[clang] 95d609b - [HWASan] Add __hwasan_init to .preinit_array.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2022-02-03T13:07:58-08:00
New Revision: 95d609b549bbdc3c1b7368eac427b9e6628f4ace

URL: 
https://github.com/llvm/llvm-project/commit/95d609b549bbdc3c1b7368eac427b9e6628f4ace
DIFF: 
https://github.com/llvm/llvm-project/commit/95d609b549bbdc3c1b7368eac427b9e6628f4ace.diff

LOG: [HWASan] Add __hwasan_init to .preinit_array.

Fixes segfaults on x86_64 caused by instrumented code running before
shadow is set up.

Reviewed By: pcc

Differential Revision: https://reviews.llvm.org/D118171

Added: 
compiler-rt/lib/hwasan/hwasan_preinit.cpp
compiler-rt/test/hwasan/TestCases/preinit_array.c

Modified: 
clang/lib/Driver/ToolChains/CommonArgs.cpp
compiler-rt/lib/hwasan/CMakeLists.txt

Removed: 




diff  --git a/clang/lib/Driver/ToolChains/CommonArgs.cpp 
b/clang/lib/Driver/ToolChains/CommonArgs.cpp
index 6364cd133e0b..aa6e852efd50 100644
--- a/clang/lib/Driver/ToolChains/CommonArgs.cpp
+++ b/clang/lib/Driver/ToolChains/CommonArgs.cpp
@@ -838,6 +838,8 @@ collectSanitizerRuntimes(const ToolChain , const ArgList 
,
 SharedRuntimes.push_back("hwasan_aliases");
   else
 SharedRuntimes.push_back("hwasan");
+  if (!Args.hasArg(options::OPT_shared))
+HelperStaticRuntimes.push_back("hwasan-preinit");
 }
   }
 

diff  --git a/compiler-rt/lib/hwasan/CMakeLists.txt 
b/compiler-rt/lib/hwasan/CMakeLists.txt
index 9e6125594be7..1f0aa0b2777f 100644
--- a/compiler-rt/lib/hwasan/CMakeLists.txt
+++ b/compiler-rt/lib/hwasan/CMakeLists.txt
@@ -27,6 +27,10 @@ set(HWASAN_RTL_CXX_SOURCES
   hwasan_new_delete.cpp
   )
 
+set(HWASAN_RTL_PREINIT_SOURCES
+  hwasan_preinit.cpp
+  )
+
 set(HWASAN_RTL_HEADERS
   hwasan.h
   hwasan_allocator.h
@@ -103,6 +107,12 @@ add_compiler_rt_object_libraries(RTHwasan_dynamic
   ADDITIONAL_HEADERS ${HWASAN_RTL_HEADERS}
   CFLAGS ${HWASAN_DYNAMIC_CFLAGS}
   DEFS ${HWASAN_DEFINITIONS})
+add_compiler_rt_object_libraries(RTHwasan_preinit
+  ARCHS ${HWASAN_SUPPORTED_ARCH}
+  SOURCES ${HWASAN_RTL_PREINIT_SOURCES}
+  ADDITIONAL_HEADERS ${HWASAN_RTL_HEADERS}
+  CFLAGS ${HWASAN_RTL_CFLAGS}
+  DEFS ${HWASAN_DEFINITIONS})
 
 file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/dummy.cpp "")
 add_compiler_rt_object_libraries(RTHwasan_dynamic_version_script_dummy
@@ -143,6 +153,7 @@ function(add_hwasan_runtimes arch use_aliases)
 STATIC
 ARCHS ${arch}
 OBJECT_LIBS ${hwasan_object_lib}
+RTHwasan_preinit
 RTInterception
 RTSanitizerCommon
 RTSanitizerCommonLibc
@@ -218,6 +229,13 @@ foreach(arch ${HWASAN_SUPPORTED_ARCH})
   endif()
 endforeach()
 
+add_compiler_rt_runtime(clang_rt.hwasan-preinit
+  STATIC
+  ARCHS ${HWASAN_SUPPORTED_ARCH}
+  OBJECT_LIBS RTHwasan_preinit
+  CFLAGS ${HWASAN_RTL_CFLAGS}
+  PARENT_TARGET hwasan)
+
 add_compiler_rt_resource_file(hwasan_ignorelist hwasan_ignorelist.txt hwasan)
 
 add_subdirectory("scripts")

diff  --git a/compiler-rt/lib/hwasan/hwasan_preinit.cpp 
b/compiler-rt/lib/hwasan/hwasan_preinit.cpp
new file mode 100644
index ..8c9c95f413be
--- /dev/null
+++ b/compiler-rt/lib/hwasan/hwasan_preinit.cpp
@@ -0,0 +1,23 @@
+//===-- hwasan_preinit.cpp 
===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM 
Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===--===//
+//
+// This file is a part of HWAddressSanitizer, an address sanity checker.
+//
+// Call __hwasan_init at the very early stage of process startup.
+//===--===//
+#include "hwasan_interface_internal.h"
+#include "sanitizer_common/sanitizer_internal_defs.h"
+
+#if SANITIZER_CAN_USE_PREINIT_ARRAY
+// The symbol is called __local_hwasan_preinit, because it's not intended to
+// be exported.
+// This code linked into the main executable when -fsanitize=hwaddress is in
+// the link flags. It can only use exported interface functions.
+__attribute__((section(".preinit_array"), used)) static void (
+*__local_hwasan_preinit)(void) = __hwasan_init;
+#endif

diff  --git a/compiler-rt/test/hwasan/TestCases/preinit_array.c 
b/compiler-rt/test/hwasan/TestCases/preinit_array.c
new file mode 100644
index ..54d3ee7eea15
--- /dev/null
+++ b/compiler-rt/test/hwasan/TestCases/preinit_array.c
@@ -0,0 +1,12 @@
+// Test that HWASan shadow is initialized before .preinit_array functions run.
+
+// RUN: %clang_hwasan %s -o %t
+// RUN: %run %t
+
+volatile int Global;
+void StoreToGlobal() { Global = 42; }
+
+__attribute__((section(".preinit_array"), used))
+void (*__StoreToGlobal_preinit)() = StoreToGlobal;
+
+int main() { return Global != 42; }



___
cfe-commits 

[clang] e1e2635 - [HWASan] Use tagged-globals feature on x86.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2021-10-19T05:56:50-07:00
New Revision: e1e2635327d74b6404d30521f9e09928e3919cec

URL: 
https://github.com/llvm/llvm-project/commit/e1e2635327d74b6404d30521f9e09928e3919cec
DIFF: 
https://github.com/llvm/llvm-project/commit/e1e2635327d74b6404d30521f9e09928e3919cec.diff

LOG: [HWASan] Use tagged-globals feature on x86.

Allows us to use the small code model when we disable relocation
relaxation.

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D111344

Added: 


Modified: 
clang/lib/Driver/SanitizerArgs.cpp
compiler-rt/test/hwasan/TestCases/global.c
compiler-rt/test/hwasan/lit.cfg.py

Removed: 




diff  --git a/clang/lib/Driver/SanitizerArgs.cpp 
b/clang/lib/Driver/SanitizerArgs.cpp
index 8770fb1cf9fef..bef0dec64d4e1 100644
--- a/clang/lib/Driver/SanitizerArgs.cpp
+++ b/clang/lib/Driver/SanitizerArgs.cpp
@@ -1146,7 +1146,7 @@ void SanitizerArgs::addArgs(const ToolChain , const 
llvm::opt::ArgList ,
 CmdArgs.push_back(Args.MakeArgString("hwasan-abi=" + HwasanAbi));
   }
 
-  if (Sanitizers.has(SanitizerKind::HWAddress) && TC.getTriple().isAArch64()) {
+  if (Sanitizers.has(SanitizerKind::HWAddress) && !HwasanUseAliases) {
 CmdArgs.push_back("-target-feature");
 CmdArgs.push_back("+tagged-globals");
   }

diff  --git a/compiler-rt/test/hwasan/TestCases/global.c 
b/compiler-rt/test/hwasan/TestCases/global.c
index 5df828e571acc..23fefd0eccebe 100644
--- a/compiler-rt/test/hwasan/TestCases/global.c
+++ b/compiler-rt/test/hwasan/TestCases/global.c
@@ -5,6 +5,15 @@
 // RUN: not %run %t -1 2>&1 | FileCheck --check-prefixes=CHECK,LSYM %s
 // RUN: not %env_hwasan_opts=symbolize=0 %run %t -1 2>&1 | FileCheck 
--check-prefixes=CHECK,LNOSYM %s
 
+// Test with and without optimizations, with and without PIC, since 
diff erent
+// backend passes run depending on these flags.
+// RUN: %clang_hwasan -fno-pic %s -o %t
+// RUN: not %run %t 1 2>&1 | FileCheck --check-prefixes=CHECK,RSYM %s
+// RUN: %clang_hwasan -fno-pic -O2 %s -o %t
+// RUN: not %run %t 1 2>&1 | FileCheck --check-prefixes=CHECK,RSYM %s
+// RUN: %clang_hwasan -O2 %s -o %t
+// RUN: not %run %t 1 2>&1 | FileCheck --check-prefixes=CHECK,RSYM %s
+
 // REQUIRES: pointer-tagging
 
 int x = 1;

diff  --git a/compiler-rt/test/hwasan/lit.cfg.py 
b/compiler-rt/test/hwasan/lit.cfg.py
index dcae2b2932815..2cd6d641f2cf9 100644
--- a/compiler-rt/test/hwasan/lit.cfg.py
+++ b/compiler-rt/test/hwasan/lit.cfg.py
@@ -18,10 +18,12 @@
 else:
   config.available_features.add('pointer-tagging')
 if config.target_arch == 'x86_64':
-  # This does basically the same thing as tagged-globals on aarch64. Because
-  # the x86_64 implementation is for testing purposes only there is no
-  # equivalent target feature implemented on x86_64.
-  clang_hwasan_common_cflags += ["-mcmodel=large"]
+  # By default the assembler uses R_X86_64_REX_GOTPCRELX relocations, which can
+  # be relaxed to direct references.  When tagged globals are enabled, these
+  # references fail to link since they have more than a 32-bit offset from RIP.
+  # As a workaround, we disable the relaxation.
+  # TODO: Implement a way to disable for the affected relocations only.
+  clang_hwasan_common_cflags += ["-Wa,-mrelax-relocations=no"]
 
   # The callback instrumentation used on x86_64 has a 1/64 chance of choosing a
   # stack tag of 0.  This causes stack tests to become flaky, so we force tags



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] 5f58322 - [HWASan] Build separate LAM runtime on x86_64.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2021-05-17T09:19:06-07:00
New Revision: 5f58322368b070b63fe2b2559a54f646cb97e2c4

URL: 
https://github.com/llvm/llvm-project/commit/5f58322368b070b63fe2b2559a54f646cb97e2c4
DIFF: 
https://github.com/llvm/llvm-project/commit/5f58322368b070b63fe2b2559a54f646cb97e2c4.diff

LOG: [HWASan] Build separate LAM runtime on x86_64.

Since we have both aliasing mode and Intel LAM on x86_64, we need to
choose the mode at either run time or compile time.  This patch
implements the plumbing to build both and choose between them at
compile time.

Reviewed By: vitalybuka, eugenis

Differential Revision: https://reviews.llvm.org/D102286

Added: 


Modified: 
clang/lib/Driver/ToolChains/CommonArgs.cpp
compiler-rt/lib/hwasan/CMakeLists.txt
compiler-rt/lib/hwasan/hwasan.h
compiler-rt/lib/hwasan/hwasan_allocator.h
compiler-rt/lib/hwasan/hwasan_dynamic_shadow.cpp
compiler-rt/lib/hwasan/hwasan_linux.cpp

Removed: 




diff  --git a/clang/lib/Driver/ToolChains/CommonArgs.cpp 
b/clang/lib/Driver/ToolChains/CommonArgs.cpp
index e8fdb08137864..b74a9fe3eb927 100644
--- a/clang/lib/Driver/ToolChains/CommonArgs.cpp
+++ b/clang/lib/Driver/ToolChains/CommonArgs.cpp
@@ -816,8 +816,12 @@ collectSanitizerRuntimes(const ToolChain , const 
ArgList ,
 }
 if (SanArgs.needsTsanRt() && SanArgs.linkRuntimes())
   SharedRuntimes.push_back("tsan");
-if (SanArgs.needsHwasanRt() && SanArgs.linkRuntimes())
-  SharedRuntimes.push_back("hwasan");
+if (SanArgs.needsHwasanRt() && SanArgs.linkRuntimes()) {
+  if (SanArgs.needsHwasanAliasesRt())
+SharedRuntimes.push_back("hwasan_aliases");
+  else
+SharedRuntimes.push_back("hwasan");
+}
   }
 
   // The stats_client library is also statically linked into DSOs.
@@ -847,9 +851,15 @@ collectSanitizerRuntimes(const ToolChain , const 
ArgList ,
   }
 
   if (!SanArgs.needsSharedRt() && SanArgs.needsHwasanRt() && 
SanArgs.linkRuntimes()) {
-StaticRuntimes.push_back("hwasan");
-if (SanArgs.linkCXXRuntimes())
-  StaticRuntimes.push_back("hwasan_cxx");
+if (SanArgs.needsHwasanAliasesRt()) {
+  StaticRuntimes.push_back("hwasan_aliases");
+  if (SanArgs.linkCXXRuntimes())
+StaticRuntimes.push_back("hwasan_aliases_cxx");
+} else {
+  StaticRuntimes.push_back("hwasan");
+  if (SanArgs.linkCXXRuntimes())
+StaticRuntimes.push_back("hwasan_cxx");
+}
   }
   if (SanArgs.needsDfsanRt() && SanArgs.linkRuntimes())
 StaticRuntimes.push_back("dfsan");

diff  --git a/compiler-rt/lib/hwasan/CMakeLists.txt 
b/compiler-rt/lib/hwasan/CMakeLists.txt
index 707cbb44233fe..547b26f0033d6 100644
--- a/compiler-rt/lib/hwasan/CMakeLists.txt
+++ b/compiler-rt/lib/hwasan/CMakeLists.txt
@@ -93,6 +93,24 @@ add_compiler_rt_object_libraries(RTHwasan_dynamic
   CFLAGS ${HWASAN_DYNAMIC_CFLAGS}
   DEFS ${HWASAN_DEFINITIONS})
 
+# Compile a 
diff erent runtime for x86 aliasing mode.
+set(HWASAN_ALIASES_RTL_CFLAGS ${HWASAN_RTL_CFLAGS})
+list(APPEND HWASAN_ALIASES_RTL_CFLAGS -DHWASAN_ALIASING_MODE)
+set(HWASAN_ALIASES_DYNAMIC_CFLAGS ${HWASAN_DYNAMIC_CFLAGS})
+list(APPEND HWASAN_ALIASES_DYNAMIC_CFLAGS -DHWASAN_ALIASING_MODE)
+add_compiler_rt_object_libraries(RTHwasanAliases
+  ARCHS ${HWASAN_SUPPORTED_ARCH}
+  SOURCES ${HWASAN_RTL_SOURCES}
+  ADDITIONAL_HEADERS ${HWASAN_RTL_HEADERS}
+  CFLAGS ${HWASAN_ALIASES_RTL_CFLAGS}
+  DEFS ${HWASAN_DEFINITIONS})
+add_compiler_rt_object_libraries(RTHwasanAliases_dynamic
+  ARCHS ${HWASAN_SUPPORTED_ARCH}
+  SOURCES ${HWASAN_RTL_SOURCES} ${HWASAN_RTL_CXX_SOURCES}
+  ADDITIONAL_HEADERS ${HWASAN_RTL_HEADERS}
+  CFLAGS ${HWASAN_ALIASES_DYNAMIC_CFLAGS}
+  DEFS ${HWASAN_DEFINITIONS})
+
 file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/dummy.cpp "")
 add_compiler_rt_object_libraries(RTHwasan_dynamic_version_script_dummy
   ARCHS ${HWASAN_SUPPORTED_ARCH}
@@ -100,47 +118,61 @@ 
add_compiler_rt_object_libraries(RTHwasan_dynamic_version_script_dummy
   CFLAGS ${HWASAN_DYNAMIC_CFLAGS}
   DEFS ${HWASAN_DEFINITIONS})
 
-foreach(arch ${HWASAN_SUPPORTED_ARCH})
-  add_compiler_rt_runtime(clang_rt.hwasan
+# If use_aliases is TRUE, adds the HWASan runtime built with alias support.
+# Otherwise adds the runtime without alias support.
+function(add_hwasan_runtimes arch use_aliases)
+  set(hwasan_object_lib RTHwasan)
+  set(hwasan_object_dyn_lib RTHwasan_dynamic)
+  set(hwasan_runtime clang_rt.hwasan)
+  set(hwasan_rtl_flags ${HWASAN_RTL_CFLAGS})
+  set(hwasan_dyn_flags ${HWASAN_DYNAMIC_CFLAGS})
+  if(use_aliases)
+set(hwasan_object_lib RTHwasanAliases)
+set(hwasan_object_dyn_lib RTHwasanAliases_dynamic)
+set(hwasan_runtime clang_rt.hwasan_aliases)
+set(hwasan_rtl_flags ${HWASAN_ALIASES_RTL_CFLAGS})
+set(hwasan_dyn_flags ${HWASAN_ALIASES_DYNAMIC_CFLAGS})
+  endif()
+  add_compiler_rt_runtime(${hwasan_runtime}
 STATIC
 ARCHS ${arch}
-OBJECT_LIBS RTHwasan
+

[clang] b7d1ab7 - [HWASan] Add aliasing flag and enable HWASan to use it.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2021-05-14T09:47:20-07:00
New Revision: b7d1ab75cf474fb3ffc7e7173762c4d83eb2ef8e

URL: 
https://github.com/llvm/llvm-project/commit/b7d1ab75cf474fb3ffc7e7173762c4d83eb2ef8e
DIFF: 
https://github.com/llvm/llvm-project/commit/b7d1ab75cf474fb3ffc7e7173762c4d83eb2ef8e.diff

LOG: [HWASan] Add aliasing flag and enable HWASan to use it.

-fsanitize-hwaddress-experimental-aliasing is intended to distinguish
aliasing mode from LAM mode on x86_64.  check-hwasan is configured
to use aliasing mode while check-hwasan-lam is configured to use LAM
mode.

The current patch doesn't actually do anything differently in the two
modes.  A subsequent patch will actually build the separate runtimes
and use them in each mode.

Currently LAM mode tests must be run in an emulator that
has LAM support.  To ensure LAM mode isn't broken by future patches, I
will next set up a QEMU buildbot to run the HWASan tests in LAM.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D102288

Added: 


Modified: 
clang/include/clang/Driver/Options.td
clang/include/clang/Driver/SanitizerArgs.h
clang/lib/Driver/SanitizerArgs.cpp
compiler-rt/test/hwasan/CMakeLists.txt
compiler-rt/test/hwasan/TestCases/Linux/vfork.c
compiler-rt/test/hwasan/lit.cfg.py
compiler-rt/test/hwasan/lit.site.cfg.py.in

Removed: 




diff  --git a/clang/include/clang/Driver/Options.td 
b/clang/include/clang/Driver/Options.td
index 1fda2dac0f76f..a7adab50657af 100644
--- a/clang/include/clang/Driver/Options.td
+++ b/clang/include/clang/Driver/Options.td
@@ -1547,6 +1547,14 @@ def fno_sanitize_memory_track_origins : Flag<["-"], 
"fno-sanitize-memory-track-o
 Group,
 Flags<[CoreOption, NoXarchOption]>,
 HelpText<"Disable origins tracking in 
MemorySanitizer">;
+def fsanitize_hwaddress_experimental_aliasing
+  : Flag<["-"], "fsanitize-hwaddress-experimental-aliasing">,
+Group,
+HelpText<"Enable aliasing mode in HWAddressSanitizer">;
+def fno_sanitize_hwaddress_experimental_aliasing
+  : Flag<["-"], "fno-sanitize-hwaddress-experimental-aliasing">,
+Group, Flags<[CoreOption, NoXarchOption]>,
+HelpText<"Disable aliasing mode in HWAddressSanitizer">;
 defm sanitize_memory_use_after_dtor : BoolOption<"f", 
"sanitize-memory-use-after-dtor",
   CodeGenOpts<"SanitizeMemoryUseAfterDtor">, DefaultFalse,
   PosFlag, NegFlag,

diff  --git a/clang/include/clang/Driver/SanitizerArgs.h 
b/clang/include/clang/Driver/SanitizerArgs.h
index e9609268ecd73..adfc26382f607 100644
--- a/clang/include/clang/Driver/SanitizerArgs.h
+++ b/clang/include/clang/Driver/SanitizerArgs.h
@@ -57,6 +57,7 @@ class SanitizerArgs {
   // True if cross-dso CFI support if provided by the system (i.e. Android).
   bool ImplicitCfiRuntime = false;
   bool NeedsMemProfRt = false;
+  bool HwasanUseAliases = false;
 
 public:
   /// Parses the sanitizer arguments from an argument list.
@@ -69,6 +70,9 @@ class SanitizerArgs {
   bool needsHwasanRt() const {
 return Sanitizers.has(SanitizerKind::HWAddress);
   }
+  bool needsHwasanAliasesRt() const {
+return needsHwasanRt() && HwasanUseAliases;
+  }
   bool needsTsanRt() const { return Sanitizers.has(SanitizerKind::Thread); }
   bool needsMsanRt() const { return Sanitizers.has(SanitizerKind::Memory); }
   bool needsFuzzer() const { return Sanitizers.has(SanitizerKind::Fuzzer); }

diff  --git a/clang/lib/Driver/SanitizerArgs.cpp 
b/clang/lib/Driver/SanitizerArgs.cpp
index 7bd99e13010a6..9c54bd5fbab6c 100644
--- a/clang/lib/Driver/SanitizerArgs.cpp
+++ b/clang/lib/Driver/SanitizerArgs.cpp
@@ -865,6 +865,11 @@ SanitizerArgs::SanitizerArgs(const ToolChain ,
 } else {
   HwasanAbi = "interceptor";
 }
+if (TC.getTriple().getArch() == llvm::Triple::x86_64)
+  HwasanUseAliases = Args.hasFlag(
+  options::OPT_fsanitize_hwaddress_experimental_aliasing,
+  options::OPT_fno_sanitize_hwaddress_experimental_aliasing,
+  HwasanUseAliases);
   }
 
   if (AllAddedKinds & SanitizerKind::SafeStack) {

diff  --git a/compiler-rt/test/hwasan/CMakeLists.txt 
b/compiler-rt/test/hwasan/CMakeLists.txt
index f6bdd510ad312..b463146132dbf 100644
--- a/compiler-rt/test/hwasan/CMakeLists.txt
+++ b/compiler-rt/test/hwasan/CMakeLists.txt
@@ -33,5 +33,15 @@ endif()
 add_lit_testsuite(check-hwasan "Running the HWAddressSanitizer tests"
   ${HWASAN_TESTSUITES}
   DEPENDS ${HWASAN_TEST_DEPS}
+  PARAMS "HWASAN_ENABLE_ALIASES=1"
   )
 set_target_properties(check-hwasan PROPERTIES FOLDER "Compiler-RT Misc")
+
+add_lit_testsuite(check-hwasan-lam
+  "Running the HWAddressSanitizer tests with Intel LAM"
+  ${HWASAN_TESTSUITES}
+  DEPENDS ${HWASAN_TEST_DEPS}
+  PARAMS "HWASAN_ENABLE_ALIASES=0"
+  EXCLUDE_FROM_CHECK_ALL
+  )
+set_target_properties(check-hwasan-lam 

[clang] 8e0bb21 - [HWASan] Mention x86_64 aliasing mode in design doc.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2021-03-25T14:22:20-07:00
New Revision: 8e0bb21931db80ca2f1f4f3e47c1d9d71943064a

URL: 
https://github.com/llvm/llvm-project/commit/8e0bb21931db80ca2f1f4f3e47c1d9d71943064a
DIFF: 
https://github.com/llvm/llvm-project/commit/8e0bb21931db80ca2f1f4f3e47c1d9d71943064a.diff

LOG: [HWASan] Mention x86_64 aliasing mode in design doc.

Reviewed By: eugenis

Differential Revision: https://reviews.llvm.org/D98892

Added: 


Modified: 
clang/docs/HardwareAssistedAddressSanitizerDesign.rst

Removed: 




diff  --git a/clang/docs/HardwareAssistedAddressSanitizerDesign.rst 
b/clang/docs/HardwareAssistedAddressSanitizerDesign.rst
index b97fbb91a43a..f89ca117427a 100644
--- a/clang/docs/HardwareAssistedAddressSanitizerDesign.rst
+++ b/clang/docs/HardwareAssistedAddressSanitizerDesign.rst
@@ -19,13 +19,17 @@ The redzones, the quarantine, and, to a less extent, the 
shadow, are the
 sources of AddressSanitizer's memory overhead.
 See the `AddressSanitizer paper`_ for details.
 
-AArch64 has the `Address Tagging`_ (or top-byte-ignore, TBI), a hardware 
feature that allows
-software to use 8 most significant bits of a 64-bit pointer as
+AArch64 has `Address Tagging`_ (or top-byte-ignore, TBI), a hardware feature 
that allows
+software to use the 8 most significant bits of a 64-bit pointer as
 a tag. HWASAN uses `Address Tagging`_
 to implement a memory safety tool, similar to :doc:`AddressSanitizer`,
 but with smaller memory overhead and slightly 
diff erent (mostly better)
 accuracy guarantees.
 
+Intel's `Linear Address Masking`_ (LAM) also provides address tagging for
+x86_64, though it is not widely available in hardware yet.  For x86_64, HWASAN
+has a limited implementation using page aliasing instead.
+
 Algorithm
 =
 * Every heap/stack/global memory object is forcibly aligned by `TG` bytes
@@ -266,7 +270,15 @@ before every load and store by compiler instrumentation, 
but this variant
 will have limited deployability since not all of the code is
 typically instrumented.
 
-The HWASAN's approach is not applicable to 32-bit architectures.
+On x86_64, HWASAN utilizes page aliasing to place tags in userspace address
+bits.  Currently only heap tagging is supported.  The page aliases rely on
+shared memory, which will cause heap memory to be shared between processes if
+the application calls ``fork()``.  Therefore x86_64 is really only safe for
+applications that do not fork.
+
+HWASAN does not currently support 32-bit architectures since they do not
+support `Address Tagging`_ and the address space is too constrained to easily
+implement page aliasing.
 
 
 Related Work
@@ -284,4 +296,4 @@ Related Work
 .. _SPARC ADI: 
https://lazytyped.blogspot.com/2017/09/getting-started-with-adi.html
 .. _AddressSanitizer paper: 
https://www.usenix.org/system/files/conference/atc12/atc12-final39.pdf
 .. _Address Tagging: 
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.den0024a/ch12s05s01.html
-
+.. _Linear Address Masking: 
https://software.intel.com/content/www/us/en/develop/download/intel-architecture-instruction-set-extensions-programming-reference.html



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Re: [clang] c2f9086 - [Driver] Gnu.cpp: drop an unneeded special rule related to sysroot

[Matt Morehouse via cfe-commits]

Hi Fangrui,

This change seems to have broken the link on Android:
https://lab.llvm.org/buildbot/#/builders/77/builds/4777
Could you please take a look?

ld.lld: error: 
/var/lib/buildbot/sanitizer-buildbot6/sanitizer-x86_64-linux-android/build/android_ndk/toolchains/llvm/prebuilt/linux-x86_64/lib/gcc/aarch64-linux-android/4.9.x/../../../../lib64/libc++.so
is incompatible with aarch64linux



On Sat, Mar 20, 2021 at 9:38 PM Fangrui Song via cfe-commits <
cfe-commits@lists.llvm.org> wrote:

>
> Author: Fangrui Song
> Date: 2021-03-20T21:37:49-07:00
> New Revision: c2f9086b6184a132ec8cac7edeb620813796e1e8
>
> URL:
> https://github.com/llvm/llvm-project/commit/c2f9086b6184a132ec8cac7edeb620813796e1e8
> DIFF:
> https://github.com/llvm/llvm-project/commit/c2f9086b6184a132ec8cac7edeb620813796e1e8.diff
>
> LOG: [Driver] Gnu.cpp: drop an unneeded special rule related to sysroot
>
> Added:
>
>
> Modified:
> clang/lib/Driver/ToolChains/Gnu.cpp
>
> Removed:
>
>
>
>
> 
> diff  --git a/clang/lib/Driver/ToolChains/Gnu.cpp
> b/clang/lib/Driver/ToolChains/Gnu.cpp
> index 39be77463544..078579669634 100644
> --- a/clang/lib/Driver/ToolChains/Gnu.cpp
> +++ b/clang/lib/Driver/ToolChains/Gnu.cpp
> @@ -2853,8 +2853,6 @@ void Generic_GCC::AddMultiarchPaths(const Driver ,
>Paths);
>  }
>
> -// See comments above on the multilib variant for details of why this
> is
> -// included even from outside the sysroot.
>  const std::string  =
>  std::string(GCCInstallation.getParentLibPath());
>  const llvm::Triple  = GCCInstallation.getTriple();
> @@ -2862,11 +2860,7 @@ void Generic_GCC::AddMultiarchPaths(const Driver ,
>  addPathIfExists(
>  D, LibPath + "/../" + GCCTriple.str() + "/lib" +
> Multilib.osSuffix(),
>  Paths);
> -
> -// See comments above on the multilib variant for details of why this
> is
> -// only included from within the sysroot.
> -if (StringRef(LibPath).startswith(SysRoot))
> -  addPathIfExists(D, LibPath, Paths);
> +addPathIfExists(D, LibPath, Paths);
>}
>  }
>
>
>
>
> ___
> cfe-commits mailing list
> cfe-commits@lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
>
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] a6d15d4 - Undo Revert "Ignore template instantiations if not in AsIs mode"

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2020-11-03T13:59:01-08:00
New Revision: a6d15d40701ad38f29e4ff93703b3ffa7b204611

URL: 
https://github.com/llvm/llvm-project/commit/a6d15d40701ad38f29e4ff93703b3ffa7b204611
DIFF: 
https://github.com/llvm/llvm-project/commit/a6d15d40701ad38f29e4ff93703b3ffa7b204611.diff

LOG: Undo Revert "Ignore template instantiations if not in AsIs mode"

MaskRay already fixed the ASan bug.

Added: 


Modified: 
clang/include/clang/AST/ASTNodeTraverser.h
clang/include/clang/AST/RecursiveASTVisitor.h
clang/include/clang/ASTMatchers/ASTMatchersInternal.h
clang/lib/AST/ASTDumper.cpp
clang/lib/ASTMatchers/ASTMatchFinder.cpp
clang/lib/ASTMatchers/ASTMatchersInternal.cpp
clang/unittests/AST/ASTTraverserTest.cpp
clang/unittests/ASTMatchers/ASTMatchersTraversalTest.cpp
clang/unittests/Tooling/TransformerTest.cpp

Removed: 




diff  --git a/clang/include/clang/AST/ASTNodeTraverser.h 
b/clang/include/clang/AST/ASTNodeTraverser.h
index b0b1c152db05..1141f514d795 100644
--- a/clang/include/clang/AST/ASTNodeTraverser.h
+++ b/clang/include/clang/AST/ASTNodeTraverser.h
@@ -82,6 +82,7 @@ class ASTNodeTraverser
   bool getDeserialize() const { return Deserialize; }
 
   void SetTraversalKind(TraversalKind TK) { Traversal = TK; }
+  TraversalKind GetTraversalKind() const { return Traversal; }
 
   void Visit(const Decl *D) {
 getNodeDelegate().AddChild([=] {
@@ -481,8 +482,10 @@ class ASTNodeTraverser
 
 Visit(D->getTemplatedDecl());
 
-for (const auto *Child : D->specializations())
-  dumpTemplateDeclSpecialization(Child);
+if (Traversal == TK_AsIs) {
+  for (const auto *Child : D->specializations())
+dumpTemplateDeclSpecialization(Child);
+}
   }
 
   void VisitTypeAliasDecl(const TypeAliasDecl *D) {

diff  --git a/clang/include/clang/AST/RecursiveASTVisitor.h 
b/clang/include/clang/AST/RecursiveASTVisitor.h
index 5e83cded0652..0a36ec9ad687 100644
--- a/clang/include/clang/AST/RecursiveASTVisitor.h
+++ b/clang/include/clang/AST/RecursiveASTVisitor.h
@@ -461,6 +461,13 @@ template  class RecursiveASTVisitor {
 
   bool canIgnoreChildDeclWhileTraversingDeclContext(const Decl *Child);
 
+#define DEF_TRAVERSE_TMPL_INST(TMPLDECLKIND)   
\
+  bool TraverseTemplateInstantiations(TMPLDECLKIND##TemplateDecl *D);
+  DEF_TRAVERSE_TMPL_INST(Class)
+  DEF_TRAVERSE_TMPL_INST(Var)
+  DEF_TRAVERSE_TMPL_INST(Function)
+#undef DEF_TRAVERSE_TMPL_INST
+
 private:
   // These are helper methods used by more than one Traverse* method.
   bool TraverseTemplateParameterListHelper(TemplateParameterList *TPL);
@@ -469,12 +476,6 @@ template  class RecursiveASTVisitor {
   template 
   bool TraverseDeclTemplateParameterLists(T *D);
 
-#define DEF_TRAVERSE_TMPL_INST(TMPLDECLKIND)   
\
-  bool TraverseTemplateInstantiations(TMPLDECLKIND##TemplateDecl *D);
-  DEF_TRAVERSE_TMPL_INST(Class)
-  DEF_TRAVERSE_TMPL_INST(Var)
-  DEF_TRAVERSE_TMPL_INST(Function)
-#undef DEF_TRAVERSE_TMPL_INST
   bool TraverseTemplateArgumentLocsHelper(const TemplateArgumentLoc *TAL,
   unsigned Count);
   bool TraverseArrayTypeLocHelper(ArrayTypeLoc TL);

diff  --git a/clang/include/clang/ASTMatchers/ASTMatchersInternal.h 
b/clang/include/clang/ASTMatchers/ASTMatchersInternal.h
index 2a3f503f9951..1f5951877f24 100644
--- a/clang/include/clang/ASTMatchers/ASTMatchersInternal.h
+++ b/clang/include/clang/ASTMatchers/ASTMatchersInternal.h
@@ -586,6 +586,10 @@ class Matcher {
   return this->InnerMatcher.matches(DynTypedNode::create(*Node), Finder,
 Builder);
 }
+
+llvm::Optional TraversalKind() const override {
+  return this->InnerMatcher.getTraversalKind();
+}
   };
 
 private:
@@ -1056,6 +1060,8 @@ class ASTMatchFinder {
 
   virtual ASTContext () const = 0;
 
+  virtual bool isMatchingInImplicitTemplateInstantiation() const = 0;
+
 protected:
   virtual bool matchesChildOf(const DynTypedNode , ASTContext ,
   const DynTypedMatcher ,

diff  --git a/clang/lib/AST/ASTDumper.cpp b/clang/lib/AST/ASTDumper.cpp
index 284e5bdbc6b0..3d368a0a7b63 100644
--- a/clang/lib/AST/ASTDumper.cpp
+++ b/clang/lib/AST/ASTDumper.cpp
@@ -129,9 +129,11 @@ void ASTDumper::dumpTemplateDecl(const TemplateDecl *D, 
bool DumpExplicitInst) {
 
   Visit(D->getTemplatedDecl());
 
-  for (const auto *Child : D->specializations())
-dumpTemplateDeclSpecialization(Child, DumpExplicitInst,
-   !D->isCanonicalDecl());
+  if (GetTraversalKind() == TK_AsIs) {
+for (const auto *Child : D->specializations())
+  dumpTemplateDeclSpecialization(Child, DumpExplicitInst,
+ !D->isCanonicalDecl());
+  }
 }
 
 void ASTDumper::VisitFunctionTemplateDecl(const FunctionTemplateDecl *D) {

[clang] 72531ae - Revert "Ignore template instantiations if not in AsIs mode"

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2020-11-03T13:57:31-08:00
New Revision: 72531ae6e64d4408f6e9aee8d5902f5d6b0ae519

URL: 
https://github.com/llvm/llvm-project/commit/72531ae6e64d4408f6e9aee8d5902f5d6b0ae519
DIFF: 
https://github.com/llvm/llvm-project/commit/72531ae6e64d4408f6e9aee8d5902f5d6b0ae519.diff

LOG: Revert "Ignore template instantiations if not in AsIs mode"

This reverts commit 53df3beb624989ed32d87697d0c17601d7871465 due to
check-asan failure on the buildbot.

Added: 


Modified: 
clang/include/clang/AST/ASTNodeTraverser.h
clang/include/clang/AST/RecursiveASTVisitor.h
clang/include/clang/ASTMatchers/ASTMatchersInternal.h
clang/lib/AST/ASTDumper.cpp
clang/lib/ASTMatchers/ASTMatchFinder.cpp
clang/lib/ASTMatchers/ASTMatchersInternal.cpp
clang/unittests/AST/ASTTraverserTest.cpp
clang/unittests/ASTMatchers/ASTMatchersTraversalTest.cpp
clang/unittests/Tooling/TransformerTest.cpp

Removed: 




diff  --git a/clang/include/clang/AST/ASTNodeTraverser.h 
b/clang/include/clang/AST/ASTNodeTraverser.h
index 1141f514d795..b0b1c152db05 100644
--- a/clang/include/clang/AST/ASTNodeTraverser.h
+++ b/clang/include/clang/AST/ASTNodeTraverser.h
@@ -82,7 +82,6 @@ class ASTNodeTraverser
   bool getDeserialize() const { return Deserialize; }
 
   void SetTraversalKind(TraversalKind TK) { Traversal = TK; }
-  TraversalKind GetTraversalKind() const { return Traversal; }
 
   void Visit(const Decl *D) {
 getNodeDelegate().AddChild([=] {
@@ -482,10 +481,8 @@ class ASTNodeTraverser
 
 Visit(D->getTemplatedDecl());
 
-if (Traversal == TK_AsIs) {
-  for (const auto *Child : D->specializations())
-dumpTemplateDeclSpecialization(Child);
-}
+for (const auto *Child : D->specializations())
+  dumpTemplateDeclSpecialization(Child);
   }
 
   void VisitTypeAliasDecl(const TypeAliasDecl *D) {

diff  --git a/clang/include/clang/AST/RecursiveASTVisitor.h 
b/clang/include/clang/AST/RecursiveASTVisitor.h
index 0a36ec9ad687..5e83cded0652 100644
--- a/clang/include/clang/AST/RecursiveASTVisitor.h
+++ b/clang/include/clang/AST/RecursiveASTVisitor.h
@@ -461,13 +461,6 @@ template  class RecursiveASTVisitor {
 
   bool canIgnoreChildDeclWhileTraversingDeclContext(const Decl *Child);
 
-#define DEF_TRAVERSE_TMPL_INST(TMPLDECLKIND)   
\
-  bool TraverseTemplateInstantiations(TMPLDECLKIND##TemplateDecl *D);
-  DEF_TRAVERSE_TMPL_INST(Class)
-  DEF_TRAVERSE_TMPL_INST(Var)
-  DEF_TRAVERSE_TMPL_INST(Function)
-#undef DEF_TRAVERSE_TMPL_INST
-
 private:
   // These are helper methods used by more than one Traverse* method.
   bool TraverseTemplateParameterListHelper(TemplateParameterList *TPL);
@@ -476,6 +469,12 @@ template  class RecursiveASTVisitor {
   template 
   bool TraverseDeclTemplateParameterLists(T *D);
 
+#define DEF_TRAVERSE_TMPL_INST(TMPLDECLKIND)   
\
+  bool TraverseTemplateInstantiations(TMPLDECLKIND##TemplateDecl *D);
+  DEF_TRAVERSE_TMPL_INST(Class)
+  DEF_TRAVERSE_TMPL_INST(Var)
+  DEF_TRAVERSE_TMPL_INST(Function)
+#undef DEF_TRAVERSE_TMPL_INST
   bool TraverseTemplateArgumentLocsHelper(const TemplateArgumentLoc *TAL,
   unsigned Count);
   bool TraverseArrayTypeLocHelper(ArrayTypeLoc TL);

diff  --git a/clang/include/clang/ASTMatchers/ASTMatchersInternal.h 
b/clang/include/clang/ASTMatchers/ASTMatchersInternal.h
index 1f5951877f24..2a3f503f9951 100644
--- a/clang/include/clang/ASTMatchers/ASTMatchersInternal.h
+++ b/clang/include/clang/ASTMatchers/ASTMatchersInternal.h
@@ -586,10 +586,6 @@ class Matcher {
   return this->InnerMatcher.matches(DynTypedNode::create(*Node), Finder,
 Builder);
 }
-
-llvm::Optional TraversalKind() const override {
-  return this->InnerMatcher.getTraversalKind();
-}
   };
 
 private:
@@ -1060,8 +1056,6 @@ class ASTMatchFinder {
 
   virtual ASTContext () const = 0;
 
-  virtual bool isMatchingInImplicitTemplateInstantiation() const = 0;
-
 protected:
   virtual bool matchesChildOf(const DynTypedNode , ASTContext ,
   const DynTypedMatcher ,

diff  --git a/clang/lib/AST/ASTDumper.cpp b/clang/lib/AST/ASTDumper.cpp
index 3d368a0a7b63..284e5bdbc6b0 100644
--- a/clang/lib/AST/ASTDumper.cpp
+++ b/clang/lib/AST/ASTDumper.cpp
@@ -129,11 +129,9 @@ void ASTDumper::dumpTemplateDecl(const TemplateDecl *D, 
bool DumpExplicitInst) {
 
   Visit(D->getTemplatedDecl());
 
-  if (GetTraversalKind() == TK_AsIs) {
-for (const auto *Child : D->specializations())
-  dumpTemplateDeclSpecialization(Child, DumpExplicitInst,
- !D->isCanonicalDecl());
-  }
+  for (const auto *Child : D->specializations())
+dumpTemplateDeclSpecialization(Child, DumpExplicitInst,
+   !D->isCanonicalDecl());
 }
 
 void 

[clang] e492f95 - [docs] Add missing semicolon to example.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2020-08-14T13:46:05-07:00
New Revision: e492f959e0e0930af3745c1e62b7ffc31f5bf29c

URL: 
https://github.com/llvm/llvm-project/commit/e492f959e0e0930af3745c1e62b7ffc31f5bf29c
DIFF: 
https://github.com/llvm/llvm-project/commit/e492f959e0e0930af3745c1e62b7ffc31f5bf29c.diff

LOG: [docs] Add missing semicolon to example.

Added: 


Modified: 
clang/docs/DataFlowSanitizer.rst

Removed: 




diff  --git a/clang/docs/DataFlowSanitizer.rst 
b/clang/docs/DataFlowSanitizer.rst
index cd8c5869a017..6b5c1e14e134 100644
--- a/clang/docs/DataFlowSanitizer.rst
+++ b/clang/docs/DataFlowSanitizer.rst
@@ -214,7 +214,7 @@ For example:
 assert(ij_label & i_label);  // ij_label has i_label
 assert(ij_label & j_label);  // ij_label has j_label
 assert(!(ij_label & k_label));  // ij_label doesn't have k_label
-assert(ij_label == 3)  // Verifies all of the above
+assert(ij_label == 3);  // Verifies all of the above
 
 dfsan_label ijk_label = dfsan_get_label(i + j + k);
 



___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] e2d0b44 - [DFSan] Add efficient fast16labels instrumentation mode.

[Matt Morehouse via cfe-commits]

Author: Matt Morehouse
Date: 2020-07-29T18:58:47Z
New Revision: e2d0b44a7cd261218c9e527d23eb5d13425afe8b

URL: 
https://github.com/llvm/llvm-project/commit/e2d0b44a7cd261218c9e527d23eb5d13425afe8b
DIFF: 
https://github.com/llvm/llvm-project/commit/e2d0b44a7cd261218c9e527d23eb5d13425afe8b.diff

LOG: [DFSan] Add efficient fast16labels instrumentation mode.

Adds the -fast-16-labels flag, which enables efficient instrumentation
for DFSan when the user needs <=16 labels.  The instrumentation
eliminates most branches and most calls to __dfsan_union or
__dfsan_union_load.

Reviewed By: vitalybuka

Differential Revision: https://reviews.llvm.org/D84371

Added: 
llvm/test/Instrumentation/DataFlowSanitizer/fast16labels.ll

Modified: 
clang/docs/DataFlowSanitizer.rst
compiler-rt/lib/dfsan/dfsan.cpp
compiler-rt/lib/dfsan/dfsan_flags.inc
compiler-rt/lib/dfsan/done_abilist.txt
compiler-rt/lib/fuzzer/FuzzerDataFlowTrace.cpp
compiler-rt/lib/fuzzer/dataflow/DataFlow.cpp
compiler-rt/test/dfsan/fast16labels.c
compiler-rt/test/fuzzer/dataflow.test
compiler-rt/test/fuzzer/only-some-bytes-fork.test
compiler-rt/test/fuzzer/only-some-bytes.test
llvm/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp

Removed: 




diff  --git a/clang/docs/DataFlowSanitizer.rst 
b/clang/docs/DataFlowSanitizer.rst
index 44956037490a..cd8c5869a017 100644
--- a/clang/docs/DataFlowSanitizer.rst
+++ b/clang/docs/DataFlowSanitizer.rst
@@ -174,6 +174,58 @@ the correct labels are propagated.
 return 0;
   }
 
+fast16labels mode
+=
+
+If you need 16 or fewer labels, you can use fast16labels instrumentation for
+less CPU and code size overhead.  To use fast16labels instrumentation, you'll
+need to specify `-fsanitize=dataflow -mllvm -dfsan-fast-16-labels` in your
+compile and link commands and use a modified API for creating and managing
+labels.
+
+In fast16labels mode, base labels are simply 16-bit unsigned integers that are
+powers of 2 (i.e. 1, 2, 4, 8, ..., 32768), and union labels are created by 
ORing
+base labels.  In this mode DFSan does not manage any label metadata, so the
+functions `dfsan_create_label`, `dfsan_union`, `dfsan_get_label_info`,
+`dfsan_has_label`, `dfsan_has_label_with_desc`, `dfsan_get_label_count`, and
+`dfsan_dump_labels` are unsupported.  Instead of using them, the user should
+maintain any necessary metadata about base labels themselves.
+
+For example:
+
+.. code-block:: c++
+
+  #include 
+  #include 
+
+  int main(void) {
+int i = 100;
+int j = 200;
+int k = 300;
+dfsan_label i_label = 1;
+dfsan_label j_label = 2;
+dfsan_label k_label = 4;
+dfsan_set_label(i_label, , sizeof(i));
+dfsan_set_label(j_label, , sizeof(j));
+dfsan_set_label(k_label, , sizeof(k));
+
+dfsan_label ij_label = dfsan_get_label(i + j);
+
+assert(ij_label & i_label);  // ij_label has i_label
+assert(ij_label & j_label);  // ij_label has j_label
+assert(!(ij_label & k_label));  // ij_label doesn't have k_label
+assert(ij_label == 3)  // Verifies all of the above
+
+dfsan_label ijk_label = dfsan_get_label(i + j + k);
+
+assert(ijk_label & i_label);  // ijk_label has i_label
+assert(ijk_label & j_label);  // ijk_label has j_label
+assert(ijk_label & k_label);  // ijk_label has k_label
+assert(ijk_label == 7);  // Verifies all of the above
+
+return 0;
+  }
+
 Current status
 ==
 

diff  --git a/compiler-rt/lib/dfsan/dfsan.cpp b/compiler-rt/lib/dfsan/dfsan.cpp
index 105989c93ab1..678f6c1183e0 100644
--- a/compiler-rt/lib/dfsan/dfsan.cpp
+++ b/compiler-rt/lib/dfsan/dfsan.cpp
@@ -18,15 +18,16 @@
 // prefixed __dfsan_.
 
//===--===//
 
+#include "dfsan/dfsan.h"
+
 #include "sanitizer_common/sanitizer_atomic.h"
 #include "sanitizer_common/sanitizer_common.h"
 #include "sanitizer_common/sanitizer_file.h"
-#include "sanitizer_common/sanitizer_flags.h"
 #include "sanitizer_common/sanitizer_flag_parser.h"
+#include "sanitizer_common/sanitizer_flags.h"
+#include "sanitizer_common/sanitizer_internal_defs.h"
 #include "sanitizer_common/sanitizer_libc.h"
 
-#include "dfsan/dfsan.h"
-
 using namespace __dfsan;
 
 typedef atomic_uint16_t atomic_dfsan_label;
@@ -158,18 +159,10 @@ static void dfsan_check_label(dfsan_label label) {
   }
 }
 
-static void ReportUnsupportedFast16(const char *func) {
-  Report("FATAL: DataFlowSanitizer: %s is unsupported in fast16labels mode\n",
- func);
-  Die();
-}
-
 // Resolves the union of two unequal labels.  Nonequality is a precondition for
 // this function (the instrumentation pass inlines the equality test).
 extern "C" SANITIZER_INTERFACE_ATTRIBUTE
 dfsan_label __dfsan_union(dfsan_label l1, dfsan_label l2) {
-  if (flags().fast16labels)
-return l1 | l2;
   DCHECK_NE(l1, l2);
 
   if (l1 == 0)
@@ -224,6 

[clang] f78d9fc - [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

[Matt Morehouse via cfe-commits]

Author: Dokyung Song
Date: 2020-07-16T20:26:35Z
New Revision: f78d9fceea736d431e9e3cbca291e3909e3aa46d

URL: 
https://github.com/llvm/llvm-project/commit/f78d9fceea736d431e9e3cbca291e3909e3aa46d
DIFF: 
https://github.com/llvm/llvm-project/commit/f78d9fceea736d431e9e3cbca291e3909e3aa46d.diff

LOG: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes 
are not linked.

Summary: libFuzzer intercepts certain library functions such as memcmp/strcmp 
by defining weak hooks. Weak hooks, however, are called only when other 
runtimes such as ASan is linked. This patch defines libFuzzer's own 
interceptors, which is linked into the libFuzzer executable when other runtimes 
are not linked, i.e., when -fsanitize=fuzzer is given, but not others.

Reviewers: kcc, morehouse, hctim

Reviewed By: morehouse, hctim

Subscribers: krytarowski, mgorny, cfe-commits, #sanitizers

Tags: #clang, #sanitizers

Differential Revision: https://reviews.llvm.org/D83494

Added: 
compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp

Modified: 
clang/include/clang/Driver/SanitizerArgs.h
clang/lib/Driver/SanitizerArgs.cpp
clang/lib/Driver/ToolChains/CommonArgs.cpp
compiler-rt/lib/fuzzer/CMakeLists.txt
compiler-rt/test/fuzzer/memcmp.test
compiler-rt/test/fuzzer/memcmp64.test
compiler-rt/test/fuzzer/strcmp.test
compiler-rt/test/fuzzer/strncmp.test
compiler-rt/test/fuzzer/strstr.test

Removed: 




diff  --git a/clang/include/clang/Driver/SanitizerArgs.h 
b/clang/include/clang/Driver/SanitizerArgs.h
index 934dab808e82..563d6c3ff9de 100644
--- a/clang/include/clang/Driver/SanitizerArgs.h
+++ b/clang/include/clang/Driver/SanitizerArgs.h
@@ -74,6 +74,7 @@ class SanitizerArgs {
!Sanitizers.has(SanitizerKind::Address) &&
!Sanitizers.has(SanitizerKind::HWAddress);
   }
+  bool needsFuzzerInterceptors() const;
   bool needsUbsanRt() const;
   bool requiresMinimalRuntime() const { return MinimalRuntime; }
   bool needsDfsanRt() const { return Sanitizers.has(SanitizerKind::DataFlow); }

diff  --git a/clang/lib/Driver/SanitizerArgs.cpp 
b/clang/lib/Driver/SanitizerArgs.cpp
index bcc9ffc7ff8f..e4fda752c041 100644
--- a/clang/lib/Driver/SanitizerArgs.cpp
+++ b/clang/lib/Driver/SanitizerArgs.cpp
@@ -240,6 +240,10 @@ static SanitizerMask parseSanitizeTrapArgs(const Driver ,
   return TrappingKinds;
 }
 
+bool SanitizerArgs::needsFuzzerInterceptors() const {
+  return needsFuzzer() && !needsAsanRt() && !needsTsanRt() && !needsMsanRt();
+}
+
 bool SanitizerArgs::needsUbsanRt() const {
   // All of these include ubsan.
   if (needsAsanRt() || needsMsanRt() || needsHwasanRt() || needsTsanRt() ||

diff  --git a/clang/lib/Driver/ToolChains/CommonArgs.cpp 
b/clang/lib/Driver/ToolChains/CommonArgs.cpp
index 6b6e276b8ce7..acde6d9e2111 100644
--- a/clang/lib/Driver/ToolChains/CommonArgs.cpp
+++ b/clang/lib/Driver/ToolChains/CommonArgs.cpp
@@ -784,6 +784,9 @@ bool tools::addSanitizerRuntimes(const ToolChain , const 
ArgList ,
   !Args.hasArg(options::OPT_shared)) {
 
 addSanitizerRuntime(TC, Args, CmdArgs, "fuzzer", false, true);
+if (SanArgs.needsFuzzerInterceptors())
+  addSanitizerRuntime(TC, Args, CmdArgs, "fuzzer_interceptors", false,
+  true);
 if (!Args.hasArg(clang::driver::options::OPT_nostdlibxx))
   TC.AddCXXStdlibLibArgs(Args, CmdArgs);
   }

diff  --git a/compiler-rt/lib/fuzzer/CMakeLists.txt 
b/compiler-rt/lib/fuzzer/CMakeLists.txt
index b5be6b89452e..02be89cb70a5 100644
--- a/compiler-rt/lib/fuzzer/CMakeLists.txt
+++ b/compiler-rt/lib/fuzzer/CMakeLists.txt
@@ -99,6 +99,13 @@ add_compiler_rt_object_libraries(RTfuzzer_main
   CFLAGS ${LIBFUZZER_CFLAGS}
   DEPS ${LIBFUZZER_DEPS})
 
+add_compiler_rt_object_libraries(RTfuzzer_interceptors
+  OS ${FUZZER_SUPPORTED_OS}
+  ARCHS ${FUZZER_SUPPORTED_ARCH}
+  SOURCES FuzzerInterceptors.cpp
+  CFLAGS ${LIBFUZZER_CFLAGS}
+  DEPS ${LIBFUZZER_DEPS})
+
 add_compiler_rt_runtime(clang_rt.fuzzer
   STATIC
   OS ${FUZZER_SUPPORTED_OS}
@@ -115,6 +122,14 @@ add_compiler_rt_runtime(clang_rt.fuzzer_no_main
   CFLAGS ${LIBFUZZER_CFLAGS}
   PARENT_TARGET fuzzer)
 
+add_compiler_rt_runtime(clang_rt.fuzzer_interceptors
+  STATIC
+  OS ${FUZZER_SUPPORTED_OS}
+  ARCHS ${FUZZER_SUPPORTED_ARCH}
+  OBJECT_LIBS RTfuzzer_interceptors
+  CFLAGS ${LIBFUZZER_CFLAGS}
+  PARENT_TARGET fuzzer)
+
 if(OS_NAME MATCHES "Linux|Fuchsia" AND
COMPILER_RT_LIBCXX_PATH AND
COMPILER_RT_LIBCXXABI_PATH)
@@ -148,7 +163,10 @@ if(OS_NAME MATCHES "Linux|Fuchsia" AND
 add_dependencies(RTfuzzer.${arch} libcxx_fuzzer_${arch}-build)
 target_compile_options(RTfuzzer_main.${arch} PRIVATE -isystem 
${LIBCXX_${arch}_PREFIX}/include/c++/v1)
 add_dependencies(RTfuzzer_main.${arch} libcxx_fuzzer_${arch}-build)
+target_compile_options(RTfuzzer_interceptors.${arch} PRIVATE -isystem 
${LIBCXX_${arch}_PREFIX}/include/c++/v1)
+

r357803 - [clang-fuzzer] Include ExternalProject before using it.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Apr  5 12:47:17 2019
New Revision: 357803

URL: http://llvm.org/viewvc/llvm-project?rev=357803=rev
Log:
[clang-fuzzer] Include ExternalProject before using it.

Some versions of CMake require ExternalProject to be included before we
can use ExternalProject_Add.

Modified:
cfe/trunk/cmake/modules/ProtobufMutator.cmake

Modified: cfe/trunk/cmake/modules/ProtobufMutator.cmake
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/modules/ProtobufMutator.cmake?rev=357803=357802=357803=diff
==
--- cfe/trunk/cmake/modules/ProtobufMutator.cmake (original)
+++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Fri Apr  5 12:47:17 2019
@@ -1,3 +1,4 @@
+include(ExternalProject)
 set(PBM_PREFIX protobuf_mutator)
 set(PBM_PATH ${CMAKE_CURRENT_BINARY_DIR}/${PBM_PREFIX}/src/${PBM_PREFIX})
 set(PBM_LIB_PATH ${PBM_PATH}-build/src/libprotobuf-mutator.a)


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Re: r350891 - Correct the source range returned from preprocessor callbacks.

[Matt Morehouse via cfe-commits]

This revision has broken
http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux/builds/18904.

Please take a look.

On Thu, Jan 10, 2019 at 3:18 PM Nico Weber via cfe-commits <
cfe-commits@lists.llvm.org> wrote:

> ../../clang/lib/Lex/PPExpressions.cpp:852:43: warning: missing field
> 'ExprRange' initializer [-Wmissing-field-initializers]
> return {false, DT.IncludedUndefinedIds};
>   ^
>
> On Thu, Jan 10, 2019 at 4:26 PM Aaron Ballman via cfe-commits <
> cfe-commits@lists.llvm.org> wrote:
>
>> Author: aaronballman
>> Date: Thu Jan 10 13:22:13 2019
>> New Revision: 350891
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=350891=rev
>> Log:
>> Correct the source range returned from preprocessor callbacks.
>>
>> This adjusts the source range passed in to the preprocessor callbacks to
>> only include the condition range itself, rather than all of the
>> conditionally skipped tokens.
>>
>> Modified:
>> cfe/trunk/include/clang/Lex/Preprocessor.h
>> cfe/trunk/lib/Lex/PPDirectives.cpp
>> cfe/trunk/lib/Lex/PPExpressions.cpp
>> cfe/trunk/unittests/Lex/PPCallbacksTest.cpp
>>
>> Modified: cfe/trunk/include/clang/Lex/Preprocessor.h
>> URL:
>> http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Lex/Preprocessor.h?rev=350891=350890=350891=diff
>>
>> ==
>> --- cfe/trunk/include/clang/Lex/Preprocessor.h (original)
>> +++ cfe/trunk/include/clang/Lex/Preprocessor.h Thu Jan 10 13:22:13 2019
>> @@ -1816,8 +1816,8 @@ public:
>>void CheckEndOfDirective(const char *DirType, bool EnableMacros =
>> false);
>>
>>/// Read and discard all tokens remaining on the current line until
>> -  /// the tok::eod token is found.
>> -  void DiscardUntilEndOfDirective();
>> +  /// the tok::eod token is found. Returns the range of the skipped
>> tokens.
>> +  SourceRange DiscardUntilEndOfDirective();
>>
>>/// Returns true if the preprocessor has seen a use of
>>/// __DATE__ or __TIME__ in the file so far.
>> @@ -1982,6 +1982,9 @@ private:
>>
>>  /// True if the expression contained identifiers that were undefined.
>>  bool IncludedUndefinedIds;
>> +
>> +/// The source range for the expression.
>> +SourceRange ExprRange;
>>};
>>
>>/// Evaluate an integer constant expression that may occur after a
>>
>> Modified: cfe/trunk/lib/Lex/PPDirectives.cpp
>> URL:
>> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Lex/PPDirectives.cpp?rev=350891=350890=350891=diff
>>
>> ==
>> --- cfe/trunk/lib/Lex/PPDirectives.cpp (original)
>> +++ cfe/trunk/lib/Lex/PPDirectives.cpp Thu Jan 10 13:22:13 2019
>> @@ -79,12 +79,18 @@ Preprocessor::AllocateVisibilityMacroDir
>>
>>  /// Read and discard all tokens remaining on the current line until
>>  /// the tok::eod token is found.
>> -void Preprocessor::DiscardUntilEndOfDirective() {
>> +SourceRange Preprocessor::DiscardUntilEndOfDirective() {
>>Token Tmp;
>> -  do {
>> -LexUnexpandedToken(Tmp);
>> +  SourceRange Res;
>> +
>> +  LexUnexpandedToken(Tmp);
>> +  Res.setBegin(Tmp.getLocation());
>> +  while (Tmp.isNot(tok::eod)) {
>>  assert(Tmp.isNot(tok::eof) && "EOF seen while discarding directive
>> tokens");
>> -  } while (Tmp.isNot(tok::eod));
>> +LexUnexpandedToken(Tmp);
>> +  }
>> +  Res.setEnd(Tmp.getLocation());
>> +  return Res;
>>  }
>>
>>  /// Enumerates possible cases of #define/#undef a reserved identifier.
>> @@ -538,19 +544,19 @@ void Preprocessor::SkipExcludedCondition
>>  if (CondInfo.WasSkipping || CondInfo.FoundNonSkip) {
>>DiscardUntilEndOfDirective();
>>  } else {
>> -  const SourceLocation CondBegin =
>> CurPPLexer->getSourceLocation();
>>// Restore the value of LexingRawMode so that identifiers are
>>// looked up, etc, inside the #elif expression.
>>assert(CurPPLexer->LexingRawMode && "We have to be skipping
>> here!");
>>CurPPLexer->LexingRawMode = false;
>>IdentifierInfo *IfNDefMacro = nullptr;
>> -  const bool CondValue =
>> EvaluateDirectiveExpression(IfNDefMacro).Conditional;
>> +  DirectiveEvalResult DER =
>> EvaluateDirectiveExpression(IfNDefMacro);
>> +  const bool CondValue = DER.Conditional;
>>CurPPLexer->LexingRawMode = true;
>>if (Callbacks) {
>> -const SourceLocation CondEnd =
>> CurPPLexer->getSourceLocation();
>> -Callbacks->Elif(Tok.getLocation(),
>> -SourceRange(CondBegin, CondEnd),
>> -(CondValue ? PPCallbacks::CVK_True :
>> PPCallbacks::CVK_False), CondInfo.IfLoc);
>> +Callbacks->Elif(
>> +Tok.getLocation(), DER.ExprRange,
>> +(CondValue ? PPCallbacks::CVK_True :
>> PPCallbacks::CVK_False),
>> +CondInfo.IfLoc);
>>}
>>  

r341082 - [libFuzzer] Port to Windows

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Aug 30 08:54:44 2018
New Revision: 341082

URL: http://llvm.org/viewvc/llvm-project?rev=341082=rev
Log:
[libFuzzer] Port to Windows

Summary:
Port libFuzzer to windows-msvc.
This patch allows libFuzzer targets to be built and run on Windows, using 
-fsanitize=fuzzer and/or fsanitize=fuzzer-no-link. It allows these forms of 
coverage instrumentation to work on Windows as well.
It does not fix all issues, such as those with -fsanitize-coverage=stack-depth, 
which is not usable on Windows as of this patch.
It also does not fix any libFuzzer integration tests. Nearly all of them fail 
to compile, fixing them will come in a later patch, so libFuzzer tests are 
disabled on Windows until them.

Patch By: metzman

Reviewers: morehouse, rnk

Reviewed By: morehouse, rnk

Subscribers: #sanitizers, delcypher, morehouse, kcc, eraman

Differential Revision: https://reviews.llvm.org/D51022

Modified:
cfe/trunk/lib/Driver/ToolChains/MSVC.cpp

Modified: cfe/trunk/lib/Driver/ToolChains/MSVC.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/ToolChains/MSVC.cpp?rev=341082=341081=341082=diff
==
--- cfe/trunk/lib/Driver/ToolChains/MSVC.cpp (original)
+++ cfe/trunk/lib/Driver/ToolChains/MSVC.cpp Thu Aug 30 08:54:44 2018
@@ -365,6 +365,17 @@ void visualstudio::Linker::ConstructJob(
 CmdArgs.push_back(Args.MakeArgString(std::string("-implib:") + 
ImplibName));
   }
 
+  if (TC.getSanitizerArgs().needsFuzzer()) {
+if (!Args.hasArg(options::OPT_shared))
+  CmdArgs.push_back(
+  Args.MakeArgString(std::string("-wholearchive:") +
+ TC.getCompilerRTArgString(Args, "fuzzer", 
false)));
+CmdArgs.push_back(Args.MakeArgString("-debug"));
+// Prevent the linker from padding sections we use for instrumentation
+// arrays.
+CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
+  }
+
   if (TC.getSanitizerArgs().needsAsanRt()) {
 CmdArgs.push_back(Args.MakeArgString("-debug"));
 CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
@@ -1298,6 +1309,8 @@ MSVCToolChain::ComputeEffectiveClangTrip
 SanitizerMask MSVCToolChain::getSupportedSanitizers() const {
   SanitizerMask Res = ToolChain::getSupportedSanitizers();
   Res |= SanitizerKind::Address;
+  Res |= SanitizerKind::Fuzzer;
+  Res |= SanitizerKind::FuzzerNoLink;
   Res &= ~SanitizerKind::CFIMFCall;
   return Res;
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r340954 - Revert "[libFuzzer] Port to Windows"

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Aug 29 11:40:41 2018
New Revision: 340954

URL: http://llvm.org/viewvc/llvm-project?rev=340954=rev
Log:
Revert "[libFuzzer] Port to Windows"

This reverts r340949 due to bot breakage again.

Modified:
cfe/trunk/lib/Driver/ToolChains/MSVC.cpp

Modified: cfe/trunk/lib/Driver/ToolChains/MSVC.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/ToolChains/MSVC.cpp?rev=340954=340953=340954=diff
==
--- cfe/trunk/lib/Driver/ToolChains/MSVC.cpp (original)
+++ cfe/trunk/lib/Driver/ToolChains/MSVC.cpp Wed Aug 29 11:40:41 2018
@@ -365,17 +365,6 @@ void visualstudio::Linker::ConstructJob(
 CmdArgs.push_back(Args.MakeArgString(std::string("-implib:") + 
ImplibName));
   }
 
-  if (TC.getSanitizerArgs().needsFuzzer()) {
-if (!Args.hasArg(options::OPT_shared))
-  CmdArgs.push_back(
-  Args.MakeArgString(std::string("-wholearchive:") +
- TC.getCompilerRTArgString(Args, "fuzzer", 
false)));
-CmdArgs.push_back(Args.MakeArgString("-debug"));
-// Prevent the linker from padding sections we use for instrumentation
-// arrays.
-CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
-  }
-
   if (TC.getSanitizerArgs().needsAsanRt()) {
 CmdArgs.push_back(Args.MakeArgString("-debug"));
 CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
@@ -1309,8 +1298,6 @@ MSVCToolChain::ComputeEffectiveClangTrip
 SanitizerMask MSVCToolChain::getSupportedSanitizers() const {
   SanitizerMask Res = ToolChain::getSupportedSanitizers();
   Res |= SanitizerKind::Address;
-  Res |= SanitizerKind::Fuzzer;
-  Res |= SanitizerKind::FuzzerNoLink;
   Res &= ~SanitizerKind::CFIMFCall;
   return Res;
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r340949 - [libFuzzer] Port to Windows

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Aug 29 11:08:34 2018
New Revision: 340949

URL: http://llvm.org/viewvc/llvm-project?rev=340949=rev
Log:
[libFuzzer] Port to Windows

Summary:
Port libFuzzer to windows-msvc.
This patch allows libFuzzer targets to be built and run on Windows, using 
-fsanitize=fuzzer and/or fsanitize=fuzzer-no-link. It allows these forms of 
coverage instrumentation to work on Windows as well.
It does not fix all issues, such as those with -fsanitize-coverage=stack-depth, 
which is not usable on Windows as of this patch.
It also does not fix any libFuzzer integration tests. Nearly all of them fail 
to compile, fixing them will come in a later patch, so libFuzzer tests are 
disabled on Windows until them.

Reviewers: morehouse, rnk

Reviewed By: morehouse, rnk

Subscribers: #sanitizers, delcypher, morehouse, kcc, eraman

Differential Revision: https://reviews.llvm.org/D51022

Modified:
cfe/trunk/lib/Driver/ToolChains/MSVC.cpp

Modified: cfe/trunk/lib/Driver/ToolChains/MSVC.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/ToolChains/MSVC.cpp?rev=340949=340948=340949=diff
==
--- cfe/trunk/lib/Driver/ToolChains/MSVC.cpp (original)
+++ cfe/trunk/lib/Driver/ToolChains/MSVC.cpp Wed Aug 29 11:08:34 2018
@@ -365,6 +365,17 @@ void visualstudio::Linker::ConstructJob(
 CmdArgs.push_back(Args.MakeArgString(std::string("-implib:") + 
ImplibName));
   }
 
+  if (TC.getSanitizerArgs().needsFuzzer()) {
+if (!Args.hasArg(options::OPT_shared))
+  CmdArgs.push_back(
+  Args.MakeArgString(std::string("-wholearchive:") +
+ TC.getCompilerRTArgString(Args, "fuzzer", 
false)));
+CmdArgs.push_back(Args.MakeArgString("-debug"));
+// Prevent the linker from padding sections we use for instrumentation
+// arrays.
+CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
+  }
+
   if (TC.getSanitizerArgs().needsAsanRt()) {
 CmdArgs.push_back(Args.MakeArgString("-debug"));
 CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
@@ -1298,6 +1309,8 @@ MSVCToolChain::ComputeEffectiveClangTrip
 SanitizerMask MSVCToolChain::getSupportedSanitizers() const {
   SanitizerMask Res = ToolChain::getSupportedSanitizers();
   Res |= SanitizerKind::Address;
+  Res |= SanitizerKind::Fuzzer;
+  Res |= SanitizerKind::FuzzerNoLink;
   Res &= ~SanitizerKind::CFIMFCall;
   return Res;
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r340867 - Revert "[libFuzzer] Port to Windows"

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug 28 12:07:24 2018
New Revision: 340867

URL: http://llvm.org/viewvc/llvm-project?rev=340867=rev
Log:
Revert "[libFuzzer] Port to Windows"

This reverts commit r340860 due to failing tests.

Modified:
cfe/trunk/lib/Driver/ToolChains/MSVC.cpp

Modified: cfe/trunk/lib/Driver/ToolChains/MSVC.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/ToolChains/MSVC.cpp?rev=340867=340866=340867=diff
==
--- cfe/trunk/lib/Driver/ToolChains/MSVC.cpp (original)
+++ cfe/trunk/lib/Driver/ToolChains/MSVC.cpp Tue Aug 28 12:07:24 2018
@@ -365,17 +365,6 @@ void visualstudio::Linker::ConstructJob(
 CmdArgs.push_back(Args.MakeArgString(std::string("-implib:") + 
ImplibName));
   }
 
-  if (TC.getSanitizerArgs().needsFuzzer()) {
-if (!Args.hasArg(options::OPT_shared))
-  CmdArgs.push_back(
-  Args.MakeArgString(std::string("-wholearchive:") +
- TC.getCompilerRTArgString(Args, "fuzzer", 
false)));
-CmdArgs.push_back(Args.MakeArgString("-debug"));
-// Prevent the linker from padding sections we use for instrumentation
-// arrays.
-CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
-  }
-
   if (TC.getSanitizerArgs().needsAsanRt()) {
 CmdArgs.push_back(Args.MakeArgString("-debug"));
 CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
@@ -1309,8 +1298,6 @@ MSVCToolChain::ComputeEffectiveClangTrip
 SanitizerMask MSVCToolChain::getSupportedSanitizers() const {
   SanitizerMask Res = ToolChain::getSupportedSanitizers();
   Res |= SanitizerKind::Address;
-  Res |= SanitizerKind::Fuzzer;
-  Res |= SanitizerKind::FuzzerNoLink;
   Res &= ~SanitizerKind::CFIMFCall;
   return Res;
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r340860 - [libFuzzer] Port to Windows

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug 28 11:34:32 2018
New Revision: 340860

URL: http://llvm.org/viewvc/llvm-project?rev=340860=rev
Log:
[libFuzzer] Port to Windows

Summary:
Port libFuzzer to windows-msvc.
This patch allows libFuzzer targets to be built and run on Windows, using 
-fsanitize=fuzzer and/or fsanitize=fuzzer-no-link. It allows these forms of 
coverage instrumentation to work on Windows as well.
It does not fix all issues, such as those with -fsanitize-coverage=stack-depth, 
which is not usable on Windows as of this patch.
It also does not fix any libFuzzer integration tests. Nearly all of them fail 
to compile, fixing them will come in a later patch, so libFuzzer tests are 
disabled on Windows until them.

Patch By: metzman

Reviewers: morehouse, rnk

Reviewed By: morehouse, rnk

Subscribers: morehouse, kcc, eraman

Differential Revision: https://reviews.llvm.org/D51022

Modified:
cfe/trunk/lib/Driver/ToolChains/MSVC.cpp

Modified: cfe/trunk/lib/Driver/ToolChains/MSVC.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/ToolChains/MSVC.cpp?rev=340860=340859=340860=diff
==
--- cfe/trunk/lib/Driver/ToolChains/MSVC.cpp (original)
+++ cfe/trunk/lib/Driver/ToolChains/MSVC.cpp Tue Aug 28 11:34:32 2018
@@ -365,6 +365,17 @@ void visualstudio::Linker::ConstructJob(
 CmdArgs.push_back(Args.MakeArgString(std::string("-implib:") + 
ImplibName));
   }
 
+  if (TC.getSanitizerArgs().needsFuzzer()) {
+if (!Args.hasArg(options::OPT_shared))
+  CmdArgs.push_back(
+  Args.MakeArgString(std::string("-wholearchive:") +
+ TC.getCompilerRTArgString(Args, "fuzzer", 
false)));
+CmdArgs.push_back(Args.MakeArgString("-debug"));
+// Prevent the linker from padding sections we use for instrumentation
+// arrays.
+CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
+  }
+
   if (TC.getSanitizerArgs().needsAsanRt()) {
 CmdArgs.push_back(Args.MakeArgString("-debug"));
 CmdArgs.push_back(Args.MakeArgString("-incremental:no"));
@@ -1298,6 +1309,8 @@ MSVCToolChain::ComputeEffectiveClangTrip
 SanitizerMask MSVCToolChain::getSupportedSanitizers() const {
   SanitizerMask Res = ToolChain::getSupportedSanitizers();
   Res |= SanitizerKind::Address;
+  Res |= SanitizerKind::Fuzzer;
+  Res |= SanitizerKind::FuzzerNoLink;
   Res &= ~SanitizerKind::CFIMFCall;
   return Res;
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang-tools-extra] r338947 - [clangd] Fix fuzzer build.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Aug  3 18:51:10 2018
New Revision: 338947

URL: http://llvm.org/viewvc/llvm-project?rev=338947=rev
Log:
[clangd] Fix fuzzer build.

Modified:
clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp

Modified: clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp?rev=338947=338946=338947=diff
==
--- clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp (original)
+++ clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp Fri Aug  3 18:51:10 
2018
@@ -30,7 +30,8 @@ extern "C" int LLVMFuzzerTestOneInput(ui
   clang::clangd::ClangdServer::Options Opts;
 
   // Initialize and run ClangdLSPServer.
-  clang::clangd::ClangdLSPServer LSPServer(Out, CCOpts, llvm::None, Opts);
+  clang::clangd::ClangdLSPServer LSPServer(Out, CCOpts, llvm::None, false,
+   Opts);
   // fmemopen isn't portable, but I think we only run the fuzzer on Linux.
   LSPServer.run(fmemopen(data, size, "r"));
   return 0;


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r338946 - [clang-fuzzer] Remove unused typedef.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Aug  3 18:42:47 2018
New Revision: 338946

URL: http://llvm.org/viewvc/llvm-project?rev=338946=rev
Log:
[clang-fuzzer] Remove unused typedef.

Modified:
cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp

Modified: cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp?rev=338946=338945=338946=diff
==
--- cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp Fri Aug  3 
18:42:47 2018
@@ -160,7 +160,6 @@ static void CreateAndRunJITFunc(const st
   EE->finalizeObject();
   EE->runStaticConstructorsDestructors(false);
 
-  typedef void (*func)(int*, int*, int*, int);
 #if defined(__GNUC__) && !defined(__clang) &&  
\
 ((__GNUC__ == 4) && (__GNUC_MINOR__ < 9))
 // Silence
@@ -173,7 +172,7 @@ static void CreateAndRunJITFunc(const st
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wpedantic"
 #endif
-  LLVMFunc f = 
reinterpret_cast(EE->getPointerToFunction(EntryFunc)); 
+  LLVMFunc f = reinterpret_cast(EE->getPointerToFunction(EntryFunc));
 #if defined(__GNUC__) && !defined(__clang) &&  
\
 ((__GNUC__ == 4) && (__GNUC_MINOR__ < 9))
 #pragma GCC diagnostic pop


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r335762 - [UBSan] Add silence_unsigned_overflow flag.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Jun 27 11:24:46 2018
New Revision: 335762

URL: http://llvm.org/viewvc/llvm-project?rev=335762=rev
Log:
[UBSan] Add silence_unsigned_overflow flag.

Summary:
Setting UBSAN_OPTIONS=silence_unsigned_overflow=1 will silence all UIO
reports.  This feature, combined with
-fsanitize-recover=unsigned-integer-overflow, is useful for providing
fuzzing signal without the excessive log output.

Helps with https://github.com/google/oss-fuzz/issues/910.

Reviewers: kcc, vsk

Reviewed By: vsk

Subscribers: vsk, kubamracek, Dor1s, llvm-commits

Differential Revision: https://reviews.llvm.org/D48660

Modified:
cfe/trunk/docs/UndefinedBehaviorSanitizer.rst

Modified: cfe/trunk/docs/UndefinedBehaviorSanitizer.rst
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/UndefinedBehaviorSanitizer.rst?rev=335762=335761=335762=diff
==
--- cfe/trunk/docs/UndefinedBehaviorSanitizer.rst (original)
+++ cfe/trunk/docs/UndefinedBehaviorSanitizer.rst Wed Jun 27 11:24:46 2018
@@ -180,6 +180,13 @@ will need to:
``UBSAN_OPTIONS=print_stacktrace=1``.
 #. Make sure ``llvm-symbolizer`` binary is in ``PATH``.
 
+Silencing Unsigned Integer Overflow
+===
+To silence reports from unsigned integer overflow, you can set
+``UBSAN_OPTIONS=silence_unsigned_overflow=1``.  This feature, combined with
+``-fsanitize-recover=unsigned-integer-overflow``, is particularly useful for
+providing fuzzing signal without blowing up logs.
+
 Issue Suppression
 =
 


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[libcxx] r335507 - [CMake] Fix install-cxx target.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Mon Jun 25 11:01:51 2018
New Revision: 335507

URL: http://llvm.org/viewvc/llvm-project?rev=335507=rev
Log:
[CMake] Fix install-cxx target.

Was broken by r334477.

Modified:
libcxx/trunk/include/CMakeLists.txt

Modified: libcxx/trunk/include/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/libcxx/trunk/include/CMakeLists.txt?rev=335507=335506=335507=diff
==
--- libcxx/trunk/include/CMakeLists.txt (original)
+++ libcxx/trunk/include/CMakeLists.txt Mon Jun 25 11:01:51 2018
@@ -255,7 +255,7 @@ if (LIBCXX_INSTALL_HEADERS)
 
   if (NOT CMAKE_CONFIGURATION_TYPES)
 add_custom_target(install-cxx-headers
-  DEPENDS cxx-headers ${generated_config_deps}
+  DEPENDS cxx_headers ${generated_config_deps}
   COMMAND "${CMAKE_COMMAND}"
   -DCMAKE_INSTALL_COMPONENT=cxx-headers
   -P "${CMAKE_BINARY_DIR}/cmake_install.cmake")


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r334612 - [libclang] Make c-index-test.c ISO C90 compliant.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Jun 13 09:00:39 2018
New Revision: 334612

URL: http://llvm.org/viewvc/llvm-project?rev=334612=rev
Log:
[libclang] Make c-index-test.c ISO C90 compliant.

Fixes a build bot breakage caused by r334593.

Modified:
cfe/trunk/tools/c-index-test/c-index-test.c

Modified: cfe/trunk/tools/c-index-test/c-index-test.c
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/c-index-test/c-index-test.c?rev=334612=334611=334612=diff
==
--- cfe/trunk/tools/c-index-test/c-index-test.c (original)
+++ cfe/trunk/tools/c-index-test/c-index-test.c Wed Jun 13 09:00:39 2018
@@ -2304,6 +2304,7 @@ static void print_completion_result(CXTr
   CXString BriefComment;
   CXString Annotation;
   const char *BriefCommentCString;
+  unsigned i;
   
   fprintf(file, "%s:", clang_getCString(ks));
   clang_disposeString(ks);
@@ -2365,7 +2366,6 @@ static void print_completion_result(CXTr
   }
   clang_disposeString(BriefComment);
 
-  unsigned i;
   for (i = 0; i < clang_getCompletionNumFixIts(completion_results, index);
++i) {
 CXSourceRange correction_range;


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r334421 - [clang-fuzzer] Modified protobuf and converter to add new signature, remove conditionals.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Mon Jun 11 10:05:45 2018
New Revision: 334421

URL: http://llvm.org/viewvc/llvm-project?rev=334421=rev
Log:
[clang-fuzzer] Modified protobuf and converter to add new signature, remove 
conditionals.

Changed the function signature and removed conditionals from loop body.

Patch By:  emmettneyman

Differential Revision: https://reviews.llvm.org/D47964

Modified:
cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp

Modified: cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto?rev=334421=334420=334421=diff
==
--- cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto (original)
+++ cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto Mon Jun 11 10:05:45 2018
@@ -11,7 +11,7 @@
 ///  This file describes a subset of C++ as a protobuf. It is used to
 ///  more easily find interesting inputs for fuzzing Clang. This subset
 ///  differs from the one defined in cxx_proto.proto by eliminating while
-///  loops and Lvalues. The goal is that the C++ code generated will be
+///  loops and conditionals. The goal is that the C++ code generated will be
 ///  more likely to stress the LLVM loop vectorizer.
 ///
 
//===--===//
@@ -22,6 +22,16 @@ message Const {
   required int32 val = 1;
 }
 
+message VarRef {
+  // Add an enum for each array in function signature
+  enum Arr {
+ARR_A = 0;
+ARR_B = 1;
+ARR_C = 2;
+  };
+  required Arr arr = 1;
+}
+
 message BinaryOp {
   enum Op {
 PLUS = 0;
@@ -48,10 +58,12 @@ message Rvalue {
   oneof rvalue_oneof {
 Const cons = 1;
 BinaryOp binop = 2;
+VarRef varref = 3;
   }
 }
 
 message AssignmentStatement {
+  required VarRef varref = 1;
   required Rvalue rvalue = 2;
 }
 
@@ -62,10 +74,7 @@ message IfElse {
 }
 
 message Statement {
-  oneof stmt_oneof {
-AssignmentStatement assignment = 1;
-IfElse  ifelse = 2;
-  }
+  required AssignmentStatement assignment = 1;
 }
 
 message StatementSeq {

Modified: cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp?rev=334421=334420=334421=diff
==
--- cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp Mon Jun 11 
10:05:45 2018
@@ -36,11 +36,23 @@ std::ostream <<(std::ostream 
 std::ostream <<(std::ostream , const Const ) {
   return os << "(" << x.val() << ")";
 }
+std::ostream <<(std::ostream , const VarRef ) {
+  switch (x.arr()) {
+case VarRef::ARR_A:
+  return os << "a[i]";
+case VarRef::ARR_B:
+  return os << "b[i]";
+case VarRef::ARR_C:
+  return os << "c[i]";
+  }
+}
 std::ostream <<(std::ostream , const Rvalue ) {
   if (x.has_cons())
 return os << x.cons();
   if (x.has_binop())
 return os << x.binop();
+  if (x.has_varref())
+return os << x.varref();
   return os << "1";
 }
 std::ostream <<(std::ostream , const BinaryOp ) {
@@ -92,7 +104,7 @@ std::ostream <<(std::ostream 
   return os << x.right() << ")";
 }
 std::ostream <<(std::ostream , const AssignmentStatement ) {
-  return os << "a[i]=" << x.rvalue();
+  return os << x.varref() << "=" << x.rvalue() << ";\n";
 }
 std::ostream <<(std::ostream , const IfElse ) {
   return os << "if (" << x.cond() << "){\n"
@@ -100,11 +112,7 @@ std::ostream <<(std::ostream 
 << x.else_body() << "}\n";
 }
 std::ostream <<(std::ostream , const Statement ) {
-  if (x.has_assignment())
-return os << x.assignment() << ";\n";
-  if (x.has_ifelse())
-return os << x.ifelse();
-  return os << "(void)0;\n";
+  return os << x.assignment();
 }
 std::ostream <<(std::ostream , const StatementSeq ) {
   for (auto  : x.statements())
@@ -112,7 +120,7 @@ std::ostream <<(std::ostream 
   return os;
 }
 std::ostream <<(std::ostream , const LoopFunction ) {
-  return os << "void foo(int *a, size_t s) {\n"
+  return os << "void foo(int *a, int *b, int *__restrict__ c, size_t s) {\n"
 << "for (int i=0; ihttp://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r334252 - [clang-fuzzer] Made loop_proto more "vectorizable".

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Jun  7 17:33:35 2018
New Revision: 334252

URL: http://llvm.org/viewvc/llvm-project?rev=334252=rev
Log:
[clang-fuzzer] Made loop_proto more "vectorizable".

Edited loop_proto and its converter to make more "vectorizable" code
according to kcc's comment in D47666
  - Removed all while loops
  - Can only index into array with induction variable

Patch By: emmettneyman

Differential Revision: https://reviews.llvm.org/D47920

Modified:
cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp

Modified: cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto?rev=334252=334251=334252=diff
==
--- cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto (original)
+++ cfe/trunk/tools/clang-fuzzer/cxx_loop_proto.proto Thu Jun  7 17:33:35 2018
@@ -10,23 +10,14 @@
 /// \file
 ///  This file describes a subset of C++ as a protobuf. It is used to
 ///  more easily find interesting inputs for fuzzing Clang. This subset
-///  extends the one defined in cxx_proto.proto by adding the option that
-///  a VarRef can use the for loop's counter variable.
+///  differs from the one defined in cxx_proto.proto by eliminating while
+///  loops and Lvalues. The goal is that the C++ code generated will be
+///  more likely to stress the LLVM loop vectorizer.
 ///
 
//===--===//
 
-
 syntax = "proto2";
 
-message VarRef {
-  required int32 varnum = 1;
-  required bool is_loop_var = 2;
-}
-
-message Lvalue {
-  required VarRef varref = 1;
-}
-
 message Const {
   required int32 val = 1;
 }
@@ -55,34 +46,25 @@ message BinaryOp {
 
 message Rvalue {
   oneof rvalue_oneof {
-VarRef varref = 1;
-Const cons = 2;
-BinaryOp binop = 3;
+Const cons = 1;
+BinaryOp binop = 2;
   }
 }
 
 message AssignmentStatement {
-  required Lvalue lvalue = 1;
   required Rvalue rvalue = 2;
 }
 
-
 message IfElse {
   required Rvalue cond = 1;
   required StatementSeq if_body = 2;
   required StatementSeq else_body = 3;
 }
 
-message While {
-  required Rvalue cond = 1;
-  required StatementSeq body = 2;
-}
-
 message Statement {
   oneof stmt_oneof {
 AssignmentStatement assignment = 1;
 IfElse  ifelse = 2;
-While   while_loop = 3;
   }
 }
 

Modified: cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp?rev=334252=334251=334252=diff
==
--- cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp Thu Jun  7 
17:33:35 2018
@@ -7,10 +7,13 @@
 //
 
//===--===//
 //
-// Implements functions for converting between protobufs and C++. Extends
+// Implements functions for converting between protobufs and C++. Differs from
 // proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
 // loop. Also coutputs a different function signature that includes a
-// size_t parameter for the loop to use.
+// size_t parameter for the loop to use. The C++ code generated is meant to
+// stress the LLVM loop vectorizer.
+//
+// Still a work in progress.
 //
 
//===--===//
 
@@ -33,19 +36,7 @@ std::ostream <<(std::ostream 
 std::ostream <<(std::ostream , const Const ) {
   return os << "(" << x.val() << ")";
 }
-std::ostream <<(std::ostream , const VarRef ) {
-  if (x.is_loop_var()) {
-return os << "a[loop_ctr]";
-  } else {
-return os << "a[" << static_cast(x.varnum()) << " % s]";
-  }
-}
-std::ostream <<(std::ostream , const Lvalue ) {
-  return os << x.varref();
-}
 std::ostream <<(std::ostream , const Rvalue ) {
-  if (x.has_varref())
-return os << x.varref();
   if (x.has_cons())
 return os << x.cons();
   if (x.has_binop())
@@ -101,23 +92,18 @@ std::ostream <<(std::ostream 
   return os << x.right() << ")";
 }
 std::ostream <<(std::ostream , const AssignmentStatement ) {
-  return os << x.lvalue() << "=" << x.rvalue();
+  return os << "a[i]=" << x.rvalue();
 }
 std::ostream <<(std::ostream , const IfElse ) {
   return os << "if (" << x.cond() << "){\n"
 << x.if_body() << "} else { \n"
 << x.else_body() << "}\n";
 }
-std::ostream <<(std::ostream , const While ) {
-  return os << "while (" << x.cond() << "){\n" << x.body() << "}\n";
-}
 std::ostream <<(std::ostream , const Statement ) {
   if (x.has_assignment())
 return os << x.assignment() << ";\n";
   if (x.has_ifelse())
 return os << x.ifelse();
-  if (x.has_while_loop())
-return os 

r333969 - [clang-proto-fuzzer] Refactored LLVMFuzzerInitialize into its own file.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Mon Jun  4 17:11:41 2018
New Revision: 333969

URL: http://llvm.org/viewvc/llvm-project?rev=333969=rev
Log:
[clang-proto-fuzzer] Refactored LLVMFuzzerInitialize into its own file.

Copied and renamed some files in preparation for new loop-proto-fuzzer.

Patch By: emmettneyman

Differential Revision: https://reviews.llvm.org/D47666

Added:
cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/
cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=333969=333968=333969=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Mon Jun  4 17:11:41 2018
@@ -40,6 +40,9 @@ if(CLANG_ENABLE_PROTO_FUZZER)
   # Build the protobuf->C++ translation library and driver.
   add_clang_subdirectory(proto-to-cxx)
 
+  # Build the fuzzer initialization library.
+  add_clang_subdirectory(fuzzer-initialize)
+
   # Build the protobuf fuzzer
   add_clang_executable(clang-proto-fuzzer
 ${DUMMY_MAIN}
@@ -52,6 +55,7 @@ if(CLANG_ENABLE_PROTO_FUZZER)
 ${PROTOBUF_LIBRARIES}
 ${LLVM_LIB_FUZZING_ENGINE}
 clangCXXProto
+clangFuzzerInitialize
 clangHandleCXX
 clangProtoToCXX
 )

Modified: cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp?rev=333969=333968=333969=diff
==
--- cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp Mon Jun  4 
17:11:41 2018
@@ -17,28 +17,12 @@
 #include "cxx_proto.pb.h"
 #include "handle-cxx/handle_cxx.h"
 #include "proto-to-cxx/proto_to_cxx.h"
-
+#include "fuzzer-initialize/fuzzer_initialize.h"
 #include "src/libfuzzer/libfuzzer_macro.h"
 
-#include 
-
 using namespace clang_fuzzer;
 
-static std::vector CLArgs;
-
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
-  CLArgs.push_back("-O2");
-  for (int I = 1; I < *argc; I++) {
-if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
-  for (I++; I < *argc; I++)
-CLArgs.push_back((*argv)[I]);
-  break;
-}
-  }
-  return 0;
-}
-
 DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
   auto S = FunctionToString(input);
-  HandleCXX(S, CLArgs);
+  HandleCXX(S, GetCLArgs());
 }

Added: cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt?rev=333969=auto
==
--- cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt (added)
+++ cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt Mon Jun  4 
17:11:41 2018
@@ -0,0 +1,3 @@
+set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} Support)
+
+add_clang_library(clangFuzzerInitialize fuzzer_initialize.cpp)

Added: cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp?rev=333969=auto
==
--- cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp (added)
+++ cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp Mon 
Jun  4 17:11:41 2018
@@ -0,0 +1,43 @@
+//===-- fuzzer_initialize.cpp - Fuzz Clang 
===//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+///
+/// \file
+/// This file implements two functions: one that returns the command line
+/// arguments for a given call to the fuzz target and one that initializes
+/// the fuzzer with the correct command line arguments.
+///
+//===--===//
+
+#include "fuzzer_initialize.h"
+#include 
+
+using namespace clang_fuzzer;
+
+
+namespace clang_fuzzer {
+
+static std::vector CLArgs;
+
+const std::vector& GetCLArgs() {
+  return CLArgs;
+}
+
+}
+
+extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
+  CLArgs.push_back("-O2");
+  for (int I = 1; I < *argc; I++) {
+if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
+  for (I++; I < *argc; 

r328384 - [libFuzzer] Use OptForFuzzing attribute with -fsanitize=fuzzer.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Mar 23 16:35:28 2018
New Revision: 328384

URL: http://llvm.org/viewvc/llvm-project?rev=328384=rev
Log:
[libFuzzer] Use OptForFuzzing attribute with -fsanitize=fuzzer.

Summary:
Disables certain CMP optimizations to improve fuzzing signal under -O1
and -O2.

Switches all fuzzer tests to -O2 except for a few leak tests where the
leak is optimized out under -O2.

Reviewers: kcc, vitalybuka

Reviewed By: vitalybuka

Subscribers: cfe-commits, llvm-commits

Differential Revision: https://reviews.llvm.org/D44798

Modified:
cfe/trunk/lib/CodeGen/CodeGenFunction.cpp

Modified: cfe/trunk/lib/CodeGen/CodeGenFunction.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CodeGenFunction.cpp?rev=328384=328383=328384=diff
==
--- cfe/trunk/lib/CodeGen/CodeGenFunction.cpp (original)
+++ cfe/trunk/lib/CodeGen/CodeGenFunction.cpp Fri Mar 23 16:35:28 2018
@@ -862,6 +862,10 @@ void CodeGenFunction::StartFunction(Glob
   if (SanOpts.has(SanitizerKind::SafeStack))
 Fn->addFnAttr(llvm::Attribute::SafeStack);
 
+  // Apply fuzzing attribute to the function.
+  if (SanOpts.hasOneOf(SanitizerKind::Fuzzer | SanitizerKind::FuzzerNoLink))
+Fn->addFnAttr(llvm::Attribute::OptForFuzzing);
+
   // Ignore TSan memory acesses from within ObjC/ObjC++ dealloc, initialize,
   // .cxx_destruct, __destroy_helper_block_ and all of their calees at run 
time.
   if (SanOpts.has(SanitizerKind::Thread)) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang-tools-extra] r327184 - [clangd-fuzzer] Update ClangdLSPServer constructor call.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Mar  9 15:02:22 2018
New Revision: 327184

URL: http://llvm.org/viewvc/llvm-project?rev=327184=rev
Log:
[clangd-fuzzer] Update ClangdLSPServer constructor call.

Build was broken by r326719.

Modified:
clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp

Modified: clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp?rev=327184=327183=327184=diff
==
--- clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp (original)
+++ clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp Fri Mar  9 15:02:22 
2018
@@ -14,6 +14,7 @@
 
//===--===//
 
 #include "ClangdLSPServer.h"
+#include "ClangdServer.h"
 #include "CodeComplete.h"
 #include 
 
@@ -21,12 +22,10 @@ extern "C" int LLVMFuzzerTestOneInput(ui
   clang::clangd::JSONOutput Out(llvm::nulls(), llvm::nulls(), nullptr);
   clang::clangd::CodeCompleteOptions CCOpts;
   CCOpts.EnableSnippets = false;
+  clang::clangd::ClangdServer::Options Opts;
 
   // Initialize and run ClangdLSPServer.
-  clang::clangd::ClangdLSPServer LSPServer(
-  Out, clang::clangd::getDefaultAsyncThreadsCount(),
-  /*StorePreamblesInMemory=*/false, CCOpts, llvm::None, llvm::None,
-  /*BuildDynamicSymbolIndex=*/false);
+  clang::clangd::ClangdLSPServer LSPServer(Out, CCOpts, llvm::None, Opts);
 
   std::istringstream In(std::string(reinterpret_cast(data), size));
   LSPServer.run(In);


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r324132 - [clang-proto-to-cxx] Accept protobufs with missing fields.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Feb  2 12:22:20 2018
New Revision: 324132

URL: http://llvm.org/viewvc/llvm-project?rev=324132=rev
Log:
[clang-proto-to-cxx] Accept protobufs with missing fields.

libprotobuf-mutator accepts protobufs with missing fields, which means
clang-proto-fuzzer does as well.  clang-proto-to-cxx should match this
behavior.

Modified:
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp

Modified: cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp?rev=324132=324131=324132=diff
==
--- cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp Fri Feb  2 
12:22:20 2018
@@ -94,7 +94,7 @@ std::string FunctionToString(const Funct
 }
 std::string ProtoToCxx(const uint8_t *data, size_t size) {
   Function message;
-  if (!message.ParseFromArray(data, size))
+  if (!message.ParsePartialFromArray(data, size))
 return "#error invalid proto\n";
   return FunctionToString(message);
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r322221 - [MSan] Enable use-after-dtor instrumentation by default.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Jan 10 12:27:48 2018
New Revision: 31

URL: http://llvm.org/viewvc/llvm-project?rev=31=rev
Log:
[MSan] Enable use-after-dtor instrumentation by default.

Summary:
Enable the compile-time flag -fsanitize-memory-use-after-dtor by
default. Note that the run-time option MSAN_OPTIONS=poison_in_dtor=1
still needs to be enabled for destructors to be poisoned.

Reviewers: eugenis, vitalybuka, kcc

Reviewed By: eugenis, vitalybuka

Subscribers: cfe-commits, llvm-commits

Differential Revision: https://reviews.llvm.org/D37860

Modified:
cfe/trunk/include/clang/Driver/SanitizerArgs.h
cfe/trunk/test/CodeGenCXX/sanitize-no-dtor-callback.cpp
cfe/trunk/test/Driver/fsanitize.c

Modified: cfe/trunk/include/clang/Driver/SanitizerArgs.h
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Driver/SanitizerArgs.h?rev=31=30=31=diff
==
--- cfe/trunk/include/clang/Driver/SanitizerArgs.h (original)
+++ cfe/trunk/include/clang/Driver/SanitizerArgs.h Wed Jan 10 12:27:48 2018
@@ -30,7 +30,7 @@ class SanitizerArgs {
   std::vector ExtraDeps;
   int CoverageFeatures = 0;
   int MsanTrackOrigins = 0;
-  bool MsanUseAfterDtor = false;
+  bool MsanUseAfterDtor = true;
   bool CfiCrossDso = false;
   bool CfiICallGeneralizePointers = false;
   int AsanFieldPadding = 0;

Modified: cfe/trunk/test/CodeGenCXX/sanitize-no-dtor-callback.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGenCXX/sanitize-no-dtor-callback.cpp?rev=31=30=31=diff
==
--- cfe/trunk/test/CodeGenCXX/sanitize-no-dtor-callback.cpp (original)
+++ cfe/trunk/test/CodeGenCXX/sanitize-no-dtor-callback.cpp Wed Jan 10 12:27:48 
2018
@@ -1,8 +1,9 @@
-// Test without the flag -fsanitize-memory-use-after-dtor, to ensure that
+// Test with the flag -fno-sanitize-memory-use-after-dtor, to ensure that
 // instrumentation is not erroneously inserted
-// RUN: %clang_cc1 -fsanitize=memory -triple=x86_64-pc-linux -emit-llvm -o - 
%s | FileCheck %s
+// RUN: %clang_cc1 -fsanitize=memory -fno-sanitize-memory-use-after-dtor 
-triple=x86_64-pc-linux -emit-llvm -o - %s | FileCheck %s
 
 struct Simple {
+  int x;
   ~Simple() {}
 };
 Simple s;
@@ -10,6 +11,7 @@ Simple s;
 // CHECK-NOT: call void @__sanitizer_dtor_callback
 
 struct Inlined {
+  int x;
   inline ~Inlined() {}
 };
 Inlined i;

Modified: cfe/trunk/test/Driver/fsanitize.c
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Driver/fsanitize.c?rev=31=30=31=diff
==
--- cfe/trunk/test/Driver/fsanitize.c (original)
+++ cfe/trunk/test/Driver/fsanitize.c Wed Jan 10 12:27:48 2018
@@ -184,11 +184,11 @@
 
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fsanitize-memory-use-after-dtor %s -### 2>&1 | FileCheck %s 
--check-prefix=CHECK-USE-AFTER-DTOR
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fno-sanitize-memory-use-after-dtor -fsanitize-memory-use-after-dtor %s -### 
2>&1 | FileCheck %s --check-prefix=CHECK-USE-AFTER-DTOR
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=memory %s -### 2>&1 | 
FileCheck %s --check-prefix=CHECK-USE-AFTER-DTOR
 // CHECK-USE-AFTER-DTOR: -cc1{{.*}}-fsanitize-memory-use-after-dtor
 
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fno-sanitize-memory-use-after-dtor %s -### 2>&1 | FileCheck %s 
--check-prefix=CHECK-USE-AFTER-DTOR-OFF
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fsanitize-memory-use-after-dtor -fno-sanitize-memory-use-after-dtor %s -### 
2>&1 | FileCheck %s --check-prefix=CHECK-USE-AFTER-DTOR-OFF
-// RUN: %clang -target x86_64-linux-gnu -fsanitize=memory %s -### 2>&1 | 
FileCheck %s --check-prefix=CHECK-USE-AFTER-DTOR-OFF
 // CHECK-USE-AFTER-DTOR-OFF-NOT: -cc1{{.*}}memory-use-after-dtor
 
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=address 
-fsanitize-address-field-padding=0 %s -### 2>&1 | FileCheck %s 
--check-prefix=CHECK-ASAN-FIELD-PADDING-0


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang-tools-extra] r321226 - [clangd-fuzzer] Update ClangdLSPServer constructor call.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Dec 20 14:29:23 2017
New Revision: 321226

URL: http://llvm.org/viewvc/llvm-project?rev=321226=rev
Log:
[clangd-fuzzer] Update ClangdLSPServer constructor call.

Build was broken by r321092.

Modified:
clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp

Modified: clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp?rev=321226=321225=321226=diff
==
--- clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp (original)
+++ clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp Wed Dec 20 14:29:23 
2017
@@ -25,7 +25,8 @@ extern "C" int LLVMFuzzerTestOneInput(ui
   // Initialize and run ClangdLSPServer.
   clang::clangd::ClangdLSPServer LSPServer(
   Out, clang::clangd::getDefaultAsyncThreadsCount(),
-  /*StorePreamblesInMemory=*/false, CCOpts, llvm::None, llvm::None);
+  /*StorePreamblesInMemory=*/false, CCOpts, llvm::None, llvm::None,
+  /*BuildDynamicSymbolIndex=*/false);
 
   std::istringstream In(std::string(reinterpret_cast(data), size));
   LSPServer.run(In);


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang-tools-extra] r320074 - [clangd-fuzzer] Update contruction of LSPServer.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Dec  7 11:04:27 2017
New Revision: 320074

URL: http://llvm.org/viewvc/llvm-project?rev=320074=rev
Log:
[clangd-fuzzer] Update contruction of LSPServer.

The constructor for ClangdLSPServer changed in r318412 and r318925,
breaking the clangd-fuzzer build.

Modified:
clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp

Modified: clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp?rev=320074=320073=320074=diff
==
--- clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp (original)
+++ clang-tools-extra/trunk/clangd/fuzzer/ClangdFuzzer.cpp Thu Dec  7 11:04:27 
2017
@@ -13,16 +13,19 @@
 ///
 
//===--===//
 
+#include "CodeComplete.h"
 #include "ClangdLSPServer.h"
 #include 
 
 extern "C" int LLVMFuzzerTestOneInput(uint8_t *data, size_t size) {
   clang::clangd::JSONOutput Out(llvm::nulls(), llvm::nulls(), nullptr);
+  clang::clangd::CodeCompleteOptions CCOpts;
+  CCOpts.EnableSnippets = false;
 
   // Initialize and run ClangdLSPServer.
   clang::clangd::ClangdLSPServer LSPServer(
   Out, clang::clangd::getDefaultAsyncThreadsCount(),
-  /*EnableSnippets=*/false, llvm::None, llvm::None);
+  /*StorePreamblesInMemory=*/false, CCOpts, llvm::None, llvm::None);
 
   std::istringstream In(std::string(reinterpret_cast(data), size));
   LSPServer.run(In);


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r319948 - [CMake] Use PRIVATE in target_link_libraries for fuzzers.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Dec  6 11:52:40 2017
New Revision: 319948

URL: http://llvm.org/viewvc/llvm-project?rev=319948=rev
Log:
[CMake] Use PRIVATE in target_link_libraries for fuzzers.

Several fuzzers were missed by r319840.

Modified:
cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt

Modified: cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt?rev=319948=319947=319948=diff
==
--- cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt Wed Dec  6 11:52:40 2017
@@ -10,6 +10,7 @@ add_clang_executable(clang-format-fuzzer
   )
 
 target_link_libraries(clang-format-fuzzer
+  PRIVATE
   ${CLANG_FORMAT_LIB_DEPS}
   ${LLVM_LIB_FUZZING_ENGINE}
   )

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=319948=319947=319948=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Wed Dec  6 11:52:40 2017
@@ -48,6 +48,7 @@ if(CLANG_ENABLE_PROTO_FUZZER)
 )
 
   target_link_libraries(clang-proto-fuzzer
+PRIVATE
 ${ProtobufMutator_LIBRARIES}
 ${PROTOBUF_LIBRARIES}
 ${LLVM_LIB_FUZZING_ENGINE}

Modified: cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt?rev=319948=319947=319948=diff
==
--- cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt Wed Dec  6 
11:52:40 2017
@@ -11,4 +11,4 @@ add_clang_library(clangProtoToCXX proto_
   )
 
 add_clang_executable(clang-proto-to-cxx proto_to_cxx_main.cpp)
-target_link_libraries(clang-proto-to-cxx clangProtoToCXX)
+target_link_libraries(clang-proto-to-cxx PRIVATE clangProtoToCXX)


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang-tools-extra] r319948 - [CMake] Use PRIVATE in target_link_libraries for fuzzers.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Dec  6 11:52:40 2017
New Revision: 319948

URL: http://llvm.org/viewvc/llvm-project?rev=319948=rev
Log:
[CMake] Use PRIVATE in target_link_libraries for fuzzers.

Several fuzzers were missed by r319840.

Modified:
clang-tools-extra/trunk/clangd/fuzzer/CMakeLists.txt

Modified: clang-tools-extra/trunk/clangd/fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clangd/fuzzer/CMakeLists.txt?rev=319948=319947=319948=diff
==
--- clang-tools-extra/trunk/clangd/fuzzer/CMakeLists.txt (original)
+++ clang-tools-extra/trunk/clangd/fuzzer/CMakeLists.txt Wed Dec  6 11:52:40 
2017
@@ -12,6 +12,7 @@ add_clang_executable(clangd-fuzzer
   )
 
 target_link_libraries(clangd-fuzzer
+  PRIVATE
   clangBasic
   clangDaemon
   clangFormat


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r316103 - [clang-proto-fuzzer] Use ToT protobuf-mutator.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Oct 18 11:38:04 2017
New Revision: 316103

URL: http://llvm.org/viewvc/llvm-project?rev=316103=rev
Log:
[clang-proto-fuzzer] Use ToT protobuf-mutator.

Modified:
cfe/trunk/cmake/modules/ProtobufMutator.cmake

Modified: cfe/trunk/cmake/modules/ProtobufMutator.cmake
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/modules/ProtobufMutator.cmake?rev=316103=316102=316103=diff
==
--- cfe/trunk/cmake/modules/ProtobufMutator.cmake (original)
+++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Wed Oct 18 11:38:04 2017
@@ -6,7 +6,7 @@ set(PBM_FUZZ_LIB_PATH ${PBM_PATH}/src/li
 ExternalProject_Add(${PBM_PREFIX}
   PREFIX ${PBM_PREFIX}
   GIT_REPOSITORY https://github.com/google/libprotobuf-mutator.git
-  GIT_TAG e4eae60
+  GIT_TAG master
   CONFIGURE_COMMAND ${CMAKE_COMMAND} -G${CMAKE_GENERATOR}
 -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
 -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315630 - [cmake] Rename LIB_FUZZING_ENGINE to LLVM_LIB_FUZZING_ENGINE.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Oct 12 15:00:09 2017
New Revision: 315630

URL: http://llvm.org/viewvc/llvm-project?rev=315630=rev
Log:
[cmake] Rename LIB_FUZZING_ENGINE to LLVM_LIB_FUZZING_ENGINE.

Modified:
cfe/trunk/tools/clang-format/CMakeLists.txt
cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt

Modified: cfe/trunk/tools/clang-format/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-format/CMakeLists.txt?rev=315630=315629=315630=diff
==
--- cfe/trunk/tools/clang-format/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-format/CMakeLists.txt Thu Oct 12 15:00:09 2017
@@ -15,7 +15,7 @@ target_link_libraries(clang-format
   ${CLANG_FORMAT_LIB_DEPS}
   )
 
-if( LIB_FUZZING_ENGINE OR LLVM_USE_SANITIZE_COVERAGE )
+if( LLVM_LIB_FUZZING_ENGINE OR LLVM_USE_SANITIZE_COVERAGE )
   add_subdirectory(fuzzer)
 endif()
 

Modified: cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt?rev=315630=315629=315630=diff
==
--- cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt Thu Oct 12 15:00:09 2017
@@ -11,5 +11,5 @@ add_clang_executable(clang-format-fuzzer
 
 target_link_libraries(clang-format-fuzzer
   ${CLANG_FORMAT_LIB_DEPS}
-  ${LIB_FUZZING_ENGINE}
+  ${LLVM_LIB_FUZZING_ENGINE}
   )

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=315630=315629=315630=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Thu Oct 12 15:00:09 2017
@@ -1,7 +1,7 @@
 set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} FuzzMutate)
 set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
 set(DUMMY_MAIN DummyClangFuzzer.cpp)
-if(DEFINED LIB_FUZZING_ENGINE)
+if(LLVM_LIB_FUZZING_ENGINE)
   unset(DUMMY_MAIN)
 elseif(LLVM_USE_SANITIZE_COVERAGE)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
@@ -50,7 +50,7 @@ if(CLANG_ENABLE_PROTO_FUZZER)
   target_link_libraries(clang-proto-fuzzer
 ${ProtobufMutator_LIBRARIES}
 ${PROTOBUF_LIBRARIES}
-${LIB_FUZZING_ENGINE}
+${LLVM_LIB_FUZZING_ENGINE}
 clangCXXProto
 clangHandleCXX
 clangProtoToCXX
@@ -66,6 +66,6 @@ add_clang_executable(clang-fuzzer
   )
 
 target_link_libraries(clang-fuzzer
-  ${LIB_FUZZING_ENGINE}
+  ${LLVM_LIB_FUZZING_ENGINE}
   clangHandleCXX
   )


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315603 - [clang-format] Allow building fuzzer with OSS-Fuzz flags.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Oct 12 11:39:10 2017
New Revision: 315603

URL: http://llvm.org/viewvc/llvm-project?rev=315603=rev
Log:
[clang-format] Allow building fuzzer with OSS-Fuzz flags.

Reviewers: kcc, bogner

Reviewed By: kcc

Subscribers: cfe-commits, mgorny

Differential Revision: https://reviews.llvm.org/D38853

Modified:
cfe/trunk/tools/clang-format/CMakeLists.txt
cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt

Modified: cfe/trunk/tools/clang-format/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-format/CMakeLists.txt?rev=315603=315602=315603=diff
==
--- cfe/trunk/tools/clang-format/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-format/CMakeLists.txt Thu Oct 12 11:39:10 2017
@@ -15,7 +15,7 @@ target_link_libraries(clang-format
   ${CLANG_FORMAT_LIB_DEPS}
   )
 
-if( LLVM_USE_SANITIZE_COVERAGE )
+if( LIB_FUZZING_ENGINE OR LLVM_USE_SANITIZE_COVERAGE )
   add_subdirectory(fuzzer)
 endif()
 

Modified: cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt?rev=315603=315602=315603=diff
==
--- cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-format/fuzzer/CMakeLists.txt Thu Oct 12 11:39:10 2017
@@ -1,6 +1,8 @@
 set(LLVM_LINK_COMPONENTS support)
 
-set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
+if(LLVM_USE_SANITIZE_COVERAGE)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
+endif()
 
 add_clang_executable(clang-format-fuzzer
   EXCLUDE_FROM_ALL
@@ -8,4 +10,6 @@ add_clang_executable(clang-format-fuzzer
   )
 
 target_link_libraries(clang-format-fuzzer
-  ${CLANG_FORMAT_LIB_DEPS})
+  ${CLANG_FORMAT_LIB_DEPS}
+  ${LIB_FUZZING_ENGINE}
+  )


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315506 - [clang-fuzzer] Build with newer protobuf-mutator.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Oct 11 13:45:10 2017
New Revision: 315506

URL: http://llvm.org/viewvc/llvm-project?rev=315506=rev
Log:
[clang-fuzzer] Build with newer protobuf-mutator.

Modified:
cfe/trunk/cmake/modules/ProtobufMutator.cmake

Modified: cfe/trunk/cmake/modules/ProtobufMutator.cmake
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/modules/ProtobufMutator.cmake?rev=315506=315505=315506=diff
==
--- cfe/trunk/cmake/modules/ProtobufMutator.cmake (original)
+++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Wed Oct 11 13:45:10 2017
@@ -6,7 +6,7 @@ set(PBM_FUZZ_LIB_PATH ${PBM_PATH}/src/li
 ExternalProject_Add(${PBM_PREFIX}
   PREFIX ${PBM_PREFIX}
   GIT_REPOSITORY https://github.com/google/libprotobuf-mutator.git
-  GIT_TAG 17789d1
+  GIT_TAG e4eae60
   CONFIGURE_COMMAND ${CMAKE_COMMAND} -G${CMAKE_GENERATOR}
 -DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
 -DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315486 - [clang-fuzzer] Allow linking with any fuzzing engine.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Oct 11 11:29:24 2017
New Revision: 315486

URL: http://llvm.org/viewvc/llvm-project?rev=315486=rev
Log:
[clang-fuzzer] Allow linking with any fuzzing engine.

Summary:
Makes clang-[proto-]fuzzer compatible with flags specified by OSS-Fuzz.

https://llvm.org/pr34314

Reviewers: vitalybuka, kcc

Reviewed By: kcc

Subscribers: cfe-commits, mgorny

Differential Revision: https://reviews.llvm.org/D38812

Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=315486=315485=315486=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Wed Oct 11 11:29:24 2017
@@ -1,7 +1,9 @@
 set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} FuzzMutate)
 set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
 set(DUMMY_MAIN DummyClangFuzzer.cpp)
-if(LLVM_USE_SANITIZE_COVERAGE)
+if(DEFINED LIB_FUZZING_ENGINE)
+  unset(DUMMY_MAIN)
+elseif(LLVM_USE_SANITIZE_COVERAGE)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
   set(CXX_FLAGS_NOFUZZ "${CXX_FLAGS_NOFUZZ} -fsanitize=fuzzer-no-link")
   unset(DUMMY_MAIN)
@@ -48,6 +50,7 @@ if(CLANG_ENABLE_PROTO_FUZZER)
   target_link_libraries(clang-proto-fuzzer
 ${ProtobufMutator_LIBRARIES}
 ${PROTOBUF_LIBRARIES}
+${LIB_FUZZING_ENGINE}
 clangCXXProto
 clangHandleCXX
 clangProtoToCXX
@@ -63,5 +66,6 @@ add_clang_executable(clang-fuzzer
   )
 
 target_link_libraries(clang-fuzzer
+  ${LIB_FUZZING_ENGINE}
   clangHandleCXX
   )


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315465 - Reland "[clang-fuzzer] Allow building without coverage instrumentation."

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Oct 11 08:51:12 2017
New Revision: 315465

URL: http://llvm.org/viewvc/llvm-project?rev=315465=rev
Log:
Reland "[clang-fuzzer] Allow building without coverage instrumentation."

This relands r315336 after fixing bot breakage.

Added:
cfe/trunk/tools/clang-fuzzer/DummyClangFuzzer.cpp
Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=315465=315464=315465=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Wed Oct 11 08:51:12 2017
@@ -1,61 +1,67 @@
-if( LLVM_USE_SANITIZE_COVERAGE )
-  set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD})
-  set(CXX_FLAGS_NOFUZZ "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer-no-link")
+set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} FuzzMutate)
+set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
+set(DUMMY_MAIN DummyClangFuzzer.cpp)
+if(LLVM_USE_SANITIZE_COVERAGE)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
+  set(CXX_FLAGS_NOFUZZ "${CXX_FLAGS_NOFUZZ} -fsanitize=fuzzer-no-link")
+  unset(DUMMY_MAIN)
+endif()
+
+# Hack to bypass LLVM's cmake sources check and allow multiple libraries and
+# executables from this directory.
+set(LLVM_OPTIONAL_SOURCES
+  ClangFuzzer.cpp
+  DummyClangFuzzer.cpp
+  ExampleClangProtoFuzzer.cpp
+  )
+
+if(CLANG_ENABLE_PROTO_FUZZER)
+  # Create protobuf .h and .cc files, and put them in a library for use by
+  # clang-proto-fuzzer components.
+  find_package(Protobuf REQUIRED)
+  add_definitions(-DGOOGLE_PROTOBUF_NO_RTTI)
+  include_directories(${PROTOBUF_INCLUDE_DIRS})
+  include_directories(${CMAKE_CURRENT_BINARY_DIR})
+  protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS cxx_proto.proto)
+  set(LLVM_OPTIONAL_SOURCES ${LLVM_OPTIONAL_SOURCES} ${PROTO_SRCS})
+  add_clang_library(clangCXXProto
+${PROTO_SRCS}
+${PROTO_HDRS}
+
+LINK_LIBS
+${PROTOBUF_LIBRARIES}
+)
 
-  if(CLANG_ENABLE_PROTO_FUZZER)
-# Create protobuf .h and .cc files, and put them in a library for use by
-# clang-proto-fuzzer components.
-find_package(Protobuf REQUIRED)
-add_definitions(-DGOOGLE_PROTOBUF_NO_RTTI)
-include_directories(${PROTOBUF_INCLUDE_DIRS})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS cxx_proto.proto)
-# Hack to bypass LLVM's cmake sources check and allow multiple libraries 
and
-# executables from this directory.
-set(LLVM_OPTIONAL_SOURCES
-  ClangFuzzer.cpp
-  ExampleClangProtoFuzzer.cpp
-  ${PROTO_SRCS}
-  )
-add_clang_library(clangCXXProto
-  ${PROTO_SRCS}
-  ${PROTO_HDRS}
-
-  LINK_LIBS
-  ${PROTOBUF_LIBRARIES}
-  )
-
-# Build and include libprotobuf-mutator
-include(ProtobufMutator)
-include_directories(${ProtobufMutator_INCLUDE_DIRS})
-
-# Build the protobuf->C++ translation library and driver.
-add_clang_subdirectory(proto-to-cxx)
-
-# Build the protobuf fuzzer
-add_clang_executable(clang-proto-fuzzer ExampleClangProtoFuzzer.cpp)
-target_link_libraries(clang-proto-fuzzer
-  ${ProtobufMutator_LIBRARIES}
-  ${PROTOBUF_LIBRARIES}
-  clangCXXProto
-  clangHandleCXX
-  clangProtoToCXX
-  )
-  else()
-# Hack to bypass LLVM's cmake sources check and allow multiple libraries 
and
-# executables from this directory.
-set(LLVM_OPTIONAL_SOURCES ClangFuzzer.cpp ExampleClangProtoFuzzer.cpp)
-  endif()
-
-  add_clang_subdirectory(handle-cxx)
-
-  add_clang_executable(clang-fuzzer
-EXCLUDE_FROM_ALL
-ClangFuzzer.cpp
+  # Build and include libprotobuf-mutator
+  include(ProtobufMutator)
+  include_directories(${ProtobufMutator_INCLUDE_DIRS})
+
+  # Build the protobuf->C++ translation library and driver.
+  add_clang_subdirectory(proto-to-cxx)
+
+  # Build the protobuf fuzzer
+  add_clang_executable(clang-proto-fuzzer
+${DUMMY_MAIN}
+ExampleClangProtoFuzzer.cpp
 )
 
-  target_link_libraries(clang-fuzzer
+  target_link_libraries(clang-proto-fuzzer
+${ProtobufMutator_LIBRARIES}
+${PROTOBUF_LIBRARIES}
+clangCXXProto
 clangHandleCXX
+clangProtoToCXX
 )
 endif()
+
+add_clang_subdirectory(handle-cxx)
+
+add_clang_executable(clang-fuzzer
+  EXCLUDE_FROM_ALL
+  ${DUMMY_MAIN}
+  ClangFuzzer.cpp
+  )
+
+target_link_libraries(clang-fuzzer
+  clangHandleCXX
+  )

Modified: cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp?rev=315465=315464=315465=diff
==
--- cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp Wed Oct 11 08:51:12 2017
@@ -17,6 +17,8 @@
 
 using 

r315463 - [clang-fuzzer] Fix shared library dependencies.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Oct 11 08:13:53 2017
New Revision: 315463

URL: http://llvm.org/viewvc/llvm-project?rev=315463=rev
Log:
[clang-fuzzer] Fix shared library dependencies.

Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=315463=315462=315463=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Wed Oct 11 08:13:53 2017
@@ -37,6 +37,7 @@ if( LLVM_USE_SANITIZE_COVERAGE )
 add_clang_executable(clang-proto-fuzzer ExampleClangProtoFuzzer.cpp)
 target_link_libraries(clang-proto-fuzzer
   ${ProtobufMutator_LIBRARIES}
+  ${PROTOBUF_LIBRARIES}
   clangCXXProto
   clangHandleCXX
   clangProtoToCXX

Modified: cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt?rev=315463=315462=315463=diff
==
--- cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt Wed Oct 11 08:13:53 
2017
@@ -1,9 +1,10 @@
-set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD})
+set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} Support)
 
 add_clang_library(clangHandleCXX
   handle_cxx.cpp
 
   LINK_LIBS
+  clangBasic
   clangCodeGen
   clangFrontend
   clangLex

Modified: cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt?rev=315463=315462=315463=diff
==
--- cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt Wed Oct 11 
08:13:53 2017
@@ -5,9 +5,9 @@ set(CMAKE_CXX_FLAGS ${CXX_FLAGS_NOFUZZ})
 # an executable built from this directory.
 set(LLVM_OPTIONAL_SOURCES proto_to_cxx.cpp proto_to_cxx_main.cpp)
 
-add_clang_library(clangProtoToCXX proto_to_cxx.cpp 
+add_clang_library(clangProtoToCXX proto_to_cxx.cpp
   DEPENDS clangCXXProto
-  LINK_LIBS clangCXXProto
+  LINK_LIBS clangCXXProto ${PROTOBUF_LIBRARIES}
   )
 
 add_clang_executable(clang-proto-to-cxx proto_to_cxx_main.cpp)


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315339 - [clang-fuzzer] Build proto-to-cxx with fuzzer-no-link.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Oct 10 10:59:37 2017
New Revision: 315339

URL: http://llvm.org/viewvc/llvm-project?rev=315339=rev
Log:
[clang-fuzzer] Build proto-to-cxx with fuzzer-no-link.

Makes it possible to build with any sanitizer or none at all.

Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=315339=315338=315339=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Tue Oct 10 10:59:37 2017
@@ -3,6 +3,7 @@ set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
 set(DUMMY_MAIN DummyClangFuzzer.cpp)
 if(LLVM_USE_SANITIZE_COVERAGE)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
+  set(CXX_FLAGS_NOFUZZ "${CXX_FLAGS_NOFUZZ} -fsanitize=fuzzer-no-link")
   unset(DUMMY_MAIN)
 endif()
 


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r315336 - [clang-fuzzer] Allow building without coverage instrumentation.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Oct 10 10:41:43 2017
New Revision: 315336

URL: http://llvm.org/viewvc/llvm-project?rev=315336=rev
Log:
[clang-fuzzer] Allow building without coverage instrumentation.

Summary:
Compile with DummyClangFuzzer.cpp as entry point rather than
libFuzzer's main when coverage instrumentation is missing.

https://llvm.org/pr34314

Reviewers: kcc, bogner, vitalybuka

Reviewed By: vitalybuka

Subscribers: cfe-commits, mgorny

Differential Revision: https://reviews.llvm.org/D38642

Added:
cfe/trunk/tools/clang-fuzzer/DummyClangFuzzer.cpp
Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=315336=315335=315336=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Tue Oct 10 10:41:43 2017
@@ -1,60 +1,65 @@
-if( LLVM_USE_SANITIZE_COVERAGE )
-  set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD})
-  set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
+set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} FuzzMutate)
+set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
+set(DUMMY_MAIN DummyClangFuzzer.cpp)
+if(LLVM_USE_SANITIZE_COVERAGE)
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
+  unset(DUMMY_MAIN)
+endif()
+
+# Hack to bypass LLVM's cmake sources check and allow multiple libraries and
+# executables from this directory.
+set(LLVM_OPTIONAL_SOURCES
+  ClangFuzzer.cpp
+  DummyClangFuzzer.cpp
+  ExampleClangProtoFuzzer.cpp
+  )
+
+if(CLANG_ENABLE_PROTO_FUZZER)
+  # Create protobuf .h and .cc files, and put them in a library for use by
+  # clang-proto-fuzzer components.
+  find_package(Protobuf REQUIRED)
+  add_definitions(-DGOOGLE_PROTOBUF_NO_RTTI)
+  include_directories(${PROTOBUF_INCLUDE_DIRS})
+  include_directories(${CMAKE_CURRENT_BINARY_DIR})
+  protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS cxx_proto.proto)
+  set(LLVM_OPTIONAL_SOURCES ${LLVM_OPTIONAL_SOURCES} ${PROTO_SRCS})
+  add_clang_library(clangCXXProto
+${PROTO_SRCS}
+${PROTO_HDRS}
+
+LINK_LIBS
+${PROTOBUF_LIBRARIES}
+)
 
-  if(CLANG_ENABLE_PROTO_FUZZER)
-# Create protobuf .h and .cc files, and put them in a library for use by
-# clang-proto-fuzzer components.
-find_package(Protobuf REQUIRED)
-add_definitions(-DGOOGLE_PROTOBUF_NO_RTTI)
-include_directories(${PROTOBUF_INCLUDE_DIRS})
-include_directories(${CMAKE_CURRENT_BINARY_DIR})
-protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS cxx_proto.proto)
-# Hack to bypass LLVM's cmake sources check and allow multiple libraries 
and
-# executables from this directory.
-set(LLVM_OPTIONAL_SOURCES
-  ClangFuzzer.cpp
-  ExampleClangProtoFuzzer.cpp
-  ${PROTO_SRCS}
-  )
-add_clang_library(clangCXXProto
-  ${PROTO_SRCS}
-  ${PROTO_HDRS}
-
-  LINK_LIBS
-  ${PROTOBUF_LIBRARIES}
-  )
-
-# Build and include libprotobuf-mutator
-include(ProtobufMutator)
-include_directories(${ProtobufMutator_INCLUDE_DIRS})
-
-# Build the protobuf->C++ translation library and driver.
-add_clang_subdirectory(proto-to-cxx)
-
-# Build the protobuf fuzzer
-add_clang_executable(clang-proto-fuzzer ExampleClangProtoFuzzer.cpp)
-target_link_libraries(clang-proto-fuzzer
-  ${ProtobufMutator_LIBRARIES}
-  clangCXXProto
-  clangHandleCXX
-  clangProtoToCXX
-  )
-  else()
-# Hack to bypass LLVM's cmake sources check and allow multiple libraries 
and
-# executables from this directory.
-set(LLVM_OPTIONAL_SOURCES ClangFuzzer.cpp ExampleClangProtoFuzzer.cpp)
-  endif()
-
-  add_clang_subdirectory(handle-cxx)
-
-  add_clang_executable(clang-fuzzer
-EXCLUDE_FROM_ALL
-ClangFuzzer.cpp
+  # Build and include libprotobuf-mutator
+  include(ProtobufMutator)
+  include_directories(${ProtobufMutator_INCLUDE_DIRS})
+
+  # Build the protobuf->C++ translation library and driver.
+  add_clang_subdirectory(proto-to-cxx)
+
+  # Build the protobuf fuzzer
+  add_clang_executable(clang-proto-fuzzer
+${DUMMY_MAIN}
+ExampleClangProtoFuzzer.cpp
 )
 
-  target_link_libraries(clang-fuzzer
+  target_link_libraries(clang-proto-fuzzer
+${ProtobufMutator_LIBRARIES}
+clangCXXProto
 clangHandleCXX
+clangProtoToCXX
 )
 endif()
+
+add_clang_subdirectory(handle-cxx)
+
+add_clang_executable(clang-fuzzer
+  EXCLUDE_FROM_ALL
+  ${DUMMY_MAIN}
+  ClangFuzzer.cpp
+  )
+
+target_link_libraries(clang-fuzzer
+  clangHandleCXX
+  )

Modified: cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp?rev=315336=315335=315336=diff
==
--- cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp (original)
+++ 

r313831 - [MSan] Disable sanitization for __sanitizer_dtor_callback.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Sep 20 15:53:08 2017
New Revision: 313831

URL: http://llvm.org/viewvc/llvm-project?rev=313831=rev
Log:
[MSan] Disable sanitization for __sanitizer_dtor_callback.

Summary:
Eliminate unnecessary instrumentation at __sanitizer_dtor_callback
call sites.  Fixes https://github.com/google/sanitizers/issues/861.

Reviewers: eugenis, kcc

Reviewed By: eugenis

Subscribers: vitalybuka, llvm-commits, cfe-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D38063

Modified:
cfe/trunk/lib/CodeGen/CGClass.cpp
cfe/trunk/test/CodeGenCXX/sanitize-dtor-callback.cpp

Modified: cfe/trunk/lib/CodeGen/CGClass.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGClass.cpp?rev=313831=313830=313831=diff
==
--- cfe/trunk/lib/CodeGen/CGClass.cpp (original)
+++ cfe/trunk/lib/CodeGen/CGClass.cpp Wed Sep 20 15:53:08 2017
@@ -1577,6 +1577,7 @@ namespace {
 
  static void EmitSanitizerDtorCallback(CodeGenFunction , llvm::Value *Ptr,
  CharUnits::QuantityType PoisonSize) {
+   CodeGenFunction::SanitizerScope SanScope();
// Pass in void pointer and size of region as arguments to runtime
// function
llvm::Value *Args[] = {CGF.Builder.CreateBitCast(Ptr, CGF.VoidPtrTy),

Modified: cfe/trunk/test/CodeGenCXX/sanitize-dtor-callback.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGenCXX/sanitize-dtor-callback.cpp?rev=313831=313830=313831=diff
==
--- cfe/trunk/test/CodeGenCXX/sanitize-dtor-callback.cpp (original)
+++ cfe/trunk/test/CodeGenCXX/sanitize-dtor-callback.cpp Wed Sep 20 15:53:08 
2017
@@ -55,16 +55,19 @@ Defaulted_Non_Trivial def_non_trivial;
 // to confirm that all invoked dtors have member poisoning
 // instrumentation inserted.
 // CHECK-LABEL: define {{.*}}SimpleD2Ev
+// CHECK-NOT: store i{{[0-9]+}} 0, {{.*}}@__msan_param_tls
 // CHECK: call void @__sanitizer_dtor_callback
 // CHECK-NOT: call void @__sanitizer_dtor_callback
 // CHECK: ret void
 
 // CHECK-LABEL: define {{.*}}InlinedD2Ev
+// CHECK-NOT: store i{{[0-9]+}} 0, {{.*}}@__msan_param_tls
 // CHECK: call void @__sanitizer_dtor_callback
 // CHECK-NOT: call void @__sanitizer_dtor_callback
 // CHECK: ret void
 
 // CHECK-LABEL: define {{.*}}Defaulted_Non_TrivialD2Ev
+// CHECK-NOT: store i{{[0-9]+}} 0, {{.*}}@__msan_param_tls
 // CHECK: call void @__sanitizer_dtor_callback
 // CHECK-NOT: call void @__sanitizer_dtor_callback
 // CHECK: ret void


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r313319 - [MSan] Specify use-after-dtor default value in header.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Sep 14 16:53:56 2017
New Revision: 313319

URL: http://llvm.org/viewvc/llvm-project?rev=313319=rev
Log:
[MSan] Specify use-after-dtor default value in header.

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=313319=313318=313319=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Thu Sep 14 16:53:56 2017
@@ -491,9 +491,11 @@ SanitizerArgs::SanitizerArgs(const ToolC
 MsanUseAfterDtor =
 Args.hasFlag(options::OPT_fsanitize_memory_use_after_dtor,
  options::OPT_fno_sanitize_memory_use_after_dtor,
- false);
+ MsanUseAfterDtor);
 NeedPIE |= !(TC.getTriple().isOSLinux() &&
  TC.getTriple().getArch() == llvm::Triple::x86_64);
+  } else {
+MsanUseAfterDtor = false;
   }
 
   if (AllAddedKinds & Thread) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r313314 - [MSan] Add flag to disable use-after-dtor.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Thu Sep 14 16:14:37 2017
New Revision: 313314

URL: http://llvm.org/viewvc/llvm-project?rev=313314=rev
Log:
[MSan] Add flag to disable use-after-dtor.

Summary: Flag is -fno-sanitize-use-after-dtor.

Reviewers: vitalybuka, eugenis, kcc

Reviewed By: vitalybuka, eugenis

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D37867

Modified:
cfe/trunk/include/clang/Driver/Options.td
cfe/trunk/lib/Driver/SanitizerArgs.cpp
cfe/trunk/lib/Frontend/CompilerInvocation.cpp
cfe/trunk/test/Driver/fsanitize.c

Modified: cfe/trunk/include/clang/Driver/Options.td
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Driver/Options.td?rev=313314=313313=313314=diff
==
--- cfe/trunk/include/clang/Driver/Options.td (original)
+++ cfe/trunk/include/clang/Driver/Options.td Thu Sep 14 16:14:37 2017
@@ -851,6 +851,9 @@ def fno_sanitize_memory_track_origins :
 def fsanitize_memory_use_after_dtor : Flag<["-"], 
"fsanitize-memory-use-after-dtor">,
  Group,
  HelpText<"Enable use-after-destroy 
detection in MemorySanitizer">;
+def fno_sanitize_memory_use_after_dtor : Flag<["-"], 
"fno-sanitize-memory-use-after-dtor">,
+ Group,
+ HelpText<"Disable use-after-destroy 
detection in MemorySanitizer">;
 def fsanitize_address_field_padding : Joined<["-"], 
"fsanitize-address-field-padding=">,
 Group,
 HelpText<"Level of field padding for 
AddressSanitizer">;

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=313314=313313=313314=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Thu Sep 14 16:14:37 2017
@@ -489,7 +489,9 @@ SanitizerArgs::SanitizerArgs(const ToolC
   }
 }
 MsanUseAfterDtor =
-Args.hasArg(options::OPT_fsanitize_memory_use_after_dtor);
+Args.hasFlag(options::OPT_fsanitize_memory_use_after_dtor,
+ options::OPT_fno_sanitize_memory_use_after_dtor,
+ false);
 NeedPIE |= !(TC.getTriple().isOSLinux() &&
  TC.getTriple().getArch() == llvm::Triple::x86_64);
   }

Modified: cfe/trunk/lib/Frontend/CompilerInvocation.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Frontend/CompilerInvocation.cpp?rev=313314=313313=313314=diff
==
--- cfe/trunk/lib/Frontend/CompilerInvocation.cpp (original)
+++ cfe/trunk/lib/Frontend/CompilerInvocation.cpp Thu Sep 14 16:14:37 2017
@@ -830,7 +830,9 @@ static bool ParseCodeGenArgs(CodeGenOpti
   Opts.SanitizeMemoryTrackOrigins =
   getLastArgIntValue(Args, OPT_fsanitize_memory_track_origins_EQ, 0, 
Diags);
   Opts.SanitizeMemoryUseAfterDtor =
-  Args.hasArg(OPT_fsanitize_memory_use_after_dtor);
+  Args.hasFlag(OPT_fsanitize_memory_use_after_dtor,
+   OPT_fno_sanitize_memory_use_after_dtor,
+   false);
   Opts.SanitizeMinimalRuntime = Args.hasArg(OPT_fsanitize_minimal_runtime);
   Opts.SanitizeCfiCrossDso = Args.hasArg(OPT_fsanitize_cfi_cross_dso);
   Opts.SanitizeStats = Args.hasArg(OPT_fsanitize_stats);

Modified: cfe/trunk/test/Driver/fsanitize.c
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Driver/fsanitize.c?rev=313314=313313=313314=diff
==
--- cfe/trunk/test/Driver/fsanitize.c (original)
+++ cfe/trunk/test/Driver/fsanitize.c Thu Sep 14 16:14:37 2017
@@ -172,8 +172,14 @@
 // RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fsanitize-memory-track-origins=3 -pie %s -### 2>&1 | FileCheck %s 
--check-prefix=CHECK-TRACK-ORIGINS-3
 // CHECK-TRACK-ORIGINS-3: error: invalid value '3' in 
'-fsanitize-memory-track-origins=3'
 
-// RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fsanitize-memory-use-after-dtor -pie %s -### 2>&1 | FileCheck %s 
--check-prefix=CHECK-MSAN-USE-AFTER-DTOR
-// CHECK-MSAN-USE-AFTER-DTOR: -cc1{{.*}}-fsanitize-memory-use-after-dtor
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fsanitize-memory-use-after-dtor %s -### 2>&1 | FileCheck %s 
--check-prefix=CHECK-USE-AFTER-DTOR
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fno-sanitize-memory-use-after-dtor -fsanitize-memory-use-after-dtor %s -### 
2>&1 | FileCheck %s --check-prefix=CHECK-USE-AFTER-DTOR
+// CHECK-USE-AFTER-DTOR: -cc1{{.*}}-fsanitize-memory-use-after-dtor
+
+// RUN: %clang -target x86_64-linux-gnu -fsanitize=memory 
-fno-sanitize-memory-use-after-dtor %s -### 2>&1 | FileCheck %s 

r312185 - [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Aug 30 15:49:31 2017
New Revision: 312185

URL: http://llvm.org/viewvc/llvm-project?rev=312185=rev
Log:
[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer

Summary:
- Don't sanitize __sancov_lowest_stack.
- Don't instrument leaf functions.
- Add CoverageStackDepth to Fuzzer and FuzzerNoLink.
- Only enable on Linux.

Reviewers: vitalybuka, kcc, george.karpenkov

Reviewed By: kcc

Subscribers: kubamracek, cfe-commits, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D37156

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=312185=312184=312185=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Wed Aug 30 15:49:31 2017
@@ -312,9 +312,13 @@ SanitizerArgs::SanitizerArgs(const ToolC
 Add |= FuzzerNoLink;
 
   // Enable coverage if the fuzzing flag is set.
-  if (Add & FuzzerNoLink)
+  if (Add & FuzzerNoLink) {
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
 CoverageTraceCmp | CoveragePCTable;
+// Due to TLS differences, stack depth tracking is only enabled on 
Linux
+if (TC.getTriple().isOSLinux())
+  CoverageFeatures |= CoverageStackDepth;
+  }
 
   Kinds |= Add;
 } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r312047 - Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug 29 14:56:56 2017
New Revision: 312047

URL: http://llvm.org/viewvc/llvm-project?rev=312047=rev
Log:
Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"

This reverts r312026 due to bot breakage.

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=312047=312046=312047=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Tue Aug 29 14:56:56 2017
@@ -312,13 +312,9 @@ SanitizerArgs::SanitizerArgs(const ToolC
 Add |= FuzzerNoLink;
 
   // Enable coverage if the fuzzing flag is set.
-  if (Add & FuzzerNoLink) {
+  if (Add & FuzzerNoLink)
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
 CoverageTraceCmp | CoveragePCTable;
-// Due to TLS differences, stack depth tracking is disabled on Mac.
-if (!TC.getTriple().isOSDarwin())
-  CoverageFeatures |= CoverageStackDepth;
-  }
 
   Kinds |= Add;
 } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r312037 - Re-enable stack depth instrumentation on Windows.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug 29 14:15:33 2017
New Revision: 312037

URL: http://llvm.org/viewvc/llvm-project?rev=312037=rev
Log:
Re-enable stack depth instrumentation on Windows.

Specified tls_model attribute properly. Should compile on Windows
now.

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=312037=312036=312037=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Tue Aug 29 14:15:33 2017
@@ -315,8 +315,8 @@ SanitizerArgs::SanitizerArgs(const ToolC
   if (Add & FuzzerNoLink) {
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
 CoverageTraceCmp | CoveragePCTable;
-// Due to TLS differences, stack depth tracking is disabled on Mac/Win.
-if (!TC.getTriple().isOSDarwin() && !TC.getTriple().isOSWindows())
+// Due to TLS differences, stack depth tracking is disabled on Mac.
+if (!TC.getTriple().isOSDarwin())
   CoverageFeatures |= CoverageStackDepth;
   }
 


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r312032 - Disable stack depth tracking on Windows.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug 29 13:44:41 2017
New Revision: 312032

URL: http://llvm.org/viewvc/llvm-project?rev=312032=rev
Log:
Disable stack depth tracking on Windows.

Windows doesn't support the tls_model attribute.

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=312032=312031=312032=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Tue Aug 29 13:44:41 2017
@@ -315,8 +315,8 @@ SanitizerArgs::SanitizerArgs(const ToolC
   if (Add & FuzzerNoLink) {
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
 CoverageTraceCmp | CoveragePCTable;
-// Due to TLS differences, stack depth tracking is disabled on Mac.
-if (!TC.getTriple().isOSDarwin())
+// Due to TLS differences, stack depth tracking is disabled on Mac/Win.
+if (!TC.getTriple().isOSDarwin() && !TC.getTriple().isOSWindows())
   CoverageFeatures |= CoverageStackDepth;
   }
 


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r312026 - [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug 29 12:48:12 2017
New Revision: 312026

URL: http://llvm.org/viewvc/llvm-project?rev=312026=rev
Log:
[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer

Summary:
- Don't sanitize __sancov_lowest_stack.
- Don't instrument leaf functions.
- Add CoverageStackDepth to Fuzzer and FuzzerNoLink.
- Disable stack depth tracking on Mac.

Reviewers: vitalybuka, kcc, george.karpenkov

Reviewed By: kcc

Subscribers: kubamracek, cfe-commits, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D37156

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=312026=312025=312026=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Tue Aug 29 12:48:12 2017
@@ -291,9 +291,13 @@ SanitizerArgs::SanitizerArgs(const ToolC
 Add |= FuzzerNoLink;
 
   // Enable coverage if the fuzzing flag is set.
-  if (Add & FuzzerNoLink)
+  if (Add & FuzzerNoLink) {
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
 CoverageTraceCmp | CoveragePCTable;
+// Due to TLS differences, stack depth tracking is disabled on Mac.
+if (!TC.getTriple().isOSDarwin())
+  CoverageFeatures |= CoverageStackDepth;
+  }
 
   Kinds |= Add;
 } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r311803 - Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Aug 25 15:01:21 2017
New Revision: 311803

URL: http://llvm.org/viewvc/llvm-project?rev=311803=rev
Log:
Revert "[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer"

This reverts r311801 due to a bot failure.

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=311803=311802=311803=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Fri Aug 25 15:01:21 2017
@@ -290,11 +290,10 @@ SanitizerArgs::SanitizerArgs(const ToolC
   if (Add & Fuzzer)
 Add |= FuzzerNoLink;
 
-  // Enable coverage and stack depth tracking if the fuzzing flag is set.
+  // Enable coverage if the fuzzing flag is set.
   if (Add & FuzzerNoLink)
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
-CoverageTraceCmp | CoveragePCTable |
-CoverageStackDepth;
+CoverageTraceCmp | CoveragePCTable;
 
   Kinds |= Add;
 } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r311801 - [SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Aug 25 14:18:29 2017
New Revision: 311801

URL: http://llvm.org/viewvc/llvm-project?rev=311801=rev
Log:
[SanitizeCoverage] Enable stack-depth coverage for -fsanitize=fuzzer

Summary:
- Don't sanitize __sancov_lowest_stack.
- Don't instrument leaf functions.
- Add CoverageStackDepth to Fuzzer and FuzzerNoLink.

Reviewers: vitalybuka, kcc

Reviewed By: kcc

Subscribers: cfe-commits, llvm-commits, hiraditya

Differential Revision: https://reviews.llvm.org/D37156

Modified:
cfe/trunk/lib/Driver/SanitizerArgs.cpp

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=311801=311800=311801=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Fri Aug 25 14:18:29 2017
@@ -290,10 +290,11 @@ SanitizerArgs::SanitizerArgs(const ToolC
   if (Add & Fuzzer)
 Add |= FuzzerNoLink;
 
-  // Enable coverage if the fuzzing flag is set.
+  // Enable coverage and stack depth tracking if the fuzzing flag is set.
   if (Add & FuzzerNoLink)
 CoverageFeatures |= CoverageTracePCGuard | CoverageIndirCall |
-CoverageTraceCmp | CoveragePCTable;
+CoverageTraceCmp | CoveragePCTable |
+CoverageStackDepth;
 
   Kinds |= Add;
 } else if (Arg->getOption().matches(options::OPT_fno_sanitize_EQ)) {


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Re: r311589 - [ubsan] PR34266: When sanitizing the 'this' value for a member function that happens to be a lambda call operator, use the lambda's 'this' pointer, not the captured enclosing 'this' poin

[Matt Morehouse via cfe-commits]

Hi Richard,

It looks like this revision is breaking the x86_64-linux-bootstrap bot
.
Most of the UBSan checks are failing with the attached error.
Full log at:
http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-bootstrap/builds/2104/steps/check-llvm%20ubsan/logs/stdio

I haven't looked in much detail, so I'm not sure if your change uncovered a
bug in LLVM or if the change is faulty.  Could you please take a look?

Thanks,
Matt Morehouse



On Wed, Aug 23, 2017 at 12:39 PM, Richard Smith via cfe-commits <
cfe-commits@lists.llvm.org> wrote:

> Author: rsmith
> Date: Wed Aug 23 12:39:04 2017
> New Revision: 311589
>
> URL: http://llvm.org/viewvc/llvm-project?rev=311589=rev
> Log:
> [ubsan] PR34266: When sanitizing the 'this' value for a member function
> that happens to be a lambda call operator, use the lambda's 'this' pointer,
> not the captured enclosing 'this' pointer (if any).
>
> Modified:
> cfe/trunk/include/clang/AST/DeclCXX.h
> cfe/trunk/lib/CodeGen/CodeGenFunction.cpp
> cfe/trunk/test/CodeGenCXX/catch-undef-behavior.cpp
>
> Modified: cfe/trunk/include/clang/AST/DeclCXX.h
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/
> clang/AST/DeclCXX.h?rev=311589=311588=311589=diff
> 
> ==
> --- cfe/trunk/include/clang/AST/DeclCXX.h (original)
> +++ cfe/trunk/include/clang/AST/DeclCXX.h Wed Aug 23 12:39:04 2017
> @@ -2027,7 +2027,10 @@ public:
>
>/// \brief Returns the type of the \c this pointer.
>///
> -  /// Should only be called for instance (i.e., non-static) methods.
> +  /// Should only be called for instance (i.e., non-static) methods. Note
> +  /// that for the call operator of a lambda closure type, this returns
> the
> +  /// desugared 'this' type (a pointer to the closure type), not the
> captured
> +  /// 'this' type.
>QualType getThisType(ASTContext ) const;
>
>unsigned getTypeQualifiers() const {
>
> Modified: cfe/trunk/lib/CodeGen/CodeGenFunction.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/
> CodeGenFunction.cpp?rev=311589=311588=311589=diff
> 
> ==
> --- cfe/trunk/lib/CodeGen/CodeGenFunction.cpp (original)
> +++ cfe/trunk/lib/CodeGen/CodeGenFunction.cpp Wed Aug 23 12:39:04 2017
> @@ -1014,11 +1014,11 @@ void CodeGenFunction::StartFunction(Glob
>  }
>
>  // Check the 'this' pointer once per function, if it's available.
> -if (CXXThisValue) {
> +if (CXXABIThisValue) {
>SanitizerSet SkippedChecks;
>SkippedChecks.set(SanitizerKind::ObjectSize, true);
>QualType ThisTy = MD->getThisType(getContext());
> -  EmitTypeCheck(TCK_Load, Loc, CXXThisValue, ThisTy,
> +  EmitTypeCheck(TCK_Load, Loc, CXXABIThisValue, ThisTy,
>  getContext().getTypeAlignInChars(ThisTy->
> getPointeeType()),
>  SkippedChecks);
>  }
>
> Modified: cfe/trunk/test/CodeGenCXX/catch-undef-behavior.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/
> CodeGenCXX/catch-undef-behavior.cpp?rev=311589=
> 311588=311589=diff
> 
> ==
> --- cfe/trunk/test/CodeGenCXX/catch-undef-behavior.cpp (original)
> +++ cfe/trunk/test/CodeGenCXX/catch-undef-behavior.cpp Wed Aug 23
> 12:39:04 2017
> @@ -449,6 +449,27 @@ void upcast_to_vbase() {
>  }
>  }
>
> +struct ThisAlign {
> +  void this_align_lambda();
> +};
> +void ThisAlign::this_align_lambda() {
> +  // CHECK-LABEL: define {{.*}}@"_ZZN9ThisAlign17this_
> align_lambdaEvENK3$_0clEv"
> +  // CHECK-SAME: (%{{.*}}* %[[this:[^)]*]])
> +  // CHECK: %[[this_addr:.*]] = alloca
> +  // CHECK: store %{{.*}}* %[[this]], %{{.*}}** %[[this_addr]],
> +  // CHECK: %[[this_inner:.*]] = load %{{.*}}*, %{{.*}}** %[[this_addr]],
> +  // CHECK: %[[this_outer_addr:.*]] = getelementptr inbounds %{{.*}},
> %{{.*}}* %[[this_inner]], i32 0, i32 0
> +  // CHECK: %[[this_outer:.*]] = load %{{.*}}*, %{{.*}}**
> %[[this_outer_addr]],
> +  //
> +  // CHECK: %[[this_inner_isnonnull:.*]] = icmp ne %{{.*}}*
> %[[this_inner]], null
> +  // CHECK: %[[this_inner_asint:.*]] = ptrtoint %{{.*}}* %[[this_inner]]
> to i
> +  // CHECK: %[[this_inner_misalignment:.*]] = and i{{32|64}}
> %[[this_inner_asint]], {{3|7}},
> +  // CHECK: %[[this_inner_isaligned:.*]] = icmp eq i{{32|64}}
> %[[this_inner_misalignment]], 0
> +  // CHECK: %[[this_inner_valid:.*]] = and i1 %[[this_inner_isnonnull]],
> %[[this_inner_isaligned]],
> +  // CHECK: br i1 %[[this_inner_valid:.*]]
> +  [&] { return this; } ();
> +}
> +
>  namespace CopyValueRepresentation {
>// CHECK-LABEL: define {{.*}} @_ZN23CopyValueRepresentation2S3aSERKS0_
>// CHECK-NOT: call {{.*}} @__ubsan_handle_load_invalid_value
>
>
> ___
> cfe-commits mailing list
> 

r311592 - [clang-proto-fuzzer] Fix clang-proto-to-cxx build.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Wed Aug 23 12:58:07 2017
New Revision: 311592

URL: http://llvm.org/viewvc/llvm-project?rev=311592=rev
Log:
[clang-proto-fuzzer] Fix clang-proto-to-cxx build.

Modified:
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=311592=311591=311592=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Wed Aug 23 12:58:07 2017
@@ -1,5 +1,6 @@
 if( LLVM_USE_SANITIZE_COVERAGE )
   set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD})
+  set(CXX_FLAGS_NOFUZZ ${CMAKE_CXX_FLAGS})
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=fuzzer")
 
   if(CLANG_ENABLE_PROTO_FUZZER)

Modified: cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt?rev=311592=311591=311592=diff
==
--- cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt Wed Aug 23 
12:58:07 2017
@@ -1,4 +1,5 @@
 set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD})
+set(CMAKE_CXX_FLAGS ${CXX_FLAGS_NOFUZZ})
 
 # Hack to bypass LLVM's CMake source checks so we can have both a library and
 # an executable built from this directory.


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r311345 - [clang-proto-fuzzer] Update README.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Mon Aug 21 09:18:43 2017
New Revision: 311345

URL: http://llvm.org/viewvc/llvm-project?rev=311345=rev
Log:
[clang-proto-fuzzer] Update README.

Add instructions on how to modify the compiler invocation.

Modified:
cfe/trunk/tools/clang-fuzzer/README.txt

Modified: cfe/trunk/tools/clang-fuzzer/README.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/README.txt?rev=311345=311344=311345=diff
==
--- cfe/trunk/tools/clang-fuzzer/README.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/README.txt Mon Aug 21 09:18:43 2017
@@ -29,6 +29,11 @@ Example:
 -DLLVM_USE_SANITIZE_COVERAGE=YES -DLLVM_USE_SANITIZER=Address
   ninja clang-fuzzer
 
+==
+ Running clang-fuzzer
+==
+  bin/clang-fuzzer CORPUS_DIR
+
 
 ===
  Building clang-proto-fuzzer (Linux-only instructions)
@@ -62,14 +67,16 @@ Example:
 This directory also contains a Dockerfile which sets up all required
 dependencies and builds the fuzzers.
 
-=
- Running the fuzzers
-=
-clang-fuzzer:
-  bin/clang-fuzzer CORPUS_DIR
-
-clang-proto-fuzzer:
+
+ Running clang-proto-fuzzer
+
   bin/clang-proto-fuzzer CORPUS_DIR
 
-Translating a clang-proto-fuzzer corpus output to C++:
+Arguments can be specified after -ignore_remaining_args=1 to modify the 
compiler
+invocation.  For example, the following command line will fuzz LLVM with a
+custom optimization level and target triple:
+  bin/clang-proto-fuzzer CORPUS_DIR -ignore_remaining_args=1 -O3 -triple \
+  arm64apple-ios9
+
+To translate a clang-proto-fuzzer corpus output to C++:
   bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

r311186 - [SanitizerCoverage] Add stack depth tracing instrumentation.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Aug 18 11:43:30 2017
New Revision: 311186

URL: http://llvm.org/viewvc/llvm-project?rev=311186=rev
Log:
[SanitizerCoverage] Add stack depth tracing instrumentation.

Summary:
Augment SanitizerCoverage to insert maximum stack depth tracing for
use by libFuzzer.  The new instrumentation is enabled by the flag
-fsanitize-coverage=stack-depth and is compatible with the existing
trace-pc-guard coverage.  The user must also declare the following
global variable in their code:
  thread_local uintptr_t __sancov_lowest_stack

https://bugs.llvm.org/show_bug.cgi?id=33857

Reviewers: vitalybuka, kcc

Reviewed By: vitalybuka

Subscribers: kubamracek, hiraditya, cfe-commits, llvm-commits

Differential Revision: https://reviews.llvm.org/D36839

Modified:
cfe/trunk/include/clang/Driver/CC1Options.td
cfe/trunk/include/clang/Frontend/CodeGenOptions.def
cfe/trunk/lib/CodeGen/BackendUtil.cpp
cfe/trunk/lib/Driver/SanitizerArgs.cpp
cfe/trunk/lib/Frontend/CompilerInvocation.cpp
cfe/trunk/test/Driver/fsanitize-coverage.c

Modified: cfe/trunk/include/clang/Driver/CC1Options.td
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Driver/CC1Options.td?rev=311186=311185=311186=diff
==
--- cfe/trunk/include/clang/Driver/CC1Options.td (original)
+++ cfe/trunk/include/clang/Driver/CC1Options.td Fri Aug 18 11:43:30 2017
@@ -307,6 +307,9 @@ def fsanitize_coverage_trace_pc_guard
 def fsanitize_coverage_no_prune
 : Flag<["-"], "fsanitize-coverage-no-prune">,
   HelpText<"Disable coverage pruning (i.e. instrument all blocks/edges)">;
+def fsanitize_coverage_stack_depth
+: Flag<["-"], "fsanitize-coverage-stack-depth">,
+  HelpText<"Enable max stack depth tracing">;
 def fprofile_instrument_EQ : Joined<["-"], "fprofile-instrument=">,
 HelpText<"Enable PGO instrumentation. The accepted value is clang, llvm, "
  "or none">, Values<"none,clang,llvm">;

Modified: cfe/trunk/include/clang/Frontend/CodeGenOptions.def
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Frontend/CodeGenOptions.def?rev=311186=311185=311186=diff
==
--- cfe/trunk/include/clang/Frontend/CodeGenOptions.def (original)
+++ cfe/trunk/include/clang/Frontend/CodeGenOptions.def Fri Aug 18 11:43:30 2017
@@ -169,6 +169,7 @@ CODEGENOPT(SanitizeCoverageTracePCGuard,
 CODEGENOPT(SanitizeCoverageInline8bitCounters, 1, 0) ///< Use inline 8bit 
counters.
 CODEGENOPT(SanitizeCoveragePCTable, 1, 0) ///< Create a PC Table.
 CODEGENOPT(SanitizeCoverageNoPrune, 1, 0) ///< Disable coverage pruning.
+CODEGENOPT(SanitizeCoverageStackDepth, 1, 0) ///< Enable max stack depth 
tracing
 CODEGENOPT(SanitizeStats , 1, 0) ///< Collect statistics for sanitizers.
 CODEGENOPT(SimplifyLibCalls  , 1, 1) ///< Set when -fbuiltin is enabled.
 CODEGENOPT(SoftFloat , 1, 0) ///< -soft-float.

Modified: cfe/trunk/lib/CodeGen/BackendUtil.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/BackendUtil.cpp?rev=311186=311185=311186=diff
==
--- cfe/trunk/lib/CodeGen/BackendUtil.cpp (original)
+++ cfe/trunk/lib/CodeGen/BackendUtil.cpp Fri Aug 18 11:43:30 2017
@@ -190,6 +190,7 @@ static void addSanitizerCoveragePass(con
   Opts.NoPrune = CGOpts.SanitizeCoverageNoPrune;
   Opts.Inline8bitCounters = CGOpts.SanitizeCoverageInline8bitCounters;
   Opts.PCTable = CGOpts.SanitizeCoveragePCTable;
+  Opts.StackDepth = CGOpts.SanitizeCoverageStackDepth;
   PM.add(createSanitizerCoverageModulePass(Opts));
 }
 

Modified: cfe/trunk/lib/Driver/SanitizerArgs.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Driver/SanitizerArgs.cpp?rev=311186=311185=311186=diff
==
--- cfe/trunk/lib/Driver/SanitizerArgs.cpp (original)
+++ cfe/trunk/lib/Driver/SanitizerArgs.cpp Fri Aug 18 11:43:30 2017
@@ -58,6 +58,7 @@ enum CoverageFeature {
   CoverageNoPrune = 1 << 11,
   CoverageInline8bitCounters = 1 << 12,
   CoveragePCTable = 1 << 13,
+  CoverageStackDepth = 1 << 14,
 };
 
 /// Parse a -fsanitize= or -fno-sanitize= argument's values, diagnosing any
@@ -556,10 +557,14 @@ SanitizerArgs::SanitizerArgs(const ToolC
   }
 
   // trace-pc w/o func/bb/edge implies edge.
-  if ((CoverageFeatures &
-   (CoverageTracePC | CoverageTracePCGuard | CoverageInline8bitCounters)) 
&&
-  !(CoverageFeatures & InsertionPointTypes))
-CoverageFeatures |= CoverageEdge;
+  if (!(CoverageFeatures & InsertionPointTypes)) {
+if (CoverageFeatures &
+(CoverageTracePC | CoverageTracePCGuard | CoverageInline8bitCounters))
+  CoverageFeatures |= CoverageEdge;
+
+if (CoverageFeatures & CoverageStackDepth)
+  CoverageFeatures |= CoverageFunc;
+  }
 
   if (AllAddedKinds & Address) {
 

r311185 - [clang-proto-fuzzer] Allow user-specified compiler arguments.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Fri Aug 18 11:34:39 2017
New Revision: 311185

URL: http://llvm.org/viewvc/llvm-project?rev=311185=rev
Log:
[clang-proto-fuzzer] Allow user-specified compiler arguments.

Summary:
Arguments can be specified after -ignore_remaining_args=1 to modify
the compiler invocation.  For example, the following command-line
will fuzz LLVM with a custom optimization level and target triple:
  clang-proto-fuzzer CORPUS/ -ignore_remaining_args -O3 \
  -triple arm64-apple-ios9

Reviewers: vitalybuka, kcc

Reviewed By: vitalybuka

Subscribers: aemerson, cfe-commits, kristof.beyls

Differential Revision: https://reviews.llvm.org/D36882

Modified:
cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp

Modified: cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp?rev=311185=311184=311185=diff
==
--- cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp (original)
+++ cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp Fri Aug 18 
11:34:39 2017
@@ -20,9 +20,25 @@
 
 #include "src/libfuzzer/libfuzzer_macro.h"
 
+#include 
+
 using namespace clang_fuzzer;
 
+static std::vector CLArgs;
+
+extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
+  CLArgs.push_back("-O2");
+  for (int I = 1; I < *argc; I++) {
+if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
+  for (I++; I < *argc; I++)
+CLArgs.push_back((*argv)[I]);
+  break;
+}
+  }
+  return 0;
+}
+
 DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
   auto S = FunctionToString(input);
-  HandleCXX(S, {"-O2"});
+  HandleCXX(S, CLArgs);
 }


___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Re: r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.

[Matt Morehouse via cfe-commits]

+ Kostya

The project isn't built by default, so the dependencies aren't needed
unless you build the fuzzer specifically.

On Thu, Aug 10, 2017 at 10:56 AM, Nico Weber <tha...@chromium.org> wrote:

> I really believe this has way too many deps to live in the clang repro, as
> said on the review already. Maybe this could live in clang-extra instead?
>
> On Aug 8, 2017 4:15 PM, "Matt Morehouse via cfe-commits" <
> cfe-commits@lists.llvm.org> wrote:
>
>> Author: morehouse
>> Date: Tue Aug  8 13:15:04 2017
>> New Revision: 310408
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev
>> Log:
>> Integrate Kostya's clang-proto-fuzzer with LLVM.
>>
>> Summary:
>> The clang-proto-fuzzer models a subset of C++ as a protobuf and
>> uses libprotobuf-mutator to generate interesting mutations of C++
>> programs.  Clang-proto-fuzzer has already found several bugs in
>> Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747,
>> https://bugs.llvm.org/show_bug.cgi?id=33749).
>>
>> As with clang-fuzzer, clang-proto-fuzzer requires the following
>> cmake flags:
>> - CMAKE_C_COMPILER=clang
>> - CMAKE_CXX_COMPILER=clang++
>> - LLVM_USE_SANITIZE_COVERAGE=YES  // needed for libFuzzer
>> - LLVM_USE_SANITIZER=Address  // needed for libFuzzer
>>
>> In addition, clang-proto-fuzzer requires:
>> - CLANG_ENABLE_PROTO_FUZZER=ON
>>
>> clang-proto-fuzzer also requires the following dependencies:
>> - binutils  // needed for libprotobuf-mutator
>> - liblzma-dev  // needed for libprotobuf-mutator
>> - libz-dev  // needed for libprotobuf-mutator
>> - docbook2x  // needed for libprotobuf-mutator
>> - Recent version of protobuf [3.3.0 is known to work]
>>
>> A working version of libprotobuf-mutator will automatically be
>> downloaded and built as an external project.
>>
>> Implementation of clang-proto-fuzzer provided by Kostya
>> Serebryany.
>>
>> https://bugs.llvm.org/show_bug.cgi?id=33829
>>
>> Reviewers: kcc, vitalybuka, bogner
>>
>> Reviewed By: kcc, vitalybuka
>>
>> Subscribers: thakis, mgorny, cfe-commits
>>
>> Differential Revision: https://reviews.llvm.org/D36324
>>
>> Added:
>> cfe/trunk/cmake/modules/ProtobufMutator.cmake
>> cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
>> cfe/trunk/tools/clang-fuzzer/README.txt
>> cfe/trunk/tools/clang-fuzzer/cxx_proto.proto
>> cfe/trunk/tools/clang-fuzzer/handle-cxx/
>> cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt
>> cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.cpp
>> cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.h
>> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/
>> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
>> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
>> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
>> cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp
>> Modified:
>> cfe/trunk/CMakeLists.txt
>> cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
>> cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp
>>
>> Modified: cfe/trunk/CMakeLists.txt
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/CMakeLists.txt
>> ?rev=310408=310407=310408=diff
>> 
>> ==
>> --- cfe/trunk/CMakeLists.txt (original)
>> +++ cfe/trunk/CMakeLists.txt Tue Aug  8 13:15:04 2017
>> @@ -377,6 +377,8 @@ option(CLANG_ENABLE_STATIC_ANALYZER "Bui
>>  option(CLANG_ANALYZER_BUILD_Z3
>>"Build the static analyzer with the Z3 constraint manager." OFF)
>>
>> +option(CLANG_ENABLE_PROTO_FUZZER "Build Clang protobuf fuzzer." OFF)
>> +
>>  if(NOT CLANG_ENABLE_STATIC_ANALYZER AND (CLANG_ENABLE_ARCMT OR
>> CLANG_ANALYZER_BUILD_Z3))
>>message(FATAL_ERROR "Cannot disable static analyzer while enabling
>> ARCMT or Z3")
>>  endif()
>>
>> Added: cfe/trunk/cmake/modules/ProtobufMutator.cmake
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/modules/
>> ProtobufMutator.cmake?rev=310408=auto
>> 
>> ==
>> --- cfe/trunk/cmake/modules/ProtobufMutator.cmake (added)
>> +++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Tue Aug  8 13:15:04
>> 2017
>> @@ -0,0 +1,24 @@
>> +set(PBM_PREFIX protobuf_mutator)
>> +set(PBM_PATH ${CMAKE_CURRENT_BINARY_DIR}/${
>> PBM_PREFIX}/src/${PBM_PREFIX})
>

r310408 - Integrate Kostya's clang-proto-fuzzer with LLVM.

[Matt Morehouse via cfe-commits]

Author: morehouse
Date: Tue Aug  8 13:15:04 2017
New Revision: 310408

URL: http://llvm.org/viewvc/llvm-project?rev=310408=rev
Log:
Integrate Kostya's clang-proto-fuzzer with LLVM.

Summary:
The clang-proto-fuzzer models a subset of C++ as a protobuf and
uses libprotobuf-mutator to generate interesting mutations of C++
programs.  Clang-proto-fuzzer has already found several bugs in
Clang (e.g., https://bugs.llvm.org/show_bug.cgi?id=33747,
https://bugs.llvm.org/show_bug.cgi?id=33749).

As with clang-fuzzer, clang-proto-fuzzer requires the following
cmake flags:
- CMAKE_C_COMPILER=clang
- CMAKE_CXX_COMPILER=clang++
- LLVM_USE_SANITIZE_COVERAGE=YES  // needed for libFuzzer
- LLVM_USE_SANITIZER=Address  // needed for libFuzzer

In addition, clang-proto-fuzzer requires:
- CLANG_ENABLE_PROTO_FUZZER=ON

clang-proto-fuzzer also requires the following dependencies:
- binutils  // needed for libprotobuf-mutator
- liblzma-dev  // needed for libprotobuf-mutator
- libz-dev  // needed for libprotobuf-mutator
- docbook2x  // needed for libprotobuf-mutator
- Recent version of protobuf [3.3.0 is known to work]

A working version of libprotobuf-mutator will automatically be
downloaded and built as an external project.

Implementation of clang-proto-fuzzer provided by Kostya
Serebryany.

https://bugs.llvm.org/show_bug.cgi?id=33829

Reviewers: kcc, vitalybuka, bogner

Reviewed By: kcc, vitalybuka

Subscribers: thakis, mgorny, cfe-commits

Differential Revision: https://reviews.llvm.org/D36324

Added:
cfe/trunk/cmake/modules/ProtobufMutator.cmake
cfe/trunk/tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
cfe/trunk/tools/clang-fuzzer/README.txt
cfe/trunk/tools/clang-fuzzer/cxx_proto.proto
cfe/trunk/tools/clang-fuzzer/handle-cxx/
cfe/trunk/tools/clang-fuzzer/handle-cxx/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.cpp
cfe/trunk/tools/clang-fuzzer/handle-cxx/handle_cxx.h
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
cfe/trunk/tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp
Modified:
cfe/trunk/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/ClangFuzzer.cpp

Modified: cfe/trunk/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/CMakeLists.txt?rev=310408=310407=310408=diff
==
--- cfe/trunk/CMakeLists.txt (original)
+++ cfe/trunk/CMakeLists.txt Tue Aug  8 13:15:04 2017
@@ -377,6 +377,8 @@ option(CLANG_ENABLE_STATIC_ANALYZER "Bui
 option(CLANG_ANALYZER_BUILD_Z3
   "Build the static analyzer with the Z3 constraint manager." OFF)
 
+option(CLANG_ENABLE_PROTO_FUZZER "Build Clang protobuf fuzzer." OFF)
+
 if(NOT CLANG_ENABLE_STATIC_ANALYZER AND (CLANG_ENABLE_ARCMT OR 
CLANG_ANALYZER_BUILD_Z3))
   message(FATAL_ERROR "Cannot disable static analyzer while enabling ARCMT or 
Z3")
 endif()

Added: cfe/trunk/cmake/modules/ProtobufMutator.cmake
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/cmake/modules/ProtobufMutator.cmake?rev=310408=auto
==
--- cfe/trunk/cmake/modules/ProtobufMutator.cmake (added)
+++ cfe/trunk/cmake/modules/ProtobufMutator.cmake Tue Aug  8 13:15:04 2017
@@ -0,0 +1,24 @@
+set(PBM_PREFIX protobuf_mutator)
+set(PBM_PATH ${CMAKE_CURRENT_BINARY_DIR}/${PBM_PREFIX}/src/${PBM_PREFIX})
+set(PBM_LIB_PATH ${PBM_PATH}/src/libprotobuf-mutator.a)
+set(PBM_FUZZ_LIB_PATH 
${PBM_PATH}/src/libfuzzer/libprotobuf-mutator-libfuzzer.a)
+
+ExternalProject_Add(${PBM_PREFIX}
+  PREFIX ${PBM_PREFIX}
+  GIT_REPOSITORY https://github.com/google/libprotobuf-mutator.git
+  GIT_TAG 34287f8
+  CONFIGURE_COMMAND ${CMAKE_COMMAND} -G${CMAKE_GENERATOR}
+-DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
+-DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
+-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}
+  BUILD_COMMAND ${CMAKE_MAKE_PROGRAM}
+  BUILD_BYPRODUCTS ${PBM_LIB_PATH} ${PBM_FUZZ_LIB_PATH}
+  BUILD_IN_SOURCE 1
+  INSTALL_COMMAND ""
+  LOG_DOWNLOAD 1
+  LOG_CONFIGURE 1
+  LOG_BUILD 1
+  )
+
+set(ProtobufMutator_INCLUDE_DIRS ${PBM_PATH})
+set(ProtobufMutator_LIBRARIES ${PBM_FUZZ_LIB_PATH} ${PBM_LIB_PATH})

Modified: cfe/trunk/tools/clang-fuzzer/CMakeLists.txt
URL: 
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/clang-fuzzer/CMakeLists.txt?rev=310408=310407=310408=diff
==
--- cfe/trunk/tools/clang-fuzzer/CMakeLists.txt (original)
+++ cfe/trunk/tools/clang-fuzzer/CMakeLists.txt Tue Aug  8 13:15:04 2017
@@ -1,21 +1,60 @@
 if( LLVM_USE_SANITIZE_COVERAGE )
   set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD})
 
+  if(CLANG_ENABLE_PROTO_FUZZER)
+# Create protobuf .h and .cc files, and put them in a library for use by
+#