[compiler-rt] r332034 - [libFuzzer] remove the experimental support for clang coverage instrumentation. This mode has not been used and our experiments with https://github.com/google/fuzzer-test-suite show that this signal is weaker than the SanitizerCoverage
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Thu May 10 13:12:15 PDT 2018
Author: kcc
Date: Thu May 10 13:12:15 2018
New Revision: 332034
URL: http://llvm.org/viewvc/llvm-project?rev=332034&view=rev
Log:
[libFuzzer] remove the experimental support for clang coverage instrumentation. This mode has not been used and our experiments with https://github.com/google/fuzzer-test-suite show that this signal is weaker than the SanitizerCoverage
Removed:
compiler-rt/trunk/lib/fuzzer/FuzzerClangCounters.cpp
compiler-rt/trunk/test/fuzzer/fprofile-instr-generate.test
Modified:
compiler-rt/trunk/lib/fuzzer/CMakeLists.txt
compiler-rt/trunk/lib/fuzzer/FuzzerDefs.h
compiler-rt/trunk/lib/fuzzer/FuzzerDriver.cpp
compiler-rt/trunk/lib/fuzzer/FuzzerFlags.def
compiler-rt/trunk/lib/fuzzer/FuzzerLoop.cpp
compiler-rt/trunk/lib/fuzzer/FuzzerOptions.h
compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp
compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.h
Modified: compiler-rt/trunk/lib/fuzzer/CMakeLists.txt
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/CMakeLists.txt?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/CMakeLists.txt (original)
+++ compiler-rt/trunk/lib/fuzzer/CMakeLists.txt Thu May 10 13:12:15 2018
@@ -1,5 +1,4 @@
set(LIBFUZZER_SOURCES
- FuzzerClangCounters.cpp
FuzzerCrossOver.cpp
FuzzerDriver.cpp
FuzzerExtFunctionsDlsym.cpp
Removed: compiler-rt/trunk/lib/fuzzer/FuzzerClangCounters.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerClangCounters.cpp?rev=332033&view=auto
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerClangCounters.cpp (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerClangCounters.cpp (removed)
@@ -1,49 +0,0 @@
-//===- FuzzerExtraCounters.cpp - Extra coverage counters ------------------===//
-//
-// The LLVM Compiler Infrastructure
-//
-// This file is distributed under the University of Illinois Open Source
-// License. See LICENSE.TXT for details.
-//
-//===----------------------------------------------------------------------===//
-// Coverage counters from Clang's SourceBasedCodeCoverage.
-//===----------------------------------------------------------------------===//
-
-// Support for SourceBasedCodeCoverage is experimental:
-// * Works only for the main binary, not DSOs yet.
-// * Works only on Linux.
-// * Does not implement print_pcs/print_coverage yet.
-// * Is not fully evaluated for performance and sensitivity.
-// We expect large performance drop due to 64-bit counters,
-// and *maybe* better sensitivity due to more fine-grained counters.
-// Preliminary comparison on a single benchmark (RE2) shows
-// a bit worse sensitivity though.
-
-#include "FuzzerDefs.h"
-
-#if LIBFUZZER_LINUX
-__attribute__((weak)) extern uint64_t __start___llvm_prf_cnts;
-__attribute__((weak)) extern uint64_t __stop___llvm_prf_cnts;
-namespace fuzzer {
-uint64_t *ClangCountersBegin() { return &__start___llvm_prf_cnts; }
-uint64_t *ClangCountersEnd() { return &__stop___llvm_prf_cnts; }
-} // namespace fuzzer
-#else
-// TODO: Implement on Mac (if the data shows it's worth it).
-//__attribute__((visibility("hidden")))
-//extern uint64_t CountersStart __asm("section$start$__DATA$__llvm_prf_cnts");
-//__attribute__((visibility("hidden")))
-//extern uint64_t CountersEnd __asm("section$end$__DATA$__llvm_prf_cnts");
-namespace fuzzer {
-uint64_t *ClangCountersBegin() { return nullptr; }
-uint64_t *ClangCountersEnd() { return nullptr; }
-} // namespace fuzzer
-#endif
-
-namespace fuzzer {
-ATTRIBUTE_NO_SANITIZE_ALL
-void ClearClangCounters() { // hand-written memset, don't asan-ify.
- for (auto P = ClangCountersBegin(); P < ClangCountersEnd(); P++)
- *P = 0;
-}
-}
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerDefs.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerDefs.h?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerDefs.h (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerDefs.h Thu May 10 13:12:15 2018
@@ -186,10 +186,6 @@ uint8_t *ExtraCountersBegin();
uint8_t *ExtraCountersEnd();
void ClearExtraCounters();
-uint64_t *ClangCountersBegin();
-uint64_t *ClangCountersEnd();
-void ClearClangCounters();
-
} // namespace fuzzer
#endif // LLVM_FUZZER_DEFS_H
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerDriver.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerDriver.cpp?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerDriver.cpp (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerDriver.cpp Thu May 10 13:12:15 2018
@@ -616,7 +616,6 @@ int FuzzerDriver(int *argc, char ***argv
Options.PrintCorpusStats = Flags.print_corpus_stats;
Options.PrintCoverage = Flags.print_coverage;
Options.DumpCoverage = Flags.dump_coverage;
- Options.UseClangCoverage = Flags.use_clang_coverage;
Options.UseFeatureFrequency = Flags.use_feature_frequency;
if (Flags.exit_on_src_pos)
Options.ExitOnSrcPos = Flags.exit_on_src_pos;
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerFlags.def
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerFlags.def?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerFlags.def (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerFlags.def Thu May 10 13:12:15 2018
@@ -149,5 +149,5 @@ FUZZER_FLAG_INT(ignore_remaining_args, 0
FUZZER_FLAG_STRING(run_equivalence_server, "Experimental")
FUZZER_FLAG_STRING(use_equivalence_server, "Experimental")
FUZZER_FLAG_INT(analyze_dict, 0, "Experimental")
-FUZZER_FLAG_INT(use_clang_coverage, 0, "Experimental")
+FUZZER_DEPRECATED_FLAG(use_clang_coverage)
FUZZER_FLAG_INT(use_feature_frequency, 0, "Experimental/internal")
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerLoop.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerLoop.cpp?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerLoop.cpp (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerLoop.cpp Thu May 10 13:12:15 2018
@@ -149,7 +149,6 @@ Fuzzer::Fuzzer(UserCallback CB, InputCor
EF->__sanitizer_install_malloc_and_free_hooks(MallocHook, FreeHook);
TPC.SetUseCounters(Options.UseCounters);
TPC.SetUseValueProfile(Options.UseValueProfile);
- TPC.SetUseClangCoverage(Options.UseClangCoverage);
if (Options.Verbosity)
TPC.PrintModuleInfo();
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerOptions.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerOptions.h?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerOptions.h (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerOptions.h Thu May 10 13:12:15 2018
@@ -53,7 +53,6 @@ struct FuzzingOptions {
bool PrintCorpusStats = false;
bool PrintCoverage = false;
bool DumpCoverage = false;
- bool UseClangCoverage = false;
bool DetectLeaks = true;
int PurgeAllocatorIntervalSec = 1;
int UseFeatureFrequency = false;
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.cpp Thu May 10 13:12:15 2018
@@ -132,9 +132,6 @@ void TracePC::PrintModuleInfo() {
_Exit(1);
}
}
- if (size_t NumClangCounters = ClangCountersEnd() - ClangCountersBegin())
- Printf("INFO: %zd Clang Coverage Counters\n", NumClangCounters);
-
if (size_t NumExtraCounters = ExtraCountersEnd() - ExtraCountersBegin())
Printf("INFO: %zd Extra Counters\n", NumExtraCounters);
}
@@ -185,13 +182,6 @@ void TracePC::UpdateObservedPCs() {
}
}
}
- if (size_t NumClangCounters =
- ClangCountersEnd() - ClangCountersBegin()) {
- auto P = ClangCountersBegin();
- for (size_t Idx = 0; Idx < NumClangCounters; Idx++)
- if (P[Idx])
- ObservePC((uintptr_t)Idx);
- }
for (size_t i = 0, N = Min(CoveredFuncs.size(), NumPrintNewFuncs); i < N; i++) {
Printf("\tNEW_FUNC[%zd/%zd]: ", i, CoveredFuncs.size());
Modified: compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.h?rev=332034&r1=332033&r2=332034&view=diff
==============================================================================
--- compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.h (original)
+++ compiler-rt/trunk/lib/fuzzer/FuzzerTracePC.h Thu May 10 13:12:15 2018
@@ -80,7 +80,6 @@ class TracePC {
template <class T> void HandleCmp(uintptr_t PC, T Arg1, T Arg2);
size_t GetTotalPCCoverage();
void SetUseCounters(bool UC) { UseCounters = UC; }
- void SetUseClangCoverage(bool UCC) { UseClangCoverage = UCC; }
void SetUseValueProfile(bool VP) { UseValueProfile = VP; }
void SetPrintNewPCs(bool P) { DoPrintNewPCs = P; }
void SetPrintNewFuncs(size_t P) { NumPrintNewFuncs = P; }
@@ -93,8 +92,6 @@ class TracePC {
memset(Counters(), 0, GetNumPCs());
ClearExtraCounters();
ClearInlineCounters();
- if (UseClangCoverage)
- ClearClangCounters();
}
void ClearInlineCounters();
@@ -135,7 +132,6 @@ class TracePC {
private:
bool UseCounters = false;
bool UseValueProfile = false;
- bool UseClangCoverage = false;
bool DoPrintNewPCs = false;
size_t NumPrintNewFuncs = 0;
@@ -251,18 +247,6 @@ void TracePC::CollectFeatures(Callback H
}
}
- if (size_t NumClangCounters = ClangCountersEnd() - ClangCountersBegin()) {
- auto P = ClangCountersBegin();
- for (size_t Idx = 0; Idx < NumClangCounters; Idx++)
- if (auto Cnt = P[Idx]) {
- if (UseCounters)
- HandleFeature(FirstFeature + Idx * 8 + CounterToFeature(Cnt));
- else
- HandleFeature(FirstFeature + Idx);
- }
- FirstFeature += NumClangCounters;
- }
-
ForEachNonZeroByte(ExtraCountersBegin(), ExtraCountersEnd(), FirstFeature,
Handle8bitCounter);
FirstFeature += (ExtraCountersEnd() - ExtraCountersBegin()) * 8;
Removed: compiler-rt/trunk/test/fuzzer/fprofile-instr-generate.test
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/fuzzer/fprofile-instr-generate.test?rev=332033&view=auto
==============================================================================
--- compiler-rt/trunk/test/fuzzer/fprofile-instr-generate.test (original)
+++ compiler-rt/trunk/test/fuzzer/fprofile-instr-generate.test (removed)
@@ -1,7 +0,0 @@
-# Test libFuzzer + -fprofile-instr-generate
-REQUIRES: linux
-RUN: %cpp_compiler %S/SimpleTest.cpp -fsanitize-coverage=0 -fprofile-instr-generate -o %t-SimpleTest-fprofile-instr-generate
-CHECK-NOT: INFO: Loaded 1 modules
-CHECK: INFO: {{.*}} Clang Coverage Counters
-CHECK: BINGO
-RUN: not %t-SimpleTest-fprofile-instr-generate -runs=1000000 -seed=1 -use_clang_coverage=1 2>&1 | FileCheck %s
More information about the llvm-commits
mailing list