summaryrefslogtreecommitdiffstats
path: root/llvm/lib/FuzzMutate
Commit message (Collapse)AuthorAgeFilesLines
* Remove trailing spaceFangrui Song2018-07-301-3/+3
| | | | | | sed -Ei 's/[[:space:]]+$//' include/**/*.{def,h,td} lib/**/*.{cpp,h} llvm-svn: 338293
* [llvm-opt-fuzzer] Add irce to the fuzzing optionsIgor Laevsky2018-03-201-0/+2
| | | | llvm-svn: 327969
* [llvm-opt-fuzzer] Add another pack of passes for continuous fuzzingIgor Laevsky2018-02-191-5/+25
| | | | | | Differential Revision: https://reviews.llvm.org/D43384 llvm-svn: 325487
* Pass a reference to a module to the bitcode writer.Rafael Espindola2018-02-141-1/+1
| | | | | | | This simplifies most callers as they are already using references or std::unique_ptr. llvm-svn: 325155
* [llvm-opt-fuzzer] Avoid adding incorrect inputs to the fuzzer corpusIgor Laevsky2018-02-051-0/+10
| | | | | | Differential Revision: https://reviews.llvm.org/D42414 llvm-svn: 324225
* [FuzzMutate] Inst deleter doesn't work with PhiNodesIgor Laevsky2018-01-251-4/+9
| | | | | | Differential Revision: https://reviews.llvm.org/D42412 llvm-svn: 323409
* [llvm-opt-fuzzer] Add couple of popular passesIgor Laevsky2018-01-241-0/+8
| | | | | | Differential Revision: https://reviews.llvm.org/D42410 llvm-svn: 323314
* [FuzzMutate] Don't crash when mutator is unable to find operationIgor Laevsky2017-12-191-6/+13
| | | | | | Differential Revision: https://reviews.llvm.org/D41009 llvm-svn: 321062
* Remove redundant includes from various places.Michael Zolotukhin2017-12-131-1/+0
| | | | llvm-svn: 320629
* [FuzzMutate] Only generate loads and stores to the first class sized typesIgor Laevsky2017-12-131-1/+7
| | | | | | Differential Revision: https://reviews.llvm.org/D41109 llvm-svn: 320573
* [FuzzMutate] Correctly split landingpad blocksIgor Laevsky2017-12-131-2/+7
| | | | | | Differential Revision: https://reviews.llvm.org/D41112 llvm-svn: 320571
* [FuzzMutate] Correctly insert sinks and sources around invoke instructionsIgor Laevsky2017-12-081-1/+8
| | | | | | Differential Revision: https://reviews.llvm.org/D40840 llvm-svn: 320136
* [FuzzMutate] Allow only sized pointers for the GEP instructionIgor Laevsky2017-12-071-1/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D40837 llvm-svn: 320032
* [FuzzMutate] Bailout from injecting into empty basic blocks.Igor Laevsky2017-11-301-0/+2
| | | | | | | | | | In rare cases we can receive request to inject into completelly empty basic block. In the normal case all basic blocks contain at least terminator instruction, but it is possible that the only instruction is catchpad instruction which is not part of the instruction iterator. This case seems rare enough to not care about it. Submiting without review, since it seems almost NFC. I couldn't come up with any reasonable way to test this. llvm-svn: 319444
* [FuzzMutate] Correctly handle vector types in the insertvalue operationIgor Laevsky2017-11-301-4/+6
| | | | | | Differential Revision: https://reviews.llvm.org/D40397 llvm-svn: 319442
* [FuzzMutate] Don't use index operands as sinksIgor Laevsky2017-11-301-2/+3
| | | | | | Differential Revision: https://reviews.llvm.org/D40396 llvm-svn: 319441
* [FuzzMutate] Pick correct index for the insertvalue instructionIgor Laevsky2017-11-301-3/+3
| | | | | | Differential Revision: https://reviews.llvm.org/D40395 llvm-svn: 319440
* [FuzzMutate] Don't create load as a new source if it doesn't match with the ↵Igor Laevsky2017-11-301-11/+14
| | | | | | | | descriptor Differential Revision: https://reviews.llvm.org/D40394 llvm-svn: 319439
* [FuzzMutate] Don't crash when we can't remove instruction from empty functionIgor Laevsky2017-11-301-1/+3
| | | | | | Differential Revision: https://reviews.llvm.org/D40393 llvm-svn: 319438
* [FuzzMutate] Fix windows build after rL318407.Igor Laevsky2017-11-161-1/+1
| | | | | | Add correct library dependence. llvm-svn: 318409
* [FuzzMutate] NFC. Move parseModule and writeModule from llvm-isel-fuzzer ↵Igor Laevsky2017-11-161-0/+36
| | | | | | | | into FuzzMutate. This is to be able to reuse them in the llvm-opt-fuzzer. llvm-svn: 318407
* [llvm-opt-fuzzer] Introduce llvm-opt-fuzzer for fuzzing optimization passesIgor Laevsky2017-11-101-0/+34
| | | | | | | | | This change adds generic fuzzing tools capable of running libFuzzer tests on any optimization pass or combination of them. Differential Revision: https://reviews.llvm.org/D39555 llvm-svn: 317883
* FuzzMutate: Fix arch parsing in FuzzerCLIJustin Bogner2017-10-171-1/+1
| | | | | | | | The right way to parse arch names is by creating a triple. This was using getArchTypeForLLVMName before, which doesn't really do the right thing here. llvm-svn: 315965
* [llvm-isel-fuzzer] Use "--" as separator rather than '='.Matt Morehouse2017-10-131-1/+1
| | | | | | | | | | | | | | Summary: OSS-Fuzz doesn't support '=' in filenames. Reviewers: bogner, kcc Reviewed By: kcc Subscribers: javed.absar, hiraditya, llvm-commits Differential Revision: https://reviews.llvm.org/D38866 llvm-svn: 315647
* Re-commit "llvm-isel-fuzzer: Handle a subset of backend flags in the exec name"Justin Bogner2017-10-121-1/+37
| | | | | | | | | | | | | | | | | | Here we add a secondary option parser to llvm-isel-fuzzer (and provide it for use with other fuzzers). With this, you can copy the fuzzer to a name like llvm-isel-fuzzer=aarch64-gisel for a fuzzer that fuzzer AArch64 with GlobalISel enabled, or fuzzer=x86_64 to fuzz x86, with no flags required. This should be useful for running these in OSS-Fuzz. Note that this handrolls a subset of cl::opts to recognize, rather than embedding a complete command parser for argv[0]. If we find we really need the flexibility of handling arbitrary options at some point we can rethink this. This re-applies 315545 using "=" instead of ":" as a separator for arguments. llvm-svn: 315557
* Revert r315545 "llvm-isel-fuzzer: Handle a subset of backend flags in the ↵Hans Wennborg2017-10-121-37/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | executable name" It broke some tests on Windows: Failing Tests (4): LLVM :: tools/llvm-isel-fuzzer/execname-options.ll LLVM :: tools/llvm-isel-fuzzer/missing-triple.ll LLVM :: tools/llvm-isel-fuzzer/x86-empty-bc.ll LLVM :: tools/llvm-isel-fuzzer/x86-empty.ll > llvm-isel-fuzzer: Handle a subset of backend flags in the executable name > > Here we add a secondary option parser to llvm-isel-fuzzer (and provide > it for use with other fuzzers). With this, you can copy the fuzzer to > a name like llvm-isel-fuzzer:aarch64-gisel for a fuzzer that fuzzer > AArch64 with GlobalISel enabled, or fuzzer:x86_64 to fuzz x86, with no > flags required. This should be useful for running these in OSS-Fuzz. > > Note that this handrolls a subset of cl::opts to recognize, rather > than embedding a complete command parser for argv[0]. If we find we > really need the flexibility of handling arbitrary options at some > point we can rethink this. llvm-svn: 315554
* llvm-isel-fuzzer: Handle a subset of backend flags in the executable nameJustin Bogner2017-10-121-1/+37
| | | | | | | | | | | | | | | Here we add a secondary option parser to llvm-isel-fuzzer (and provide it for use with other fuzzers). With this, you can copy the fuzzer to a name like llvm-isel-fuzzer:aarch64-gisel for a fuzzer that fuzzer AArch64 with GlobalISel enabled, or fuzzer:x86_64 to fuzz x86, with no flags required. This should be useful for running these in OSS-Fuzz. Note that this handrolls a subset of cl::opts to recognize, rather than embedding a complete command parser for argv[0]. If we find we really need the flexibility of handling arbitrary options at some point we can rethink this. llvm-svn: 315545
* Move some CLI utils out of llvm-isel-fuzzer and into the libraryJustin Bogner2017-09-022-0/+64
| | | | | | | | FuzzMutate might not be the best place for these, but it makes more sense than an entirely new library for now. This will make setting up fuzz targets with consistent CLI handling easier. llvm-svn: 312425
* Re-apply "Introduce FuzzMutate library"Justin Bogner2017-08-216-0/+707
| | | | | | | | | | | | | | Same as r311392 with some fixes for library dependencies. Thanks to Chapuni for helping work those out! Original commit message: This introduces the FuzzMutate library, which provides structured fuzzing for LLVM IR, as described in my EuroLLVM 2017 talk. Most of the basic mutators to inject and delete IR are provided, with support for most basic operations. llvm-svn: 311402
* Revert "Re-apply "Introduce FuzzMutate library""Justin Bogner2017-08-216-707/+0
| | | | | | | | | | | The dependencies for the new library seem to be misconfigured on some linux configs: http://bb.pgr.jp/builders/llvm-i686-linux-RA/builds/5435/steps/build_all/logs/stdio This reverts r311392. llvm-svn: 311393
* Re-apply "Introduce FuzzMutate library"Justin Bogner2017-08-216-0/+707
| | | | | | | | | | | | | | | Redo r311356 with a fix to avoid std::uniform_int_distribution<bool>. The bool specialization is undefined according to the standard, even though libc++ seems to have it. Original commit message: This introduces the FuzzMutate library, which provides structured fuzzing for LLVM IR, as described in my [EuroLLVM 2017 talk][1]. Most of the basic mutators to inject and delete IR are provided, with support for most basic operations. llvm-svn: 311392
* Revert "Introduce FuzzMutate library"Justin Bogner2017-08-216-707/+0
| | | | | | | | Looks like this fails to build with libstdc++. This reverts r311356 llvm-svn: 311358
* Introduce FuzzMutate libraryJustin Bogner2017-08-216-0/+707
This introduces the FuzzMutate library, which provides structured fuzzing for LLVM IR, as described in my [EuroLLVM 2017 talk][1]. Most of the basic mutators to inject and delete IR are provided, with support for most basic operations. I will follow up with the instruction selection fuzzer, which is implemented in terms of this library. [1]: http://llvm.org/devmtg/2017-03//2017/02/20/accepted-sessions.html#2 llvm-svn: 311356
OpenPOWER on IntegriCloud