Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | [libFuzzer] simplify the handling of memmem/strstr | Kostya Serebryany | 2017-07-14 | 1 | -112/+0 |
| | | | | llvm-svn: 307977 | ||||
* | [libFuzzer] move code around; NFC | Kostya Serebryany | 2017-07-13 | 1 | -69/+0 |
| | | | | llvm-svn: 307973 | ||||
* | Sort the remaining #include lines in include/... and lib/.... | Chandler Carruth | 2017-06-06 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | I did this a long time ago with a janky python script, but now clang-format has built-in support for this. I fed clang-format every line with a #include and let it re-sort things according to the precise LLVM rules for include ordering baked into clang-format these days. I've reverted a number of files where the results of sorting includes isn't healthy. Either places where we have legacy code relying on particular include ordering (where possible, I'll fix these separately) or where we have particular formatting around #include lines that I didn't want to disturb in this patch. This patch is *entirely* mechanical. If you get merge conflicts or anything, just ignore the changes in this patch and run clang-format over your #include lines in the files. Sorry for any noise here, but it is important to keep these things stable. I was seeing an increasing number of patches with irrelevant re-ordering of #include lines because clang-format was used. This patch at least isolates that churn, makes it easy to skip when resolving conflicts, and gets us to a clean baseline (again). llvm-svn: 304787 | ||||
* | [libFuzzer] make sure we don't execute libFuzzer's mem* and str* hooks while ↵ | Kostya Serebryany | 2017-03-31 | 1 | -4/+9 |
| | | | | | | calling mem*/str* inside libFuzzer itself llvm-svn: 299167 | ||||
* | [libFuzzer] be more careful when calling strlen of strcmp parameters, PR32357 | Kostya Serebryany | 2017-03-24 | 1 | -3/+9 |
| | | | | llvm-svn: 298746 | ||||
* | [libfuzzer] chromium-related compilation fixes | Mike Aizatsky | 2017-02-03 | 1 | -8/+8 |
| | | | | | | | | Reviewers: kcc Differential Revision: https://reviews.llvm.org/D29502 llvm-svn: 294035 | ||||
* | [libFuzzer] remove stale code | Kostya Serebryany | 2017-01-18 | 1 | -126/+4 |
| | | | | llvm-svn: 292325 | ||||
* | [libFuzzer] add ATTRIBUTE_NO_SANITIZE_MEMORY to sanitizer hooks | Kostya Serebryany | 2017-01-17 | 1 | -0/+14 |
| | | | | llvm-svn: 292295 | ||||
* | [libFuzzer] use table of recent compares for memcmp/strcmp (to unify the ↵ | Kostya Serebryany | 2017-01-17 | 1 | -9/+9 |
| | | | | | | code between cmp and memcmp handling) llvm-svn: 292287 | ||||
* | [libFuzzer] remove dead code, NFC | Kostya Serebryany | 2017-01-06 | 1 | -47/+0 |
| | | | | llvm-svn: 291195 | ||||
* | Resubmit "[LibFuzzer] Split FuzzerUtil for Posix and Windows." | Zachary Turner | 2016-12-02 | 1 | -2/+2 |
| | | | | | | | | This resubmits r288529, which was resubmitted because it broke a fuzzer bot. According to kcc@ the test that broke was flakey and it is unlikely to be a result of this patch. llvm-svn: 288549 | ||||
* | Revert "[LibFuzzer] Split FuzzerUtil for Posix and Windows." | Zachary Turner | 2016-12-02 | 1 | -2/+2 |
| | | | | | | | This reverts commit r288529, as it seems to introduce some problems on the Linux bots. llvm-svn: 288533 | ||||
* | [LibFuzzer] Split FuzzerUtil for Posix and Windows. | Zachary Turner | 2016-12-02 | 1 | -2/+2 |
| | | | | | | | | | | Pave the way for separating out platform specific utility functions into separate files. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27234 llvm-svn: 288529 | ||||
* | [LibFuzzer] Split up some functions among different headers. | Zachary Turner | 2016-11-30 | 1 | -3/+3 |
| | | | | | | | | | | | | | | | | | | | | | In an effort to get libfuzzer working on Windows, we need to make a distinction between what functions require platform specific code (e.g. different code on Windows vs Linux) and what code doesn't. IO functions, for example, tend to be platform specific. This patch separates out some of the functions which will need to have platform specific implementations into different headers, so that we can then provide different implementations for each platform. Aside from that, this patch contains no functional change. It is purely a re-organization. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27230 llvm-svn: 288264 | ||||
* | [libFuzzer] add -trace_cmp=1 (guiding mutations based on the observed CMP ↵ | Kostya Serebryany | 2016-10-14 | 1 | -4/+2 |
| | | | | | | instructions). This is a reincarnation of the previously deleted -use_traces, but using a different approach for collecting traces. Still a toy, but at least it scales well. Also fix -merge in trace-pc-guard mode llvm-svn: 284273 | ||||
* | [libFuzzer] add ShrinkValueProfileTest, move code around, NFC | Kostya Serebryany | 2016-10-05 | 1 | -108/+3 |
| | | | | llvm-svn: 283286 | ||||
* | [libFuzzer] remove dfsan support and some related stale code. This is not ↵ | Kostya Serebryany | 2016-10-04 | 1 | -334/+1 |
| | | | | | | being used and as is is pretty weak anyway llvm-svn: 283187 | ||||
* | [libFuzzer] move value profiling logic into TracePC | Kostya Serebryany | 2016-09-23 | 1 | -23/+10 |
| | | | | llvm-svn: 282219 | ||||
* | [libFuzzer] change ValueBitMap to remember the number of bits in it | Kostya Serebryany | 2016-09-23 | 1 | -1/+1 |
| | | | | llvm-svn: 282216 | ||||
* | [libFuzzer] refactoring: split the large header into many; NFC | Kostya Serebryany | 2016-09-21 | 1 | -1/+4 |
| | | | | llvm-svn: 282044 | ||||
* | [libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly ↵ | Kostya Serebryany | 2016-09-09 | 1 | -46/+9 |
| | | | | | | better llvm-svn: 281007 | ||||
* | [libFuzzer] stop using bits for memcmp's value profile -- seems to blow up ↵ | Kostya Serebryany | 2016-08-30 | 1 | -6/+6 |
| | | | | | | the corpus too much llvm-svn: 280096 | ||||
* | [libFuzzer] use bits instead of bytes for memcmp/strcmp value profile -- the ↵ | Kostya Serebryany | 2016-08-30 | 1 | -10/+18 |
| | | | | | | fuzzer reaches the goal much faster, at least on the simple puzzles llvm-svn: 280054 | ||||
* | [libFuzzer] use trace-div and trace-gep for guided fuzzing, add tests | Kostya Serebryany | 2016-08-30 | 1 | -0/+21 |
| | | | | llvm-svn: 280046 | ||||
* | [libFuzzer] use __attribute__((target("popcnt"))) only on x86_64 | Kostya Serebryany | 2016-08-24 | 1 | -1/+1 |
| | | | | llvm-svn: 279601 | ||||
* | [libFuzzer] collect 64 states for value profile, not 65 | Kostya Serebryany | 2016-08-23 | 1 | -1/+5 |
| | | | | llvm-svn: 279588 | ||||
* | [sanitizer-coverage/libFuzzer] instrument comparisons with ↵ | Kostya Serebryany | 2016-08-18 | 1 | -3/+48 |
| | | | | | | __sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these new callbacks in libFuzzer llvm-svn: 279027 | ||||
* | [libFuzzer] force proper popcnt instruction | Kostya Serebryany | 2016-08-17 | 1 | -0/+1 |
| | | | | llvm-svn: 279002 | ||||
* | [libFuzzer] new experimental feature: value profiling. Profiles values that ↵ | Kostya Serebryany | 2016-08-16 | 1 | -5/+65 |
| | | | | | | affect control flow and treats new values as new coverage. llvm-svn: 278839 | ||||
* | [libFuzzer] properly intercept memmem | Kostya Serebryany | 2016-07-19 | 1 | -1/+10 |
| | | | | llvm-svn: 276006 | ||||
* | [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmp | Kostya Serebryany | 2016-07-15 | 1 | -1/+38 |
| | | | | llvm-svn: 275648 | ||||
* | [libfuzzer] moving is_ascii handler inside mutation dispatcher. | Mike Aizatsky | 2016-06-23 | 1 | -4/+5 |
| | | | | | | | | Summary: It also fixes a bug, when first random might not be ascii. Differential Revision: http://reviews.llvm.org/D21573 llvm-svn: 273611 | ||||
* | Fix compilation with GCC, which treats this as a constructor name not a type | Richard Smith | 2016-05-27 | 1 | -1/+1 |
| | | | | | | name. (GCC is correct here per the latest language DRs.) llvm-svn: 271044 | ||||
* | [libFuzzer] refactor: hide CurrentUnitData inside an interface function. NFC | Kostya Serebryany | 2016-05-26 | 1 | -28/+24 |
| | | | | llvm-svn: 270922 | ||||
* | [libFuzzer] reimplement the way we do -only_ascii to allow more 'const' in ↵ | Kostya Serebryany | 2016-05-26 | 1 | -2/+2 |
| | | | | | | function declarations. Add a test for -only_ascii. NFC intended llvm-svn: 270900 | ||||
* | [libFuzzer] try to use max_len based on the items of the corpus instead of ↵ | Kostya Serebryany | 2016-03-12 | 1 | -10/+13 |
| | | | | | | blindly defaulting to 64 bytes. llvm-svn: 263323 | ||||
* | libfuzzer: fix compiler warnings | Dmitry Vyukov | 2016-03-02 | 1 | -1/+1 |
| | | | | | | | | - unused sigaction/setitimer result (used in assert) - unchecked fscanf return value - signed/unsigned comparison llvm-svn: 262472 | ||||
* | [libFuzzer] get rid of UserSuppliedFuzzer; NFC | Kostya Serebryany | 2016-02-13 | 1 | -7/+7 |
| | | | | llvm-svn: 260798 | ||||
* | [libFuzzer] don't create too many trace-based mutations as it may be too slow | Kostya Serebryany | 2016-02-02 | 1 | -2/+18 |
| | | | | llvm-svn: 259600 | ||||
* | [libFuzzer] don't do expensive memmem if the result will not be used | Kostya Serebryany | 2016-01-22 | 1 | -0/+2 |
| | | | | llvm-svn: 258462 | ||||
* | [libFuzzer] replace vector with a simpler data structure in the Dictionaries ↵ | Kostya Serebryany | 2016-01-16 | 1 | -15/+8 |
| | | | | | | to avoid memory allocations on hot path llvm-svn: 257985 | ||||
* | [libFuzzer] do mutations based on memcmp/strcmp interceptors under a ↵ | Kostya Serebryany | 2016-01-15 | 1 | -18/+25 |
| | | | | | | separate flag (-use_memcmp, default=1) llvm-svn: 257873 | ||||
* | [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra ↵ | Kostya Serebryany | 2016-01-13 | 1 | -17/+19 |
| | | | | | | allocations llvm-svn: 257713 | ||||
* | [libFuzzer] make sure we find buffer overflow in the input buffer. ↵ | Kostya Serebryany | 2016-01-13 | 1 | -12/+15 |
| | | | | | | Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) llvm-svn: 257701 | ||||
* | [libFuzzer] add a macro LLVM_FUZZER_DEFINES_SANITIZER_WEAK_HOOOKS | Kostya Serebryany | 2016-01-12 | 1 | -0/+8 |
| | | | | llvm-svn: 257482 | ||||
* | [libFuzzer] when a new unit is discovered using a dictionary, print all used ↵ | Kostya Serebryany | 2016-01-12 | 1 | -22/+3 |
| | | | | | | dictionary entries llvm-svn: 257435 | ||||
* | [libFuzzer] add various debug prints. Also don't mutate based on a cmp trace ↵ | Kostya Serebryany | 2016-01-12 | 1 | -5/+28 |
| | | | | | | like (a eq a) or (a neq a) llvm-svn: 257434 | ||||
* | [libFuzzer] extend the weak memcmp/strcmp/strncmp interceptors to receive ↵ | Kostya Serebryany | 2016-01-12 | 1 | -3/+6 |
| | | | | | | the result of the computations. With that, don't do any mutations if memcmp/etc returned 0 llvm-svn: 257423 | ||||
* | [libFuzzer] debug prints in tracing | Kostya Serebryany | 2016-01-09 | 1 | -2/+27 |
| | | | | llvm-svn: 257249 | ||||
* | [libFuzzer] change the way trace-based mutations are applied. Instead of a ↵ | Kostya Serebryany | 2016-01-09 | 1 | -30/+15 |
| | | | | | | custom code just rely on the automatically created dictionary llvm-svn: 257248 |