summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer/FuzzerTraceState.cpp
Commit message (Collapse)AuthorAgeFilesLines
* [libFuzzer] simplify the handling of memmem/strstrKostya Serebryany2017-07-141-112/+0
| | | | llvm-svn: 307977
* [libFuzzer] move code around; NFCKostya Serebryany2017-07-131-69/+0
| | | | llvm-svn: 307973
* Sort the remaining #include lines in include/... and lib/....Chandler Carruth2017-06-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | I did this a long time ago with a janky python script, but now clang-format has built-in support for this. I fed clang-format every line with a #include and let it re-sort things according to the precise LLVM rules for include ordering baked into clang-format these days. I've reverted a number of files where the results of sorting includes isn't healthy. Either places where we have legacy code relying on particular include ordering (where possible, I'll fix these separately) or where we have particular formatting around #include lines that I didn't want to disturb in this patch. This patch is *entirely* mechanical. If you get merge conflicts or anything, just ignore the changes in this patch and run clang-format over your #include lines in the files. Sorry for any noise here, but it is important to keep these things stable. I was seeing an increasing number of patches with irrelevant re-ordering of #include lines because clang-format was used. This patch at least isolates that churn, makes it easy to skip when resolving conflicts, and gets us to a clean baseline (again). llvm-svn: 304787
* [libFuzzer] make sure we don't execute libFuzzer's mem* and str* hooks while ↵Kostya Serebryany2017-03-311-4/+9
| | | | | | calling mem*/str* inside libFuzzer itself llvm-svn: 299167
* [libFuzzer] be more careful when calling strlen of strcmp parameters, PR32357Kostya Serebryany2017-03-241-3/+9
| | | | llvm-svn: 298746
* [libfuzzer] chromium-related compilation fixesMike Aizatsky2017-02-031-8/+8
| | | | | | | | Reviewers: kcc Differential Revision: https://reviews.llvm.org/D29502 llvm-svn: 294035
* [libFuzzer] remove stale codeKostya Serebryany2017-01-181-126/+4
| | | | llvm-svn: 292325
* [libFuzzer] add ATTRIBUTE_NO_SANITIZE_MEMORY to sanitizer hooksKostya Serebryany2017-01-171-0/+14
| | | | llvm-svn: 292295
* [libFuzzer] use table of recent compares for memcmp/strcmp (to unify the ↵Kostya Serebryany2017-01-171-9/+9
| | | | | | code between cmp and memcmp handling) llvm-svn: 292287
* [libFuzzer] remove dead code, NFCKostya Serebryany2017-01-061-47/+0
| | | | llvm-svn: 291195
* Resubmit "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-021-2/+2
| | | | | | | | This resubmits r288529, which was resubmitted because it broke a fuzzer bot. According to kcc@ the test that broke was flakey and it is unlikely to be a result of this patch. llvm-svn: 288549
* Revert "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-021-2/+2
| | | | | | | This reverts commit r288529, as it seems to introduce some problems on the Linux bots. llvm-svn: 288533
* [LibFuzzer] Split FuzzerUtil for Posix and Windows.Zachary Turner2016-12-021-2/+2
| | | | | | | | | | Pave the way for separating out platform specific utility functions into separate files. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27234 llvm-svn: 288529
* [LibFuzzer] Split up some functions among different headers.Zachary Turner2016-11-301-3/+3
| | | | | | | | | | | | | | | | | | | | | In an effort to get libfuzzer working on Windows, we need to make a distinction between what functions require platform specific code (e.g. different code on Windows vs Linux) and what code doesn't. IO functions, for example, tend to be platform specific. This patch separates out some of the functions which will need to have platform specific implementations into different headers, so that we can then provide different implementations for each platform. Aside from that, this patch contains no functional change. It is purely a re-organization. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27230 llvm-svn: 288264
* [libFuzzer] add -trace_cmp=1 (guiding mutations based on the observed CMP ↵Kostya Serebryany2016-10-141-4/+2
| | | | | | instructions). This is a reincarnation of the previously deleted -use_traces, but using a different approach for collecting traces. Still a toy, but at least it scales well. Also fix -merge in trace-pc-guard mode llvm-svn: 284273
* [libFuzzer] add ShrinkValueProfileTest, move code around, NFCKostya Serebryany2016-10-051-108/+3
| | | | llvm-svn: 283286
* [libFuzzer] remove dfsan support and some related stale code. This is not ↵Kostya Serebryany2016-10-041-334/+1
| | | | | | being used and as is is pretty weak anyway llvm-svn: 283187
* [libFuzzer] move value profiling logic into TracePCKostya Serebryany2016-09-231-23/+10
| | | | llvm-svn: 282219
* [libFuzzer] change ValueBitMap to remember the number of bits in itKostya Serebryany2016-09-231-1/+1
| | | | llvm-svn: 282216
* [libFuzzer] refactoring: split the large header into many; NFCKostya Serebryany2016-09-211-1/+4
| | | | llvm-svn: 282044
* [libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly ↵Kostya Serebryany2016-09-091-46/+9
| | | | | | better llvm-svn: 281007
* [libFuzzer] stop using bits for memcmp's value profile -- seems to blow up ↵Kostya Serebryany2016-08-301-6/+6
| | | | | | the corpus too much llvm-svn: 280096
* [libFuzzer] use bits instead of bytes for memcmp/strcmp value profile -- the ↵Kostya Serebryany2016-08-301-10/+18
| | | | | | fuzzer reaches the goal much faster, at least on the simple puzzles llvm-svn: 280054
* [libFuzzer] use trace-div and trace-gep for guided fuzzing, add testsKostya Serebryany2016-08-301-0/+21
| | | | llvm-svn: 280046
* [libFuzzer] use __attribute__((target("popcnt"))) only on x86_64Kostya Serebryany2016-08-241-1/+1
| | | | llvm-svn: 279601
* [libFuzzer] collect 64 states for value profile, not 65Kostya Serebryany2016-08-231-1/+5
| | | | llvm-svn: 279588
* [sanitizer-coverage/libFuzzer] instrument comparisons with ↵Kostya Serebryany2016-08-181-3/+48
| | | | | | __sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these new callbacks in libFuzzer llvm-svn: 279027
* [libFuzzer] force proper popcnt instructionKostya Serebryany2016-08-171-0/+1
| | | | llvm-svn: 279002
* [libFuzzer] new experimental feature: value profiling. Profiles values that ↵Kostya Serebryany2016-08-161-5/+65
| | | | | | affect control flow and treats new values as new coverage. llvm-svn: 278839
* [libFuzzer] properly intercept memmemKostya Serebryany2016-07-191-1/+10
| | | | llvm-svn: 276006
* [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmpKostya Serebryany2016-07-151-1/+38
| | | | llvm-svn: 275648
* [libfuzzer] moving is_ascii handler inside mutation dispatcher.Mike Aizatsky2016-06-231-4/+5
| | | | | | | | Summary: It also fixes a bug, when first random might not be ascii. Differential Revision: http://reviews.llvm.org/D21573 llvm-svn: 273611
* Fix compilation with GCC, which treats this as a constructor name not a typeRichard Smith2016-05-271-1/+1
| | | | | | name. (GCC is correct here per the latest language DRs.) llvm-svn: 271044
* [libFuzzer] refactor: hide CurrentUnitData inside an interface function. NFCKostya Serebryany2016-05-261-28/+24
| | | | llvm-svn: 270922
* [libFuzzer] reimplement the way we do -only_ascii to allow more 'const' in ↵Kostya Serebryany2016-05-261-2/+2
| | | | | | function declarations. Add a test for -only_ascii. NFC intended llvm-svn: 270900
* [libFuzzer] try to use max_len based on the items of the corpus instead of ↵Kostya Serebryany2016-03-121-10/+13
| | | | | | blindly defaulting to 64 bytes. llvm-svn: 263323
* libfuzzer: fix compiler warningsDmitry Vyukov2016-03-021-1/+1
| | | | | | | | - unused sigaction/setitimer result (used in assert) - unchecked fscanf return value - signed/unsigned comparison llvm-svn: 262472
* [libFuzzer] get rid of UserSuppliedFuzzer; NFCKostya Serebryany2016-02-131-7/+7
| | | | llvm-svn: 260798
* [libFuzzer] don't create too many trace-based mutations as it may be too slowKostya Serebryany2016-02-021-2/+18
| | | | llvm-svn: 259600
* [libFuzzer] don't do expensive memmem if the result will not be usedKostya Serebryany2016-01-221-0/+2
| | | | llvm-svn: 258462
* [libFuzzer] replace vector with a simpler data structure in the Dictionaries ↵Kostya Serebryany2016-01-161-15/+8
| | | | | | to avoid memory allocations on hot path llvm-svn: 257985
* [libFuzzer] do mutations based on memcmp/strcmp interceptors under a ↵Kostya Serebryany2016-01-151-18/+25
| | | | | | separate flag (-use_memcmp, default=1) llvm-svn: 257873
* [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra ↵Kostya Serebryany2016-01-131-17/+19
| | | | | | allocations llvm-svn: 257713
* [libFuzzer] make sure we find buffer overflow in the input buffer. ↵Kostya Serebryany2016-01-131-12/+15
| | | | | | Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) llvm-svn: 257701
* [libFuzzer] add a macro LLVM_FUZZER_DEFINES_SANITIZER_WEAK_HOOOKSKostya Serebryany2016-01-121-0/+8
| | | | llvm-svn: 257482
* [libFuzzer] when a new unit is discovered using a dictionary, print all used ↵Kostya Serebryany2016-01-121-22/+3
| | | | | | dictionary entries llvm-svn: 257435
* [libFuzzer] add various debug prints. Also don't mutate based on a cmp trace ↵Kostya Serebryany2016-01-121-5/+28
| | | | | | like (a eq a) or (a neq a) llvm-svn: 257434
* [libFuzzer] extend the weak memcmp/strcmp/strncmp interceptors to receive ↵Kostya Serebryany2016-01-121-3/+6
| | | | | | the result of the computations. With that, don't do any mutations if memcmp/etc returned 0 llvm-svn: 257423
* [libFuzzer] debug prints in tracingKostya Serebryany2016-01-091-2/+27
| | | | llvm-svn: 257249
* [libFuzzer] change the way trace-based mutations are applied. Instead of a ↵Kostya Serebryany2016-01-091-30/+15
| | | | | | custom code just rely on the automatically created dictionary llvm-svn: 257248
OpenPOWER on IntegriCloud