summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer/CMakeLists.txt
Commit message (Collapse)AuthorAgeFilesLines
* Moving libFuzzer from LLVM to compiler-rt.George Karpenkov2017-08-211-99/+0
| | | | | | | | | This change only removes libFuzzer tests and CMake machinery, the source copy temporarily remains at the old location. Differential Revision: https://reviews.llvm.org/D36980 llvm-svn: 311405
* Always compile libFuzzer with no coverageGeorge Karpenkov2017-08-211-2/+2
| | | | | | | | Do not compile libFuzzer itself with coverage, regardless of LLVM variables Differential Revision: https://reviews.llvm.org/D36887 llvm-svn: 311374
* [CMake] Add install target for LLVMFuzzerPetr Hosek2017-08-141-0/+21
| | | | | | | | This allows including LLVMFuzzer as distribution component. Differential Revision: https://reviews.llvm.org/D36540 llvm-svn: 310897
* [libFuzzer] experimental support for Clang's coverage ↵Kostya Serebryany2017-08-111-0/+1
| | | | | | (fprofile-instr-generate), Linux-only llvm-svn: 310771
* Do not instrument libFuzzer itself when built with -DLLVM_USE_SANITIZE_COVERAGEGeorge Karpenkov2017-08-071-0/+5
| | | | | | | | Fixes regression from https://reviews.llvm.org/D36295 Differential Revision: https://reviews.llvm.org/D36428 llvm-svn: 310305
* [libFuzzer tests] Only enable libFuzzer tests ifGeorge Karpenkov2017-08-041-1/+2
| | | | | | -DLIBFUZZER_ENABLE_TESTS=ON is set. llvm-svn: 310100
* Port libFuzzer tests to LIT. Do not require two-stage build for check-fuzzer.George Karpenkov2017-08-041-13/+8
| | | | | | | | | | | | | | | | | | | | | This revision ports all libFuzzer tests apart from the unittest to LIT. The advantages of doing so include: - Tests being self-contained - Much easier debugging of a single test - No need for using a two-stage compilation The unit-test is still compiled using CMake, but it does not need a freshly built compiler. NOTE: The previous two-stage bot configuration will NOT work, as in the second stage build LLVM_USE_SANITIZER is set, which disables ASAN from being built. Thus bots will be reconfigured in the next few commits. Differential Revision: https://reviews.llvm.org/D36295 llvm-svn: 310075
* Disable libFuzzer tests on WindowsGeorge Karpenkov2017-08-041-2/+10
| | | | | | Differential Revision: https://reviews.llvm.org/D36297 llvm-svn: 310009
* [libFuzzer] simplify the handling of memmem/strstrKostya Serebryany2017-07-141-1/+0
| | | | llvm-svn: 307977
* [libFuzzer] NFC Declare LIBFUZZER_FLAGS_BASE outside of an if-blockGeorge Karpenkov2017-07-121-1/+1
| | | | | | | | | | | The current code relies on the assumption that tests are included only if LLVM_USE_SANITIZE_COVERAGE is enabled. This commit makes it easier to relax the assumption in the future, as the variable LIBFUZZER_FLAGS_BASE is used further in libFuzzer tests. Differential Revision: https://reviews.llvm.org/D35314 llvm-svn: 307825
* [libFuzzer] Always build libFuzzer Kuba Mracek2017-04-211-34/+40
| | | | | | | | | | | | | | | There are two reasons why users might want to build libfuzzer: - To fuzz LLVM itself - To get the libFuzzer.a archive file, so that they can attach it to their code This change always builds libfuzzer, and supports the second use case if the specified flag is set. The point of this patch is to have something that can potentially be shipped with the compiler, and this also ensures that the version of libFuzzer is correct to use with that compiler. Patch by George Karpenkov. Differential Revision: https://reviews.llvm.org/D32096 llvm-svn: 301054
* Fixup for r301007: Restrict the -D hack to Darwin.Kuba Mracek2017-04-211-7/+9
| | | | llvm-svn: 301017
* Revert r301010: Bot failures on Windows, NetBSD and even some old Darwin.Kuba Mracek2017-04-211-20/+14
| | | | llvm-svn: 301012
* [libFuzzer] Always build libFuzzerKuba Mracek2017-04-211-14/+20
| | | | | | | | | | | | | | | There are two reasons why users might want to build libfuzzer: - To fuzz LLVM itself - To get the libFuzzer.a archive file, so that they can attach it to their code This change always builds libfuzzer, and supports the second use case if the specified flag is set. The point of this patch is to have something that can potentially be shipped with the compiler, and this also ensures that the version of libFuzzer is correct to use with that compiler. Patch by George Karpenkov. Differential Revision: https://reviews.llvm.org/D32096 llvm-svn: 301010
* [libFuzzer] Changing thread_local to __thread in libFuzzerKuba Mracek2017-04-211-0/+13
| | | | | | | | Old Apple compilers do not support thread_local keyword. This patch adds -Dthread_local=__thread when the compiler doesn't support thread_local. Differential Revision: https://reviews.llvm.org/D32312 llvm-svn: 301007
* Revert r300789: There are Windows bot failures.Kuba Mracek2017-04-191-20/+14
| | | | llvm-svn: 300794
* [libFuzzer] Always build libFuzzerKuba Mracek2017-04-191-14/+20
| | | | | | | | | | | | | There are two reasons why users might want to build libfuzzer: - To fuzz LLVM itself - To get the libFuzzer.a archive file, so that they can attach it to their code This change always builds libfuzzer, and supports the second use case if the specified flag is set. The point of this patch is to have something that can potentially be shipped with the compiler, and this also ensures that the version of libFuzzer is correct to use with that compiler. Differential Revision: https://reviews.llvm.org/D32096 llvm-svn: 300789
* [libFuzzer] create experimental support for user-provided coverage signalKostya Serebryany2017-03-231-0/+1
| | | | llvm-svn: 298654
* [CMake] Fix pthread handling for out-of-tree buildsEric Fiselier2017-02-101-2/+2
| | | | | | | | | | | | | | | LLVM defines `PTHREAD_LIB` which is used by AddLLVM.cmake and various projects to correctly link the threading library when needed. Unfortunately `PTHREAD_LIB` is defined by LLVM's `config-ix.cmake` file which isn't installed and therefore can't be used when configuring out-of-tree builds. This causes such builds to fail since `pthread` isn't being correctly linked. This patch attempts to fix that problem by renaming and exporting `LLVM_PTHREAD_LIB` as part of`LLVMConfig.cmake`. I renamed `PTHREAD_LIB` because It seemed likely to cause collisions with downstream users of `LLVMConfig.cmake`. llvm-svn: 294690
* [libFuzzer] Use dynamic loading for External Functions on Windows.Marcos Pividori2017-02-101-1/+1
| | | | | | | | | | | | | | | | | | | Replace weak aliases with dynamic loading. Weak aliases were generating some problems when linking for MT on Windows. For MT, compiler-rt's libraries are statically linked to the main executable the same than libFuzzer, so if we use weak aliases, we are providing two different default implementations for the same weak function and the linker fails. In this diff I re implement ExternalFunctions() using dynamic loading, so it works in both cases (MD and MT). Also, dynamic loading is simpler, since we are not defining any auxiliary external function, and we don't need to deal with weak aliases. This is equivalent to the implementation using dlsym(RTLD_DEFAULT, FnName) for Posix. Differential revision: https://reviews.llvm.org/D29751 llvm-svn: 294687
* [libFuzzer] Temporarily fix Shmem for Windows.Marcos Pividori2017-02-081-0/+1
| | | | | | | | | In this diff, I add stubs for shared memory on Windows. Now we can compile and use libFuzzer without support for shared memory. Differential Revision: https://reviews.llvm.org/D29544 llvm-svn: 294376
* [libFuzzer] experimental support for 'equivalance fuzzing'Kostya Serebryany2017-01-201-0/+1
| | | | llvm-svn: 292646
* [libFuzzer] build libFuzzer itself with asanKostya Serebryany2016-12-121-1/+1
| | | | llvm-svn: 289469
* [libFuzzer] implement crash-resistant merge ↵Kostya Serebryany2016-12-091-1/+2
| | | | | | (https://github.com/google/sanitizers/issues/722). This is a first experimental variant that needs some more testing, thus not yet adding a lit test (but there are unit tests). llvm-svn: 289166
* Resubmit "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-021-0/+2
| | | | | | | | This resubmits r288529, which was resubmitted because it broke a fuzzer bot. According to kcc@ the test that broke was flakey and it is unlikely to be a result of this patch. llvm-svn: 288549
* Revert "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-021-2/+0
| | | | | | | This reverts commit r288529, as it seems to introduce some problems on the Linux bots. llvm-svn: 288533
* [LibFuzzer] Introduce a portable WeakAlias implementation.Zachary Turner2016-12-021-0/+1
| | | | | | | | | | | | | Windows doesn't really support weak aliases, but with some linker magic we can get something that's pretty close on Windows. This introduces an interface to accessing weakly aliased symbols that will work on any platform. Linker magic changes to come in a separate patch. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27235 llvm-svn: 288530
* [LibFuzzer] Split FuzzerUtil for Posix and Windows.Zachary Turner2016-12-021-0/+2
| | | | | | | | | | Pave the way for separating out platform specific utility functions into separate files. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27234 llvm-svn: 288529
* [LibFuzzer] Add Windows implementations of some IO functions.Zachary Turner2016-11-301-1/+3
| | | | | | | | | | | | | This patch moves some posix specific file i/o code into a new file, FuzzerIOPosix.cpp, and provides implementations for these functions on Windows in FuzzerIOWindows.cpp. This is another incremental step towards getting libfuzzer working on Windows, although it still should not be expected to be fully working. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27233 llvm-svn: 288275
* [libFuzzer] use __attribute__((target("popcnt"))) only on x86_64Kostya Serebryany2016-08-241-1/+1
| | | | llvm-svn: 279601
* [libFuzzer] new experimental feature: value profiling. Profiles values that ↵Kostya Serebryany2016-08-161-1/+1
| | | | | | affect control flow and treats new values as new coverage. llvm-svn: 278839
* [LibFuzzer] Fix `-jobs=<N>` where <N> > 1 and the number of workers is > 1 ↵Dan Liew2016-08-121-0/+2
| | | | | | | | | | | | | | | | | | | | | | | on macOS. The original `ExecuteCommand()` called `system()` from the C library. The C library implementation of this on macOS contains a mutex which serializes calls to `system()`. This prevented the `-jobs=` flag from running copies of the fuzzing binary in parallel which is the opposite of what is intended. To fix this on macOS an alternative implementation of `ExecuteCommand()` is provided that can be used concurrently. This is provided in `FuzzerUtilDarwin.cpp` which is guarded to only compile code on Apple platforms. The existing implementation has been moved to a new file `FuzzerUtilLinux.cpp` which is guarded to only compile code on Linux. This commit includes a simple test to check that LibFuzzer is being executed in parallel when requested. Differential Revision: https://reviews.llvm.org/D22742 llvm-svn: 278544
* [LibFuzzer] Reimplement how the optional user functions are called.Dan Liew2016-06-021-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The motivation for this change is to fix linking issues on OSX. However this only partially fixes linking issues (the uninstrumented tests and a few others won't succesfully link yet). This change introduces a struct of function pointers (``fuzzer::ExternalFuntions``) which when initialised will point to the optional functions if they are available. Currently these ``LLVMFuzzerInitialize`` and ``LLVMFuzzerCustomMutator`` functions. Two implementations of ``fuzzer::ExternalFunctions`` constructor are provided one for Linux and one for OSX. The OSX implementation uses ``dlsym()`` because the prior implementation using weak symbols does not work unless the additional flags are passed to the linker. The Linux implementation continues to use weak symbols because the ``dlsym()`` approach does not work unless additional flags are passed to the linker. Differential Revision: http://reviews.llvm.org/D20741 llvm-svn: 271491
* [LibFuzzer] Emit error if LLVM_USE_SANITIZER is not correctly set.Dan Liew2016-05-261-0/+6
| | | | | | | | | | Previously CMake would successfully configure and compile (with warnings about ``-fsanitize-coverage=...`` being unused) but the tests LibFuzzer tests would fail. Differential Revision: http://reviews.llvm.org/D20662 llvm-svn: 270913
* [LibFuzzer] Allow LibFuzzer to be built in modes other than RELEASE.Dan Liew2016-05-261-2/+2
| | | | | | | | | | | | Previously the flags were only being set correctly when the build type was "Release". Now the build should work properly for all the supported build types. When building libFuzzer the optimization level respects whatever is used for the rest of LLVM but for the LibFuzzer tests we force -O0. Differential Revision: http://reviews.llvm.org/D20558 llvm-svn: 270912
* [libFuzzer] simplify FuzzerInterface.hKostya Serebryany2016-05-131-1/+0
| | | | llvm-svn: 269448
* [libFuzzer] add -Werror for libFuzzer build ruleKostya Serebryany2016-03-021-1/+1
| | | | llvm-svn: 262517
* [libFuzzer] remove FuzzerSanitizerOptions.cppKostya Serebryany2016-03-011-1/+0
| | | | llvm-svn: 262354
* Refactor duplicated code for linking with pthread.Rafael Espindola2016-03-011-6/+2
| | | | llvm-svn: 262344
* [libFuzzer] initial implementation of path coverage based on ↵Kostya Serebryany2016-02-261-0/+1
| | | | | | -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds llvm-svn: 262073
* [libFuzzer] fix the libFuzzer bot Kostya Serebryany2016-02-181-1/+1
| | | | llvm-svn: 261184
* Fuzzer: Fix library dependencies.Peter Collingbourne2015-12-161-0/+6
| | | | | | | | Newer versions of libstdc++ (4.9+), as well as libc++, depend directly on libpthread from the standard library headers, so libfuzzer needs to declare a standard library dependency. llvm-svn: 255745
* [lib/Fuzzer] extend the fuzzer interface to allow user-supplied mutatorsKostya Serebryany2015-05-221-2/+6
| | | | llvm-svn: 238059
* [lib/Fuzzer] Add SHA1 implementation from public domain.Kostya Serebryany2015-05-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | Summary: This adds a SHA1 implementation taken from public domain code. The change is trivial, but as it involves third-party code I'd like a second pair of eyes before commit. LibFuzzer can not use SHA1 from openssl because openssl may not be available and because we may be fuzzing openssl itself. Using sha1sum via a pipe is too slow. Test Plan: n/a Reviewers: chandlerc Reviewed By: chandlerc Subscribers: majnemer, llvm-commits Differential Revision: http://reviews.llvm.org/D9733 llvm-svn: 237400
* [lib/Fuzzer] rename FuzzerDFSan.cpp to FuzzerTraceState.cpp; update ↵Kostya Serebryany2015-05-111-1/+1
| | | | | | comments. NFC expected llvm-svn: 237050
* Removing a spurious space; NFC.Aaron Ballman2015-04-061-1/+1
| | | | llvm-svn: 234168
* DFSan-based fuzzer (proof of concept).Kostya Serebryany2015-03-301-2/+4
| | | | | | | | | | | | | | | | | | Summary: This adds a simple DFSan-based (i.e. taint-guided) fuzzer mutator, see the comments for details. Test Plan: a test added Reviewers: samsonov, pcc Reviewed By: samsonov, pcc Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D8669 llvm-svn: 233613
* [fuzzer] split main() into FuzzerDriver() that takes a callback as a ↵Kostya Serebryany2015-02-191-0/+1
| | | | | | parameter and a tiny main() in a separate file llvm-svn: 229882
* [fuzzer] move default sanitizer options to a separate fileKostya Serebryany2015-02-061-0/+1
| | | | llvm-svn: 228429
* [fuzzer] Add a gtest-style testKostya Serebryany2015-01-301-3/+5
| | | | | | | | | | | | | | | | Summary: Add one gtest-style test. Test Plan: run on bot Reviewers: samsonov Reviewed By: samsonov Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D7287 llvm-svn: 227639
OpenPOWER on IntegriCloud