[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman created this revision.
emmettneyman added reviewers: morehouse, kcc.
Herald added a subscriber: cfe-commits.
Changed the structure of the generated IR to make it easier to vectorize
Repository:
rC Clang
https://reviews.llvm.org/D50342
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -43,17 +43,17 @@
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
-arr = "%a";
+arr = "%0";
break;
case VarRef::ARR_B:
-arr = "%b";
+arr = "%1";
break;
case VarRef::ARR_C:
-arr = "%c";
+arr = "%2";
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64
%ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,22 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
-<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+ return os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+<< "define void @foo(i32*, i32*, i32*, i64) {\n"
+<< "%5 = icmp sgt i64 %3, 0\n"
+<< "br i1 %5, label %6, label %8\n"
+<< "; :6:\n"
+<< "br label %9\n"
+<< "; :7:\n"
+<< "br label %8\n"
+<< "; :8:\n"
+<< "ret void\n"
+<< "; :9:\n"
+<< " %ct = phi i64 [ %10, %9 ], [ 0, %6 ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%10 = add nuw nsw i64 %ct, 1\n"
+<< "%11 = icmp eq i64 %10, %3\n"
+<< "br i1 %11, label %7, label %9\n}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -43,17 +43,17 @@
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
-arr = "%a";
+arr = "%0";
break;
case VarRef::ARR_B:
-arr = "%b";
+arr = "%1";
break;
case VarRef::ARR_C:
-arr = "%c";
+arr = "%2";
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,22 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
-<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+ return os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+<< "define void @foo(i32*, i32*, i32*, i64) {\n"
+<< "%5 = icmp sgt i64 %3, 0\n"
+<< "br i1 %5, label %6, label %8\n"
+<< "; :6:\n"
+<< "br label %9\n"
+<< "; :7:\n"
+<< "br label %8\n"
+<< "; :8:\n"
+<< "ret void\n"
+<< "; :9:\n"
+<< " %ct = phi i64 [ %10, %9 ], [ 0, %6 ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%10 = add nuw nsw i64 %ct, 1\n"
+<< "%11 = icmp eq i64 %10, %3\n"
+<< "br i1 %11, label %7, label %9\n}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman added inline comments.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:125
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
-<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+ return os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+<< "define void @foo(i32*, i32*, i32*, i64) {\n"
morehouse wrote:
> What does `pc` mean in this triple? I'm used to seeing
> `x86_64-unknown-linux-gnu`.
It's probably generating `pc` since I'm using my desktop. I'll change it to
`unknown` so it's not platform-specific.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:126
+ return os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+<< "define void @foo(i32*, i32*, i32*, i64) {\n"
+<< "%5 = icmp sgt i64 %3, 0\n"
morehouse wrote:
> Does removing the variable names really make this easier to vectorize?
It doesn't, I just thought it was cleaner and produced slightly smaller IR. It
also more closely mimics the behavior of the `-emit-llvm` flag.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:129
+<< "br i1 %5, label %6, label %8\n"
+<< "; :6:\n"
+<< "br label %9\n"
morehouse wrote:
> Does removing branch names really make this easier to vectorize?
Same answer as above. Should I change these back?
Repository:
rC Clang
https://reviews.llvm.org/D50342
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman updated this revision to Diff 159373.
emmettneyman added a comment.
Changed pc to unknown
Repository:
rC Clang
https://reviews.llvm.org/D50342
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -43,17 +43,17 @@
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
-arr = "%a";
+arr = "%0";
break;
case VarRef::ARR_B:
-arr = "%b";
+arr = "%1";
break;
case VarRef::ARR_C:
-arr = "%c";
+arr = "%2";
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64
%ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,22 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
-<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32*, i32*, i32*, i64) {\n"
+<< "%5 = icmp sgt i64 %3, 0\n"
+<< "br i1 %5, label %6, label %8\n"
+<< "; :6:\n"
+<< "br label %9\n"
+<< "; :7:\n"
+<< "br label %8\n"
+<< "; :8:\n"
+<< "ret void\n"
+<< "; :9:\n"
+<< " %ct = phi i64 [ %10, %9 ], [ 0, %6 ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%10 = add nuw nsw i64 %ct, 1\n"
+<< "%11 = icmp eq i64 %10, %3\n"
+<< "br i1 %11, label %7, label %9\n}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -43,17 +43,17 @@
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
-arr = "%a";
+arr = "%0";
break;
case VarRef::ARR_B:
-arr = "%b";
+arr = "%1";
break;
case VarRef::ARR_C:
-arr = "%c";
+arr = "%2";
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,22 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
-<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32*, i32*, i32*, i64) {\n"
+<< "%5 = icmp sgt i64 %3, 0\n"
+<< "br i1 %5, label %6, label %8\n"
+<< "; :6:\n"
+<< "br label %9\n"
+<< "; :7:\n"
+<< "br label %8\n"
+<< "; :8:\n"
+<< "ret void\n"
+<< "; :9:\n"
+<< " %ct = phi i64 [ %10, %9 ], [ 0, %6 ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%10 = add nuw nsw i64 %ct, 1\n"
+<< "%11 = icmp eq i64 %10, %3\n"
+<< "br i1 %11, label %7, label %9\n}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman updated this revision to Diff 159389.
emmettneyman added a comment.
Added back more descriptive variable and loop names
Repository:
rC Clang
https://reviews.llvm.org/D50342
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64
%ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,22 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "endloop:\n"
+<< "br label %end\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add nuw nsw i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %endloop, label %loop\n}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,22 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "endloop:\n"
+<< "br label %end\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add nuw nsw i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %endloop, label %loop\n}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman added inline comments.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:127
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
morehouse wrote:
> Should `%s` be signed? Do we want unsigned compare here?
I don't think it matters since `%s` will always be positive (it will always be
equal to
`kArraySize` from `input_arrays.h`).
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:134
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
morehouse wrote:
> Seems like the `endloop` label is unnecessary. Does this help vectorize? If
> not, lets get rid of unconditional jumps to the next line.
I initially had it this way since that's how `-emit-llvm` generated the code.
But it doesn't seem like it's necessary for loops to be vectorized upon further
inspection.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:138
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add nuw nsw i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
morehouse wrote:
> This will make overflow undefined... Isn't that the opposite of what we want?
> That will permit LLVM to assume overflow never happens and modify the code
> in new ways based on that assumption.
That's a good point. It probably won't matter since this addition will never
overflow (we're just starting at zero and incrementing by one). This is what
was generated by `-emit-llvm`. I'll remove it to reduce confusion.
Repository:
rC Clang
https://reviews.llvm.org/D50342
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman updated this revision to Diff 159421.
emmettneyman added a comment.
Some small fixes to improve simplicity of generated IR
Repository:
rC Clang
https://reviews.llvm.org/D50342
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64
%ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,20 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %end, label %loop\n}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,20 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %end, label %loop\n}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
emmettneyman updated this revision to Diff 159425.
emmettneyman added a comment.
Rebased and ready to land
Repository:
rC Clang
https://reviews.llvm.org/D50342
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64
%ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,20 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %end, label %loop\n}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,20 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %end, label %loop\n}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50342: Changed how LLVM IR was generated to increase vectorization
This revision was automatically updated to reflect the committed changes.
Closed by commit rL339080: Changed how LLVM IR was generated to increase
vectorization (authored by emmettneyman, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D50342?vs=159425&id=159427#toc
Repository:
rL LLVM
https://reviews.llvm.org/D50342
Files:
cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64
%ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,20 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s)
{\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %end, label %loop\n}\n";
}
// -
Index: cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -53,7 +53,7 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,21 +122,20 @@
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
-<< "%i = alloca i64\n"
-<< "store i64 0, i64* %i\n"
-<< "br label %loop\n\n"
+ return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
+<< "%1 = icmp sgt i64 %s, 0\n"
+<< "br i1 %1, label %start, label %end\n"
+<< "start:\n"
+<< "br label %loop\n"
+<< "end:\n"
+<< "ret void\n"
<< "loop:\n"
-<< "%ct = load i64, i64* %i\n"
-<< "%comp = icmp eq i64 %ct, %s\n"
-<< "br i1 %comp, label %endloop, label %body\n\n"
-<< "body:\n"
+<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
<< x.statements()
-<< "%z = add i64 1, %ct\n"
-<< "store i64 %z, i64* %i\n"
-<< "br label %loop\n\n"
-<< "endloop:\n"
-<< "ret void\n}\n";
+<< "%ctnew = add i64 %ct, 1\n"
+<< "%j = icmp eq i64 %ctnew, %s\n"
+<< "br i1 %j, label %end, label %loop\n}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50482: Added another optimization pass to make vectorizing possible
emmettneyman created this revision.
emmettneyman added reviewers: morehouse, kcc.
Herald added a subscriber: cfe-commits.
I noticed that my code wasn't going deep into the loop vectorizer code so added
another pass that makes it go further.
Repository:
rC Clang
https://reviews.llvm.org/D50482
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -77,6 +77,18 @@
std::exit(1);
}
+// Helper function that returns a *TargetMachine, used by OptLLVM
+static TargetMachine* GetTargetMachine(Triple TheTriple, StringRef CPUStr,
+ StringRef FeaturesStr,
+ const TargetOptions &Options,
+ CodeGenOpt::Level OLvl) {
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, TheTriple, E);
+ return TheTarget->createTargetMachine(TheTriple.getTriple(), CPUStr,
+FeaturesStr, Options, getRelocModel(),
+getCodeModel(), OLvl);
+}
+
// Helper function to add optimization passes to the TargetMachine at the
// specified optimization level, OptLevel
static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
@@ -100,17 +112,24 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::unique_ptr TM(GetTargetMachine(ModuleTriple, getCPUStr(),
+getFeaturesStr(), Options, OLvl));
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ auto createTargetMachine(TheTriple.getTriple(), CPUStr,
+FeaturesStr, Options, getRelocModel(),
+getCodeModel(), OLvl);
+}
+
// Helper function to add optimization passes to the TargetMachine at the
// specified optimization level, OptLevel
static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
@@ -100,17 +112,24 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::unique_ptr TM(GetTargetMachine(ModuleTriple, getCPUStr(),
+getFeaturesStr(), Options, OLvl));
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ auto
[PATCH] D50482: Added another optimization pass to make vectorizing possible
emmettneyman updated this revision to Diff 159831.
emmettneyman added a comment.
- minor style fix
Repository:
rC Clang
https://reviews.llvm.org/D50482
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -77,6 +77,18 @@
std::exit(1);
}
+// Helper function that returns a *TargetMachine, used by OptLLVM
+static TargetMachine* GetTargetMachine(Triple TheTriple, StringRef CPUStr,
+ StringRef FeaturesStr,
+ const TargetOptions &Options,
+ CodeGenOpt::Level OLvl) {
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, TheTriple, E);
+ return TheTarget->createTargetMachine(TheTriple.getTriple(), CPUStr,
+FeaturesStr, Options, getRelocModel(),
+getCodeModel(), OLvl);
+}
+
// Helper function to add optimization passes to the TargetMachine at the
// specified optimization level, OptLevel
static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
@@ -100,17 +112,24 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::unique_ptr TM(GetTargetMachine(ModuleTriple, getCPUStr(),
+getFeaturesStr(), Options, OLvl));
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine createTargetMachine(TheTriple.getTriple(), CPUStr,
+FeaturesStr, Options, getRelocModel(),
+getCodeModel(), OLvl);
+}
+
// Helper function to add optimization passes to the TargetMachine at the
// specified optimization level, OptLevel
static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
@@ -100,17 +112,24 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::unique_ptr TM(GetTargetMachine(ModuleTriple, getCPUStr(),
+getFeaturesStr(), Options, OLvl));
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine
[PATCH] D50482: Added another optimization pass to make vectorizing possible
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:126 + + autoIs TM guaranteed to be an LLVMTargetMachine? Yes, since the target triple will always be X86. Repository: rC Clang https://reviews.llvm.org/D50482 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50482: Added another optimization pass to make vectorizing possible
emmettneyman updated this revision to Diff 159834.
emmettneyman added a comment.
- Inlined function
Repository:
rC Clang
https://reviews.llvm.org/D50482
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -100,17 +100,29 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, ModuleTriple,
E);
+ TargetMachine *Machine =
+ TheTarget->createTargetMachine(M->getTargetTriple(), getCPUStr(),
+ getFeaturesStr(), Options,
getRelocModel(),
+ getCodeModel(), OLvl);
+ std::unique_ptr TM(Machine);
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, ModuleTriple, E);
+ TargetMachine *Machine =
+ TheTarget->createTargetMachine(M->getTargetTriple(), getCPUStr(),
+ getFeaturesStr(), Options, getRelocModel(),
+ getCodeModel(), OLvl);
+ std::unique_ptr TM(Machine);
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine
[PATCH] D50482: Added another optimization pass to make vectorizing possible
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:103 + Triple ModuleTriple(M->getTargetTriple()); + const TargetOptions Options = InitTargetOptionsFromCodeGenFlags(); morehouse wrote: > I think you can avoid creating a Triple and instead just call > `M->getTargetTriple()` in `lookupTarget` below. `M->getTargetTriple()` returns a `std::string` and both `lookupTarget()` and `TargetLibraryInfoWrapperPass()` take a `Triple` object. Repository: rC Clang https://reviews.llvm.org/D50482 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50482: Added another optimization pass to make vectorizing possible
emmettneyman updated this revision to Diff 159838.
emmettneyman added a comment.
Rebase
Repository:
rC Clang
https://reviews.llvm.org/D50482
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -100,17 +100,29 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, ModuleTriple,
E);
+ TargetMachine *Machine =
+ TheTarget->createTargetMachine(M->getTargetTriple(), getCPUStr(),
+ getFeaturesStr(), Options,
getRelocModel(),
+ getCodeModel(), OLvl);
+ std::unique_ptr TM(Machine);
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, ModuleTriple, E);
+ TargetMachine *Machine =
+ TheTarget->createTargetMachine(M->getTargetTriple(), getCPUStr(),
+ getFeaturesStr(), Options, getRelocModel(),
+ getCodeModel(), OLvl);
+ std::unique_ptr TM(Machine);
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine
[PATCH] D50482: Added another optimization pass to make vectorizing possible
This revision was automatically updated to reflect the committed changes.
Closed by commit rL339305: Added another optimization pass to make vectorizing
possible (authored by emmettneyman, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D50482?vs=159838&id=159839#toc
Repository:
rL LLVM
https://reviews.llvm.org/D50482
Files:
cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -100,17 +100,29 @@
if (!M || verifyModule(*M, &errs()))
ErrorAndExit("Could not parse IR");
+ Triple ModuleTriple(M->getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, ModuleTriple,
E);
+ TargetMachine *Machine =
+ TheTarget->createTargetMachine(M->getTargetTriple(), getCPUStr(),
+ getFeaturesStr(), Options,
getRelocModel(),
+ getCodeModel(), OLvl);
+ std::unique_ptr TM(Machine);
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine getTargetTriple());
+ const TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
+ std::string E;
+ const Target *TheTarget = TargetRegistry::lookupTarget(MArch, ModuleTriple, E);
+ TargetMachine *Machine =
+ TheTarget->createTargetMachine(M->getTargetTriple(), getCPUStr(),
+ getFeaturesStr(), Options, getRelocModel(),
+ getCodeModel(), OLvl);
+ std::unique_ptr TM(Machine);
setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
-
+
legacy::PassManager Passes;
- Triple ModuleTriple(M->getTargetTriple());
Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
- Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createTargetTransformInfoWrapperPass(TM->getTargetIRAnalysis()));
+
+ LLVMTargetMachine
[PATCH] D50530: Added LLVM metadata to generated IR to increase vectorization width
emmettneyman created this revision.
emmettneyman added reviewers: morehouse, kcc.
Herald added a subscriber: cfe-commits.
Edited `loop_proto_to_llvm` to emit metadata at the end of the generated IR.
This metadata will increase the vector width when the IR is optimized.
Repository:
rC Clang
https://reviews.llvm.org/D50530
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -15,6 +15,8 @@
#include
#include
+#include "../handle-llvm/input_arrays.h"
+
namespace clang_fuzzer {
class LoopFunction;
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -135,7 +135,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -15,6 +15,8 @@
#include
#include
+#include "../handle-llvm/input_arrays.h"
+
namespace clang_fuzzer {
class LoopFunction;
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -135,7 +135,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50530: Added LLVM metadata to generated IR to increase vectorization width
emmettneyman added inline comments.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:141
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
morehouse wrote:
> I'm not sure `kArraySize` is what you want here. Does "width" refer to array
> size or the SIMD width?
>
> Any problem with letting the vectorizer determine this automatically?
The "width" refers to how wide the vector types should be in the outputted IR.
So for example, a width of 64 would produce IR instructions with the type `<64
x i32>`.
The problem with letting the vectorizer determine the width automatically is
that since the length of the arrays (and so, the number of loop iterations) is
passed to the function as a parameter, the vectorizer always chooses the
default width of 4 when running the loop vectorize optimization pass.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:142
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
morehouse wrote:
> Does this metadata change coverage in the vectorizer?
I'm running the coverage now, but my guess is yes. Because this metadata
overrides the default behavior of the loop vectorizer, I think it will increase
the coverage.
Repository:
rC Clang
https://reviews.llvm.org/D50530
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50530: Added LLVM metadata to generated IR to increase vectorization width
emmettneyman updated this revision to Diff 159993.
emmettneyman added a comment.
Switched the include statement to the cpp file
Repository:
rC Clang
https://reviews.llvm.org/D50530
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -15,6 +15,7 @@
#include "loop_proto_to_llvm.h"
#include "cxx_loop_proto.pb.h"
+#include "../handle-llvm/input_arrays.h"
// The following is needed to convert protos in human-readable form
#include
@@ -135,7 +136,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -15,6 +15,7 @@
#include "loop_proto_to_llvm.h"
#include "cxx_loop_proto.pb.h"
+#include "../handle-llvm/input_arrays.h"
// The following is needed to convert protos in human-readable form
#include
@@ -135,7 +136,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50530: Added LLVM metadata to generated IR to increase vectorization width
emmettneyman updated this revision to Diff 160016.
emmettneyman added a comment.
Rebased and ready to land
Repository:
rC Clang
https://reviews.llvm.org/D50530
Files:
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -15,6 +15,7 @@
#include "loop_proto_to_llvm.h"
#include "cxx_loop_proto.pb.h"
+#include "../handle-llvm/input_arrays.h"
// The following is needed to convert protos in human-readable form
#include
@@ -135,7 +136,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -15,6 +15,7 @@
#include "loop_proto_to_llvm.h"
#include "cxx_loop_proto.pb.h"
+#include "../handle-llvm/input_arrays.h"
// The following is needed to convert protos in human-readable form
#include
@@ -135,7 +136,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50530: Added LLVM metadata to generated IR to increase vectorization width
This revision was automatically updated to reflect the committed changes.
Closed by commit rL339392: Added LLVM metadata to generated IR to increase
vectorization width (authored by emmettneyman, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D50530?vs=160016&id=160017#toc
Repository:
rL LLVM
https://reviews.llvm.org/D50530
Files:
cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -15,6 +15,7 @@
#include "loop_proto_to_llvm.h"
#include "cxx_loop_proto.pb.h"
+#include "../handle-llvm/input_arrays.h"
// The following is needed to convert protos in human-readable form
#include
@@ -135,7 +136,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
Index: cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ cfe/trunk/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -15,6 +15,7 @@
#include "loop_proto_to_llvm.h"
#include "cxx_loop_proto.pb.h"
+#include "../handle-llvm/input_arrays.h"
// The following is needed to convert protos in human-readable form
#include
@@ -135,7 +136,11 @@
<< x.statements()
<< "%ctnew = add i64 %ct, 1\n"
<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop\n}\n";
+<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+<< "!0 = distinct !{!0, !1, !2}\n"
+<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
+<< "}\n";
}
// -
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50670: Implementation of multiple loops in cxx_loop_proto
emmettneyman created this revision.
emmettneyman added reviewers: morehouse, kcc.
Herald added a subscriber: cfe-commits.
Extended `cxx_loop_proto` to have multiple for loops. Modified
`loop_proto_to_llvm` and `loop_proto_to_cxx` to handle the new protos. In
`loop_proto_to_llvm`, I only translate the first ten loops from the protobuf
into IR. This will keep down the runtime of each fuzzer run.
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,11 +30,21 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static int loop_ctr = 0;
+
+static std::string get_loop_num() {
+ return std::to_string(loop_ctr);
+}
+
+static void new_loop() {
+ loop_ctr++;
+}
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
@@ -54,7 +64,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %ct_" << get_loop_num() << "\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,25 +133,50 @@
}
return os;
}
-std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
+std::ostream &operator<<(std::ostream &os, const Loop &x) {
+ new_loop();
+ std::string lnum = get_loop_num();
+ std::string next_lnum = std::to_string(stoi(lnum) + 1);
+ if (!lnum.compare("1")) {
+os << "%cmp_" << lnum << " = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp_" << lnum << ", label %loop_start_" << lnum
+ << ", label %end\n";
+ }
+ return os << "loop_start_" << lnum << ":\n"
+<< "br label %loop_" << lnum << "\n"
+<< "loop_end_" << lnum << ":\n"
+<< "%cmp_" << next_lnum << " = icmp sgt i64 %s, 0\n"
+<< "br i1 %cmp_" << next_lnum << ", label %loop_start_" << next_lnum
+<< ", label %end\n"
+<< "loop_" << lnum << ":\n"
+<< " %ct_" << lnum << " = phi i64 [ %ctnew_" << lnum
+<< ", %loop_" << lnum << " ], [ 0, %loop_start_" << lnum << " ]\n"
<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+<< "%ctnew_" << lnum << " = add i64 %ct_" << lnum << ", 1\n"
+<< "%j_" << lnum << " = icmp eq i64 %ctnew_" << lnum << ", %s\n"
+<< "br i1 %j_" << lnum << ", label %loop_end_" << lnum
+<< ", label %loop_" << lnum << ", !llvm.loop !0\n";
+
+}
+std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n";
+ for (auto &lp : x.loops()) {
+os << lp;
+// No matter how many loops the protobuf has, only translate 10 of them
+if (!get_loop_num().compare("10"))
+ break;
+ }
+ new_loop();
+ std::string lnum = get_loop_num();
+ os << "loop_start_" << lnum << ":\n"
+ << "br label %end\n"
+ << "end:\n"
+ << "ret void\n}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+ return os;
}
// -
Index: clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -108,10 +108,15 @@
os <<
[PATCH] D50670: Implementation of multiple loops in cxx_loop_proto
emmettneyman added a comment. No, it doesn't actually. I thought it would try to combine the separate loops into one block of vectorized instructions but after looking at the coverage of multiple loops vs single loop, they cover exactly the same parts of the Loop Vectorizer. Should I switch my focus to nested loops instead? I think nested loops will increase coverage. Repository: rC Clang https://reviews.llvm.org/D50670 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50670: Implementation of multiple loops in cxx_loop_proto
emmettneyman updated this revision to Diff 160740.
emmettneyman added a comment.
Changed the multiloop protos to nested loop protos. All the protos have an
inner loop and an outer loop.
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,20 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop = false;
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string var = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +57,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << var << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -120,27 +124,37 @@
for (auto &st : x.statements()) {
os << st;
}
+ inner_loop = true;
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %outer_loop_start, label %end\n"
+ << "outer_loop_start:\n"
+ << "br label %inner_loop_start\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "end:\n"
+ << "ret void\n"
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add nuw nsw i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n"
+ << x.inner_statements()
+ << "%i_ct_new = add nuw nsw i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+ return os;
}
// -
Index: clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -28,6 +28,8 @@
namespace clang_fuzzer {
+static bool inner_loop;
+
// Forward decls.
std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
@@ -37,13 +39,14 @@
return os << "(" << x.val() << ")";
}
std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ std::string var = inner_loop ? "i" : "j";
switch (x.arr()) {
case VarRef::ARR_A:
- return os << "a[i]";
+ return os << "a[" << var << "]";
case VarRef::ARR_B:
- return os << "b[i]";
+ return os << "b[" << var << "]";
case VarRef::ARR_C:
- return os << "c[i]";
+ return os << "c[" << var << "]";
}
}
std::ostream &operato
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman added a comment.
In https://reviews.llvm.org/D50670#1200784, @morehouse wrote:
> Does this hit new coverage in the vectorizer?
Yes, this does hit new coverage in the loop vectorizer code.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:131
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
morehouse wrote:
> Why do you change this to `pc` again?
Sorry, it got changed back when I copy/pasted the IR.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:136
+ << "outer_loop_start:\n"
+ << "br label %inner_loop_start\n"
+ << "inner_loop_start:\n"
morehouse wrote:
> Looks like a pointless branch.
I realize it's just a label with a branch instruction but I think I need it for
the phi instruction. I will move the `outer_loop_start` label above the `icmp`
instruction and change the branch from `outer_loop_start` to `inner_loop_start`.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:144
+ << x.outer_statements()
+ << "%o_ct_new = add nuw nsw i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
morehouse wrote:
> Why `nuw`, `nsw` here?
Sorry, it got changed back when I copy/pasted the IR.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:154
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
morehouse wrote:
> Can we simplify the order of blocks here? It is confusing to follow all
> these jumps forward and backward.
Yes, I think it might be cleaner to have the blocks like this:
```
define @foo... {
outer_loop_start
outer_loop
inner_loop_start
inner_loop
end
}
```
Repository:
rC Clang
https://reviews.llvm.org/D50670
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman updated this revision to Diff 160866.
emmettneyman edited the summary of this revision.
emmettneyman added a comment.
Small changes to generated IR
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,20 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop = false;
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string which_loop = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +57,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << which_loop << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -120,27 +124,37 @@
for (auto &st : x.statements()) {
os << st;
}
+ inner_loop = true;
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ inner_loop = false;
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "outer_loop_start:\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %inner_loop_start, label %end\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "end:\n"
+ << "ret void\n"
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n"
+ << x.inner_statements()
+ << "%i_ct_new = add i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+ return os;
}
// -
Index: clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -28,6 +28,8 @@
namespace clang_fuzzer {
+static bool inner_loop;
+
// Forward decls.
std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
@@ -37,13 +39,14 @@
return os << "(" << x.val() << ")";
}
std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ std::string var = inner_loop ? "i" : "j";
switch (x.arr()) {
case VarRef::ARR_A:
- return os << "a[i]";
+ return os << "a[" << var << "]";
case VarRef::ARR_B:
- return os << "b[i]";
+ return os << "b[" << var << "]";
case VarRef::ARR_C:
- return os << "c[i]";
+ return os << "c[" << var << "]";
}
}
std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman updated this revision to Diff 160870.
emmettneyman added a comment.
Small changes to generated IR, my last change hadn't saved
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,20 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop = false;
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string which_loop = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +57,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << which_loop << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -120,27 +124,37 @@
for (auto &st : x.statements()) {
os << st;
}
+ inner_loop = true;
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ inner_loop = false;
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "outer_loop_start:\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %inner_loop_start, label %end\n"
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n"
+ << x.inner_statements()
+ << "%i_ct_new = add i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "end:\n"
+ << "ret void\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+ return os;
}
// -
Index: clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -28,6 +28,8 @@
namespace clang_fuzzer {
+static bool inner_loop;
+
// Forward decls.
std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
@@ -37,13 +39,14 @@
return os << "(" << x.val() << ")";
}
std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ std::string var = inner_loop ? "i" : "j";
switch (x.arr()) {
case VarRef::ARR_A:
- return os << "a[i]";
+ return os << "a[" << var << "]";
case VarRef::ARR_B:
- return os << "b[i]";
+ return os << "b[" << var << "]";
case VarRef::ARR_C:
- return os << "c[i]";
+ return os << "c[" << var << "]";
}
}
std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
@@ -109,9 +112,13 @@
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman added inline comments.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:132
+ os << "target triple = \"x86_64-pc-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
morehouse wrote:
> I'm curious how this change affects coverage independent of the rest of this
> change. Also what would happen if we set `%a` and `%b` to noalias as well?
`%c` was always supposed to be `noalias`. It got changed accidentally in the
last patch. I'm not sure what would change in the coverage if `%a` and `%b`
also got set to be `noalias`.
@kcc and I had originally planned for `foo (int *a, int *b, int *__restrict__
c, size_t s)` to be just the first function signature we tried for this fuzz
target and to change it up and try different signatures.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:127
}
+ inner_loop = true;
return os;
morehouse wrote:
> Maybe this fixes the bug, but modifying `inner_loop` from different functions
> is still error-prone.
>
> Please either make this a scoped variable (with a wrapper class that sets it
> to true in the constructor and sets it to false in the destructor), or make
> it a parameter.
Would it be better if `inner_loop` was only modified in the `LoopFunction`
operator override? For example:
```
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
inner_loop = false;
os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
<< << "outer_loop:\n"
<< x.outer_statements();
inner_loop = true;
os << "%o_ct_new = add i64 %outer_ct, 1\n"
<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
return os;
```
And removed `inner_loop = true;` from the above function?
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:140
+ << "br label %inner_loop\n"
+ << "end:\n"
+ << "ret void\n"
morehouse wrote:
> I don't see any jumps to `end`. I think this will be an infinite loop.
There are two jumps to `end`, one before entering the `outer_loop` and one at
the end of `outer_loop`.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:143
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
morehouse wrote:
> morehouse wrote:
> > IIUC this creates loop structure always like this:
> >
> > ```
> > for (int i = 0; i < s; i++) {
> > for (int j = 0; j < s; j++) {
> > // statements
> > }
> > // statements
> > }
> > ```
> >
> > Maybe not necessary for this patch, but I'm curious if adding statements
> > before the inner loop would exercise different coverage in the vectorizer.
> Will all loops be double-nested now?
Yes, that's correct. It's also worth noting that all the statements in the
inner loop will only use `j` to index into the arrays, never `i`. It shouldn't
be hard to add outer loop statements before the inner loop. A third
`StatementSeq` could be added to the `LoopFunction` proto: one for outer loop
statements before the inner loop, one for inner loop statements, and one for
outer loop statements after the inner loop.
Comment at: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp:143
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
emmettneyman wrote:
> morehouse wrote:
> > morehouse wrote:
> > > IIUC this creates loop structure always like this:
> > >
> > > ```
> > > for (int i = 0; i < s; i++) {
> > > for (int j = 0; j < s; j++) {
> > > // statements
> > > }
> > > // statements
> > > }
> > > ```
> > >
> > > Maybe not necessary for this patch, but I'm curious if adding statements
> > > before the inner loop would exercise different coverage in the vectorizer.
> > Will all loops be double-nested now?
> Yes, that's correct. It's also worth noting that all the statements in the
> inner loop will only use `j` to index into the arrays, never `i`. It
> shouldn't be hard to add outer loop statements before the inner loop. A third
> `StatementSeq` could be added to the `LoopFunction` proto: one for outer loop
> statements before the inner loop, one for inner loop statements, and one for
> outer loop statements after the inner loop.
Yes, all loops will be double-nested. It shouldn't be difficult to make the
inner loop optional though. In `cxx_loop_proto`, the first `Statement_Seq`,
`inner_statements`, can be made `optional` and then a different IR structures
can be generated depending on whether or not `inner_statements` exists.
Repository:
rC Clang
https://reviews.llvm.org/D50670
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.or
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman updated this revision to Diff 160920.
emmettneyman added a comment.
Made the inner loop optional
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,19 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop;
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string which_loop = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +56,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << which_loop << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,25 +125,61 @@
}
return os;
}
+void NestedLoopToString(std::ostream &os, const LoopFunction &x) {
+ inner_loop = false;
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "outer_loop_start:\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %inner_loop_start, label %end\n"
+ << "outer_loop:\n"
+ << x.outer_statements();
+ inner_loop = true;
+ os << "%o_ct_new = add i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n"
+ << x.inner_statements()
+ << "%i_ct_new = add i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "end:\n"
+ << "ret void\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
+void SingleLoopToString(std::ostream &os, const LoopFunction &x) {
+ inner_loop = false;
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %start, label %end\n"
+ << "start:\n"
+ << "br label %loop\n"
+ << "end:\n"
+ << "ret void\n"
+ << "loop:\n"
+ << "%outer_ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
+ << x.outer_statements()
+ << "%ctnew = add i64 %outer_ct, 1\n"
+ << "%j = icmp eq i64 %ctnew, %s\n"
+ << "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ if (x.has_inner_statements())
+NestedLoopToString(os, x);
+ else
+SingleLoopToString(os, x);
+ return os;
}
// -
Index: clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
=
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman updated this revision to Diff 160932.
emmettneyman added a comment.
Changed modifying global var to scoped class
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,30 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop = false;
+class InnerLoop {
+ public:
+ InnerLoop() {
+inner_loop = true;
+ }
+ ~InnerLoop() {
+inner_loop = false;
+ }
+};
+
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string which_loop = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +67,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << which_loop << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,25 +136,61 @@
}
return os;
}
+void NestedLoopToString(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "outer_loop_start:\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %inner_loop_start, label %end\n"
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n";
+ {
+InnerLoop IL;
+os << x.inner_statements();
+ }
+ os << "%i_ct_new = add i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "end:\n"
+ << "ret void\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
+void SingleLoopToString(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %start, label %end\n"
+ << "start:\n"
+ << "br label %loop\n"
+ << "end:\n"
+ << "ret void\n"
+ << "loop:\n"
+ << "%outer_ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
+ << x.outer_statements()
+ << "%ctnew = add i64 %outer_ct, 1\n"
+ << "%j = icmp eq i64 %ctnew, %s\n"
+ << "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ if (x.has_inner_statements())
+NestedLoopToString(os, x);
+ else
+SingleLoopToString(os, x);
+ return os;
}
// --
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
emmettneyman updated this revision to Diff 160936.
emmettneyman added a comment.
Updated comments, rebased, and ready to land
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
clang/tools/clang-fuzzer/cxx_loop_proto.proto
clang/tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ clang/tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,30 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop = false;
+class InnerLoop {
+ public:
+ InnerLoop() {
+inner_loop = true;
+ }
+ ~InnerLoop() {
+inner_loop = false;
+ }
+};
+
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string which_loop = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +67,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << which_loop << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,25 +136,61 @@
}
return os;
}
+void NestedLoopToString(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "outer_loop_start:\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %inner_loop_start, label %end\n"
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n";
+ {
+InnerLoop IL;
+os << x.inner_statements();
+ }
+ os << "%i_ct_new = add i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "end:\n"
+ << "ret void\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
+void SingleLoopToString(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %start, label %end\n"
+ << "start:\n"
+ << "br label %loop\n"
+ << "end:\n"
+ << "ret void\n"
+ << "loop:\n"
+ << "%outer_ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
+ << x.outer_statements()
+ << "%ctnew = add i64 %outer_ct, 1\n"
+ << "%j = icmp eq i64 %ctnew, %s\n"
+ << "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
-<< "define void @foo(i32* %a, i32* %b, i32* %c, i64 %s) {\n"
-<< "%1 = icmp sgt i64 %s, 0\n"
-<< "br i1 %1, label %start, label %end\n"
-<< "start:\n"
-<< "br label %loop\n"
-<< "end:\n"
-<< "ret void\n"
-<< "loop:\n"
-<< " %ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
-<< x.statements()
-<< "%ctnew = add i64 %ct, 1\n"
-<< "%j = icmp eq i64 %ctnew, %s\n"
-<< "br i1 %j, label %end, label %loop, !llvm.loop !0\n}\n"
-<< "!0 = distinct !{!0, !1, !2}\n"
-<< "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
-<< "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize
-<< "}\n";
+ if (x.has_inner_statements())
+NestedLoopToString(os, x);
+ else
+SingleLoopToString(os, x);
+ return os;
}
// --
[PATCH] D50670: Implementation of nested loops in cxx_loop_proto
This revision was automatically updated to reflect the committed changes.
Closed by commit rC339832: Implementation of nested loops in cxx_loop_proto
(authored by emmettneyman, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D50670?vs=160936&id=160937#toc
Repository:
rC Clang
https://reviews.llvm.org/D50670
Files:
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
Index: tools/clang-fuzzer/cxx_loop_proto.proto
===
--- tools/clang-fuzzer/cxx_loop_proto.proto
+++ tools/clang-fuzzer/cxx_loop_proto.proto
@@ -9,10 +9,11 @@
///
/// \file
/// This file describes a subset of C++ as a protobuf. It is used to
-/// more easily find interesting inputs for fuzzing Clang. This subset
-/// differs from the one defined in cxx_proto.proto by eliminating while
-/// loops and conditionals. The goal is that the C++ code generated will be
-/// more likely to stress the LLVM loop vectorizer.
+/// more easily find interesting inputs for fuzzing LLVM's vectorizer.
+/// This subset differs from the one defined in cxx_proto.proto by eliminating
+/// while loops and conditionals. The goal is that the C++ code generated will
+/// be more likely to stress the LLVM loop vectorizer. The code generated will
+/// contain either a single loop or two nested loops.
///
//===--===//
@@ -74,7 +75,8 @@
}
message LoopFunction {
- required StatementSeq statements = 1;
+ optional StatementSeq inner_statements = 1;
+ required StatementSeq outer_statements = 2;
}
package clang_fuzzer;
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -30,17 +30,30 @@
std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
// Counter variable to generate new LLVM IR variable names and wrapper function
-std::string get_var() {
+static std::string get_var() {
static int ctr = 0;
return "%var" + std::to_string(ctr++);
}
+static bool inner_loop = false;
+class InnerLoop {
+ public:
+ InnerLoop() {
+inner_loop = true;
+ }
+ ~InnerLoop() {
+inner_loop = false;
+ }
+};
+
+
// Proto to LLVM.
std::string ConstToString(const Const &x) {
return std::to_string(x.val());
}
std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string which_loop = inner_loop ? "inner" : "outer";
std::string arr;
switch(x.arr()) {
case VarRef::ARR_A:
@@ -54,7 +67,8 @@
break;
}
std::string ptr_var = get_var();
- os << ptr_var << " = getelementptr inbounds i32, i32* " << arr << ", i64 %ct\n";
+ os << ptr_var << " = getelementptr inbounds i32, i32* " << arr
+ << ", i64 %" << which_loop << "_ct\n";
return ptr_var;
}
std::string RvalueToString(std::ostream &os, const Rvalue &x) {
@@ -122,25 +136,61 @@
}
return os;
}
+void NestedLoopToString(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "outer_loop_start:\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %inner_loop_start, label %end\n"
+ << "outer_loop:\n"
+ << x.outer_statements()
+ << "%o_ct_new = add i64 %outer_ct, 1\n"
+ << "%jmp_outer = icmp eq i64 %o_ct_new, %s\n"
+ << "br i1 %jmp_outer, label %end, label %inner_loop_start\n"
+ << "inner_loop_start:\n"
+ << "%outer_ct = phi i64 [%o_ct_new, %outer_loop], [0, %outer_loop_start]\n"
+ << "br label %inner_loop\n"
+ << "inner_loop:\n"
+ << "%inner_ct = phi i64 [0, %inner_loop_start], [%i_ct_new, %inner_loop]\n";
+ {
+InnerLoop IL;
+os << x.inner_statements();
+ }
+ os << "%i_ct_new = add i64 %inner_ct, 1\n"
+ << "%jmp_inner = icmp eq i64 %i_ct_new, %s\n"
+ << "br i1 %jmp_inner, label %outer_loop, label %inner_loop, !llvm.loop !0\n"
+ << "end:\n"
+ << "ret void\n"
+ << "}\n"
+ << "!0 = distinct !{!0, !1, !2}\n"
+ << "!1 = !{!\"llvm.loop.vectorize.enable\", i1 true}\n"
+ << "!2 = !{!\"llvm.loop.vectorize.width\", i32 " << kArraySize << "}\n";
+}
+void SingleLoopToString(std::ostream &os, const LoopFunction &x) {
+ os << "target triple = \"x86_64-unknown-linux-gnu\"\n"
+ << "define void @foo(i32* %a, i32* %b, i32* noalias %c, i64 %s) {\n"
+ << "%cmp = icmp sgt i64 %s, 0\n"
+ << "br i1 %cmp, label %start, label %end\n"
+ << "start:\n"
+ << "br label %loop\n"
+ << "end:\n"
+ << "ret void\n"
+ << "loop:\n"
+ << "%outer_ct = phi i64 [ %ctnew, %loop ], [ 0, %start ]\n"
+ << x.outer_statements()
+ << "%ctnew = add i64 %outer_ct, 1\n"
+
[PATCH] D50829: Update README and Dockerfile to include llvm-proto-fuzzer
emmettneyman created this revision. emmettneyman added reviewers: morehouse, kcc. Herald added a subscriber: cfe-commits. Added commands to Dockerfile to build llvm-proto-fuzzer and the other related tools. Also added a section to the bottom of the README describing what llvm-proto-fuzzer does and how to run it. Repository: rC Clang https://reviews.llvm.org/D50829 Files: clang/tools/clang-fuzzer/Dockerfile clang/tools/clang-fuzzer/README.txt Index: clang/tools/clang-fuzzer/README.txt === --- clang/tools/clang-fuzzer/README.txt +++ clang/tools/clang-fuzzer/README.txt @@ -80,3 +80,32 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. Index: clang/tools/clang-fuzzer/Dockerfile === --- clang/tools/clang-fuzzer/Dockerfile +++ clang/tools/clang-fuzzer/Dockerfile @@ -35,3 +35,7 @@ RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer RUN cd build1 && ninja clang-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-llvm +RUN cd build1 && ninja clang-loop-proto-fuzzer +RUN cd build1 && ninja clang-llvm-proto-fuzzer Index: clang/tools/clang-fuzzer/README.txt === --- clang/tools/clang-fuzzer/README.txt +++ clang/tools/clang-fuzzer/README.txt @@ -80,3 +80,32 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. Index: clang/tools/clang-fuzzer/Dockerfile === --- clang/tools/clang-fuzzer/Dockerfile +++ clang/tools/clang-fuzzer/Dockerfile @@ -35,3 +35,7 @@ RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer RUN cd build1 && ninja clang-proto-to-cxx +RUN cd build1 &&
[PATCH] D50829: Update README and Dockerfile to include llvm-proto-fuzzer
emmettneyman added a comment. Is there anything I should add to the documentation? Anything I should remove? Repository: rC Clang https://reviews.llvm.org/D50829 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50829: Update README and Dockerfile to include llvm-proto-fuzzer
emmettneyman updated this revision to Diff 161080. emmettneyman added a comment. Added to README Repository: rC Clang https://reviews.llvm.org/D50829 Files: clang/tools/clang-fuzzer/Dockerfile clang/tools/clang-fuzzer/README.txt Index: clang/tools/clang-fuzzer/README.txt === --- clang/tools/clang-fuzzer/README.txt +++ clang/tools/clang-fuzzer/README.txt @@ -80,3 +80,37 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm CORPUS_OUTPUT_FILE +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx CORPUS_OUTPUT_FILE + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. +Example: + cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ +-DCLANG_ENABLE_PROTO_FUZZER=ON -DLLVM_USE_SANITIZE_COVERAGE=YES \ +-DCMAKE_CXX_FLAGS="-O2" + ninja clang-llvm-proto-fuzzer clang-loop-proto-to-llvm Index: clang/tools/clang-fuzzer/Dockerfile === --- clang/tools/clang-fuzzer/Dockerfile +++ clang/tools/clang-fuzzer/Dockerfile @@ -35,3 +35,7 @@ RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer RUN cd build1 && ninja clang-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-llvm +RUN cd build1 && ninja clang-loop-proto-fuzzer +RUN cd build1 && ninja clang-llvm-proto-fuzzer Index: clang/tools/clang-fuzzer/README.txt === --- clang/tools/clang-fuzzer/README.txt +++ clang/tools/clang-fuzzer/README.txt @@ -80,3 +80,37 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm CORPUS_OUTPUT_FILE +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx CORPUS_OUTPUT_FILE + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. +Example: + cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ +-DCLANG_ENABLE_PROTO_FUZZER=ON -DLLVM_USE_SANITIZE_COVERAGE=YES \ +-DCMAKE_CXX_FLAGS="-O2" + ninja clang-llvm-proto-fuzzer clang-loop-proto-to-llvm Index
[PATCH] D50829: Update README and Dockerfile to include llvm-proto-fuzzer
emmettneyman updated this revision to Diff 161093. emmettneyman added a comment. Rebased and ready to land Repository: rC Clang https://reviews.llvm.org/D50829 Files: clang/tools/clang-fuzzer/Dockerfile clang/tools/clang-fuzzer/README.txt Index: clang/tools/clang-fuzzer/README.txt === --- clang/tools/clang-fuzzer/README.txt +++ clang/tools/clang-fuzzer/README.txt @@ -80,3 +80,37 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm CORPUS_OUTPUT_FILE +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx CORPUS_OUTPUT_FILE + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. +Example: + cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ +-DCLANG_ENABLE_PROTO_FUZZER=ON -DLLVM_USE_SANITIZE_COVERAGE=YES \ +-DCMAKE_CXX_FLAGS="-O2" + ninja clang-llvm-proto-fuzzer clang-loop-proto-to-llvm Index: clang/tools/clang-fuzzer/Dockerfile === --- clang/tools/clang-fuzzer/Dockerfile +++ clang/tools/clang-fuzzer/Dockerfile @@ -35,3 +35,7 @@ RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer RUN cd build1 && ninja clang-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-llvm +RUN cd build1 && ninja clang-loop-proto-fuzzer +RUN cd build1 && ninja clang-llvm-proto-fuzzer Index: clang/tools/clang-fuzzer/README.txt === --- clang/tools/clang-fuzzer/README.txt +++ clang/tools/clang-fuzzer/README.txt @@ -80,3 +80,37 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm CORPUS_OUTPUT_FILE +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx CORPUS_OUTPUT_FILE + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. +Example: + cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ +-DCLANG_ENABLE_PROTO_FUZZER=ON -DLLVM_USE_SANITIZE_COVERAGE=YES \ +-DCMAKE_CXX_FLAGS="-O2" + ninja clang-llvm-proto-fuzzer clang-loop-proto-to-
[PATCH] D50829: Update README and Dockerfile to include llvm-proto-fuzzer
This revision was automatically updated to reflect the committed changes. Closed by commit rL339933: Update README and Dockerfile to include llvm-proto-fuzzer (authored by emmettneyman, committed by ). Changed prior to commit: https://reviews.llvm.org/D50829?vs=161093&id=161095#toc Repository: rL LLVM https://reviews.llvm.org/D50829 Files: cfe/trunk/tools/clang-fuzzer/Dockerfile cfe/trunk/tools/clang-fuzzer/README.txt Index: cfe/trunk/tools/clang-fuzzer/README.txt === --- cfe/trunk/tools/clang-fuzzer/README.txt +++ cfe/trunk/tools/clang-fuzzer/README.txt @@ -80,3 +80,37 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm CORPUS_OUTPUT_FILE +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx CORPUS_OUTPUT_FILE + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. +Example: + cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \ +-DCLANG_ENABLE_PROTO_FUZZER=ON -DLLVM_USE_SANITIZE_COVERAGE=YES \ +-DCMAKE_CXX_FLAGS="-O2" + ninja clang-llvm-proto-fuzzer clang-loop-proto-to-llvm Index: cfe/trunk/tools/clang-fuzzer/Dockerfile === --- cfe/trunk/tools/clang-fuzzer/Dockerfile +++ cfe/trunk/tools/clang-fuzzer/Dockerfile @@ -35,3 +35,7 @@ RUN cd build1 && ninja clang-fuzzer RUN cd build1 && ninja clang-proto-fuzzer RUN cd build1 && ninja clang-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-cxx +RUN cd build1 && ninja clang-loop-proto-to-llvm +RUN cd build1 && ninja clang-loop-proto-fuzzer +RUN cd build1 && ninja clang-llvm-proto-fuzzer Index: cfe/trunk/tools/clang-fuzzer/README.txt === --- cfe/trunk/tools/clang-fuzzer/README.txt +++ cfe/trunk/tools/clang-fuzzer/README.txt @@ -80,3 +80,37 @@ To translate a clang-proto-fuzzer corpus output to C++: bin/clang-proto-to-cxx CORPUS_OUTPUT_FILE + +=== + llvm-proto-fuzzer +=== +Like, clang-proto-fuzzer, llvm-proto-fuzzer is also a protobuf-mutator based +fuzzer. It receives as input a cxx_loop_proto which it then converts into a +string of valid LLVM IR: a function with either a single loop or two nested +loops. It then creates a new string of IR by running optimization passes over +the original IR. Currently, it only runs a loop-vectorize pass but more passes +can easily be added to the fuzzer. Once there are two versions of the input +function (optimized and not), llvm-proto-fuzzer uses LLVM's JIT Engine to +compile both functions. Lastly, it runs both functions on a suite of inputs and +checks that both functions behave the same on all inputs. In this way, +llvm-proto-fuzzer can find not only compiler crashes, but also miscompiles +originating from LLVM's optimization passes. + +llvm-proto-fuzzer is built very similarly to clang-proto-fuzzer. You can run the +fuzzer with the following command: + bin/clang-llvm-proto-fuzzer CORPUS_DIR + +To translate a cxx_loop_proto file into LLVM IR do: + bin/clang-loop-proto-to-llvm CORPUS_OUTPUT_FILE +To translate a cxx_loop_proto file into C++ do: + bin/clang-loop-proto-to-cxx CORPUS_OUTPUT_FILE + +Note: To get a higher number of executions per second with llvm-proto-fuzzer it +helps to build it without ASan instrumentation and with the -O2 flag. Because +the fuzzer is not only compiling code, but also running it, as the inputs get +large, the time necessary to fuzz one input can get very high. +Example: + cmake
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 156362.
emmettneyman added a comment.
- Switched to JIT for compilation and execution
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/CMakeLists.txt
clang/tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.h
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,53 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs an loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/GenericValue.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
using namespace llvm;
+static cl::list
+PassList(cl::desc("Optimizations available:"));
+
+static std::string OptIR;
+
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +73,221 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
+// Helper function to call pass initialization functions
+void InitEverything() {
+ PassRegistry &Registry = *PassRegistry::getPassRegistry();
+ initializeCore(Registry);
+ initializeScalarOpts(Registry);
+ initializeVectorization(Registry);
+ initializeIPO(Registry);
+ initializeAnalysis(Registry);
+ initializeTransformUtils(Registry);
+ initializeInstCombine(Registry);
+ initializeAggressiveInstCombine(Registry);
+ initializeInstrumentation(Registry);
+ initializeTarget(Registry);
+}
+
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Verify that input is correct by adding a verifier pass
+ FPM.add(createVerifierPass());
+
+ // Create and initializa a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
+
+// Mimics the opt tool to run an optimization pass over the provided IR
+void OptLLVM(const std::string IR, CodeGenOpt::Level &OLvl) {
+ InitEverything();
+
+ // Mimic argc and argv and pass them to ParseCommandLineOptions to initilize
+ // PassList, ie which optimizations we want to run on the IR
+ // TODO: Find a better way of doing this
+ char *args[2];
+ char t[18] = "llvm-proto-fuzzer";
+ char s[16] = "-loop-vectorize";
+ args[0] = t;
+ args[1] = s;
+ cl::ParseCommandLineOptions(2, args, ""
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 156364.
emmettneyman added a comment.
- Cleaned up leftover code from mmap memcpy
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/CMakeLists.txt
clang/tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.h
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,53 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs an loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/GenericValue.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
using namespace llvm;
+static cl::list
+PassList(cl::desc("Optimizations available:"));
+
+static std::string OptIR;
+
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +73,220 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
+// Helper function to call pass initialization functions
+void InitEverything() {
+ PassRegistry &Registry = *PassRegistry::getPassRegistry();
+ initializeCore(Registry);
+ initializeScalarOpts(Registry);
+ initializeVectorization(Registry);
+ initializeIPO(Registry);
+ initializeAnalysis(Registry);
+ initializeTransformUtils(Registry);
+ initializeInstCombine(Registry);
+ initializeAggressiveInstCombine(Registry);
+ initializeInstrumentation(Registry);
+ initializeTarget(Registry);
+}
+
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Verify that input is correct by adding a verifier pass
+ FPM.add(createVerifierPass());
+
+ // Create and initializa a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
+
+// Mimics the opt tool to run an optimization pass over the provided IR
+void OptLLVM(const std::string IR, CodeGenOpt::Level &OLvl) {
+ InitEverything();
+
+ // Mimic argc and argv and pass them to ParseCommandLineOptions to initilize
+ // PassList, ie which optimizations we want to run on the IR
+ // TODO: Find a better way of doing this
+ char *args[2];
+ char t[18] = "llvm-proto-fuzzer";
+ char s[16] = "-loop-vectorize";
+ args[0] = t;
+ args[1] = s;
+ cl::ParseCommandLineOptions(2, args, "");
+
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 156370.
emmettneyman added a comment.
- Fixed typo that broke build
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/CMakeLists.txt
clang/tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.h
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,53 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs an loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/GenericValue.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
using namespace llvm;
+static cl::list
+PassList(cl::desc("Optimizations available:"));
+
+static std::string OptIR;
+
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +73,220 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
+// Helper function to call pass initialization functions
+void InitEverything() {
+ PassRegistry &Registry = *PassRegistry::getPassRegistry();
+ initializeCore(Registry);
+ initializeScalarOpts(Registry);
+ initializeVectorization(Registry);
+ initializeIPO(Registry);
+ initializeAnalysis(Registry);
+ initializeTransformUtils(Registry);
+ initializeInstCombine(Registry);
+ initializeAggressiveInstCombine(Registry);
+ initializeInstrumentation(Registry);
+ initializeTarget(Registry);
+}
+
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Verify that input is correct by adding a verifier pass
+ FPM.add(createVerifierPass());
+
+ // Create and initializa a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
+
+// Mimics the opt tool to run an optimization pass over the provided IR
+void OptLLVM(const std::string IR, CodeGenOpt::Level &OLvl) {
+ InitEverything();
+
+ // Mimic argc and argv and pass them to ParseCommandLineOptions to initilize
+ // PassList, ie which optimizations we want to run on the IR
+ // TODO: Find a better way of doing this
+ char *args[2];
+ char t[18] = "llvm-proto-fuzzer";
+ char s[16] = "-loop-vectorize";
+ args[0] = t;
+ args[1] = s;
+ cl::ParseCommandLineOptions(2, args, "");
+
+ // Create a module that will run the optimization passes
+ SMDiagnostic Err;
+ LLVMContext Context;
+ std::unique_ptr M = p
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 156862.
emmettneyman added a comment.
Made fixes to patch, rebased CMake file
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,51 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs an loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/GenericValue.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
using namespace llvm;
+static cl::list
+PassList(cl::desc("Optimizations available:"));
+
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +71,182 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+// Helper function to call pass initialization functions
+void InitEverything() {
+ PassRegistry &Registry = *PassRegistry::getPassRegistry();
+ initializeCore(Registry);
+ initializeScalarOpts(Registry);
+ initializeVectorization(Registry);
+ initializeIPO(Registry);
+ initializeAnalysis(Registry);
+ initializeTransformUtils(Registry);
+ initializeInstCombine(Registry);
+ initializeAggressiveInstCombine(Registry);
+ initializeInstrumentation(Registry);
+ initializeTarget(Registry);
+}
- // Set the Module to include the the IR code to be compiled
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Verify that input is correct by adding a verifier pass
+ FPM.add(createVerifierPass());
+
+ // Create and initializa a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
+
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string IR, CodeGenOpt::Level &OLvl) {
+ InitEverything();
+
+ // Mimic argc and argv and pass them to ParseCommandLineOptions to initilize
+ // PassList, ie which optimizations we want to run on the IR
+ // TODO: Find a better way of doing this
+ char *args[2];
+ char t[18] = "llvm-proto-fuzzer";
+ char s[16] = "-loop-vectorize";
+ args[0] = t;
+ args[1] = s;
+ cl::ParseCommandLineOptions(2, args, "");
+
+ // Create a module that will run the optimization passes
SMDiagnostic Err;
+ LLVMContext Context;
+ std::unique_ptr
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157138.
emmettneyman added a comment.
Cleaned up code
Tried to get rid of ParseCommandLineOptions() call but could not figure out
how to initialize a PassInfo object without it.
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,50 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs an loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
using namespace llvm;
+static cl::list
+PassList(cl::desc("Optimizations available:"));
+
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +70,164 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+// Helper function to call pass initialization functions
+void InitEverything() {
+ PassRegistry &Registry = *PassRegistry::getPassRegistry();
+ initializeCore(Registry);
+ initializeScalarOpts(Registry);
+ initializeVectorization(Registry);
+ initializeIPO(Registry);
+ initializeAnalysis(Registry);
+ initializeTransformUtils(Registry);
+ initializeInstCombine(Registry);
+ initializeAggressiveInstCombine(Registry);
+ initializeInstrumentation(Registry);
+ initializeTarget(Registry);
+}
+
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
+
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Verify that input is correct by adding a verifier pass
+ FPM.add(createVerifierPass());
+
+ // Create and initializa a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
+
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string IR, CodeGenOpt::Level &OLvl) {
+ InitEverything();
+
+ // Mimic argc and argv and pass them to ParseCommandLineOptions to initilize
+ // PassList, ie which optimizations we want to run on the IR
+ // TODO: Find a better way of doing this
+ const char *args[2];
+ std::string arg0 = "llvm-proto-fuzzer";
+ std::string arg1 = "-loop-vectorize";
+ args[0] = arg0.c_str();
+ args[1] = arg1.c_str();
+ cl::ParseCommandLineOptions(2, a
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:190 + builder.setMCJITMemoryManager( + std::unique_ptr(RTDyldMM)); + builder.setOptLevel(OLvl); morehouse wrote: > These 3 lines can be combined to `builder.setMCJITMemoryManager(new > SectionMemoryManager())` I use RTDyldMM on line 208. Should I just keep these lines as they are? Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:190 + builder.setMCJITMemoryManager( + std::unique_ptr(RTDyldMM)); + builder.setOptLevel(OLvl); morehouse wrote: > emmettneyman wrote: > > morehouse wrote: > > > These 3 lines can be combined to `builder.setMCJITMemoryManager(new > > > SectionMemoryManager())` > > I use RTDyldMM on line 208. Should I just keep these lines as they are? > Ah, missed that. In that case, you can probably simplify this line to > `builder.setMCJITMemoryManager(RTDyldMM)`. It looks like set `MCJITMemoryManager()` needs to take a `unique_ptr`. I'm not sure how to clean it up any more than it already is. Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:190 + builder.setMCJITMemoryManager( + std::unique_ptr(RTDyldMM)); + builder.setOptLevel(OLvl); morehouse wrote: > emmettneyman wrote: > > morehouse wrote: > > > emmettneyman wrote: > > > > morehouse wrote: > > > > > These 3 lines can be combined to `builder.setMCJITMemoryManager(new > > > > > SectionMemoryManager())` > > > > I use RTDyldMM on line 208. Should I just keep these lines as they are? > > > Ah, missed that. In that case, you can probably simplify this line to > > > `builder.setMCJITMemoryManager(RTDyldMM)`. > > It looks like set `MCJITMemoryManager()` needs to take a `unique_ptr`. I'm > > not sure how to clean it up any more than it already is. > Does it not implicitly cast? No, I think it only works in the other direction. Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:208 + + static_cast(RTDyldMM)->invalidateInstructionCache(); + morehouse wrote: > This cast shouldn't be necessary. Turns out this line is redundant anyways. `EE->finalizeObject()`calls `invalidateInstructionCache()`. Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157335.
emmettneyman added a comment.
- cleaned up code and moved initialization code
- removed fake command line parsing
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,132 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
+
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Verify that input is correct by adding a verifier pass
+ FPM.add(createVerifierPass());
- // Set the Module to include the the IR code to be compiled
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
+
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR, CodeGenOpt::Level &OLvl) {
+ // Create a module that will run the optimization passes
SMDiagnostic Err;
+ LLVMContext Context;
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
+
+ std::string CPUStr = getCPUStr();
+ std::string FeaturesStr = getFeaturesStr();
+ setFunctionAttributes(CPUStr, FeaturesStr, *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+ TargetLibraryInfoImpl TLII(ModuleTriple);
+ Passes.add(new TargetLibraryInfoWrapperPass(TLII));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+
+ std::unique_ptr FPasses =
+ make_unique(M.get());
+ FPasses->add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+
+ AddOptimizationPasses(Passes, *FPasses, 3, 0);
+ Pass *P = createLoopVectori
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:89 + Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false); + Builder.LoopVectorize = true; + Builder.populateFunctionPassManager(FPM); morehouse wrote: > If we do this, do we need to explicitly add the vectorizer pass below? No we don't. I've deleted the line below. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:110 + TargetLibraryInfoImpl TLII(ModuleTriple); + Passes.add(new TargetLibraryInfoWrapperPass(TLII)); + Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis())); morehouse wrote: > Can simplify to `Passes.add(new > TargetLibraryInfoWrapperPass(M->getTargetTriple))`. Contrary to the function's name, `getTargetTriple()` actually returns a `string`, not a `Triple`. But I changed it to `new TargetLibraryInfoWrapperPass(ModuleTriple)` and deleted line 109. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:115 + make_unique(M.get()); + FPasses->add(createTargetTransformInfoWrapperPass(TargetIRAnalysis())); + morehouse wrote: > morehouse wrote: > > Why do we add a `TargetTransformInfoWrapperPass` to both `Passes` and > > `FPasses`? > Do we need both `Passes` and `FPasses`? I think because we're just adding a loop vectorize pass, we don't need `FPasses`. The loop vectorize pass lives within the regular `ModulePassManager`, not the `FunctionPassManager`. I decided to put it in the code so, in the future, it would be easier to add different kinds of passes to the fuzz target. Should I remove it? Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:159 + std::unique_ptr(RTDyldMM)); + builder.setOptLevel(OLvl); + builder.setTargetOptions(InitTargetOptionsFromCodeGenFlags()); morehouse wrote: > If the JIT does optimization already, do we need to call `OptLLVM` at all? > Will the vectorizer kick in without `OptLLVM`? I'll look into this more. I couldn't find an answer quickly. Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157388.
emmettneyman added a comment.
Fixed some things, made code cleaner
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,123 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
+
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ legacy::FunctionPassManager &FPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateFunctionPassManager(FPM);
+ Builder.populateModulePassManager(MPM);
+}
- // Set the Module to include the the IR code to be compiled
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR) {
+ // Create a module that will run the optimization passes
SMDiagnostic Err;
+ LLVMContext Context;
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
+
+ setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+
+ Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createVerifierPass());
+
+ std::unique_ptr FPasses =
+ make_unique(M.get());
+ FPasses->add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ FPasses->add(createVerifierPass());
+
+ AddOptimizationPasses(Passes, *FPasses, 3, 0);
+
+ FPasses->doInitialization();
+ for (Function &F : *M)
+FPasses->run(F);
+ FPasses->doFinalization();
+
+ // Add a pass that writes the optimized IR to an output stream
+ std::string outString;
+ raw_string_ostrea
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:159 + std::unique_ptr(RTDyldMM)); + builder.setOptLevel(OLvl); + builder.setTargetOptions(InitTargetOptionsFromCodeGenFlags()); emmettneyman wrote: > morehouse wrote: > > If the JIT does optimization already, do we need to call `OptLLVM` at all? > > Will the vectorizer kick in without `OptLLVM`? > I'll look into this more. I couldn't find an answer quickly. No, the JIT doesn't run any optimization passes. The optimization level given just controls CodeGen. Source: http://lists.llvm.org/pipermail/llvm-dev/2016-May/099631.html Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:144 + Context); + Module *M = Owner.get(); + if (!M) morehouse wrote: > Why not just rename `Owner` to `M` and remove this line? Reverted it back since the change caused the fuzzer to crash. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:147 + builder.setUseOrcMCJITReplacement(false); + builder.setMCJITMemoryManager(make_unique()); + builder.setOptLevel(OLvl); morehouse wrote: > This uses `llvm:make_unique`, which was written when LLVM used C++11. But > since LLVM now uses C++14, I think we should use `std::make_unique` instead. We talked offline, but just to put it in writing: My current LLVM build uses C++11 so I'm keeping it `llvm::make_unique`. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:184 + CodeGenOpt::Level OLvl; + getOptLevel(ExtraArgs, OLvl); + morehouse wrote: > We're allowing the JIT opt-level to be specified on the command line, but > we're hard-coding OptLevel=3 for the optimization passes. > > Do we need to allow the opt-level to be specified on the command line? Good point. Will change to make `OptLLVM()` use the same optimization level as the JIT Engine. Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157544.
emmettneyman added a comment.
- Code style fixes
- Removed `FPasses`
- Allowed CL Args to specify opt level for `OptLLVM()`
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,110 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
- // Set the Module to include the the IR code to be compiled
- SMDiagnostic Err;
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateModulePassManager(MPM);
+}
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR, int OLvl) {
+ // Create a module that will run the optimization passes
+ SMDiagnostic Err;
LLVMContext Context;
- std::unique_ptr M = parseIR(MemoryBufferRef(S, "IR"), Err, Context);
- if (!M) {
-errs() << "error: could not parse IR!\n";
-std::exit(1);
- }
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
- // Create a new Target
- std::string Error;
- const Target *TheTarget = TargetRegistry::lookupTarget(
- sys::getDefaultTargetTriple(), Error);
- if (!TheTarget) {
-errs() << Error;
-std::exit(1);
- }
+ setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+
+ Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createVerifierPass());
- TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
-
- // Create a new Machine
- std::strin
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157545.
emmettneyman added a comment.
Small change to fix line length
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,111 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
- // Set the Module to include the the IR code to be compiled
- SMDiagnostic Err;
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ unsigned OptLevel, unsigned SizeLevel) {
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateModulePassManager(MPM);
+}
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR, int OLvl) {
+ // Create a module that will run the optimization passes
+ SMDiagnostic Err;
LLVMContext Context;
- std::unique_ptr M = parseIR(MemoryBufferRef(S, "IR"), Err, Context);
- if (!M) {
-errs() << "error: could not parse IR!\n";
-std::exit(1);
- }
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
- // Create a new Target
- std::string Error;
- const Target *TheTarget = TargetRegistry::lookupTarget(
- sys::getDefaultTargetTriple(), Error);
- if (!TheTarget) {
-errs() << Error;
-std::exit(1);
- }
+ setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+
+ Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createVerifierPass());
- TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
-
- // Create a new Machine
- std::string CPUStr = getCPUStr();
- std::string FeaturesStr = getFeatur
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman added a comment. In https://reviews.llvm.org/D49526#1177208, @morehouse wrote: > Do we need to parse the arguments for opt-level, or can we just hardcode > `-O2` and remove the argument parsing code? I have the argument parsing code since the original `clang-proto-fuzzer` code had it and @kcc mentioned we might want to change the command line arguments in the future. Repository: rC Clang https://reviews.llvm.org/D49526 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157553.
emmettneyman added a comment.
Changed int to CodeGenOpt::Level and fixed unique_ptr issue
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,112 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
- // Set the Module to include the the IR code to be compiled
- SMDiagnostic Err;
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ CodeGenOpt::Level OptLevel,
+ unsigned SizeLevel) {
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateModulePassManager(MPM);
+}
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR, CodeGenOpt::Level OLvl) {
+ // Create a module that will run the optimization passes
+ SMDiagnostic Err;
LLVMContext Context;
- std::unique_ptr M = parseIR(MemoryBufferRef(S, "IR"), Err, Context);
- if (!M) {
-errs() << "error: could not parse IR!\n";
-std::exit(1);
- }
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
- // Create a new Target
- std::string Error;
- const Target *TheTarget = TargetRegistry::lookupTarget(
- sys::getDefaultTargetTriple(), Error);
- if (!TheTarget) {
-errs() << Error;
-std::exit(1);
- }
+ setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+
+ Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createVerifierPass());
- TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
-
- // Create a n
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
emmettneyman updated this revision to Diff 157577.
emmettneyman added a comment.
Made some minor fixes
Repository:
rC Clang
https://reviews.llvm.org/D49526
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,111 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
- // Set the Module to include the the IR code to be compiled
- SMDiagnostic Err;
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ CodeGenOpt::Level OptLevel,
+ unsigned SizeLevel) {
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateModulePassManager(MPM);
+}
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR, CodeGenOpt::Level OLvl) {
+ // Create a module that will run the optimization passes
+ SMDiagnostic Err;
LLVMContext Context;
- std::unique_ptr M = parseIR(MemoryBufferRef(S, "IR"), Err, Context);
- if (!M) {
-errs() << "error: could not parse IR!\n";
-std::exit(1);
- }
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
- // Create a new Target
- std::string Error;
- const Target *TheTarget = TargetRegistry::lookupTarget(
- sys::getDefaultTargetTriple(), Error);
- if (!TheTarget) {
-errs() << Error;
-std::exit(1);
- }
+ setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+
+ Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createVerifierPass());
- TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
-
- // Create a new Machine
- std::string CPUStr = get
[PATCH] D49526: Updated llvm-proto-fuzzer to execute the compiled code
This revision was automatically updated to reflect the committed changes.
Closed by commit rL338077: Updated llvm-proto-fuzzer to execute the compiled
code (authored by emmettneyman, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D49526?vs=157577&id=157591#toc
Repository:
rL LLVM
https://reviews.llvm.org/D49526
Files:
cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
cfe/trunk/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
===
--- cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
+++ cfe/trunk/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
@@ -16,10 +16,13 @@
#include "fuzzer_initialize.h"
+#include "llvm/InitializePasses.h"
+#include "llvm/PassRegistry.h"
#include "llvm/Support/TargetSelect.h"
#include
using namespace clang_fuzzer;
+using namespace llvm;
namespace clang_fuzzer {
@@ -33,10 +36,22 @@
}
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
- llvm::InitializeAllTargets();
- llvm::InitializeAllTargetMCs();
- llvm::InitializeAllAsmPrinters();
- llvm::InitializeAllAsmParsers();
+ InitializeAllTargets();
+ InitializeAllTargetMCs();
+ InitializeAllAsmPrinters();
+ InitializeAllAsmParsers();
+
+ PassRegistry &Registry = *PassRegistry::getPassRegistry();
+ initializeCore(Registry);
+ initializeScalarOpts(Registry);
+ initializeVectorization(Registry);
+ initializeIPO(Registry);
+ initializeAnalysis(Registry);
+ initializeTransformUtils(Registry);
+ initializeInstCombine(Registry);
+ initializeAggressiveInstCombine(Registry);
+ initializeInstrumentation(Registry);
+ initializeTarget(Registry);
CLArgs.push_back("-O2");
for (int I = 1; I < *argc; I++) {
Index: cfe/trunk/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
===
--- cfe/trunk/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
+++ cfe/trunk/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
@@ -1,10 +1,18 @@
set(LLVM_LINK_COMPONENTS
+ CodeGen
Core
+ ExecutionEngine
IRReader
MC
+ MCJIT
+ Object
+ RuntimeDyld
+ SelectionDAG
Support
- Analysis
- )
+ Target
+ TransformUtils
+ native
+)
# Depend on LLVM IR intrinsic generation.
set(handle_llvm_deps intrinsics_gen)
Index: cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ cfe/trunk/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,111 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &Ext
[PATCH] D49892: Added shared library to fix build bot
emmettneyman created this revision.
emmettneyman added a reviewer: morehouse.
Herald added subscribers: cfe-commits, mgorny.
Repository:
rC Clang
https://reviews.llvm.org/D49892
Files:
clang/tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
Index: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
===
--- clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
+++ clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
@@ -7,33 +7,48 @@
//
//===--===//
//
-// Implements HandleLLVM for use by the Clang fuzzers. Mimics the llc tool to
-// compile an LLVM IR file to X86_64 assembly.
+// Implements HandleLLVM for use by the Clang fuzzers. First runs a loop
+// vectorizer optimization pass over the given IR code. Then mimics lli on both
+// versions to JIT the generated code and execute it. Currently, functions are
+// executed on dummy inputs.
//
//===--===//
#include "handle_llvm.h"
#include "llvm/ADT/Triple.h"
#include "llvm/Analysis/TargetLibraryInfo.h"
+#include "llvm/Analysis/TargetTransformInfo.h"
#include "llvm/CodeGen/CommandFlags.inc"
#include "llvm/CodeGen/MachineModuleInfo.h"
+#include "llvm/CodeGen/TargetPassConfig.h"
+#include "llvm/ExecutionEngine/JITEventListener.h"
+#include "llvm/ExecutionEngine/JITSymbol.h"
+#include "llvm/ExecutionEngine/MCJIT.h"
+#include "llvm/ExecutionEngine/ObjectCache.h"
+#include "llvm/ExecutionEngine/RTDyldMemoryManager.h"
+#include "llvm/ExecutionEngine/SectionMemoryManager.h"
+#include "llvm/IR/IRPrintingPasses.h"
#include "llvm/IR/LegacyPassManager.h"
+#include "llvm/IR/LegacyPassNameParser.h"
#include "llvm/IR/LLVMContext.h"
#include "llvm/IR/Module.h"
#include "llvm/IR/Verifier.h"
#include "llvm/IRReader/IRReader.h"
+#include "llvm/Pass.h"
#include "llvm/PassRegistry.h"
-#include "llvm/Support/InitLLVM.h"
#include "llvm/Support/MemoryBuffer.h"
#include "llvm/Support/SourceMgr.h"
#include "llvm/Support/TargetRegistry.h"
+#include "llvm/Support/TargetSelect.h"
#include "llvm/Target/TargetMachine.h"
-
-#include
+#include "llvm/Transforms/IPO/PassManagerBuilder.h"
+#include "llvm/Transforms/IPO.h"
+#include "llvm/Transforms/Vectorize.h"
using namespace llvm;
+// Helper function to parse command line args and find the optimization level
static void getOptLevel(const std::vector &ExtraArgs,
CodeGenOpt::Level &OLvl) {
// Find the optimization level from the command line args
@@ -53,59 +68,111 @@
}
}
-void clang_fuzzer::HandleLLVM(const std::string &S,
- const std::vector &ExtraArgs) {
- // Parse ExtraArgs to set the optimization level
- CodeGenOpt::Level OLvl;
- getOptLevel(ExtraArgs, OLvl);
+void ErrorAndExit(std::string message) {
+ errs()<< "ERROR: " << message << "\n";
+ std::exit(1);
+}
- // Set the Module to include the the IR code to be compiled
- SMDiagnostic Err;
+// Helper function to add optimization passes to the TargetMachine at the
+// specified optimization level, OptLevel
+static void AddOptimizationPasses(legacy::PassManagerBase &MPM,
+ CodeGenOpt::Level OptLevel,
+ unsigned SizeLevel) {
+ // Create and initialize a PassManagerBuilder
+ PassManagerBuilder Builder;
+ Builder.OptLevel = OptLevel;
+ Builder.SizeLevel = SizeLevel;
+ Builder.Inliner = createFunctionInliningPass(OptLevel, SizeLevel, false);
+ Builder.LoopVectorize = true;
+ Builder.populateModulePassManager(MPM);
+}
+// Mimics the opt tool to run an optimization pass over the provided IR
+std::string OptLLVM(const std::string &IR, CodeGenOpt::Level OLvl) {
+ // Create a module that will run the optimization passes
+ SMDiagnostic Err;
LLVMContext Context;
- std::unique_ptr M = parseIR(MemoryBufferRef(S, "IR"), Err, Context);
- if (!M) {
-errs() << "error: could not parse IR!\n";
-std::exit(1);
- }
+ std::unique_ptr M = parseIR(MemoryBufferRef(IR, "IR"), Err, Context);
+ if (!M || verifyModule(*M, &errs()))
+ErrorAndExit("Could not parse IR");
- // Create a new Target
- std::string Error;
- const Target *TheTarget = TargetRegistry::lookupTarget(
- sys::getDefaultTargetTriple(), Error);
- if (!TheTarget) {
-errs() << Error;
-std::exit(1);
- }
+ setFunctionAttributes(getCPUStr(), getFeaturesStr(), *M);
+
+ legacy::PassManager Passes;
+ Triple ModuleTriple(M->getTargetTriple());
+
+ Passes.add(new TargetLibraryInfoWrapperPass(ModuleTriple));
+ Passes.add(createTargetTransformInfoWrapperPass(TargetIRAnalysis()));
+ Passes.add(createVerifierPass());
- TargetOptions Options = InitTargetOptionsFromCodeGenFlags();
-
- // Create a new Machine
- std:
[PATCH] D49895: added shared library to fix buildbot
emmettneyman created this revision. Herald added subscribers: cfe-commits, mgorny. added shared library to fix buildbot Repository: rC Clang https://reviews.llvm.org/D49895 Files: clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt Index: clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt === --- clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt +++ clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt @@ -1,7 +1,9 @@ set(LLVM_LINK_COMPONENTS + Analysis CodeGen Core ExecutionEngine + IPO IRReader MC MCJIT Index: clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt === --- clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt +++ clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt @@ -1,7 +1,9 @@ set(LLVM_LINK_COMPONENTS + Analysis CodeGen Core ExecutionEngine + IPO IRReader MC MCJIT ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D49895: added shared library to fix buildbot
This revision was not accepted when it landed; it landed in state "Needs Review". This revision was automatically updated to reflect the committed changes. Closed by commit rC338091: added shared library to fix buildbot (authored by emmettneyman, committed by ). Changed prior to commit: https://reviews.llvm.org/D49895?vs=157618&id=157620#toc Repository: rC Clang https://reviews.llvm.org/D49895 Files: tools/clang-fuzzer/handle-llvm/CMakeLists.txt Index: tools/clang-fuzzer/handle-llvm/CMakeLists.txt === --- tools/clang-fuzzer/handle-llvm/CMakeLists.txt +++ tools/clang-fuzzer/handle-llvm/CMakeLists.txt @@ -1,7 +1,9 @@ set(LLVM_LINK_COMPONENTS + Analysis CodeGen Core ExecutionEngine + IPO IRReader MC MCJIT Index: tools/clang-fuzzer/handle-llvm/CMakeLists.txt === --- tools/clang-fuzzer/handle-llvm/CMakeLists.txt +++ tools/clang-fuzzer/handle-llvm/CMakeLists.txt @@ -1,7 +1,9 @@ set(LLVM_LINK_COMPONENTS + Analysis CodeGen Core ExecutionEngine + IPO IRReader MC MCJIT ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman created this revision.
emmettneyman added reviewers: kcc, morehouse.
Herald added subscribers: cfe-commits, mgorny.
Added corpus of arrays to use as inputs for the functions. Check that the two
functions modify the inputted arrays in the same way.
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
clang/tools/clang-fuzzer/CMakeLists.txt
clang/tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.h
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
clang/tools/clang-fuzzer/handle-llvm/input_arrays.cpp
clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- /dev/null
+++ clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,134 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Declares helper functions for getting the inputs on which to call the
+// compiled functions.
+//
+//===--===//
+
+#include
+#include
+
+static const int ArraySize = 64;
+static const int NumArrays = 100;
+
+// Declare the arrays that will be fed to the compiled functions
+static int a1[ArraySize];
+static int b1[ArraySize];
+static int c1[ArraySize];
+static int a2[ArraySize];
+static int b2[ArraySize];
+static int c2[ArraySize];
+
+void UpdateArrays();
+
+std::string ArrayToString(int *arr, int s);
+
+// Define a corpus of possible inputs
+static int InputArrays[100][64] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4},
+ {1, 1, 0, 0, 1, 6, 0, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6},
+ {0, 0, 0, 5, 0, 2, 0, 8, 0, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8},
+ {1, 1, 2, 1, 6, 0, 3, 1, 10, 10, 0, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10},
+ {0, 0, 2, 0, 0, 7, 0, 4, 2, 0, 12, 12, 0, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12},
+ {1, 1, 0, 2, 2, 9, 8, 0, 5, 3, 1, 14, 14, 14, 0, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14},
+ {0, 0, 0, 4, 0, 1, 10, 9, 0, 6, 4, 2, 0, 16, 16, 16, 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {1, 1, 2, 3, 2, 3, 0, 11, 10, 0, 7, 5, 3, 1, 18, 18, 18, 18, 0, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18},
+ {0, 0, 2, 5, 4, 0, 2, 13, 12, 11, 0, 8, 6, 4, 2, 0, 20, 20, 20, 20, 0, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20},
+ {1, 1, 0, 1, 6, 2, 4, 1, 14, 13, 12, 0, 9, 7, 5, 3, 1, 22, 22, 22, 22, 22, 0, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22},
+ {0, 0, 0, 0, 4, 4, 0, 3, 0, 15, 14, 13, 0, 10, 8, 6, 4, 2, 0, 24, 24, 24, 24, 24, 0, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:173 + int s = getSize((char *) func_ptr); + memcpy(mem, func_ptr, s); +} morehouse wrote: > Why do we need to copy the function somewhere else? Looks very error-prone > and unnecessary. Also makes this patch larger than it needs to be. I'm copying the functions because otherwise, the generated machine code gets lost as soon as we exit that function's scope. So I'd have to run the functions inside `CreateJITFunction` if I don't copy it. I thought about doing it this way: moving the code from `RunFuncsOnInputs` to the bottom of `CreateJITFunction` and then comparing the arrays after both calls to `CreateJITFunction` inside `HandleLLVM`. Do you think that would be cleaner? Comment at: clang/tools/clang-fuzzer/handle-llvm/input_arrays.cpp:30 + memcpy(b2, InputArrays[b_index], ArraySize * sizeof(int)); + memcpy(c2, InputArrays[c_index], ArraySize * sizeof(int)); +} morehouse wrote: > Do the generated functions ever modify arrays a and b, or just c? If just c, > we can avoid lots of memcpys here. Right now the generated functions can modify any of the arrays. Repository: rC Clang https://reviews.llvm.org/D50194 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman updated this revision to Diff 158800.
emmettneyman added a comment.
Replaced hardcoded numbers with variables
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
clang/tools/clang-fuzzer/CMakeLists.txt
clang/tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
clang/tools/clang-fuzzer/handle-llvm/CMakeLists.txt
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.cpp
clang/tools/clang-fuzzer/handle-llvm/fuzzer_initialize.h
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
clang/tools/clang-fuzzer/handle-llvm/input_arrays.cpp
clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- /dev/null
+++ clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,134 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Declares helper functions for getting the inputs on which to call the
+// compiled functions.
+//
+//===--===//
+
+#include
+#include
+
+static const int ArraySize = 64;
+static const int NumArrays = 100;
+
+// Declare the arrays that will be fed to the compiled functions
+static int a1[ArraySize];
+static int b1[ArraySize];
+static int c1[ArraySize];
+static int a2[ArraySize];
+static int b2[ArraySize];
+static int c2[ArraySize];
+
+void UpdateArrays();
+
+std::string ArrayToString(int *arr, int s);
+
+// Define a corpus of possible inputs
+static int InputArrays[NumArrays][ArraySize] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4},
+ {1, 1, 0, 0, 1, 6, 0, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6},
+ {0, 0, 0, 5, 0, 2, 0, 8, 0, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8},
+ {1, 1, 2, 1, 6, 0, 3, 1, 10, 10, 0, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10},
+ {0, 0, 2, 0, 0, 7, 0, 4, 2, 0, 12, 12, 0, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12},
+ {1, 1, 0, 2, 2, 9, 8, 0, 5, 3, 1, 14, 14, 14, 0, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14},
+ {0, 0, 0, 4, 0, 1, 10, 9, 0, 6, 4, 2, 0, 16, 16, 16, 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {1, 1, 2, 3, 2, 3, 0, 11, 10, 0, 7, 5, 3, 1, 18, 18, 18, 18, 0, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18},
+ {0, 0, 2, 5, 4, 0, 2, 13, 12, 11, 0, 8, 6, 4, 2, 0, 20, 20, 20, 20, 0, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20},
+ {1, 1, 0, 1, 6, 2, 4, 1, 14, 13, 12, 0, 9, 7, 5, 3, 1, 22, 22, 22, 22, 22, 0, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22},
+ {0, 0, 0, 0, 4, 4, 0, 3, 0, 15, 14, 13, 0, 10, 8, 6, 4, 2, 0, 24, 24, 24, 24, 24, 0, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24},
+ {1, 1, 2, 2, 6, 6, 2, 5, 2, 17, 16, 15, 14, 0, 11, 9, 7, 5, 3, 1, 26, 26, 26, 26, 26, 26, 0, 26, 26, 26,
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman added inline comments. Comment at: clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp:173 + int s = getSize((char *) func_ptr); + memcpy(mem, func_ptr, s); +} morehouse wrote: > emmettneyman wrote: > > morehouse wrote: > > > Why do we need to copy the function somewhere else? Looks very > > > error-prone and unnecessary. Also makes this patch larger than it needs > > > to be. > > I'm copying the functions because otherwise, the generated machine code > > gets lost as soon as we exit that function's scope. So I'd have to run the > > functions inside `CreateJITFunction` if I don't copy it. > > > > I thought about doing it this way: moving the code from `RunFuncsOnInputs` > > to the bottom of `CreateJITFunction` and then comparing the arrays after > > both calls to `CreateJITFunction` inside `HandleLLVM`. Do you think that > > would be cleaner? > Or just increase the scope of `EE`. When I tried to increase the scope of `EE` (and also `M` since `EntryFunc` lives inside the module), the program segfaulted immediately after exiting `CreateJITFunc`, I think while trying to deconstruct an object from the function. I'm not sure if there's a way around this since there are so many objects being created inside `CreateJITFunc`. But it's definitely possible I'm missing something with how `unique_ptr` work. Repository: rC Clang https://reviews.llvm.org/D50194 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman added a comment. An unrelated question: Right now I have a mix of `static` and non-`static` functions in `handle_llvm.cpp`. Should they all be `static`? Repository: rC Clang https://reviews.llvm.org/D50194 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman updated this revision to Diff 159083.
emmettneyman added a comment.
Refactored code to avoid memcpy-ing function
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- /dev/null
+++ clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,125 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Define a few static variables used by the LLVM Proto Fuzzer
+//
+//===--===//
+
+#include
+#include
+
+static const int ArraySize = 64;
+static const int NumArrays = 100;
+
+// Define two arrays that will hold the input and output for the two functions
+static int OptArrays[NumArrays][ArraySize];
+static int UnoptArrays[NumArrays][ArraySize];
+
+// Define a corpus of possible inputs
+static int InputArrays[NumArrays][ArraySize] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {0, 0, 0, 5, 0, 2, 0, 8, 0, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8},
+ {1, 1, 2, 1, 6, 0, 3, 1, 10, 10, 0, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10},
+ {0, 0, 2, 0, 0, 7, 0, 4, 2, 0, 12, 12, 0, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12},
+ {1, 1, 0, 2, 2, 9, 8, 0, 5, 3, 1, 14, 14, 14, 0, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14},
+ {0, 0, 0, 4, 0, 1, 10, 9, 0, 6, 4, 2, 0, 16, 16, 16, 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {1, 1, 2, 3, 2, 3, 0, 11, 10, 0, 7, 5, 3, 1, 18, 18, 18, 18, 0, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18},
+ {0, 0, 2, 5, 4, 0, 2, 13, 12, 11, 0, 8, 6, 4, 2, 0, 20, 20, 20, 20, 0, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20},
+ {1, 1, 0, 1, 6, 2, 4, 1, 14, 13, 12, 0, 9, 7, 5, 3, 1, 22, 22, 22, 22, 22, 0, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22},
+ {0, 0, 0, 0, 4, 4, 0, 3, 0, 15, 14, 13, 0, 10, 8, 6, 4, 2, 0, 24, 24, 24, 24, 24, 0, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24},
+ {1, 1, 2, 2, 6, 6, 2, 5, 2, 17, 16, 15, 14, 0, 11, 9, 7, 5, 3, 1, 26, 26, 26, 26, 26, 26, 0, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26},
+ {0, 0, 2, 4, 0, 8, 4, 0, 4, 1, 18, 17, 16, 15, 0, 12, 10, 8, 6, 4, 2, 0, 28, 28, 28, 28, 28, 28, 0, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28},
+ {1, 1, 0, 3, 2, 5, 6, 2, 6, 3, 0, 19, 18,
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman added inline comments.
Comment at: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h:36
+ {1, 1, 2, 3, 2, 3, 0, 11, 10, 0, 7, 5, 3, 1, 18, 18, 18, 18, 0, 18, 18, 18,
18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18,
18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18,
18, 18},
+ {0, 0, 2, 5, 4, 0, 2, 13, 12, 11, 0, 8, 6, 4, 2, 0, 20, 20, 20, 20, 0, 20,
20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
20, 20},
+ {1, 1, 0, 1, 6, 2, 4, 1, 14, 13, 12, 0, 9, 7, 5, 3, 1, 22, 22, 22, 22, 22,
0, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22,
22, 22},
kcc wrote:
> constants are not diverse enough.
Yeah, I will completely redo the input arrays.
Repository:
rC Clang
https://reviews.llvm.org/D50194
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman updated this revision to Diff 159100.
emmettneyman added a comment.
Added static to some functions, made small fixes
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- /dev/null
+++ clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,126 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Define a few static variables used by the LLVM Proto Fuzzer
+//
+//===--===//
+
+#include
+#include
+
+static const int ArraySize = 64;
+static const int NumArrays = 100;
+static const int TotalSize = sizeof(int) * ArraySize * NumArrays;
+
+// Define two arrays that will hold the input and output for the two functions
+static int OptArrays[NumArrays][ArraySize];
+static int UnoptArrays[NumArrays][ArraySize];
+
+// Define a corpus of possible inputs
+static int InputArrays[NumArrays][ArraySize] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {0, 0, 0, 5, 0, 2, 0, 8, 0, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8},
+ {1, 1, 2, 1, 6, 0, 3, 1, 10, 10, 0, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10, 10},
+ {0, 0, 2, 0, 0, 7, 0, 4, 2, 0, 12, 12, 0, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12},
+ {1, 1, 0, 2, 2, 9, 8, 0, 5, 3, 1, 14, 14, 14, 0, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14},
+ {0, 0, 0, 4, 0, 1, 10, 9, 0, 6, 4, 2, 0, 16, 16, 16, 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {1, 1, 2, 3, 2, 3, 0, 11, 10, 0, 7, 5, 3, 1, 18, 18, 18, 18, 0, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18},
+ {0, 0, 2, 5, 4, 0, 2, 13, 12, 11, 0, 8, 6, 4, 2, 0, 20, 20, 20, 20, 0, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20},
+ {1, 1, 0, 1, 6, 2, 4, 1, 14, 13, 12, 0, 9, 7, 5, 3, 1, 22, 22, 22, 22, 22, 0, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22},
+ {0, 0, 0, 0, 4, 4, 0, 3, 0, 15, 14, 13, 0, 10, 8, 6, 4, 2, 0, 24, 24, 24, 24, 24, 0, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24},
+ {1, 1, 2, 2, 6, 6, 2, 5, 2, 17, 16, 15, 14, 0, 11, 9, 7, 5, 3, 1, 26, 26, 26, 26, 26, 26, 0, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26},
+ {0, 0, 2, 4, 0, 8, 4, 0, 4, 1, 18, 17, 16, 15, 0, 12, 10, 8, 6, 4, 2, 0, 28, 28, 28, 28, 28, 28, 0, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman updated this revision to Diff 159146.
emmettneyman added a comment.
New input arrays and minor fixes
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- /dev/null
+++ clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,118 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Define a few static variables used by the LLVM Proto Fuzzer
+//
+//===--===//
+
+#include
+
+static const int kArraySize = 64;
+static const int kNumArrays = 93;
+static const int kTotalSize = sizeof(int) * kArraySize * kNumArrays;
+
+// Define two arrays that will hold the input and output for the two functions
+static int OptArrays[kNumArrays][kArraySize];
+static int UnoptArrays[kNumArrays][kArraySize];
+
+// Define a corpus of possible inputs
+static int InputArrays[kNumArrays][kArraySize] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX},
+ {INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255},
+ {1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024},
+ {65535, 65535, 65535, 65535, 65535, 65535, 65535, 65535, 65535,
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
emmettneyman updated this revision to Diff 159151.
emmettneyman added a comment.
ready to land
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
clang/tools/clang-fuzzer/handle-llvm/handle_llvm.h
clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- /dev/null
+++ clang/tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,118 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Define a few static variables used by the LLVM Proto Fuzzer
+//
+//===--===//
+
+#include
+
+static const int kArraySize = 64;
+static const int kNumArrays = 93;
+static const int kTotalSize = sizeof(int) * kArraySize * kNumArrays;
+
+// Define two arrays that will hold the input and output for the two functions
+static int OptArrays[kNumArrays][kArraySize];
+static int UnoptArrays[kNumArrays][kArraySize];
+
+// Define a corpus of possible inputs
+static int InputArrays[kNumArrays][kArraySize] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX},
+ {INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255},
+ {1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024},
+ {65535, 65535, 65535, 65535, 65535, 65535, 65535, 65535, 65535, 65535, 65535, 6553
[PATCH] D50194: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
This revision was automatically updated to reflect the committed changes.
Closed by commit rC338943: LLVM Proto Fuzzer - Run Functions on Suite of Inputs
(authored by emmettneyman, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D50194?vs=159151&id=159152#toc
Repository:
rC Clang
https://reviews.llvm.org/D50194
Files:
tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
tools/clang-fuzzer/handle-llvm/handle_llvm.h
tools/clang-fuzzer/handle-llvm/input_arrays.h
Index: tools/clang-fuzzer/handle-llvm/input_arrays.h
===
--- tools/clang-fuzzer/handle-llvm/input_arrays.h
+++ tools/clang-fuzzer/handle-llvm/input_arrays.h
@@ -0,0 +1,118 @@
+//==-- input_arrays.h - Helper function for LLVM fuzzer inputs -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Define a few static variables used by the LLVM Proto Fuzzer
+//
+//===--===//
+
+#include
+
+static const int kArraySize = 64;
+static const int kNumArrays = 93;
+static const int kTotalSize = sizeof(int) * kArraySize * kNumArrays;
+
+// Define two arrays that will hold the input and output for the two functions
+static int OptArrays[kNumArrays][kArraySize];
+static int UnoptArrays[kNumArrays][kArraySize];
+
+// Define a corpus of possible inputs
+static int InputArrays[kNumArrays][kArraySize] =
+{ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
+ {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
+ {INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX, INT_MAX},
+ {INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN, INT_MIN},
+ {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1},
+ {16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16},
+ {255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255},
+ {1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 1024, 102
[PATCH] D47665: Refactored clang-fuzzer in preparation for adding new loop-proto-fuzzer
emmettneyman created this revision.
emmettneyman added reviewers: vitalybuka, kcc, morehouse.
Herald added subscribers: cfe-commits, mgorny.
Refactored LLVMFuzzerInitialize function into its own file.
Copied and renamed files in preparation for new loop-proto-fuzzer.
Repository:
rC Clang
https://reviews.llvm.org/D47665
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp
Index: tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp
+++ tools/clang-fuzzer/proto-to-cxx/proto_to_cxx_main.cpp
@@ -23,8 +23,9 @@
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::ProtoToCxx(
-reinterpret_cast(str.data()), str.size());
+//std::cout << clang_fuzzer::ProtoToCxx(
+//reinterpret_cast(str.data()), str.size());
+std::cout << clang_fuzzer::ProtoStringToCxx(str);
}
}
Index: tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
===
--- tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
+++ tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
@@ -19,4 +19,5 @@
class Function;
std::string FunctionToString(const Function &input);
std::string ProtoToCxx(const uint8_t *data, size_t size);
+std::string ProtoStringToCxx(const std::string& data);
}
Index: tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
+++ tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
@@ -14,6 +14,10 @@
#include "proto_to_cxx.h"
#include "cxx_proto.pb.h"
+// The following is needed to convert protos in human-readable form
+#include
+
+
#include
#include
@@ -95,7 +99,13 @@
std::string ProtoToCxx(const uint8_t *data, size_t size) {
Function message;
if (!message.ParsePartialFromArray(data, size))
-return "#error invalid proto\n";
+return "#error invalid proto, may not be binary encoded\n";
+ return FunctionToString(message);
+}
+std::string ProtoStringToCxx(const std::string& data) {
+ Function message;
+ if (!google::protobuf::TextFormat::ParseFromString(data, &message))
+return "#error invalid proto, may not be string encoded\n";
return FunctionToString(message);
}
Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
===
--- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
+++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
@@ -18,12 +18,15 @@
#include "handle-cxx/handle_cxx.h"
#include "proto-to-cxx/proto_to_cxx.h"
+#include "FuzzerInitialize.h"
+
#include "src/libfuzzer/libfuzzer_macro.h"
#include
using namespace clang_fuzzer;
+/*
static std::vector CLArgs;
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
@@ -37,8 +40,9 @@
}
return 0;
}
+*/
-DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
+DEFINE_PROTO_FUZZER(const Function& input) {
auto S = FunctionToString(input);
HandleCXX(S, CLArgs);
}
Index: tools/clang-fuzzer/CMakeLists.txt
===
--- tools/clang-fuzzer/CMakeLists.txt
+++ tools/clang-fuzzer/CMakeLists.txt
@@ -14,6 +14,7 @@
ClangFuzzer.cpp
DummyClangFuzzer.cpp
ExampleClangProtoFuzzer.cpp
+ FuzzerInitialize.cpp
)
if(CLANG_ENABLE_PROTO_FUZZER)
@@ -44,6 +45,7 @@
add_clang_executable(clang-proto-fuzzer
${DUMMY_MAIN}
ExampleClangProtoFuzzer.cpp
+FuzzerInitialize.cpp
)
target_link_libraries(clang-proto-fuzzer
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman created this revision.
emmettneyman added reviewers: vitalybuka, kcc, morehouse.
Herald added subscribers: cfe-commits, mgorny.
Refactored LLVMFuzzerInitialize function into its own file.
Copied and renamed some files in preparation for new loop-proto-fuzzer.
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/FuzzerInitialize.cpp
tools/clang-fuzzer/FuzzerInitialize.h
tools/clang-fuzzer/experimental/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/experimental/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,34 @@
+//==-- proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion --==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "loop_proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::ProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+// std::cout << clang_fuzzer::ProtoStringToCxx(str);
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
@@ -0,0 +1,24 @@
+//==-- proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and C++.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class Function;
+std::string FunctionToString(const Function &input);
+std::string ProtoToCxx(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- proto_to_cxx.cpp - Protobuf-C++ conversion --==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include "loop_proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ return os << "a[" << (static_cast(x.varnum()) % 100) << "]";
+}
+std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
+ return os << x.varref();
+}
+std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
+if (x.has_varref()) return os << x.varref();
+if (x.has_cons()) return os << x.cons();
+if (x.has_binop()) return os << x.binop();
+return os << "1";
+}
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x)
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149585.
emmettneyman added a comment.
- Took out a debug print statement
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/FuzzerInitialize.cpp
tools/clang-fuzzer/FuzzerInitialize.h
tools/clang-fuzzer/experimental/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/experimental/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,34 @@
+//==-- proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion --==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "loop_proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::ProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+// std::cout << clang_fuzzer::ProtoStringToCxx(str);
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
@@ -0,0 +1,24 @@
+//==-- proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and C++.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class Function;
+std::string FunctionToString(const Function &input);
+std::string ProtoToCxx(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- proto_to_cxx.cpp - Protobuf-C++ conversion --==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include "loop_proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ return os << "a[" << (static_cast(x.varnum()) % 100) << "]";
+}
+std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
+ return os << x.varref();
+}
+std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
+if (x.has_varref()) return os << x.varref();
+if (x.has_cons()) return os << x.cons();
+if (x.has_binop()) return os << x.binop();
+return os << "1";
+}
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x) {
+ os << "(" << x.left();
+ switch (x.op()) {
+case BinaryOp::PLUS: os << "+"; break;
+case BinaryOp::MINUS: os << "-"; break;
+case BinaryOp:
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149807.
emmettneyman added a comment.
- Changed CLArgs into getter and deleted commented code
1. Updating https://reviews.llvm.org/D47666: Refactored clang-fuzzer and added
new (copy) files #
2. Enter a brief description of the changes included in this update.
3. The first line is used as subject, next lines as comment.
Made changes in response to comments
Removed commented out code
Changed CLArgs to be a getter method
Removed LLVMFuzzerInitialize decl from header file
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/FuzzerInitialize.cpp
tools/clang-fuzzer/FuzzerInitialize.h
tools/clang-fuzzer/experimental/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/experimental/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,34 @@
+//==-- proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion --==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "loop_proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::ProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+// std::cout << clang_fuzzer::ProtoStringToCxx(str);
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.h
@@ -0,0 +1,24 @@
+//==-- proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and C++.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class Function;
+std::string FunctionToString(const Function &input);
+std::string ProtoToCxx(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/experimental/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- proto_to_cxx.cpp - Protobuf-C++ conversion --==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include "loop_proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ return os << "a[" << (static_cast(x.varnum()) % 100) << "]";
+}
+std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
+ return os << x.varref();
+}
+std::ostream &operator<<(std::ostream &os, const Rv
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149850.
emmettneyman added a comment.
- Updated and added header comments to two new files. Deleted loop fuzzer files.
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/FuzzerInitialize.cpp
tools/clang-fuzzer/FuzzerInitialize.h
Index: tools/clang-fuzzer/FuzzerInitialize.h
===
--- /dev/null
+++ tools/clang-fuzzer/FuzzerInitialize.h
@@ -0,0 +1,25 @@
+//==-- proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines a function that returns the command line arguments for a specific
+// call to the fuzz target.
+//
+//===--===//
+
+#include "handle-cxx/handle_cxx.h"
+#include "proto-to-cxx/proto_to_cxx.h"
+
+#include "src/libfuzzer/libfuzzer_macro.h"
+
+#include
+
+namespace clang_fuzzer {
+const std::vector& GetCLArgs();
+}
+
Index: tools/clang-fuzzer/FuzzerInitialize.cpp
===
--- tools/clang-fuzzer/FuzzerInitialize.cpp
+++ tools/clang-fuzzer/FuzzerInitialize.cpp
@@ -1,4 +1,4 @@
-//===-- ExampleClangProtoFuzzer.cpp - Fuzz Clang --===//
+//===-- FuzzerInitialize.cpp - Fuzz Clang -===//
//
// The LLVM Compiler Infrastructure
//
@@ -8,24 +8,29 @@
//===--===//
///
/// \file
-/// This file implements a function that runs Clang on a single
-/// input and uses libprotobuf-mutator to find new inputs. This function is
-/// then linked into the Fuzzer library.
+/// This file implements two functions: one that returns the command line
+/// arguments for a given call to the fuzz target and one that initializes
+/// the fuzzer with the correct command line arguments.
///
//===--===//
#include "cxx_proto.pb.h"
-#include "handle-cxx/handle_cxx.h"
-#include "proto-to-cxx/proto_to_cxx.h"
-#include "src/libfuzzer/libfuzzer_macro.h"
-
-#include
+#include "FuzzerInitialize.h"
using namespace clang_fuzzer;
+
+namespace clang_fuzzer {
+
static std::vector CLArgs;
+const std::vector& GetCLArgs() {
+ return CLArgs;
+}
+
+}
+
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
CLArgs.push_back("-O2");
for (int I = 1; I < *argc; I++) {
@@ -38,7 +43,3 @@
return 0;
}
-DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
- auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
-}
Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
===
--- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
+++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
@@ -18,27 +18,14 @@
#include "handle-cxx/handle_cxx.h"
#include "proto-to-cxx/proto_to_cxx.h"
+#include "FuzzerInitialize.h"
#include "src/libfuzzer/libfuzzer_macro.h"
#include
using namespace clang_fuzzer;
-static std::vector CLArgs;
-
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
- CLArgs.push_back("-O2");
- for (int I = 1; I < *argc; I++) {
-if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
- for (I++; I < *argc; I++)
-CLArgs.push_back((*argv)[I]);
- break;
-}
- }
- return 0;
-}
-
DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
+ HandleCXX(S, GetCLArgs());
}
Index: tools/clang-fuzzer/CMakeLists.txt
===
--- tools/clang-fuzzer/CMakeLists.txt
+++ tools/clang-fuzzer/CMakeLists.txt
@@ -14,6 +14,7 @@
ClangFuzzer.cpp
DummyClangFuzzer.cpp
ExampleClangProtoFuzzer.cpp
+ FuzzerInitialize.cpp
)
if(CLANG_ENABLE_PROTO_FUZZER)
@@ -44,6 +45,7 @@
add_clang_executable(clang-proto-fuzzer
${DUMMY_MAIN}
ExampleClangProtoFuzzer.cpp
+FuzzerInitialize.cpp
)
target_link_libraries(clang-proto-fuzzer
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149851.
emmettneyman added a comment.
- Fixed file header comment
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/FuzzerInitialize.cpp
tools/clang-fuzzer/FuzzerInitialize.h
Index: tools/clang-fuzzer/FuzzerInitialize.h
===
--- /dev/null
+++ tools/clang-fuzzer/FuzzerInitialize.h
@@ -0,0 +1,25 @@
+//==-- FuzzerInitialize.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines a function that returns the command line arguments for a specific
+// call to the fuzz target.
+//
+//===--===//
+
+#include "handle-cxx/handle_cxx.h"
+#include "proto-to-cxx/proto_to_cxx.h"
+
+#include "src/libfuzzer/libfuzzer_macro.h"
+
+#include
+
+namespace clang_fuzzer {
+const std::vector& GetCLArgs();
+}
+
Index: tools/clang-fuzzer/FuzzerInitialize.cpp
===
--- tools/clang-fuzzer/FuzzerInitialize.cpp
+++ tools/clang-fuzzer/FuzzerInitialize.cpp
@@ -1,4 +1,4 @@
-//===-- ExampleClangProtoFuzzer.cpp - Fuzz Clang --===//
+//===-- FuzzerInitialize.cpp - Fuzz Clang -===//
//
// The LLVM Compiler Infrastructure
//
@@ -8,24 +8,29 @@
//===--===//
///
/// \file
-/// This file implements a function that runs Clang on a single
-/// input and uses libprotobuf-mutator to find new inputs. This function is
-/// then linked into the Fuzzer library.
+/// This file implements two functions: one that returns the command line
+/// arguments for a given call to the fuzz target and one that initializes
+/// the fuzzer with the correct command line arguments.
///
//===--===//
#include "cxx_proto.pb.h"
-#include "handle-cxx/handle_cxx.h"
-#include "proto-to-cxx/proto_to_cxx.h"
-#include "src/libfuzzer/libfuzzer_macro.h"
-
-#include
+#include "FuzzerInitialize.h"
using namespace clang_fuzzer;
+
+namespace clang_fuzzer {
+
static std::vector CLArgs;
+const std::vector& GetCLArgs() {
+ return CLArgs;
+}
+
+}
+
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
CLArgs.push_back("-O2");
for (int I = 1; I < *argc; I++) {
@@ -38,7 +43,3 @@
return 0;
}
-DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
- auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
-}
Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
===
--- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
+++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
@@ -18,27 +18,14 @@
#include "handle-cxx/handle_cxx.h"
#include "proto-to-cxx/proto_to_cxx.h"
+#include "FuzzerInitialize.h"
#include "src/libfuzzer/libfuzzer_macro.h"
#include
using namespace clang_fuzzer;
-static std::vector CLArgs;
-
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
- CLArgs.push_back("-O2");
- for (int I = 1; I < *argc; I++) {
-if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
- for (I++; I < *argc; I++)
-CLArgs.push_back((*argv)[I]);
- break;
-}
- }
- return 0;
-}
-
DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
+ HandleCXX(S, GetCLArgs());
}
Index: tools/clang-fuzzer/CMakeLists.txt
===
--- tools/clang-fuzzer/CMakeLists.txt
+++ tools/clang-fuzzer/CMakeLists.txt
@@ -14,6 +14,7 @@
ClangFuzzer.cpp
DummyClangFuzzer.cpp
ExampleClangProtoFuzzer.cpp
+ FuzzerInitialize.cpp
)
if(CLANG_ENABLE_PROTO_FUZZER)
@@ -44,6 +45,7 @@
add_clang_executable(clang-proto-fuzzer
${DUMMY_MAIN}
ExampleClangProtoFuzzer.cpp
+FuzzerInitialize.cpp
)
target_link_libraries(clang-proto-fuzzer
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149854.
emmettneyman added a comment.
- Another edit to the file header comments.
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/FuzzerInitialize.cpp
tools/clang-fuzzer/FuzzerInitialize.h
Index: tools/clang-fuzzer/FuzzerInitialize.h
===
--- /dev/null
+++ tools/clang-fuzzer/FuzzerInitialize.h
@@ -0,0 +1,25 @@
+//==-- FuzzerInitialize.h - Fuzz Clang -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines a function that returns the command line arguments for a specific
+// call to the fuzz target.
+//
+//===--===//
+
+#include "handle-cxx/handle_cxx.h"
+#include "proto-to-cxx/proto_to_cxx.h"
+
+#include "src/libfuzzer/libfuzzer_macro.h"
+
+#include
+
+namespace clang_fuzzer {
+const std::vector& GetCLArgs();
+}
+
Index: tools/clang-fuzzer/FuzzerInitialize.cpp
===
--- tools/clang-fuzzer/FuzzerInitialize.cpp
+++ tools/clang-fuzzer/FuzzerInitialize.cpp
@@ -1,4 +1,4 @@
-//===-- ExampleClangProtoFuzzer.cpp - Fuzz Clang --===//
+//===-- FuzzerInitialize.cpp - Fuzz Clang -===//
//
// The LLVM Compiler Infrastructure
//
@@ -8,24 +8,29 @@
//===--===//
///
/// \file
-/// This file implements a function that runs Clang on a single
-/// input and uses libprotobuf-mutator to find new inputs. This function is
-/// then linked into the Fuzzer library.
+/// This file implements two functions: one that returns the command line
+/// arguments for a given call to the fuzz target and one that initializes
+/// the fuzzer with the correct command line arguments.
///
//===--===//
#include "cxx_proto.pb.h"
-#include "handle-cxx/handle_cxx.h"
-#include "proto-to-cxx/proto_to_cxx.h"
-#include "src/libfuzzer/libfuzzer_macro.h"
-
-#include
+#include "FuzzerInitialize.h"
using namespace clang_fuzzer;
+
+namespace clang_fuzzer {
+
static std::vector CLArgs;
+const std::vector& GetCLArgs() {
+ return CLArgs;
+}
+
+}
+
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
CLArgs.push_back("-O2");
for (int I = 1; I < *argc; I++) {
@@ -38,7 +43,3 @@
return 0;
}
-DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
- auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
-}
Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
===
--- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
+++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
@@ -18,27 +18,14 @@
#include "handle-cxx/handle_cxx.h"
#include "proto-to-cxx/proto_to_cxx.h"
+#include "FuzzerInitialize.h"
#include "src/libfuzzer/libfuzzer_macro.h"
#include
using namespace clang_fuzzer;
-static std::vector CLArgs;
-
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
- CLArgs.push_back("-O2");
- for (int I = 1; I < *argc; I++) {
-if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
- for (I++; I < *argc; I++)
-CLArgs.push_back((*argv)[I]);
- break;
-}
- }
- return 0;
-}
-
DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
+ HandleCXX(S, GetCLArgs());
}
Index: tools/clang-fuzzer/CMakeLists.txt
===
--- tools/clang-fuzzer/CMakeLists.txt
+++ tools/clang-fuzzer/CMakeLists.txt
@@ -14,6 +14,7 @@
ClangFuzzer.cpp
DummyClangFuzzer.cpp
ExampleClangProtoFuzzer.cpp
+ FuzzerInitialize.cpp
)
if(CLANG_ENABLE_PROTO_FUZZER)
@@ -44,6 +45,7 @@
add_clang_executable(clang-proto-fuzzer
${DUMMY_MAIN}
ExampleClangProtoFuzzer.cpp
+FuzzerInitialize.cpp
)
target_link_libraries(clang-proto-fuzzer
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman added a comment. In https://reviews.llvm.org/D47666#1121608, @emmettneyman wrote: > - Updated and added header comments to two new files. Deleted loop fuzzer > files. I will commit the loop fuzzer files in a future patch. Repository: rC Clang https://reviews.llvm.org/D47666 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149867.
emmettneyman added a comment.
- Refactored FuzzerInitialize into library
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
Index: tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
===
--- /dev/null
+++ tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
@@ -0,0 +1,20 @@
+//==-- fuzzer_initialize.h - Fuzz Clang ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines a function that returns the command line arguments for a specific
+// call to the fuzz target.
+//
+//===--===//
+
+#include "src/libfuzzer/libfuzzer_macro.h"
+
+namespace clang_fuzzer {
+const std::vector& GetCLArgs();
+}
+
Index: tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
===
--- tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
+++ tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
@@ -1,4 +1,4 @@
-//===-- ExampleClangProtoFuzzer.cpp - Fuzz Clang --===//
+//===-- fuzzer_initialize.cpp - Fuzz Clang ===//
//
// The LLVM Compiler Infrastructure
//
@@ -8,24 +8,27 @@
//===--===//
///
/// \file
-/// This file implements a function that runs Clang on a single
-/// input and uses libprotobuf-mutator to find new inputs. This function is
-/// then linked into the Fuzzer library.
+/// This file implements two functions: one that returns the command line
+/// arguments for a given call to the fuzz target and one that initializes
+/// the fuzzer with the correct command line arguments.
///
//===--===//
-#include "cxx_proto.pb.h"
-#include "handle-cxx/handle_cxx.h"
-#include "proto-to-cxx/proto_to_cxx.h"
+#include "fuzzer_initialize.h"
-#include "src/libfuzzer/libfuzzer_macro.h"
+using namespace clang_fuzzer;
-#include
-using namespace clang_fuzzer;
+namespace clang_fuzzer {
static std::vector CLArgs;
+const std::vector& GetCLArgs() {
+ return CLArgs;
+}
+
+}
+
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
CLArgs.push_back("-O2");
for (int I = 1; I < *argc; I++) {
@@ -38,7 +41,3 @@
return 0;
}
-DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
- auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
-}
Index: tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
===
--- /dev/null
+++ tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
@@ -0,0 +1,3 @@
+set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} Support)
+
+add_clang_library(clangFuzzerInit fuzzer_initialize.cpp)
Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
===
--- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
+++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
@@ -17,28 +17,14 @@
#include "cxx_proto.pb.h"
#include "handle-cxx/handle_cxx.h"
#include "proto-to-cxx/proto_to_cxx.h"
-
+#include "fuzzer-initialize/fuzzer_initialize.h"
#include "src/libfuzzer/libfuzzer_macro.h"
#include
using namespace clang_fuzzer;
-static std::vector CLArgs;
-
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
- CLArgs.push_back("-O2");
- for (int I = 1; I < *argc; I++) {
-if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
- for (I++; I < *argc; I++)
-CLArgs.push_back((*argv)[I]);
- break;
-}
- }
- return 0;
-}
-
DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
+ HandleCXX(S, GetCLArgs());
}
Index: tools/clang-fuzzer/CMakeLists.txt
===
--- tools/clang-fuzzer/CMakeLists.txt
+++ tools/clang-fuzzer/CMakeLists.txt
@@ -39,6 +39,9 @@
# Build the protobuf->C++ translation library and driver.
add_clang_subdirectory(proto-to-cxx)
+
+ # Build the fuzzer initialization library.
+ add_clang_subdirectory(fuzzer-initialize)
# Build the protobuf fuzzer
add_clang_executable(clang-proto-fuzzer
@@ -52,6 +55,7 @@
${PROTOBUF_LIBRARIES}
${LLVM_LIB_FUZZING_ENGINE}
clangCXXProto
+clangFuzze
[PATCH] D47666: Refactored clang-fuzzer and added new (copy) files
emmettneyman updated this revision to Diff 149872.
emmettneyman added a comment.
- Removed unecessary includes and renamed library.
Repository:
rC Clang
https://reviews.llvm.org/D47666
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
Index: tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
===
--- /dev/null
+++ tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
@@ -0,0 +1,20 @@
+//==-- fuzzer_initialize.h - Fuzz Clang ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines a function that returns the command line arguments for a specific
+// call to the fuzz target.
+//
+//===--===//
+
+#include
+
+namespace clang_fuzzer {
+const std::vector& GetCLArgs();
+}
+
Index: tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
===
--- tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
+++ tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
@@ -1,4 +1,4 @@
-//===-- ExampleClangProtoFuzzer.cpp - Fuzz Clang --===//
+//===-- fuzzer_initialize.cpp - Fuzz Clang ===//
//
// The LLVM Compiler Infrastructure
//
@@ -8,24 +8,28 @@
//===--===//
///
/// \file
-/// This file implements a function that runs Clang on a single
-/// input and uses libprotobuf-mutator to find new inputs. This function is
-/// then linked into the Fuzzer library.
+/// This file implements two functions: one that returns the command line
+/// arguments for a given call to the fuzz target and one that initializes
+/// the fuzzer with the correct command line arguments.
///
//===--===//
-#include "cxx_proto.pb.h"
-#include "handle-cxx/handle_cxx.h"
-#include "proto-to-cxx/proto_to_cxx.h"
-
-#include "src/libfuzzer/libfuzzer_macro.h"
-
+#include "fuzzer_initialize.h"
#include
using namespace clang_fuzzer;
+
+namespace clang_fuzzer {
+
static std::vector CLArgs;
+const std::vector& GetCLArgs() {
+ return CLArgs;
+}
+
+}
+
extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
CLArgs.push_back("-O2");
for (int I = 1; I < *argc; I++) {
@@ -38,7 +42,3 @@
return 0;
}
-DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
- auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
-}
Index: tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
===
--- /dev/null
+++ tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
@@ -0,0 +1,3 @@
+set(LLVM_LINK_COMPONENTS ${LLVM_TARGETS_TO_BUILD} Support)
+
+add_clang_library(clangFuzzerInitialize fuzzer_initialize.cpp)
Index: tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
===
--- tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
+++ tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
@@ -17,28 +17,12 @@
#include "cxx_proto.pb.h"
#include "handle-cxx/handle_cxx.h"
#include "proto-to-cxx/proto_to_cxx.h"
-
+#include "fuzzer-initialize/fuzzer_initialize.h"
#include "src/libfuzzer/libfuzzer_macro.h"
-#include
-
using namespace clang_fuzzer;
-static std::vector CLArgs;
-
-extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv) {
- CLArgs.push_back("-O2");
- for (int I = 1; I < *argc; I++) {
-if (strcmp((*argv)[I], "-ignore_remaining_args=1") == 0) {
- for (I++; I < *argc; I++)
-CLArgs.push_back((*argv)[I]);
- break;
-}
- }
- return 0;
-}
-
DEFINE_BINARY_PROTO_FUZZER(const Function& input) {
auto S = FunctionToString(input);
- HandleCXX(S, CLArgs);
+ HandleCXX(S, GetCLArgs());
}
Index: tools/clang-fuzzer/CMakeLists.txt
===
--- tools/clang-fuzzer/CMakeLists.txt
+++ tools/clang-fuzzer/CMakeLists.txt
@@ -39,6 +39,9 @@
# Build the protobuf->C++ translation library and driver.
add_clang_subdirectory(proto-to-cxx)
+
+ # Build the fuzzer initialization library.
+ add_clang_subdirectory(fuzzer-initialize)
# Build the protobuf fuzzer
add_clang_executable(clang-proto-fuzzer
@@ -52,6 +55,7 @@
${PROTOBUF_LIBRARIES}
${LLVM_LIB_FUZZING_ENGINE}
clangCXXProto
+clangFuzzerInitialize
clangHandleCXX
clangProt
[PATCH] D47843: Introducing single for loop into clang_proto_fuzzer
emmettneyman created this revision.
emmettneyman added reviewers: kcc, vitalybuka, morehouse.
Herald added subscribers: cfe-commits, mgorny.
Created a new protobuf and protobuf-to-C++ "converter" that wraps the entire
C++ code in a single for loop.
- Slightly changed cxx_proto.proto -> cxx_loop_proto.proto
- Made some changes to proto_to_cxx files to handle the new kind of protobuf
- Created ExampleClangLoopProtoFuzzer to test new protobuf and "converter"
Repository:
rC Clang
https://reviews.llvm.org/D47843
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,33 @@
+//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf with loops.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "loop_proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
@@ -0,0 +1,22 @@
+//==-- loop_proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs with loops and C++.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class Function;
+std::string FunctionToString(const Function &input);
+std::string LoopProtoToCxx(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
+++ tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
@@ -1,3 +1,4 @@
+//M
//==-- proto_to_cxx.cpp - Protobuf-C++ conversion --==//
//
// The LLVM Compiler Infrastructure
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -1,18 +1,25 @@
-//==-- proto_to_cxx.cpp - Protobuf-C++ conversion --==//
+//==-- loop_proto_to_cxx.cpp - Protobuf-C++ conversion -==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements functions for converting between protobufs and C++.
+// Implements functions for converting between protobufs and C++. Extends
+// proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
+// loop. Also coutputs a different function signature that includes a
+// size_t parameter for the loop to use.
//
//===--===//
-#include "proto_to_cxx.h"
-#include "cxx_proto.pb.h"
+#include "loop_proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
#include
#include
@@ -28,7 +35,11 @@
return os << "(" << x.val() << ")";
}
std::ostream &operator<<(std::ostream &os, const VarRef &x) {
- return
[PATCH] D47843: Introducing single for loop into clang_proto_fuzzer
emmettneyman updated this revision to Diff 150192.
emmettneyman added a comment.
Took out typo'd comment
Repository:
rC Clang
https://reviews.llvm.org/D47843
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/ExampleClangProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/fuzzer-initialize/CMakeLists.txt
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.h
tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,33 @@
+//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf with loops.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "loop_proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
@@ -0,0 +1,22 @@
+//==-- loop_proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs with loops and C++.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class Function;
+std::string FunctionToString(const Function &input);
+std::string LoopProtoToCxx(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- loop_proto_to_cxx.cpp - Protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++. Extends
+// proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
+// loop. Also coutputs a different function signature that includes a
+// size_t parameter for the loop to use.
+//
+//===--===//
+
+#include "loop_proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ if (x.is_loop_var()) {
+return os << "a[loop_ctr]";
+ } else {
+return os << "a[" << static_cast(x.varnum()) << " % s]";
+ }
+}
+std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
+ return os << x.varref();
+}
+std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
+if (x.has_varref()) return os << x.varref();
+if (x.has_cons()) return os << x.cons();
+if (x.has_binop()) return os << x.binop();
+return os << "1";
+}
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x) {
+ os << "(" << x.left();
+ switch (x.op()) {
+cas
[PATCH] D47843: Introducing single for loop into clang_proto_fuzzer
emmettneyman updated this revision to Diff 150200.
emmettneyman added a comment.
Hopefully rebased correctly.
Repository:
rC Clang
https://reviews.llvm.org/D47843
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/fuzzer-initialize/fuzzer_initialize.cpp
tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,33 @@
+//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf with loops.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "loop_proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
@@ -0,0 +1,22 @@
+//==-- loop_proto_to_cxx.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs with loops and C++.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class Function;
+std::string FunctionToString(const Function &input);
+std::string LoopProtoToCxx(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- loop_proto_to_cxx.cpp - Protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++. Extends
+// proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
+// loop. Also coutputs a different function signature that includes a
+// size_t parameter for the loop to use.
+//
+//===--===//
+
+#include "loop_proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ if (x.is_loop_var()) {
+return os << "a[loop_ctr]";
+ } else {
+return os << "a[" << static_cast(x.varnum()) << " % s]";
+ }
+}
+std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
+ return os << x.varref();
+}
+std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
+if (x.has_varref()) return os << x.varref();
+if (x.has_cons()) return os << x.cons();
+if (x.has_binop()) return os << x.binop();
+return os << "1";
+}
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x) {
+ os << "(" << x.left();
+ switch (x.op()) {
+case BinaryOp::PLUS: os << "+"; break;
+case BinaryOp::MINUS: os << "-"; break;
+case BinaryOp::MUL: os << "*"; break;
+case BinaryOp::DIV: os << "/
[PATCH] D47843: Introducing single for loop into clang_proto_fuzzer
emmettneyman updated this revision to Diff 150213.
emmettneyman added a comment.
- Combined two header files into one
Repository:
rC Clang
https://reviews.llvm.org/D47843
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,33 @@
+//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf with loops.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
===
--- tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
+++ tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
@@ -17,6 +17,10 @@
namespace clang_fuzzer {
class Function;
+class LoopFunction;
+
std::string FunctionToString(const Function &input);
std::string ProtoToCxx(const uint8_t *data, size_t size);
+std::string LoopFunctionToString(const LoopFunction &input);
+std::string LoopProtoToCxx(const uint8_t *data, size_t size);
}
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
===
--- tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.h
@@ -1,22 +1,20 @@
-//==-- proto_to_cxx.h - Protobuf-C++ conversion ==//
+//==-- loop_proto_to_cxx.h - Protobuf-C++ conversion ==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Defines functions for converting between protobufs and C++.
+// Defines functions for converting between protobufs with loops and C++.
//
//===--===//
#include
#include
#include
namespace clang_fuzzer {
-class Function;
-std::string FunctionToString(const Function &input);
-std::string ProtoToCxx(const uint8_t *data, size_t size);
+class LoopFunction;
}
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- loop_proto_to_cxx.cpp - Protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++. Extends
+// proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
+// loop. Also coutputs a different function signature that includes a
+// size_t parameter for the loop to use.
+//
+//===--===//
+
+#include "proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ i
[PATCH] D47843: Introducing single for loop into clang_proto_fuzzer
emmettneyman updated this revision to Diff 150365.
emmettneyman added a comment.
- refactored cmake and deleted header file
Repository:
rC Clang
https://reviews.llvm.org/D47843
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLoopProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/CMakeLists.txt
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
Index: tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
===
--- tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
+++ tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.h
@@ -17,6 +17,10 @@
namespace clang_fuzzer {
class Function;
+class LoopFunction;
+
std::string FunctionToString(const Function &input);
std::string ProtoToCxx(const uint8_t *data, size_t size);
+std::string LoopFunctionToString(const LoopFunction &input);
+std::string LoopProtoToCxx(const uint8_t *data, size_t size);
}
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
@@ -0,0 +1,33 @@
+//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements a simple driver to print a C++ program from a protobuf with loops.
+//
+//===--===//
+
+// This is a copy and will be updated later to introduce changes
+
+#include
+#include
+#include
+#include
+
+#include "proto_to_cxx.h"
+
+int main(int argc, char **argv) {
+ for (int i = 1; i < argc; i++) {
+std::fstream in(argv[i]);
+std::string str((std::istreambuf_iterator(in)),
+std::istreambuf_iterator());
+std::cout << "// " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToCxx(
+reinterpret_cast(str.data()), str.size());
+ }
+}
+
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -0,0 +1,115 @@
+//==-- loop_proto_to_cxx.cpp - Protobuf-C++ conversion -==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and C++. Extends
+// proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
+// loop. Also coutputs a different function signature that includes a
+// size_t parameter for the loop to use.
+//
+//===--===//
+
+#include "proto_to_cxx.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Proto to C++.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "(" << x.val() << ")";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ if (x.is_loop_var()) {
+return os << "a[loop_ctr]";
+ } else {
+return os << "a[" << static_cast(x.varnum()) << " % s]";
+ }
+}
+std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
+ return os << x.varref();
+}
+std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
+if (x.has_varref()) return os << x.varref();
+if (x.has_cons()) return os << x.cons();
+if (x.has_binop()) return os << x.binop();
+return os << "1";
+}
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x) {
+ os << "(" << x.left();
+ switch (x.op()) {
+case BinaryOp::PLUS: os << "+"; break;
+case BinaryOp::MINUS: os << "-"; break;
+case BinaryOp::MUL: os << "*"; break;
+case BinaryOp::DIV: os << "/"; break;
+case BinaryOp::MOD: os << "%"; break;
+case BinaryOp::XOR: os << "^"; break;
+case BinaryOp::AND: os << "&"; break;
+case BinaryOp::OR: os << "|"; break;
+case BinaryOp::EQ: os << "=="; break;
+case BinaryOp::NE: os << "!="; break;
+case BinaryOp::LE: os << "<="; break;
+case BinaryOp::GE: os << ">="; break;
+case BinaryOp::LT: os << "<"; break;
+case BinaryOp::GT: os << ">"; break;
+ }
+
[PATCH] D47920: Made loop_proto more "vectorizable"
emmettneyman created this revision.
emmettneyman added reviewers: kcc, vitalybuka, morehouse.
Herald added a subscriber: cfe-commits.
Edited loop_proto and its converter to make more "vectorizable" code
- Removed all while loops
- Can only index into array with induction variable
Repository:
rC Clang
https://reviews.llvm.org/D47920
Files:
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -7,10 +7,13 @@
//
//===--===//
//
-// Implements functions for converting between protobufs and C++. Extends
+// Implements functions for converting between protobufs and C++. Differs from
// proto_to_cxx.cpp by wrapping all the generated C++ code in a single for
// loop. Also coutputs a different function signature that includes a
-// size_t parameter for the loop to use.
+// size_t parameter for the loop to use. The C++ code generated is meant to
+// stress the LLVM loop vectorizer.
+//
+// Still a work in progress.
//
//===--===//
@@ -33,19 +36,7 @@
std::ostream &operator<<(std::ostream &os, const Const &x) {
return os << "(" << x.val() << ")";
}
-std::ostream &operator<<(std::ostream &os, const VarRef &x) {
- if (x.is_loop_var()) {
-return os << "a[loop_ctr]";
- } else {
-return os << "a[" << static_cast(x.varnum()) << " % s]";
- }
-}
-std::ostream &operator<<(std::ostream &os, const Lvalue &x) {
- return os << x.varref();
-}
std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
- if (x.has_varref())
-return os << x.varref();
if (x.has_cons())
return os << x.cons();
if (x.has_binop())
@@ -101,23 +92,18 @@
return os << x.right() << ")";
}
std::ostream &operator<<(std::ostream &os, const AssignmentStatement &x) {
- return os << x.lvalue() << "=" << x.rvalue();
+ return os << "a[i]=" << x.rvalue();
}
std::ostream &operator<<(std::ostream &os, const IfElse &x) {
return os << "if (" << x.cond() << "){\n"
<< x.if_body() << "} else { \n"
<< x.else_body() << "}\n";
}
-std::ostream &operator<<(std::ostream &os, const While &x) {
- return os << "while (" << x.cond() << "){\n" << x.body() << "}\n";
-}
std::ostream &operator<<(std::ostream &os, const Statement &x) {
if (x.has_assignment())
return os << x.assignment() << ";\n";
if (x.has_ifelse())
return os << x.ifelse();
- if (x.has_while_loop())
-return os << x.while_loop();
return os << "(void)0;\n";
}
std::ostream &operator<<(std::ostream &os, const StatementSeq &x) {
@@ -127,7 +113,7 @@
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
return os << "void foo(int *a, size_t s) {\n"
-<< "for (int loop_ctr = 0; loop_ctr < s; loop_ctr++){\n"
+<< "for (int i=0; i___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47964: Modified protobuf and converter to add new signature, remove conditionals.
emmettneyman created this revision.
emmettneyman added reviewers: kcc, morehouse, vitalybuka.
Herald added a subscriber: cfe-commits.
Cahnged the function signature and removed conditionals from loop body.
Repository:
rC Clang
https://reviews.llvm.org/D47964
Files:
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -36,11 +36,23 @@
std::ostream &operator<<(std::ostream &os, const Const &x) {
return os << "(" << x.val() << ")";
}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ switch (x.arr()) {
+case VarRef::ARR_A:
+ return os << "a[i]";
+case VarRef::ARR_B:
+ return os << "b[i]";
+case VarRef::ARR_C:
+ return os << "c[i]";
+ }
+}
std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
if (x.has_cons())
return os << x.cons();
if (x.has_binop())
return os << x.binop();
+ if (x.has_varref())
+return os << x.varref();
return os << "1";
}
std::ostream &operator<<(std::ostream &os, const BinaryOp &x) {
@@ -92,27 +104,24 @@
return os << x.right() << ")";
}
std::ostream &operator<<(std::ostream &os, const AssignmentStatement &x) {
- return os << "a[i]=" << x.rvalue();
+ return os << x.varref() << "=" << x.rvalue() << ";\n";
}
std::ostream &operator<<(std::ostream &os, const IfElse &x) {
return os << "if (" << x.cond() << "){\n"
<< x.if_body() << "} else { \n"
<< x.else_body() << "}\n";
}
std::ostream &operator<<(std::ostream &os, const Statement &x) {
- if (x.has_assignment())
-return os << x.assignment() << ";\n";
- if (x.has_ifelse())
-return os << x.ifelse();
- return os << "(void)0;\n";
+ return os << x.assignment();
}
std::ostream &operator<<(std::ostream &os, const StatementSeq &x) {
for (auto &st : x.statements())
os << st;
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "void foo(int *a, size_t s) {\n"
+ return os << "#include \"foo.h\"\n" // This line is just for testing
+<< "void foo(int *a, int *b, int *__restrict__ c, size_t s) {\n"
<< "for (int i=0; i___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47964: Modified protobuf and converter to add new signature, remove conditionals.
emmettneyman added a comment. @kcc suggested removing conditionals for now and adding them back later. include statement was for testing; I'll remove it and resubmit. Repository: rC Clang https://reviews.llvm.org/D47964 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D47964: Modified protobuf and converter to add new signature, remove conditionals.
emmettneyman updated this revision to Diff 150783.
emmettneyman added a comment.
- removed include statement meant for testing
Repository:
rC Clang
https://reviews.llvm.org/D47964
Files:
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
Index: tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
===
--- tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
+++ tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
@@ -36,11 +36,23 @@
std::ostream &operator<<(std::ostream &os, const Const &x) {
return os << "(" << x.val() << ")";
}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ switch (x.arr()) {
+case VarRef::ARR_A:
+ return os << "a[i]";
+case VarRef::ARR_B:
+ return os << "b[i]";
+case VarRef::ARR_C:
+ return os << "c[i]";
+ }
+}
std::ostream &operator<<(std::ostream &os, const Rvalue &x) {
if (x.has_cons())
return os << x.cons();
if (x.has_binop())
return os << x.binop();
+ if (x.has_varref())
+return os << x.varref();
return os << "1";
}
std::ostream &operator<<(std::ostream &os, const BinaryOp &x) {
@@ -92,27 +104,23 @@
return os << x.right() << ")";
}
std::ostream &operator<<(std::ostream &os, const AssignmentStatement &x) {
- return os << "a[i]=" << x.rvalue();
+ return os << x.varref() << "=" << x.rvalue() << ";\n";
}
std::ostream &operator<<(std::ostream &os, const IfElse &x) {
return os << "if (" << x.cond() << "){\n"
<< x.if_body() << "} else { \n"
<< x.else_body() << "}\n";
}
std::ostream &operator<<(std::ostream &os, const Statement &x) {
- if (x.has_assignment())
-return os << x.assignment() << ";\n";
- if (x.has_ifelse())
-return os << x.ifelse();
- return os << "(void)0;\n";
+ return os << x.assignment();
}
std::ostream &operator<<(std::ostream &os, const StatementSeq &x) {
for (auto &st : x.statements())
os << st;
return os;
}
std::ostream &operator<<(std::ostream &os, const LoopFunction &x) {
- return os << "void foo(int *a, size_t s) {\n"
+ return os << "void foo(int *a, int *b, int *__restrict__ c, size_t s) {\n"
<< "for (int i=0; i___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D48106: implemented proto to llvm
emmettneyman created this revision.
emmettneyman added reviewers: kcc, vitalybuka, morehouse.
Herald added subscribers: cfe-commits, mgorny.
implemented proto_to_llvm
- also removed div and mod to eliminate UB
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,174 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Counter variables to generate new LLVM IR variable names
+int ptr_ctr = 0;
+int val_ctr = 0;
+
+// Proto to LLVM.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "%pval_" << val_ctr << " = alloca i32\n"
+<< "store i32 " << x.val() << ", i32* %pval_" << val_ctr << "\n"
+<< "%val_" << val_ctr << " = load i32, i32* %pval_" << val_ctr
+<< "\n";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ ptr_ctr++;
+ switch (x.arr()) {
+ case VarRef::ARR_A:
+
[PATCH] D48106: implemented proto to llvm
emmettneyman updated this revision to Diff 151063.
emmettneyman added a comment.
- removed unneeded file
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-cxx/proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,174 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Counter variables to generate new LLVM IR variable names
+int ptr_ctr = 0;
+int val_ctr = 0;
+
+// Proto to LLVM.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "%pval_" << val_ctr << " = alloca i32\n"
+<< "store i32 " << x.val() << ", i32* %pval_" << val_ctr << "\n"
+<< "%val_" << val_ctr << " = load i32, i32* %pval_" << val_ctr
+<< "\n";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ ptr_ctr++;
+ switch (x.arr()) {
+ case VarRef::ARR_A:
+return os << "%p2i_" << ptr_ctr << " = ptrtoint i32* %a to i64\n"
+ << "%m_" << ptr_ctr << " = mul i64 8, %ct\n"
+ << "%i_" << ptr
[PATCH] D48106: implemented proto to llvm
emmettneyman updated this revision to Diff 151066.
emmettneyman added a comment.
- fixed proto_to_cxx.cpp
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,174 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls.
+std::ostream &operator<<(std::ostream &os, const BinaryOp &x);
+std::ostream &operator<<(std::ostream &os, const StatementSeq &x);
+
+// Counter variables to generate new LLVM IR variable names
+int ptr_ctr = 0;
+int val_ctr = 0;
+
+// Proto to LLVM.
+std::ostream &operator<<(std::ostream &os, const Const &x) {
+ return os << "%pval_" << val_ctr << " = alloca i32\n"
+<< "store i32 " << x.val() << ", i32* %pval_" << val_ctr << "\n"
+<< "%val_" << val_ctr << " = load i32, i32* %pval_" << val_ctr
+<< "\n";
+}
+std::ostream &operator<<(std::ostream &os, const VarRef &x) {
+ ptr_ctr++;
+ switch (x.arr()) {
+ case VarRef::ARR_A:
+return os << "%p2i_" << ptr_ctr << " = ptrtoint i32* %a to i64\n"
+ << "%m_" << ptr_ctr << " = mul i64 8, %ct\n"
+ << "%i_" << ptr_ctr << " = add i64 %p2i_" << ptr_ctr << ", %m_"
+
[PATCH] D48106: implemented proto to llvm
emmettneyman updated this revision to Diff 151239.
emmettneyman added a comment.
- refactored loop_proto_to_llvm.cpp
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,179 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls
+std::pair BinopToString(const BinaryOp &x);
+std::pair StateSeqToString(const StatementSeq &x);
+
+// Counter variable to generate new LLVM IR variable names and wrapper function
+int ctr = 0;
+std::string get_var() {
+ ctr++;
+ return "%var" + std::to_string(ctr);
+}
+
+// Proto to LLVM.
+
+std::pair ConstToString(const Const &x) {
+ std::string alloca_var = get_var();
+ std::string load_var = get_var();
+ std::string val = std::to_string(x.val());
+ std::string insns = alloca_var + " = alloca i32\n"
+ + "store i32 " + val + ", i32* " + alloca_var + "\n"
+ + load_var + " = load i32, i32* " + alloca_var + "\n";
+ return std::make_pair(insns, load_var);
+}
+std::pair VarRefToString(const VarRef &x) {
+ std::string arr;
+ switch(x.arr()) {
+ case VarRef::ARR_A:
+arr = "%a";
+break;
+ case VarRef::ARR_B:
[PATCH] D48106: implemented proto to llvm
emmettneyman added a comment. In https://reviews.llvm.org/D48106#1130581, @morehouse wrote: > Where is the fuzz target? I wanted to implement the proto_to_llvm converter before the fuzz target. Repository: rC Clang https://reviews.llvm.org/D48106 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D48106: implemented proto to llvm
emmettneyman updated this revision to Diff 151240.
emmettneyman added a comment.
- removed typo in emitted llvm insn
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,179 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls
+std::pair BinopToString(const BinaryOp &x);
+std::pair StateSeqToString(const StatementSeq &x);
+
+// Counter variable to generate new LLVM IR variable names and wrapper function
+int ctr = 0;
+std::string get_var() {
+ ctr++;
+ return "%var" + std::to_string(ctr);
+}
+
+// Proto to LLVM.
+
+std::pair ConstToString(const Const &x) {
+ std::string alloca_var = get_var();
+ std::string load_var = get_var();
+ std::string val = std::to_string(x.val());
+ std::string insns = alloca_var + " = alloca i32\n"
+ + "store i32 " + val + ", i32* " + alloca_var + "\n"
+ + load_var + " = load i32, i32* " + alloca_var + "\n";
+ return std::make_pair(insns, load_var);
+}
+std::pair VarRefToString(const VarRef &x) {
+ std::string arr;
+ switch(x.arr()) {
+ case VarRef::ARR_A:
+arr = "%a";
+break;
+ case VarRef::ARR_B:
[PATCH] D48106: implemented proto to llvm
emmettneyman updated this revision to Diff 151798.
emmettneyman added a comment.
Implemented HandleLLVM fuzz target
-HandleLLVM function compiles LLVM IR
-ExampleClangLLVMProtoFuzzer wraps the fuzz target
-Next step is to compile at different opt levels and run the executables
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/handle-llvm/CMakeLists.txt
tools/clang-fuzzer/handle-llvm/\
tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
tools/clang-fuzzer/handle-llvm/handle_llvm.h
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,159 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls
+std::string BinopToString(std::ostream &os, const BinaryOp &x);
+std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
+
+// Counter variable to generate new LLVM IR variable names and wrapper function
+std::string get_var() {
+ static int ctr = 0;
+ return "%var" + std::to_string(ctr++);
+}
+
+// Proto to LLVM.
+
+std::string ConstToString(const Const &x) {
+ return std::to_string(x.val());
+}
+std::string VarRefToString(std::ostream &os, const Va
[PATCH] D48106: implemented proto to llvm
emmettneyman updated this revision to Diff 151801.
emmettneyman added a comment.
- removed unnecessary includes and linked libs
Repository:
rC Clang
https://reviews.llvm.org/D48106
Files:
tools/clang-fuzzer/CMakeLists.txt
tools/clang-fuzzer/ExampleClangLLVMProtoFuzzer.cpp
tools/clang-fuzzer/cxx_loop_proto.proto
tools/clang-fuzzer/handle-llvm/CMakeLists.txt
tools/clang-fuzzer/handle-llvm/\
tools/clang-fuzzer/handle-llvm/handle_llvm.cpp
tools/clang-fuzzer/handle-llvm/handle_llvm.h
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx.cpp
tools/clang-fuzzer/proto-to-cxx/loop_proto_to_cxx_main.cpp
tools/clang-fuzzer/proto-to-llvm/CMakeLists.txt
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
===
--- tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm_main.cpp
@@ -1,32 +1,31 @@
-//==-- loop_proto_to_cxx_main.cpp - Driver for protobuf-C++ conversion -==//
+//==-- loop_proto_to_llvm_main.cpp - Driver for protobuf-LLVM conversion==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===--===//
//
-// Implements a simple driver to print a C++ program from a protobuf with loops.
+// Implements a simple driver to print a LLVM program from a protobuf with loops
//
//===--===//
-// This is a copy and will be updated later to introduce changes
#include
#include
#include
#include
-#include "proto_to_cxx.h"
+#include "loop_proto_to_llvm.h"
int main(int argc, char **argv) {
for (int i = 1; i < argc; i++) {
std::fstream in(argv[i]);
std::string str((std::istreambuf_iterator(in)),
std::istreambuf_iterator());
-std::cout << "// " << argv[i] << std::endl;
-std::cout << clang_fuzzer::LoopProtoToCxx(
+std::cout << ";; " << argv[i] << std::endl;
+std::cout << clang_fuzzer::LoopProtoToLLVM(
reinterpret_cast(str.data()), str.size());
}
}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.h
@@ -0,0 +1,23 @@
+//==-- loop_proto_to_llvm.h - Protobuf-C++ conversion ==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Defines functions for converting between protobufs and LLVM IR.
+//
+//===--===//
+
+#include
+#include
+#include
+
+namespace clang_fuzzer {
+class LoopFunction;
+
+std::string LoopFunctionToLLVMString(const LoopFunction &input);
+std::string LoopProtoToLLVM(const uint8_t *data, size_t size);
+}
Index: tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
===
--- /dev/null
+++ tools/clang-fuzzer/proto-to-llvm/loop_proto_to_llvm.cpp
@@ -0,0 +1,159 @@
+//==-- loop_proto_to_llvm.cpp - Protobuf-C++ conversion
+//-==//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===--===//
+//
+// Implements functions for converting between protobufs and LLVM IR.
+//
+//
+//===--===//
+
+#include "loop_proto_to_llvm.h"
+#include "cxx_loop_proto.pb.h"
+
+// The following is needed to convert protos in human-readable form
+#include
+
+#include
+#include
+
+namespace clang_fuzzer {
+
+// Forward decls
+std::string BinopToString(std::ostream &os, const BinaryOp &x);
+std::string StateSeqToString(std::ostream &os, const StatementSeq &x);
+
+// Counter variable to generate new LLVM IR variable names and wrapper function
+std::string get_var() {
+ static int ctr = 0;
+ return "%var" + std::to_string(ctr++);
+}
+
+// Proto to LLVM.
+
+std::string ConstToString(const Const &x) {
+ return std::to_string(x.val());
+}
+std::string VarRefToString(std::ostream &os, const VarRef &x) {
+ std::string arr;
+ switch(x.arr()) {
+ case VarRef::ARR_A:
+arr = "%a";
+break;
+ case VarRef::ARR_B:
+arr = "%b";
+break;
+
[PATCH] D48106: implemented proto to llvm
emmettneyman added inline comments. Comment at: tools/clang-fuzzer/handle-llvm/CMakeLists.txt:5 + handle_llvm.cpp + ) morehouse wrote: > There's fewer libraries linked here than in `handle-cxx/` (not saying this is > wrong, but it could be). Do you get link errors if you build > `clang-llvm-proto-fuzzer` with shared libraries? It builds without any errors both with all the libraries from `handle-cxx/` linked in and without any of the libraries linked in (as I have here). Which is preferred? Repository: rC Clang https://reviews.llvm.org/D48106 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D48106: implemented proto to llvm
emmettneyman added inline comments. Comment at: tools/clang-fuzzer/handle-llvm/\:62 + initializeScavengerTestPass(*Registry); + +} morehouse wrote: > Does this initialization need to happen every time the fuzzer generates a new > input, or can we call this from `LLVMFuzzerInitialize()` instead? I was following the pattern from `handle_cxx.cpp` in which the initialization calls were made every time a new input was generated. However looking at the documentation and at `llvm-isel-fuzzer.cpp`, it seems like putting it in `LLVMFuzzerInitialize()` makes more sense. I will make this change in the next commit. Repository: rC Clang https://reviews.llvm.org/D48106 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D48106: implemented proto to llvm
emmettneyman added inline comments. Comment at: tools/clang-fuzzer/handle-llvm/\:113 + + legacy::PassManager PM; + TargetLibraryInfoImpl TLII(Triple(M->getTargetTriple())); morehouse wrote: > Any reason not to use the newer PassManager? Clang (`llc`) and the `llvm-isel-fuzzer` both still use the legacy PassManager. The newer PassManager has a new interface that doesn't use `Module`s. Repository: rC Clang https://reviews.llvm.org/D48106 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
