summaryrefslogtreecommitdiffstats
path: root/compiler-rt/test/fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] relax a flaky testKostya Serebryany2019-01-311-1/+0
| | | | llvm-svn: 352778
* [libFuzzer] Update Darwin testJulian Lettner2019-01-311-13/+3
| | | | | | | | | | | Support for -fsanitize-coverage=trace-pc[-guard] was removed from libFuzzer, which makes this currently fail. This commit aligns this Darwin-specific test with its Linux counterpart which changed in this commit: https://github.com/llvm/llvm-project/commit/3a94519a777b9ac407a1d5ff5c31ec48b3768eec llvm-svn: 352721
* [libFuzzer] set libFuzzer's own SEGV handler even one is already present, ↵Kostya Serebryany2019-01-311-0/+1
| | | | | | but call that handler from ours (unless we are unprotecting lazy counters). Call ProtectLazyCounters later, so that it runs after the initialization code in the target. llvm-svn: 352713
* [libFuzzer] Set default sanitizer options in fuzzer testsJulian Lettner2019-01-315-5/+12
| | | | | | | | | | | | | | | | | | | | | Summary: Set default `ASAN_OPTIONS` when running libFuzzer tests. This allows us to remove special casing in code for Darwin where we usually pass `abort_on_error=0` to override platform defaults for tests. A previous commit changed the code to make the tests pass: https://github.com/llvm/llvm-project/commit/7764a04af007eca68eafcf5caaea560ed05e35a9 Adapted a few tests to use `%env_asan_opts=` instead of directly setting the environment variable. rdar://problem/47515276 Reviewers: kcc, george.karpenkov Differential Revision: https://reviews.llvm.org/D57465 llvm-svn: 352711
* [libFuzzer] experimental performance optimization -lazy_counters, off by ↵Kostya Serebryany2019-01-311-0/+4
| | | | | | default. Posix-only for now, tested on Linux llvm-svn: 352700
* [libFuzzer] refactor the handling of instrumentation counters so that they ↵Kostya Serebryany2019-01-301-0/+2
| | | | | | are grouped in regions one full page each. Needed for future optimization. NFC llvm-svn: 352603
* [libFuzzer] update a test Kostya Serebryany2019-01-301-8/+0
| | | | llvm-svn: 352577
* [libFuzzer] remove deprecated support for -fsanitize-coverage=trace-pc[-guard]Kostya Serebryany2019-01-293-25/+4
| | | | llvm-svn: 352564
* Add 'REQUIRES: zlib' to a fuzzer testJeremy Morse2019-01-291-0/+1
| | | | | | Fixes tests on build environments that don't have zlib. See also r352483. llvm-svn: 352487
* [fuzzer][afl] Remove AFL_DRIVER_EXTRA_STATS_FILENAMEJonathan Metzman2019-01-281-33/+0
| | | | | | | | | | | | | | Summary: Remove this feature as it is unused, buggy, and not worth correcting since the forkserver makes it difficult. Reviewers: morehouse, jfb Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D57308 llvm-svn: 352392
* [libFuzzer] add CompressedTest.cpp, a real-life-ish test for a custom mutatorKostya Serebryany2019-01-262-0/+67
| | | | llvm-svn: 352265
* [libFuzzer] print uncovered functions when doing -print_coverage=1Kostya Serebryany2019-01-261-0/+1
| | | | llvm-svn: 352263
* [libFuzzer] more agressive value profiling and CMP tracing for switch statementsKostya Serebryany2019-01-242-0/+26
| | | | llvm-svn: 352107
* [fuzzer] Fix test checks broken after license header updateVitaly Buka2019-01-218-8/+8
| | | | llvm-svn: 351717
* Update the file headers across all of the LLVM projects in the monorepoChandler Carruth2019-01-1989-178/+267
| | | | | | | | | | | | | | | | | to reflect the new license. We understand that people may be surprised that we're moving the header entirely to discuss the new license. We checked this carefully with the Foundation's lawyer and we believe this is the correct approach. Essentially, all code in the project is now made available by the LLVM project under our new license, so you will see that the license headers include that license only. Some of our contributors have contributed code under our old license, and accordingly, we have retained a copy of our old license notice in the top-level files in each project and repository. llvm-svn: 351636
* [libFuzzer] Remove unstable edge handlingJonathan Metzman2019-01-153-136/+0
| | | | | | | | | | Summary: Remove code for handling unstable edges from libFuzzer since it has not been found useful. Differential Revision: https://reviews.llvm.org/D56730 llvm-svn: 351262
* [compiler-rt] fuzzer-alignment-assumption.test: fixup the expected column numberRoman Lebedev2019-01-151-1/+1
| | | | llvm-svn: 351181
* [compiler-rt][UBSan] Sanitization for alignment assumptions.Roman Lebedev2019-01-152-0/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: This is the compiler-rt part. The clang part is D54589. This is a second commit, the original one was r351106, which was mass-reverted in r351159 because 2 compiler-rt tests were failing. Now, i have fundamentally changed the testing approach: i malloc a few bytes, intentionally mis-align the pointer (increment it by one), and check that. Also, i have decreased the expected alignment. This hopefully should be enough to pacify all the bots. If not, i guess i might just drop the two 'bad' tests. Reviewers: filcab, vsk, #sanitizers, vitalybuka, rsmith, morehouse Reviewed By: morehouse Subscribers: rjmccall, krytarowski, rsmith, kcc, srhines, kubamracek, dberris, llvm-commits Tags: #sanitizers Differential Revision: https://reviews.llvm.org/D54590 llvm-svn: 351178
* Revert alignment assumptions changesVlad Tsyrklevich2019-01-152-34/+0
| | | | | | | Revert r351104-6, r351109, r351110, r351119, r351134, and r351153. These changes fail on the sanitizer bots. llvm-svn: 351159
* [compiler-rt][UBSan] Sanitization for alignment assumptions.Roman Lebedev2019-01-142-0/+34
| | | | | | | | | | | | | | | | | | Summary: This is the compiler-rt part. The clang part is D54589. Reviewers: filcab, vsk, #sanitizers, vitalybuka, rsmith, morehouse Reviewed By: morehouse Subscribers: rjmccall, krytarowski, rsmith, kcc, srhines, kubamracek, dberris, llvm-commits Tags: #sanitizers Differential Revision: https://reviews.llvm.org/D54590 llvm-svn: 351106
* [fuzzer] Read files as binaryJonathan Metzman2018-11-062-0/+25
| | | | | | | | | | | | Summary: Read corpus files as binary to avoid automatic conversions Reviewers: Dor1s, morehouse Reviewed By: Dor1s, morehouse Differential Revision: https://reviews.llvm.org/D54180 llvm-svn: 346279
* [libFuzzer] Disable value-profile-cmp.test and fuzzer-oom.test on ARM64George Karpenkov2018-11-063-4/+3
| | | | | | | | | | value-profile-cmp was always flaky, and OOM fails to work in some environments. counters.test fails when vectorization is enabled, and it is more likely to kick in when compiling for ARM. Differential Revision: https://reviews.llvm.org/D54004 llvm-svn: 346193
* [NFC][compiler-rt] Cleanup Implicit Conversion Sanitizer tests to use sized ↵Roman Lebedev2018-10-306-9/+9
| | | | | | | | | | | | | | | | | | types Summary: As requested by @filcab in https://reviews.llvm.org/D50251#1280267 Reviewers: filcab, vsk, #sanitizers, vitalybuka Reviewed By: filcab, #sanitizers, vitalybuka Subscribers: vitalybuka, kubamracek, dberris, llvm-commits, filcab Tags: #sanitizers Differential Revision: https://reviews.llvm.org/D53869 llvm-svn: 345661
* [compiler-rt][ubsan] Implicit Conversion Sanitizer - integer sign change - ↵Roman Lebedev2018-10-304-0/+64
| | | | | | | | | | | | | | | | | | | | | | compiler-rt part Summary: This is a compiler-rt part. The clang part is D50250. See [[ https://bugs.llvm.org/show_bug.cgi?id=21530 | PR21530 ]], https://github.com/google/sanitizers/issues/940. Reviewers: vsk, filcab, #sanitizers Reviewed By: filcab, #sanitizers Subscribers: mclow.lists, srhines, kubamracek, dberris, rjmccall, rsmith, llvm-commits, regehr Tags: #sanitizers Differential Revision: https://reviews.llvm.org/D50251 llvm-svn: 345659
* [SanitizerCoverage] Prevent /OPT:REF from stripping constructorsJonathan Metzman2018-10-121-0/+9
| | | | | | | | | | | | | | | | | | | | | Summary: Linking with the /OPT:REF linker flag when building COFF files causes the linker to strip SanitizerCoverage's constructors. Prevent this by giving the constructors WeakODR linkage and by passing the linker a directive to include sancov.module_ctor. Include a test in compiler-rt to verify libFuzzer can be linked using /OPT:REF Reviewers: morehouse, rnk Reviewed By: morehouse, rnk Subscribers: rnk, morehouse, hiraditya Differential Revision: https://reviews.llvm.org/D52119 llvm-svn: 344391
* [libFuzzer] Add test for SanitizerCoverage working on Mac even with ↵Max Moroz2018-10-121-0/+23
| | | | | | | | | | | | | | | | | | | -Wl,-dead_strip. Summary: The corresponding asncov change: https://reviews.llvm.org/D53113. Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=892167 Reviewers: morehouse, kcc, george.karpenkov Reviewed By: morehouse, george.karpenkov Subscribers: delcypher, #sanitizers, llvm-commits Differential Revision: https://reviews.llvm.org/D53114 llvm-svn: 344346
* [compiler-rt][ubsan] Split Implicit Integer Truncation Sanitizer into ↵Roman Lebedev2018-10-115-5/+37
| | | | | | | | | | | | | | | | unsigned and signed checks Summary: This is compiler-rt part. clang part is D50901. Reviewers: rsmith, vsk, filcab, Sanitizers Reviewed by: filcab Differential Revision: https://reviews.llvm.org/D50902 llvm-svn: 344231
* [libFuzzer] Disable value profiling tests on ARMGeorge Karpenkov2018-10-107-2/+7
| | | | | | | | | Some seem fragile, some fail, and some just take a really long time to run. It does not seem to make sense to support some subset of value profiling tests. Differential Revision: https://reviews.llvm.org/D53047 llvm-svn: 344105
* [libFuzzer] Generalize the code for getting the previous offset for ↵George Karpenkov2018-10-103-3/+3
| | | | | | | | | | | | | different architectures Without this change, tests in coverage.test and dump_coverage.test are failing on non-x86_64 platforms. The diff is copied from sanitizer_common library, an alternative would be to link it together with libFuzzer. Differential Revision: https://reviews.llvm.org/D53040 llvm-svn: 344104
* Reflect the current reality and disable lsan tests on NetBSDKamil Rytarowski2018-10-091-0/+1
| | | | | | LSan/NetBSD is still in development (Stop-The-World routine missed). llvm-svn: 344035
* [libfuzzer] Fix a test's run lineJeremy Morse2018-09-211-0/+1
| | | | | | | | | | r342698 removed the 'UNSUPPORTED: windows' flags from a number of fuzzer tests, however too many lines were removed from 'fuzzer-flags.test', including the run-line that generates the test binary, which breaks that test for me (and the clang-x64-ninja-win7 buildbot). This patch just re-adds that line. llvm-svn: 342720
* [fuzzer] Replace FuzzerExtFunctionsDlsymWin.cpp with ↵Jonathan Metzman2018-09-206-13/+0
| | | | | | | | | | | | | | | | | | | | | FuzzerExtFunctionsWeakAlias.cpp Summary: Replace FuzzerExtFunctionsDlsymWin.cpp with FuzzerExtFunctionsWeakAlias.cpp to get externally defined functions (eg: LLVMFuzzerInitialize, LLVMFuzzerCustomMutator, etc) working again. Also enable tests that depended on these functions (on windows) Reviewers: rnk, morehouse Reviewed By: rnk, morehouse Subscribers: rnk, morehouse, mgorny Differential Revision: https://reviews.llvm.org/D51700 llvm-svn: 342698
* [libFuzzer] Disable value-profile-strncmp.test on aarch64.Matt Morehouse2018-09-141-1/+1
| | | | | | | Test no longer finds the BINGO on clang-cmake-aarch64-full bot, and I can't reproduce on our ARM machine. llvm-svn: 342255
* [libfuzzer] Enable trace-malloc-unballanced.test on Windows.Jonathan Metzman2018-09-071-5/+7
| | | | | | | | | | | | | | | | | Summary: Enables trace-malloc-unbalanced.test on Windows, fixing two problems it had with Windows before. The first fix is specifying python instead of relying on a script's shebang since they can't be used on Windows. The second fix is making the regex tolerate windows' implementation of the "%p" format string. Reviewers: Dor1s Reviewed By: Dor1s Subscribers: morehouse Differential Revision: https://reviews.llvm.org/D51760 llvm-svn: 341632
* [libfuzzer] Use cl driver mode for tests and enable another test on WindowsJonathan Metzman2018-09-072-7/+11
| | | | | | | | | | | | | | | | | | | Summary: When targeting MSVC: compile using clang's cl driver mode (this is needed for libfuzzer's exit_on_src_pos feature). Don't use -lstdc++ when linking, it isn't needed and causes a warning. On Windows: Fix exit_on_src_pos.test by making sure debug info isn't overwritten during compilation of second binary by using .exe extension. Reviewers: morehouse Reviewed By: morehouse Subscribers: aprantl, JDevlieghere Differential Revision: https://reviews.llvm.org/D51757 llvm-svn: 341622
* [libfuzzer] Correct typo in comment (test commit).Jonathan Metzman2018-09-061-1/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D51739 llvm-svn: 341569
* [libfuzzer] Fix fuzzer-oom.test on windows and reenable it.Max Moroz2018-09-061-10/+13
| | | | | | | | | | | | | | Summary: Patch by Jonathan Metzman (@metzman). Reviewers: Dor1s, morehouse Reviewed By: Dor1s Subscribers: delcypher, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D51735 llvm-svn: 341562
* [libfuzzer] Temporarily disable unittests failing on Windows.Max Moroz2018-09-064-1/+4
| | | | | | | | | | | | | | | | Summary: Patch by Jonathan Metzman (@metzman). Reviewers: morehouse, Dor1s Reviewed By: Dor1s Subscribers: kcc, delcypher, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D51712 llvm-svn: 341514
* [libfuzzer] Replace memmem with strstr.Matt Morehouse2018-09-052-4/+3
| | | | | | | | | | | | | | | | Summary: Memmem is not available on Windows. Patch By: metzman Reviewers: morehouse Reviewed By: morehouse Subscribers: george.karpenkov, morehouse Differential Revision: https://reviews.llvm.org/D51692 llvm-svn: 341495
* Enable symbolize-deadlock.test on WindowsMax Moroz2018-09-052-3/+0
| | | | | | | | | | | | | | | | | | | Summary: Remove unneeded #include of <unistd.h> from SymbolizeDeadlock.cpp to enable compilation on Windows and enable symbolize-deadlock.test on Windows. Patch by Jonathan Metzman (@metzman). Reviewers: Dor1s Reviewed By: Dor1s Subscribers: kcc, delcypher, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D51685 llvm-svn: 341473
* [libFuzzer] Enable tests on WindowsMatt Morehouse2018-09-0427-24/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: Enable tests on Windows and make check-fuzzer pass on it. Make check-fuzzer pass on Windows by fixing libFuzzer, fixing tests, and by disabling tests on Windows. Most of these are disabled temporarily as support for the tests and the features they test will be added incrementally. Other tests will not be enabled since they require things that are not on Windows (eg: afl_driver tests). Every test that was explicitly disabled on Windows has a comment explaining why (unless obvious like merge-posix.test). The lit.cfg file was modified to support running tests on windows. fuzzer-dirs.test was fixed by making the Windows implementation print the same error message as the posix version. merge-control-file.test was fixed by making the test binary end with the ".exe" extension (on all platforms). Patch By: metzman Reviewers: morehouse Reviewed By: morehouse Subscribers: srhines, mgorny Differential Revision: https://reviews.llvm.org/D51549 llvm-svn: 341385
* [libFuzzer] Remove mutation stats and weighted mutation selection.Max Moroz2018-08-291-10/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: This was an experimental feature. After evaluating it with: 1) https://github.com/google/fuzzer-test-suite/tree/master/engine-comparison 2) enabling on real world fuzz targets running at ClusterFuzz and OSS-Fuzz The following conclusions were made: 1) With fuzz targets that have reached a code coverage plateau, the feature does not improve libFuzzer's ability to discover new coverage and may actually negatively impact it. 2) With fuzz targets that have not yet reached a code coverage plateau, the feature might speed up new units discovery in some cases, but it is quite rare and hard to confirm with a high level on confidence. Revert of https://reviews.llvm.org/D48054 and https://reviews.llvm.org/D49621. Reviewers: metzman, morehouse Reviewed By: metzman, morehouse Subscribers: delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D51455 llvm-svn: 340976
* [NFC] Some small test updates for Implicit Conversion sanitizer.Roman Lebedev2018-08-171-1/+1
| | | | | | Split off from D50251. llvm-svn: 339996
* [SanitizerCoverage] Add associated metadata to PC guards.Matt Morehouse2018-08-141-1/+6
| | | | | | | | | | | | | | | | | | | | | | | Summary: Without this metadata LLD strips unused PC table entries but won't strip unused guards. This metadata also seems to influence the linker to change the ordering in the PC guard section to match that of the PC table section. The libFuzzer runtime library depends on the ordering of the PC table and PC guard sections being the same. This is not generally guaranteed, so we may need to redesign PC tables/guards/counters in the future. Reviewers: eugenis Reviewed By: eugenis Subscribers: kcc, hiraditya, llvm-commits Differential Revision: https://reviews.llvm.org/D50483 llvm-svn: 339733
* [libFuzzer] Increase the iteration limit in shrink.testGeorge Karpenkov2018-08-091-1/+1
| | | | | | | | | | | | | | After https://reviews.llvm.org/D48800, shrink.test started failing on x86_64h architecture. Looking into this, the optimization pass is too eager to unroll the loop on x86_64h, possibly leading to worse coverage data. Alternative solutions include not unrolling the loop when fuzzing, or disabling this test on that architecture. Differential Revision: https://reviews.llvm.org/D50484 llvm-svn: 339303
* [libFuzzer] Disable print_unstable_stats.test for aarch64.Max Moroz2018-08-071-1/+3
| | | | | | | | | | | | | | | | Summary: Follow-up for https://reviews.llvm.org/D50264. Reported by testbots: http://lab.llvm.org:8011/builders/clang-cmake-aarch64-full/builds/5592 Reviewers: morehouse, kevinwkt, metzman, javed.absar, Dor1s Reviewed By: Dor1s Subscribers: kristof.beyls, delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D50386 llvm-svn: 339143
* [libFuzzer] Add unstable function printing to print_unstable_stats flagMax Moroz2018-08-063-10/+28
| | | | | | | | | | | | | | | | | | | Summary: There may be cases in which a user wants to know which part of their code is unstable. We use ObservedFuncs and UnstableCounters to print at exit which of the ObservedFunctions are unstable under the -print_unstable_stats flag. Patch by Kyungtak Woo (@kevinwkt). Reviewers: Dor1s, metzman, morehouse Reviewed By: Dor1s, metzman, morehouse Subscribers: delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D50264 llvm-svn: 339081
* [libFuzzer] Initial implementation of weighted mutation leveraging during ↵Max Moroz2018-08-021-2/+7
| | | | | | | | | | | | | | | | | | | | | runtime. Summary: Added functions that calculate stats while fuzz targets are running and give mutations weight based on how much new coverage they provide, and choose better performing mutations more often. Patch by Kodé Williams (@kodewilliams). Reviewers: Dor1s, metzman, morehouse Reviewed By: Dor1s, morehouse Subscribers: delcypher, kcc, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D49621 llvm-svn: 338776
* [libFuzzer] use absolute distance in addition to the hamming distance in ↵Kostya Serebryany2018-08-021-1/+1
| | | | | | value profiling; our A/B testing have (somewhat weak) indication that this provides an additional signal for corpus expansion llvm-svn: 338661
* [compiler-rt][ubsan] Implicit Conversion Sanitizer - integer truncation - ↵Roman Lebedev2018-07-302-0/+32
| | | | | | | | | | | | | | | | | | | | | | compiler-rt part Summary: This is a compiler-rt part. The clang part is D48958. See [[ https://bugs.llvm.org/show_bug.cgi?id=21530 | PR21530 ]], https://github.com/google/sanitizers/issues/940. Reviewers: #sanitizers, samsonov, vsk, rsmith, pcc, eugenis, kcc, filcab Reviewed By: #sanitizers, vsk, filcab Subscribers: llvm-commits, eugenis, filcab, kubamracek, dberris, #sanitizers, regehr Tags: #sanitizers Differential Revision: https://reviews.llvm.org/D48959 llvm-svn: 338287
OpenPOWER on IntegriCloud