summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
* [libFuzzer] print a failed-merge warning only in the merge modeKostya Serebryany2016-09-101-0/+1
| | | | llvm-svn: 281130
* [libFuzzer] don't print help for internal flags Kostya Serebryany2016-09-102-0/+3
| | | | llvm-svn: 281124
* [libFuzzer] print a visible message if merge fails due to a crash Kostya Serebryany2016-09-103-0/+24
| | | | llvm-svn: 281122
* [libFuzzer] use sizeof() in tests instead of 4 and 8Kostya Serebryany2016-09-092-6/+6
| | | | llvm-svn: 281111
* [libFuzzer] one more puzzle for value profileKostya Serebryany2016-09-093-0/+25
| | | | llvm-svn: 281106
* [libFuzzer] one more puzzle, value_profile cracks it in a secondKostya Serebryany2016-09-093-0/+25
| | | | llvm-svn: 281066
* [libFuzzer] improve -print_pcs to not print new PCs coming from libFuzzer itselfKostya Serebryany2016-09-092-8/+19
| | | | llvm-svn: 281016
* [libFuzzer] remove unneeded callKostya Serebryany2016-09-092-9/+0
| | | | llvm-svn: 281014
* [libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly ↵Kostya Serebryany2016-09-096-67/+9
| | | | | | better llvm-svn: 281007
* [libFuzzer] add -minimize_crash flag (to minimize crashers). also add two ↵Kostya Serebryany2016-09-015-8/+115
| | | | | | tests that I failed to commit last time llvm-svn: 280332
* [libfuzzer] simplified unit truncation; do not write trunc items to discMike Aizatsky2016-08-302-34/+14
| | | | | | Differential Revision: https://reviews.llvm.org/D24049 llvm-svn: 280153
* [libFuzzer] fix a bug when running a single unit of N bytes with -max_len=M, ↵Kostya Serebryany2016-08-302-6/+7
| | | | | | M<N, caused a buffer overflow llvm-svn: 280098
* [libFuzzer] stop using bits for memcmp's value profile -- seems to blow up ↵Kostya Serebryany2016-08-302-9/+9
| | | | | | the corpus too much llvm-svn: 280096
* [libFuzzer] use bits instead of bytes for memcmp/strcmp value profile -- the ↵Kostya Serebryany2016-08-302-13/+21
| | | | | | fuzzer reaches the goal much faster, at least on the simple puzzles llvm-svn: 280054
* [libFuzzer] use trace-div and trace-gep for guided fuzzing, add testsKostya Serebryany2016-08-304-1/+66
| | | | llvm-svn: 280046
* [libFuzzer] simplify a test to make it pass on the botKostya Serebryany2016-08-261-1/+1
| | | | llvm-svn: 279796
* [libFuzzer] make sure we have symbols on fuzzer testsKostya Serebryany2016-08-251-1/+1
| | | | llvm-svn: 279792
* [libFizzer] rename -print_new_cov_pcs=1 into -print_pcs=1 and make it more ↵Kostya Serebryany2016-08-256-12/+28
| | | | | | useful: print PCs only after the initial corpus has been read and symbolize them llvm-svn: 279787
* [libFuzzer] simplify the code, NFCKostya Serebryany2016-08-252-91/+81
| | | | llvm-svn: 279697
* [libFuzzer] make a test more deterministic Kostya Serebryany2016-08-241-3/+3
| | | | llvm-svn: 279686
* [libFuzzer] use __attribute__((target("popcnt"))) only on x86_64Kostya Serebryany2016-08-244-7/+13
| | | | llvm-svn: 279601
* [libFuzzer] collect 64 states for value profile, not 65Kostya Serebryany2016-08-231-1/+5
| | | | llvm-svn: 279588
* [libFuzzer] fix the non-debug build warningsKostya Serebryany2016-08-191-1/+2
| | | | llvm-svn: 279321
* [libFuzzer] add more __attribute__((visibility("default")))Kostya Serebryany2016-08-181-0/+2
| | | | llvm-svn: 279143
* [sanitizer-coverage/libFuzzer] instrument comparisons with ↵Kostya Serebryany2016-08-182-3/+50
| | | | | | __sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these new callbacks in libFuzzer llvm-svn: 279027
* [libFuzzer] force proper popcnt instructionKostya Serebryany2016-08-172-1/+3
| | | | llvm-svn: 279002
* [libFuzzer] given 0 and 255 more preference when inserting repeated bytesKostya Serebryany2016-08-171-1/+2
| | | | llvm-svn: 278986
* [libFuzzer] one more mutation: ChangeBinaryInteger; also fix the breakage ↵Kostya Serebryany2016-08-173-2/+77
| | | | | | from r278970 llvm-svn: 278982
* [libFuzzer] when printing the reproducer input, also print the base input ↵Kostya Serebryany2016-08-173-4/+13
| | | | | | and the mutation sequence llvm-svn: 278975
* Replace a few more "fall through" comments with LLVM_FALLTHROUGHJustin Bogner2016-08-171-1/+1
| | | | | | Follow up to r278902. I had missed "fall through", with a space. llvm-svn: 278970
* [libFuzzer] more mutationsKostya Serebryany2016-08-173-18/+124
| | | | llvm-svn: 278950
* [libFuzzer] minor speed improvementKostya Serebryany2016-08-161-1/+1
| | | | llvm-svn: 278856
* [libFuzzer] new experimental feature: value profiling. Profiles values that ↵Kostya Serebryany2016-08-1615-11/+158
| | | | | | affect control flow and treats new values as new coverage. llvm-svn: 278839
* [libFuzzer] refactoring around PCMap, NFCKostya Serebryany2016-08-165-81/+81
| | | | llvm-svn: 278825
* [libFuzzer] print a verbose message after executing inputs in non-fuzzing modeKostya Serebryany2016-08-152-0/+6
| | | | llvm-svn: 278724
* [libFuzzer] fix the bot Kostya Serebryany2016-08-151-1/+1
| | | | llvm-svn: 278721
* [libFuzzer] add InsertRepeatedBytes and EraseBytes.Kostya Serebryany2016-08-158-20/+139
| | | | | | | | | | | | | New mutation: InsertRepeatedBytes. Updated mutation: EraseByte => EraseBytes. This helps https://github.com/google/sanitizers/issues/710 where libFuzzer was not able to find a known bug. Now it finds it in minutes. Hopefully, the change is general enough to help other targets. llvm-svn: 278687
* [LibFuzzer] Fix `-jobs=<N>` where <N> > 1 and the number of workers is > 1 ↵Dan Liew2016-08-125-4/+198
| | | | | | | | | | | | | | | | | | | | | | | on macOS. The original `ExecuteCommand()` called `system()` from the C library. The C library implementation of this on macOS contains a mutex which serializes calls to `system()`. This prevented the `-jobs=` flag from running copies of the fuzzing binary in parallel which is the opposite of what is intended. To fix this on macOS an alternative implementation of `ExecuteCommand()` is provided that can be used concurrently. This is provided in `FuzzerUtilDarwin.cpp` which is guarded to only compile code on Apple platforms. The existing implementation has been moved to a new file `FuzzerUtilLinux.cpp` which is guarded to only compile code on Linux. This commit includes a simple test to check that LibFuzzer is being executed in parallel when requested. Differential Revision: https://reviews.llvm.org/D22742 llvm-svn: 278544
* [libFuzzer] make libFuzzer work with a bit older clang versionsKostya Serebryany2016-08-061-8/+10
| | | | llvm-svn: 277941
* [libFuzzer] don't print bogus error messageKostya Serebryany2016-08-061-2/+3
| | | | llvm-svn: 277940
* [libfuzzer] do not warn about missing pcbuffer functions: they are new.Mike Aizatsky2016-08-061-2/+2
| | | | llvm-svn: 277927
* [sanitizers] trace buffer API to use user-allocated buffer.Mike Aizatsky2016-08-053-27/+53
| | | | | | Differential Revision: https://reviews.llvm.org/D23185 llvm-svn: 277859
* [libFuzzer] extend the messages printed by afl_driverKostya Serebryany2016-07-191-4/+12
| | | | llvm-svn: 276052
* [libFuzzer] properly intercept memmemKostya Serebryany2016-07-192-2/+15
| | | | llvm-svn: 276006
* [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmpKostya Serebryany2016-07-159-6/+67
| | | | llvm-svn: 275648
* [libFuzzer] add ThreadedLeakTestKostya Serebryany2016-07-153-0/+24
| | | | llvm-svn: 275582
* [LibFuzzer] Unbreak the build on macOS which was broken by r272858.Dan Liew2016-07-071-0/+6
| | | | | | | | | ``afl_driver.cpp`` currently relies on weak symbols which doesn't work properly under macOS. For now fix the build by providing a dummy implementation of ``LLVMFuzzerInitialize(...)``. This is just a temporary measure until we fix ``afl_driver.cpp`` for macOS. llvm-svn: 274778
* [libFuzzer] Let user specify extra stats file.Mike Aizatsky2016-06-303-4/+208
| | | | | | | | | | | | Summary: If AFL_DRIVER_EXTRA_STATS_FILENAME is set and valid, write to it peak_rss_mb and slowest_unit_time_sec. These are both stats that libFuzzer can print but afl cannot. Reviewers: kcc, aizatsky, metzman Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D21742 llvm-svn: 274273
* [libfuzzer] moving is_ascii handler inside mutation dispatcher.Mike Aizatsky2016-06-236-60/+65
| | | | | | | | Summary: It also fixes a bug, when first random might not be ascii. Differential Revision: http://reviews.llvm.org/D21573 llvm-svn: 273611
* [libFuzzer] Add standard license info and comment header to AFLDriverTest.cppVitaly Buka2016-06-231-0/+4
| | | | | | | | | | | | Summary: Add license info and brief description of file to AFLDriverTest.cpp. Reviewers: kcc, aizatsky Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D21487 llvm-svn: 273527
OpenPOWER on IntegriCloud