summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] Update test to consider different exceptions.Marcos Pividori2017-02-082-2/+2
| | | | | | Differential Revision: https://reviews.llvm.org/D29531 llvm-svn: 294377
* [libFuzzer] Temporarily fix Shmem for Windows.Marcos Pividori2017-02-082-0/+65
| | | | | | | | | In this diff, I add stubs for shared memory on Windows. Now we can compile and use libFuzzer without support for shared memory. Differential Revision: https://reviews.llvm.org/D29544 llvm-svn: 294376
* [libFuzzer] replace std::random_shuffle with std::shuffle as ↵Kostya Serebryany2017-02-074-10/+7
| | | | | | std::random_shuffle is being deprecated in C++17. Also simplify fuzzer::Random. NFC llvm-svn: 294366
* [libFuzzer] make code less clever to avoid fallthrough in switch (and in ↵Kostya Serebryany2017-02-061-3/+3
| | | | | | turn avoid compiler warnings). NFC. Suggested by Christian Holler. llvm-svn: 294239
* [libFuzzer] properly hide the memcmp interceptor from msanKostya Serebryany2017-02-031-1/+1
| | | | llvm-svn: 294061
* [libfuzzer] chromium-related compilation fixesMike Aizatsky2017-02-033-10/+13
| | | | | | | | Reviewers: kcc Differential Revision: https://reviews.llvm.org/D29502 llvm-svn: 294035
* [libFuzzer] reorganize the tracing code to make it easier to experiment with ↵Kostya Serebryany2017-02-022-19/+36
| | | | | | inlined coverage instrumentation. NFC llvm-svn: 293928
* [libFuzzer] Properly handle exceptions with UnhandledExceptionFilter.Marcos Pividori2017-02-021-5/+2
| | | | | | | | | | | | | | | | | | | | | | | Use SetUnhandledExceptionFilter instead of AddVectoredExceptionHandler. According to the documentation on Structured Exception Handling, this is the order for the Exception Dispatching: + If the process is being debugged, the system notifies the debugger. + The Vectored Exception Handler is called. + The system attempts to locate a frame-based exception handler by searching the stack frames of the thread in which the exception occurred. + If no frame-based handler can be found, the UnhandledExceptionFilter filter is called. + Default handling based on the exception type. So, similar to what we do for asan, we should use SetUnhandledExceptionFilter instead of AddVectoredExceptionHandler, so user's code that is being fuzzed can execute frame-based exception handlers before we catch them . We want to catch unhandled exceptions, not all the exceptions. Differential Revision: https://reviews.llvm.org/D29462 llvm-svn: 293920
* [libFuzzer] Disable afl tests on non-posix systems.Marcos Pividori2017-02-012-0/+4
| | | | | | | | AflDriver is not supported on non posix systems. Differential Revision: https://reviews.llvm.org/D29422 llvm-svn: 293830
* [libFuzzer] Disable equivalence tests on non posix systems.Marcos Pividori2017-02-011-0/+2
| | | | | | | | We can not run this test until we implement shared memory on Windows. Differential Revision: https://reviews.llvm.org/D29421 llvm-svn: 293829
* [libFuzzer] Isolate merge tests that require posix.Marcos Pividori2017-02-012-8/+23
| | | | | | Differential Revision: https://reviews.llvm.org/D29420 llvm-svn: 293828
* [libFuzzer] Add features `windows` and `posix` for lit tests.Marcos Pividori2017-02-013-0/+11
| | | | | | | | | | | | Add 2 features: posix and windows. Sometimes we want some specific tests only for posix and we use: REQUIRES: posix Sometimes we want some specific tests only for windows and we use: REQUIRES: windows Differential Revision: https://reviews.llvm.org/D29418 llvm-svn: 293827
* [libFuzzer] Accept different extensions.Marcos Pividori2017-02-011-1/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D29417 llvm-svn: 293826
* [libFuzzer] Fix test because cmd prompt does not expand wildcard.Marcos Pividori2017-02-011-1/+1
| | | | | | | | | | Commands should expand the wildcards on Windows, the cmd prompt doesn't. Because of that sancov was not finding the needed file. To deal with this, we use ls and xargs from gnu win utils. Differential Revision: https://reviews.llvm.org/D29374 llvm-svn: 293825
* [libFuzzer] Do not use llvm-objdump for disassembling a DSO.Marcos Pividori2017-02-011-4/+1
| | | | | | | | | | | | | | | | | When disassembling a DSO, for calls to functions from the PLT, llvm-objdump only prints the offset from the PLT, like: <.plt+0x30>. While objdump and dumpbin print the function name, like: <__sanitizer_cov_trace_pc_guard@plt> When analyzing the coverage in libFuzzer we dissasemble and look for the calls to __sanitizer_cov_trace_pc_guard. So, this fails when using llvm-objdump on a DSO. Differential Revision: https://reviews.llvm.org/D29372 llvm-svn: 293791
* [libFuzzer] Properly check if we can use dumpbin.Marcos Pividori2017-02-011-1/+1
| | | | | | | | The flag "/sumary" is necessary, otherwise it returns a non-zero value. Differential Revision: https://reviews.llvm.org/D29371 llvm-svn: 293790
* [libFuzzer] increase the default size for shmemKostya Serebryany2017-02-014-12/+12
| | | | llvm-svn: 293722
* [libFuzzer] Implement TmpDir() for Windows.Marcos Pividori2017-01-301-1/+11
| | | | | | Differential Revision: https://reviews.llvm.org/D28977 llvm-svn: 293516
* [libfuzzer] include errno.h. On Ubuntu 14.04 we got away w/o it, but other ↵Kostya Serebryany2017-01-281-0/+1
| | | | | | systems seem to require it llvm-svn: 293389
* [libFuzzer] make shmem more robust in the presence of signalsKostya Serebryany2017-01-272-3/+17
| | | | llvm-svn: 293339
* [libFuzzer] simplify the value profiling callback further: don't use (idx ↵Kostya Serebryany2017-01-273-10/+11
| | | | | | MOD prime) on the hot path where it is useless anyway llvm-svn: 293239
* [libFuzzer] make sure (again) that __builtin_popcountl is compiled into popcntKostya Serebryany2017-01-271-0/+8
| | | | llvm-svn: 293237
* [libFuzzer] simplify the value profile code and disable asan/msan on itKostya Serebryany2017-01-273-6/+19
| | | | llvm-svn: 293236
* [libFuzzer] remove a bit of stale codeKostya Serebryany2017-01-262-6/+0
| | | | llvm-svn: 293129
* [libFuzzer] further simplify __sanitizer_cov_trace_pc_guardKostya Serebryany2017-01-262-9/+7
| | | | llvm-svn: 293128
* [libFuzzer] simplify the code for __sanitizer_cov_trace_pc_guard and make ↵Kostya Serebryany2017-01-265-4/+31
| | | | | | sure it is not asan/msan-instrumented llvm-svn: 293125
* [libFuzzer] don't call GetPreviousInstructionPc on the hot path -- only when ↵Kostya Serebryany2017-01-261-18/+22
| | | | | | dumping the PCs llvm-svn: 293117
* [libFuzzer] mutate empty input using the regular mutators (instead of a ↵Kostya Serebryany2017-01-231-14/+5
| | | | | | custom dummy one). This way when we mutate an empty input there is a chance we will get a dictionary word llvm-svn: 292843
* [libFuzzer] make sure we use the feedback from std::string operator ==Kostya Serebryany2017-01-234-1/+31
| | | | llvm-svn: 292835
* [libFuzzer] deflake a test Kostya Serebryany2017-01-231-0/+1
| | | | llvm-svn: 292813
* [libFuzzer] Add missing dependency for tests.Marcos Pividori2017-01-221-0/+1
| | | | | | Dependency on TestBinaries was erroneously removed on r292735. llvm-svn: 292765
* [libFuzzer] Specify the CRT considered (MT or MD) for tests on Windows.Marcos Pividori2017-01-221-2/+9
| | | | | | Differential Revision: https://reviews.llvm.org/D28439 llvm-svn: 292749
* [libFuzzer] Fix test with shared libraries on Windows.Marcos Pividori2017-01-223-6/+20
| | | | | | | | | | | | | | | | | | We need to set BINARY_DIR to: ${CMAKE_BINARY_DIR}/lib/Fuzzer/test , so the dll is placed in the same directory than the test LLVMFuzzer-DSOTest, and is found when executing that test. As we are using CMAKE_CXX_CREATE_SHARED_LIBRARY to link the dll, we can't modify the output directory for the import library. It will be created in the same directory than the dll (in BINARY_DIR), no matter which value we set to LIBRARY_DIR. So, if we set LIBRARY_DIR to a different directory than BINARY_DIR, when linking LLVMFuzzer-DSOTest, cmake will look for the import library LLVMFuzzer-DSO1.lib in LIBRARY_DIR, and won't find it, since it was created in BINARY_DIR. So, for Windows, we need that LIBRARY_DIR and BINARY_DIR are the same directory. Differential Revision: https://reviews.llvm.org/D27870 llvm-svn: 292748
* [libFuzzer] AlrmHandler is executed in a different thread for Windows.Marcos Pividori2017-01-221-0/+3
| | | | | | | | | | | Don't check for InFuzzingThread() on Windows, since the AlarmHandler() is always executed by a different thread from a thread pool. If we don't add these changes, the alarm handler will never execute. Note that we decided to ignore possible problem in the synchronization. Differential Revision: https://reviews.llvm.org/D28723 llvm-svn: 292746
* [libFuzzer] Leak Sanitizer is not supported for Windows.Marcos Pividori2017-01-221-3/+3
| | | | | | Differential Revision: https://reviews.llvm.org/D28709 llvm-svn: 292745
* [libFuzzer] Fix OutOfMemory tests to work on 32 bits.Marcos Pividori2017-01-222-3/+3
| | | | | | | | | | | | | | | | | I add 2 changes to make the tests work on 32 bits and on 64 bits. I change the size allocated to 0x20000000 and add the flag: -rss_limit_mb=300. Otherwise the output for 32 bits and 64 bits is different. For 64 bits the value 0xff000000 doesn't exceed kMaxAllowedMallocSize. For 32 bits, kMaxAllowedMallocSize is set to 0xc0000000, so the call to Allocate() will fail earlier printing "WARNING: AddressSanitizer failed to allocate ..." , and wont't call malloc hooks. So, we need to consider a size smaller than 2GB (so malloc doesn't fail on 32bits) and greater that the value provided by -rss_limit_mb. Because of that I use: 0x20000000. Differential Revision: https://reviews.llvm.org/D28706 llvm-svn: 292744
* [libFuzzer] Avoid undefined behavior, properly discard output to stdout/stderr.Marcos Pividori2017-01-224-2/+20
| | | | | | | | | | | | | | | | | | | | | | Fix libFuzzer when setting -close_fd_mask to a non-zero value. In previous implementation, libFuzzer closes the file descriptors for stdout/stderr. This has some disavantages: For `fuzzer-fdmask.test`, we write directly to stdout and stderr using the file streams stdout and stderr, after the file descriptors are closed, which is undefined behavior. In Windows, in particular, this was making the test fail. Also, if we close stdout and we open a new file in libFuzzer, we get the file descriptor 1, which could generate problem if some code assumes file descriptors refers to stdout and works directly writing to the file descriptor 1, but it will be writing to the opened file (for example using std::cout). Instead of closing the file descriptors, I redirect the output to /dev/null on linux and nul on Windows. Differential Revision: https://reviews.llvm.org/D28718 llvm-svn: 292743
* [libFuzzer] Remove lib prefix from library names on tests.Marcos Pividori2017-01-221-2/+2
| | | | | | | | | This changes is necessary on Windows, where libraries doesn't include the prefix "lib". Differential Revision: https://reviews.llvm.org/D28710 llvm-svn: 292742
* [libFuzzer] Fix ListFilesInDirRecursive() to do the same for Posix and Windows.Marcos Pividori2017-01-221-2/+4
| | | | | | | | | Update `ListFilesInDirRecursive` implementation on Windows to have the same behavior than for Posix, when the directory doesn't exists and when it is empty. Differential Revision: https://reviews.llvm.org/D28711 llvm-svn: 292741
* [libFuzzer] Consider both possible separators for tests.Marcos Pividori2017-01-221-1/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D28636 llvm-svn: 292740
* [libFuzzer] Portably disassemble and find calls to sanitizer_cov_trace_pc_guard.Marcos Pividori2017-01-224-2/+33
| | | | | | | | | | Instead of directly using objdump, which is not present on Windows, we consider different tools depending on the platform. For Windows, we consider dumpbin and llvm-objdump. Differential Revision: https://reviews.llvm.org/D28635 llvm-svn: 292739
* [libFuzzer] Portable implementation of `IsInterestingCoverageFile()`.Marcos Pividori2017-01-224-12/+24
| | | | | | | | For Posix systems and Windows, we need to consider different cases. Differential Revision: https://reviews.llvm.org/D28633 llvm-svn: 292738
* [libFuzzer] Remove optimization flags for tests.Marcos Pividori2017-01-221-11/+1
| | | | | | | | | | | We need to build all the tests with -O0, otherwise optimizations may merge some basic blocks and the tests will fail. In this diff, I simplify the cmake implementation and I remove the flags for Windows too (/O[123s]). Differential Revision: https://reviews.llvm.org/D28632 llvm-svn: 292737
* [libFuzzer] Expose Sanitizer Coverage functions from libFuzzer.Marcos Pividori2017-01-222-12/+22
| | | | | | | | | We need to expose Sanitizer Coverage's functions that are rewritten with a different implementation, so compiler-rt's libraries have access to it. Differential Revision: https://reviews.llvm.org/D28618 llvm-svn: 292736
* [libFuzzer] Remove dependencies for tests on Windows.Marcos Pividori2017-01-221-1/+6
| | | | | | | | | | | | Remove dependency on FileCheck, sancov and not for tests on Windows. If LLVM_USE_SANITIZER=Address and LLVM_USE_SANITIZE_COVERAGE=YES, this will trigger the building of dependencies with sanitizer instrumentation. This will fail in Windows, since cmake will use link.exe for linking and won't include compiler-rt libraries. Differential Revision: https://reviews.llvm.org/D27993 llvm-svn: 292735
* [libFuzzer] Disable afl tests for Windows.Marcos Pividori2017-01-221-11/+12
| | | | | | | | On Windows, we don't have interoperability between libFuzzer and afl. Differential Revision: https://reviews.llvm.org/D28355 llvm-svn: 292734
* [libFuzzer] Use CXX to set compiler to useVitaly Buka2017-01-211-1/+2
| | | | | | | | | | Reviewers: kcc Subscribers: llvm-commits Differential Revision: https://reviews.llvm.org/D28976 llvm-svn: 292697
* [libFuzzer] fix gcc buildKostya Serebryany2017-01-211-1/+0
| | | | llvm-svn: 292695
* [libFuzzer] use print+exit(1) instead of assert to report an errorKostya Serebryany2017-01-212-3/+5
| | | | llvm-svn: 292685
* [libFuzzer] re-enable LLVMFuzzer-RepeatedMemcmp test, cleanup the test ↵Kostya Serebryany2017-01-212-20/+15
| | | | | | runner nearby llvm-svn: 292683
OpenPOWER on IntegriCloud