-svn: 293928
2017-01-27[libFuzzer] simplify the value profiling callback further: don't use (idx ↵Kostya Serebryany1-1/+1
MOD prime) on the hot path where it is useless anyway llvm-svn: 293239
2017-01-27[libFuzzer] make sure (again) that __builtin_popcountl is compiled into popcntKostya Serebryany1-0/+8
llvm-svn: 293237
2017-01-27[libFuzzer] simplify the value profile code and disable asan/msan on itKostya Serebryany1-4/+15
llvm-svn: 293236
2017-01-26[libFuzzer] further simplify __sanitizer_cov_trace_pc_guardKostya Serebryany1-2/+2
llvm-svn: 293128
2017-01-26[libFuzzer] simplify the code for __sanitizer_cov_trace_pc_guard and make ↵Kostya Serebryany1-4/+13
sure it is not asan/msan-instrumented llvm-svn: 293125
2017-01-26[libFuzzer] don't call GetPreviousInstructionPc on the hot path -- only when ↵Kostya Serebryany1-18/+22
dumping the PCs llvm-svn: 293117
2017-01-23[libFuzzer] make sure we use the feedback from std::string operator ==Kostya Serebryany1-1/+4
llvm-svn: 292835
2017-01-22[libFuzzer] Portably disassemble and find calls to sanitizer_cov_trace_pc_guard.Marcos Pividori1-2/+7
Instead of directly using objdump, which is not present on Windows, we consider different tools depending on the platform. For Windows, we consider dumpbin and llvm-objdump. Differential Revision: https://reviews.llvm.org/D28635 llvm-svn: 292739
2017-01-22[libFuzzer] Portable implementation of `IsInterestingCoverageFile()`.Marcos Pividori1-12/+0
For Posix systems and Windows, we need to consider different cases. Differential Revision: https://reviews.llvm.org/D28633 llvm-svn: 292738
2017-01-22[libFuzzer] Expose Sanitizer Coverage functions from libFuzzer.Marcos Pividori1-12/+16
We need to expose Sanitizer Coverage's functions that are rewritten with a different implementation, so compiler-rt's libraries have access to it. Differential Revision: https://reviews.llvm.org/D28618 llvm-svn: 292736
2017-01-21[libFuzzer] fix gcc buildKostya Serebryany1-1/+0
llvm-svn: 292695
2017-01-20[libFuzzer] call __sanitizer_dump_coverage via EFKostya Serebryany1-1/+2
llvm-svn: 292681
2017-01-17[libfuzzer] fixing collected pc addresses for coverageMike Aizatsky1-17/+26
Summary: The causes google/ossfuzz#84 Reviewers: kcc Subscribers: mgorny Differential Revision: https://reviews.llvm.org/D28827 llvm-svn: 292289
2017-01-17[libFuzzer] use table of recent compares for memcmp/strcmp (to unify the ↵Kostya Serebryany1-25/+14
code between cmp and memcmp handling) llvm-svn: 292287
2017-01-03[libFuzzer] disable -print_pcs by default (was enabled by mistake)Kostya Serebryany1-0/+2
llvm-svn: 290899
2016-12-30[libFuzzer] cleaner implementation of -print_pcs=1Kostya Serebryany1-7/+12
llvm-svn: 290739
2016-12-29[libFuzzer] make __sanitizer_cov_trace_switch more predictableKostya Serebryany1-22/+17
llvm-svn: 290703
2016-12-19[libfuzzer] dump_coverage command line flagMike Aizatsky1-0/+5
Reviewers: kcc, vitalybuka Differential Revision: https://reviews.llvm.org/D27942 llvm-svn: 290138
2016-12-17[libFuzzer] speed up __sanitizer_cov_trace_switch a bit more (remove DIV)Kostya Serebryany1-1/+11
llvm-svn: 290034
2016-12-17[libFuzzer] when tracing switch statements, handle only one case at a time ↵Kostya Serebryany1-3/+13
(to make things faster). Also ensure that the signals from value profile do not intersect with the regular coverage llvm-svn: 290031
2016-12-16[libFuzzer] avoid msan false positives in more casesKostya Serebryany1-6/+2
llvm-svn: 289999
2016-12-14[libFuzzer] disable msan for one more hook that reads target's data that ↵Kostya Serebryany1-0/+3
might be uninitialized llvm-svn: 289680
2016-12-10[libFuzzer] use __sanitizer_get_module_and_offset_for_pc to get the module ↵Kostya Serebryany1-7/+12
name while printing the coverage llvm-svn: 289310
2016-12-05[libFuzzer] refactor the code to allow collecting features in different ↵Kostya Serebryany1-35/+0
ways. Also initialize a couple of Fuzzer:: members that might have been used uninitialized :( llvm-svn: 288731
2016-11-30[libFuzzer] extend -print_coverage to print the comma-separated list of ↵Kostya Serebryany1-1/+11
covered dirs. Note: the Windows stub for DirName is left unimplemented llvm-svn: 288276
2016-11-30[LibFuzzer] Split up some functions among different headers.Zachary Turner1-4/+4
In an effort to get libfuzzer working on Windows, we need to make a distinction between what functions require platform specific code (e.g. different code on Windows vs Linux) and what code doesn't. IO functions, for example, tend to be platform specific. This patch separates out some of the functions which will need to have platform specific implementations into different headers, so that we can then provide different implementations for each platform. Aside from that, this patch contains no functional change. It is purely a re-organization. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27230 llvm-svn: 288264
generated by cgit v1.1 at 2025-10-12 04:50:24 +0000