maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

[libFuzzer] remove stale code 

llvm-svn: 352571
This commit is contained in:
Kostya Serebryany 2019-01-29 23:53:28 +00:00
parent 61d35249b1
commit 2891b257c2
6 changed files with 3 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
compiler-rt/lib/fuzzer/FuzzerDriver.cpp
View File

@ -621,7 +621,6 @@ int FuzzerDriver(int *argc, char ***argv, UserCallback Callback) {
Options.PrintFinalStats = Flags.print_final_stats;
Options.PrintCorpusStats = Flags.print_corpus_stats;
Options.PrintCoverage = Flags.print_coverage;
Options.DumpCoverage = Flags.dump_coverage;
if (Flags.exit_on_src_pos)
Options.ExitOnSrcPos = Flags.exit_on_src_pos;
if (Flags.exit_on_item)

2
compiler-rt/lib/fuzzer/FuzzerExtFunctions.def
View File

@ -43,8 +43,6 @@ EXT_FUNC(__sanitizer_get_module_and_offset_for_pc, int,
size_t module_path_len,void **pc_offset), false);
EXT_FUNC(__sanitizer_set_death_callback, void, (void (*)(void)), true);
EXT_FUNC(__sanitizer_set_report_fd, void, (void*), false);
EXT_FUNC(__sanitizer_dump_coverage, void, (const uintptr_t *, uintptr_t),
false);
EXT_FUNC(__msan_scoped_disable_interceptor_checks, void, (), false);
EXT_FUNC(__msan_scoped_enable_interceptor_checks, void, (), false);
EXT_FUNC(__msan_unpoison, void, (const volatile void *, size_t size), false);

4
compiler-rt/lib/fuzzer/FuzzerFlags.def
View File

@ -106,9 +106,7 @@ FUZZER_FLAG_INT(print_corpus_stats, 0,
"If 1, print statistics on corpus elements at exit.")
FUZZER_FLAG_INT(print_coverage, 0, "If 1, print coverage information as text"
" at exit.")
FUZZER_FLAG_INT(dump_coverage, 0, "Deprecated."
" If 1, dump coverage information as a"
" .sancov file at exit.")
FUZZER_FLAG_INT(dump_coverage, 0, "Deprecated.")
FUZZER_FLAG_INT(handle_segv, 1, "If 1, try to intercept SIGSEGV.")
FUZZER_FLAG_INT(handle_bus, 1, "If 1, try to intercept SIGBUS.")
FUZZER_FLAG_INT(handle_abrt, 1, "If 1, try to intercept SIGABRT.")

2
compiler-rt/lib/fuzzer/FuzzerLoop.cpp
View File

@ -354,8 +354,6 @@ void Fuzzer::PrintStats(const char *Where, const char *End, size_t Units) {
void Fuzzer::PrintFinalStats() {
if (Options.PrintCoverage)
TPC.PrintCoverage();
if (Options.DumpCoverage)
TPC.DumpCoverage();
if (Options.PrintCorpusStats)
Corpus.PrintStats();
if (!Options.PrintFinalStats)

73
compiler-rt/lib/fuzzer/FuzzerTracePC.cpp
View File

@ -23,15 +23,6 @@
#include "FuzzerValueBitMap.h"
#include <set>
// The coverage counters and PCs.
// These are declared as global variables named "__sancov_*" to simplify
// experiments with inlined instrumentation.
alignas(64) ATTRIBUTE_INTERFACE
uint8_t __sancov_trace_pc_guard_8bit_counters[fuzzer::TracePC::kNumPCs];
ATTRIBUTE_INTERFACE
uintptr_t __sancov_trace_pc_pcs[fuzzer::TracePC::kNumPCs];
// Used by -fsanitize-coverage=stack-depth to track stack depth
ATTRIBUTES_INTERFACE_TLS_INITIAL_EXEC uintptr_t __sancov_lowest_stack;
@ -39,22 +30,8 @@ namespace fuzzer {
TracePC TPC;
uint8_t *TracePC::Counters() const {
return __sancov_trace_pc_guard_8bit_counters;
}
uintptr_t *TracePC::PCs() const {
return __sancov_trace_pc_pcs;
}
size_t TracePC::GetTotalPCCoverage() {
if (ObservedPCs.size())
return ObservedPCs.size();
size_t Res = 0;
for (size_t i = 1, N = GetNumPCs(); i < N; i++)
if (PCs()[i])
Res++;
return Res;
return ObservedPCs.size();
}
@ -77,32 +54,7 @@ void TracePC::HandlePCsInit(const uintptr_t *Start, const uintptr_t *Stop) {
NumPCsInPCTables += E - B;
}
void TracePC::HandleInit(uint32_t *Start, uint32_t *Stop) {
if (Start == Stop || *Start) return;
assert(NumModules < sizeof(Modules) / sizeof(Modules[0]));
for (uint32_t *P = Start; P < Stop; P++) {
NumGuards++;
if (NumGuards == kNumPCs) {
RawPrint(
"WARNING: The binary has too many instrumented PCs.\n"
" You may want to reduce the size of the binary\n"
" for more efficient fuzzing and precise coverage data\n");
}
*P = NumGuards % kNumPCs;
}
Modules[NumModules].Start = Start;
Modules[NumModules].Stop = Stop;
NumModules++;
}
void TracePC::PrintModuleInfo() {
if (NumGuards) {
Printf("INFO: Loaded %zd modules (%zd guards): ", NumModules, NumGuards);
for (size_t i = 0; i < NumModules; i++)
Printf("%zd [%p, %p), ", Modules[i].Stop - Modules[i].Start,
Modules[i].Start, Modules[i].Stop);
Printf("\n");
}
if (NumModulesWithInline8bitCounters) {
Printf("INFO: Loaded %zd modules (%zd inline 8-bit counters): ",
NumModulesWithInline8bitCounters, NumInline8bitCounters);
@ -120,8 +72,7 @@ void TracePC::PrintModuleInfo() {
}
Printf("\n");
if ((NumGuards && NumGuards != NumPCsInPCTables) ||
(NumInline8bitCounters && NumInline8bitCounters != NumPCsInPCTables)) {
if (NumInline8bitCounters && NumInline8bitCounters != NumPCsInPCTables) {
Printf("ERROR: The size of coverage PC tables does not match the\n"
"number of instrumented PCs. This might be a compiler bug,\n"
"please contact the libFuzzer developers.\n"
@ -200,17 +151,6 @@ void TracePC::UpdateObservedPCs() {
if (Beg[j])
Observe(ModulePCTable[i].Start[j]);
}
} else if (NumGuards == NumPCsInPCTables) {
size_t GuardIdx = 1;
for (size_t i = 0; i < NumModules; i++) {
uint32_t *Beg = Modules[i].Start;
size_t Size = Modules[i].Stop - Beg;
assert(Size ==
(size_t)(ModulePCTable[i].Stop - ModulePCTable[i].Start));
for (size_t j = 0; j < Size; j++, GuardIdx++)
if (Counters()[GuardIdx])
Observe(ModulePCTable[i].Start[j]);
}
}
}
@ -322,15 +262,6 @@ void TracePC::PrintCoverage() {
IterateCoveredFunctions(CoveredFunctionCallback);
}
void TracePC::DumpCoverage() {
if (EF->__sanitizer_dump_coverage) {
Vector<uintptr_t> PCsCopy(GetNumPCs());
for (size_t i = 0; i < GetNumPCs(); i++)
PCsCopy[i] = PCs()[i] ? GetPreviousInstructionPc(PCs()[i]) : 0;
EF->__sanitizer_dump_coverage(PCsCopy.data(), PCsCopy.size());
}
}
// Value profile.
// We keep track of various values that affect control flow.
// These values are inserted into a bit-set-based hash map.

34
compiler-rt/lib/fuzzer/FuzzerTracePC.h
View File

@ -69,11 +69,6 @@ struct MemMemTable {
class TracePC {
public:
static const size_t kNumPCs = 1 << 21;
// How many bits of PC are used from __sanitizer_cov_trace_pc.
static const size_t kTracePcBits = 18;
void HandleInit(uint32_t *Start, uint32_t *Stop);
void HandleInline8bitCountersInit(uint8_t *Start, uint8_t *Stop);
void HandlePCsInit(const uintptr_t *Start, const uintptr_t *Stop);
void HandleCallerCallee(uintptr_t Caller, uintptr_t Callee);
@ -88,8 +83,6 @@ class TracePC {
void ResetMaps() {
ValueProfileMap.Reset();
if (NumModules)
memset(Counters(), 0, GetNumPCs());
ClearExtraCounters();
ClearInlineCounters();
}
@ -102,7 +95,6 @@ class TracePC {
void PrintModuleInfo();
void PrintCoverage();
void DumpCoverage();
template<class CallBack>
void IterateCoveredFunctions(CallBack CB);
@ -115,14 +107,6 @@ class TracePC {
TableOfRecentCompares<Word, 32> TORCW;
MemMemTable<1024> MMT;
size_t GetNumPCs() const {
return NumGuards == 0 ? (1 << kTracePcBits) : Min(kNumPCs, NumGuards + 1);
}
uintptr_t GetPC(size_t Idx) {
assert(Idx < GetNumPCs());
return PCs()[Idx];
}
void RecordInitialStack();
uintptr_t GetMaxStackOffset() const;
@ -141,14 +125,6 @@ private:
bool DoPrintNewPCs = false;
size_t NumPrintNewFuncs = 0;
struct Module {
uint32_t *Start, *Stop;
};
Module Modules[4096];
size_t NumModules; // linker-initialized.
size_t NumGuards; // linker-initialized.
struct { uint8_t *Start, *Stop; } ModuleCounters[4096];
size_t NumModulesWithInline8bitCounters; // linker-initialized.
size_t NumInline8bitCounters;
@ -161,9 +137,6 @@ private:
size_t NumPCTables;
size_t NumPCsInPCTables;
uint8_t *Counters() const;
uintptr_t *PCs() const;
Set<uintptr_t> ObservedPCs;
std::unordered_map<uintptr_t, uintptr_t> ObservedFuncs; // PC => Counter.
@ -230,8 +203,6 @@ template <class Callback> // void Callback(size_t Feature)
ATTRIBUTE_NO_SANITIZE_ADDRESS
ATTRIBUTE_NOINLINE
void TracePC::CollectFeatures(Callback HandleFeature) const {
uint8_t *Counters = this->Counters();
size_t N = GetNumPCs();
auto Handle8bitCounter = [&](size_t FirstFeature,
size_t Idx, uint8_t Counter) {
if (UseCounters)
@ -242,11 +213,6 @@ void TracePC::CollectFeatures(Callback HandleFeature) const {
size_t FirstFeature = 0;
if (!NumInline8bitCounters) {
ForEachNonZeroByte(Counters, Counters + N, FirstFeature, Handle8bitCounter);
FirstFeature += N * 8;
}
if (NumInline8bitCounters) {
for (size_t i = 0; i < NumModulesWithInline8bitCounters; i++) {
ForEachNonZeroByte(ModuleCounters[i].Start, ModuleCounters[i].Stop,