summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer/FuzzerInternal.h
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] add -print_final_stats=1 flagKostya Serebryany2016-02-261-0/+8
| | | | llvm-svn: 262084
* [libFuzzer] initial implementation of path coverage based on ↵Kostya Serebryany2016-02-261-0/+8
| | | | | | -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds llvm-svn: 262073
* [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup ↵Kostya Serebryany2016-02-181-4/+4
| | | | | | loading the corpus llvm-svn: 261267
* [libFuzzer] remove std::vector operations from hot paths, NFCKostya Serebryany2016-02-131-4/+8
| | | | llvm-svn: 260829
* [libFuzzer] don't require seed in fuzzer::Mutate, instead use the global ↵Kostya Serebryany2016-02-131-0/+1
| | | | | | Fuzzer object for fuzzer::Mutate. This makes custom mutators fast llvm-svn: 260810
* [libFuzzer] simplify CTOR of MutationDispatcherKostya Serebryany2016-02-131-3/+3
| | | | llvm-svn: 260800
* [libFuzzer] get rid of MutationDispatcher::Impl (simplify the code; NFC)Kostya Serebryany2016-02-131-4/+77
| | | | llvm-svn: 260799
* [libFuzzer] get rid of UserSuppliedFuzzer; NFCKostya Serebryany2016-02-131-46/+6
| | | | llvm-svn: 260798
* [libFuzzer] simplify the code around Random. NFCKostya Serebryany2016-02-131-36/+11
| | | | llvm-svn: 260797
* [libFuzzer] remove UserSuppliedFuzzer from the interface (it was a bad idea).Kostya Serebryany2016-02-131-0/+60
| | | | llvm-svn: 260796
* [libFuzzer] allow passing 1 or more files as individual inputsKostya Serebryany2016-02-021-0/+1
| | | | llvm-svn: 259459
* [libFuzzer] add -timeout_exitcode optionKostya Serebryany2016-01-291-0/+1
| | | | llvm-svn: 259265
* [libFuzzer] add -abort_on_timeout optionKostya Serebryany2016-01-231-0/+1
| | | | llvm-svn: 258631
* [libFuzzer] add more fields to DictionaryEntry to count the number of uses ↵Kostya Serebryany2016-01-221-2/+2
| | | | | | and successes llvm-svn: 258589
* Use std::piecewise_constant_distribution instead of ad-hoc binary search.Ivan Krasin2016-01-221-27/+40
| | | | | | | | | | | | | | | Summary: Fix the issue with the most recently discovered unit receiving much less attention. Note: this is the second attempt (prev: r258473). Now, libc++ build is fixed. Reviewers: aizatsky, kcc Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D16487 llvm-svn: 258571
* Revert r258473 as it's breaking the build with libc++Ivan Krasin2016-01-221-6/+1
| | | | | | | | Reviewers: kcc Differential Revision: http://reviews.llvm.org/D16441 llvm-svn: 258479
* Use std::piecewise_constant_distribution instead of ad-hoc binary search.Ivan Krasin2016-01-221-1/+6
| | | | | | | | | | | | | | | | | | Summary: Fix the issue with the most recently discovered unit receiving much less attention. Note: I had to change the seed for one test to make it pass. Alternatively, the number of runs could be increased. I believe that the average time of 'foo' discovery is not increased, just seed=1 was particularly convenient for the previous PRNG scheme used. Reviewers: aizatsky, kcc Subscribers: llvm-commits, kcc Differential Revision: http://reviews.llvm.org/D16419 llvm-svn: 258473
* [libFuzzer] replace vector with a simpler data structure in the Dictionaries ↵Kostya Serebryany2016-01-161-2/+38
| | | | | | to avoid memory allocations on hot path llvm-svn: 257985
* [libFuzzer] introduce LLVMFuzzerInitializeKostya Serebryany2016-01-161-0/+1
| | | | llvm-svn: 257980
* [libFuzzer] move some code from public interface header to a non-public ↵Kostya Serebryany2016-01-161-0/+61
| | | | | | header. NFC llvm-svn: 257963
* [libFuzzer] do mutations based on memcmp/strcmp interceptors under a ↵Kostya Serebryany2016-01-151-0/+1
| | | | | | separate flag (-use_memcmp, default=1) llvm-svn: 257873
* [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra ↵Kostya Serebryany2016-01-131-3/+6
| | | | | | allocations llvm-svn: 257713
* [libFuzzer] make sure we find buffer overflow in the input buffer. ↵Kostya Serebryany2016-01-131-0/+1
| | | | | | Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) llvm-svn: 257701
* [libFuzzer] when a new unit is discovered using a dictionary, print all used ↵Kostya Serebryany2016-01-121-0/+1
| | | | | | dictionary entries llvm-svn: 257435
* [libFuzzer] change the way trace-based mutations are applied. Instead of a ↵Kostya Serebryany2016-01-091-6/+2
| | | | | | custom code just rely on the automatically created dictionary llvm-svn: 257248
* [libfuzzer] print_new_cov_pcs experimental option.Mike Aizatsky2016-01-061-0/+2
| | | | | | Differential Revision: http://reviews.llvm.org/D15901 llvm-svn: 256882
* [libFuzzer] make CrossOver just one of the other mutationsKostya Serebryany2015-12-191-2/+1
| | | | llvm-svn: 256081
* [libFuzzer] compute base64 in-process instead of using an external lib. ↵Kostya Serebryany2015-12-041-1/+1
| | | | | | Since libFuzzer should not depend on anything, just re-implement base64 encoder. PR25746 llvm-svn: 254784
* [libFuzzer] add a flag -exact_artifact_pathKostya Serebryany2015-11-251-0/+1
| | | | llvm-svn: 254100
* output_csv libfuzzer optionMike Aizatsky2015-11-121-0/+1
| | | | | | | | | | | Summary: The option outputs statistics in CSV format preceded by 1 header line. This is intended for machine processing of the output. -verbosity=0 should likely be set. Differential Revision: http://reviews.llvm.org/D14600 llvm-svn: 252856
* [libFuzzer] experimental flag -drill (another search heuristic; Mike ↵Kostya Serebryany2015-11-121-3/+6
| | | | | | Aizatsky's idea) llvm-svn: 252838
* [libFuzzer] when choosing the next unit to mutate, give some preference to ↵Kostya Serebryany2015-11-041-0/+1
| | | | | | the most recent units (they are more likely to be interesting) llvm-svn: 252097
* [libFuzzer] add -merge flag to merge corporaKostya Serebryany2015-10-241-0/+4
| | | | llvm-svn: 251168
* [libFuzzer] remove some old code; also make ↵Kostya Serebryany2015-10-231-7/+1
| | | | | | __sanitizer_get_total_unique_caller_callee_pairs weak so that newer libFuzzer works with older asan llvm-svn: 251133
* [libFuzzer] use the indirect caller-callee counter as an independent search ↵Kostya Serebryany2015-10-221-0/+3
| | | | | | heuristic llvm-svn: 251078
* [libFuzzer] more refactoring the code that checks the coverage. NFCKostya Serebryany2015-10-221-1/+1
| | | | llvm-svn: 251075
* [libFuzzer] refactoring the code that checks the coverage. NFCKostya Serebryany2015-10-221-4/+8
| | | | llvm-svn: 251074
* [libFuzzer] remove the deprecated 'tokens' featureKostya Serebryany2015-10-221-3/+1
| | | | llvm-svn: 251069
* [libFuzzer] add -shuffle flagKostya Serebryany2015-10-171-0/+1
| | | | llvm-svn: 250603
* [libFuzzer] print a stack trace on timeoutKostya Serebryany2015-10-161-0/+1
| | | | llvm-svn: 250571
* [libFuzzer] When -test_single_input crashes the test it is not necessary to ↵Kostya Serebryany2015-10-161-0/+1
| | | | | | write crash-file because input is already known to the user. Patch by Mike Aizatsky llvm-svn: 250564
* [libFuzzer] add -artifact_prefix flagKostya Serebryany2015-10-091-0/+1
| | | | llvm-svn: 249807
* [libFuzzer] make LLVMFuzzerTestOneInput (the fuzzer target function) return ↵Kostya Serebryany2015-10-021-3/+10
| | | | | | int instead of void. The actual return value is not *yet* used (and expected to be 0). This change is API breaking, so the fuzzers will need to be updated. llvm-svn: 249214
* [libFuzzer] remove experimental flag and functionalityKostya Serebryany2015-10-021-2/+0
| | | | llvm-svn: 249194
* [libFuzzer] add a flag -max_total_timeKostya Serebryany2015-10-021-0/+1
| | | | llvm-svn: 249181
* [LibFuzzer] test_single_input option to run a single test case.Ivan Krasin2015-10-011-1/+1
| | | | | | | | | | -test_single_input flag specifies a file name with test data. Review URL: http://reviews.llvm.org/D13359 Patch by Mike Aizatsky! llvm-svn: 249096
* [libFuzzer] remove -iterations as redundant (there is also -num_runs)Kostya Serebryany2015-09-081-1/+1
| | | | llvm-svn: 247030
* [libFuzzer] adding a parser for AFL-style dictionaries + tests.Kostya Serebryany2015-09-031-0/+11
| | | | llvm-svn: 246800
* [libFuzzer] honour -only_ascii=1 when reading the initial corpus. Also, ↵Kostya Serebryany2015-09-021-0/+1
| | | | | | remove ugly #ifdef llvm-svn: 246689
* [libFuzzer] add two flags, -tbm_depth and -tbm_width to control how the ↵Kostya Serebryany2015-08-121-0/+3
| | | | | | trace-based-mutations are applied llvm-svn: 244712
OpenPOWER on IntegriCloud