summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] split one slow test into several, for more parallel testingKostya Serebryany2016-12-124-6/+7
| | | | llvm-svn: 289481
* [libFuzzer] make SimpleCmpTest a bit simpler to crack and more verboseKostya Serebryany2016-12-121-15/+26
| | | | llvm-svn: 289477
* [libFuzzer] build libFuzzer itself with asanKostya Serebryany2016-12-123-3/+4
| | | | llvm-svn: 289469
* [libFuzzer] respect -max_len during mergeKostya Serebryany2016-12-123-1/+8
| | | | llvm-svn: 289467
* [libFuzzer] don't depend on time in a testKostya Serebryany2016-12-111-1/+1
| | | | llvm-svn: 289368
* [libFuzzer] test cleanup (3)Kostya Serebryany2016-12-101-1/+0
| | | | llvm-svn: 289314
* [libFuzzer] test cleanup (2)Kostya Serebryany2016-12-101-15/+0
| | | | llvm-svn: 289313
* [libFuzzer] test cleanupKostya Serebryany2016-12-108-60/+33
| | | | llvm-svn: 289312
* [libFuzzer] switch all libFuzzer tests to use ↵Kostya Serebryany2016-12-106-10/+6
| | | | | | -fsanitize-coverage=trace-pc-guard. Support for the previosly used instrumentation will be removed in the following changes llvm-svn: 289311
* [libFuzzer] use __sanitizer_get_module_and_offset_for_pc to get the module ↵Kostya Serebryany2016-12-102-7/+15
| | | | | | name while printing the coverage llvm-svn: 289310
* [libFuzzer] implement crash-resistant merge ↵Kostya Serebryany2016-12-098-8/+488
| | | | | | (https://github.com/google/sanitizers/issues/722). This is a first experimental variant that needs some more testing, thus not yet adding a lit test (but there are unit tests). llvm-svn: 289166
* [libFuzzer] include FuzzerIO.h and hopefully fix the Mac build. reported by ↵Kostya Serebryany2016-12-071-0/+1
| | | | | | Dejan Mircevski llvm-svn: 288979
* [libFuzzer] refactor the code to allow collecting features in different ↵Kostya Serebryany2016-12-053-37/+42
| | | | | | ways. Also initialize a couple of Fuzzer:: members that might have been used uninitialized :( llvm-svn: 288731
* Resubmit "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-028-113/+328
| | | | | | | | This resubmits r288529, which was resubmitted because it broke a fuzzer bot. According to kcc@ the test that broke was flakey and it is unlikely to be a result of this patch. llvm-svn: 288549
* Revert "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-028-328/+113
| | | | | | | This reverts commit r288529, as it seems to introduce some problems on the Linux bots. llvm-svn: 288533
* [LibFuzzer] Introduce a portable WeakAlias implementation.Zachary Turner2016-12-022-0/+55
| | | | | | | | | | | | | Windows doesn't really support weak aliases, but with some linker magic we can get something that's pretty close on Windows. This introduces an interface to accessing weakly aliased symbols that will work on any platform. Linker magic changes to come in a separate patch. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27235 llvm-svn: 288530
* [LibFuzzer] Split FuzzerUtil for Posix and Windows.Zachary Turner2016-12-028-113/+328
| | | | | | | | | | Pave the way for separating out platform specific utility functions into separate files. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27234 llvm-svn: 288529
* [libFuzzer] add a test for r288389 (-rss_limit_mb=0 means no limit).Kostya Serebryany2016-12-011-0/+3
| | | | llvm-svn: 288392
* [libFuzzer] treat -rss_limit_mb=0 as no limitKostya Serebryany2016-12-011-1/+1
| | | | llvm-svn: 288389
* revert r288283 as it causes debug info (line numbers) to be lost in ↵Kostya Serebryany2016-12-011-1/+1
| | | | | | instrumented code. also revert r288299 which was a workaround for the problem. llvm-svn: 288300
* [libFuzzer] temporary disable a part of the test broken by r288283Kostya Serebryany2016-12-011-1/+1
| | | | llvm-svn: 288299
* [libFuzzer] extend -rss_limit_mb to crash instantly on a single malloc that ↵Kostya Serebryany2016-11-306-4/+55
| | | | | | exceeds the limit llvm-svn: 288281
* [libFuzzer] extend -print_coverage to print the comma-separated list of ↵Kostya Serebryany2016-11-305-2/+29
| | | | | | covered dirs. Note: the Windows stub for DirName is left unimplemented llvm-svn: 288276
* [LibFuzzer] Add Windows implementations of some IO functions.Zachary Turner2016-11-305-49/+250
| | | | | | | | | | | | | This patch moves some posix specific file i/o code into a new file, FuzzerIOPosix.cpp, and provides implementations for these functions on Windows in FuzzerIOWindows.cpp. This is another incremental step towards getting libfuzzer working on Windows, although it still should not be expected to be fully working. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27233 llvm-svn: 288275
* [LibFuzzer] Split up some functions among different headers.Zachary Turner2016-11-3018-87/+191
| | | | | | | | | | | | | | | | | | | | | In an effort to get libfuzzer working on Windows, we need to make a distinction between what functions require platform specific code (e.g. different code on Windows vs Linux) and what code doesn't. IO functions, for example, tend to be platform specific. This patch separates out some of the functions which will need to have platform specific implementations into different headers, so that we can then provide different implementations for each platform. Aside from that, this patch contains no functional change. It is purely a re-organization. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27230 llvm-svn: 288264
* [LibFuzzer] Add macro flags for Posix and Windows.Zachary Turner2016-11-301-2/+10
| | | | | | | | | | | This is the beginning of an effort to get libfuzzer working on Windows. This is a NFC to just add some macros for platform detection on Windows. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27229 llvm-svn: 288249
* [libFuzzer] replace 'auto' with 'auto *' to better follow the LLVM styleKostya Serebryany2016-11-141-3/+3
| | | | llvm-svn: 286870
* [libFuzzer] use a valid ASCII string for a dummy seed corpusKostya Serebryany2016-11-121-1/+1
| | | | llvm-svn: 286702
* [libFuzzer] use less stackKostya Serebryany2016-11-122-16/+18
| | | | llvm-svn: 286689
* [libFuzzer] do not initialize parts of TracePC -- let them be initialized by ↵Kostya Serebryany2016-11-112-2/+5
| | | | | | the linker. Add no-msan attribute to the memcmp hook. llvm-svn: 286665
* [libFuzzer] fix -error_exitcode=N, now with a test Kostya Serebryany2016-11-033-4/+6
| | | | llvm-svn: 285958
* [libFuzzer] enable use_cmp by defaultKostya Serebryany2016-10-2711-15/+17
| | | | llvm-svn: 285353
* [libFuzzer] speculatively trying to fix the Mac build; second attemptKostya Serebryany2016-10-272-14/+4
| | | | llvm-svn: 285262
* [libFuzzer] revert 285259 -- hit commit too soonKostya Serebryany2016-10-271-4/+1
| | | | llvm-svn: 285260
* [libFuzzer] speculatively trying to fix the Mac buildKostya Serebryany2016-10-271-1/+4
| | | | llvm-svn: 285259
* [libFuzzer] simplify TracePC::HandleTrace even further. Also, when dealing ↵Kostya Serebryany2016-10-263-29/+5
| | | | | | with -exit_on_src_pos, symbolize every PC only once llvm-svn: 285223
* [libFuzzer] simplify the code in TracePC::HandleTrace a bit moreKostya Serebryany2016-10-263-33/+18
| | | | llvm-svn: 285147
* [libFuzzer] simplify the code to print new PCsKostya Serebryany2016-10-264-16/+20
| | | | llvm-svn: 285145
* [libFuzzer] simplify the code in TracePC::HandleTraceKostya Serebryany2016-10-253-5/+9
| | | | llvm-svn: 285142
* [libFuzzer] add StandaloneFuzzTargetMain.c and a test for itKostya Serebryany2016-10-255-3/+62
| | | | llvm-svn: 285135
* [libFuzzer] when mutating based on CMP traces also try adding +/- 1 to the ↵Kostya Serebryany2016-10-253-11/+10
| | | | | | desired bytes. Add another test for use_cmp llvm-svn: 285109
* [libFuzzer] simplify the code for use_cmp, also use the position hint when ↵Kostya Serebryany2016-10-259-102/+130
| | | | | | available, add a test llvm-svn: 285049
* [libFuzzer] mutation: insert the size of the input in bytes as one of the ↵Kostya Serebryany2016-10-222-11/+21
| | | | | | ways to mutate a binary integer llvm-svn: 284909
* [libFuzzer] typo in a testKostya Serebryany2016-10-221-1/+1
| | | | llvm-svn: 284903
* [libFuzzer] add a test for asan's strict_string_checks=1Kostya Serebryany2016-10-223-0/+26
| | | | llvm-svn: 284902
* Fix -Wunused-variable warning in libFuzzerReid Kleckner2016-10-211-1/+1
| | | | llvm-svn: 284838
* [libFuzzer] extend -print_coverage to also print uncovered lines, functions, ↵Kostya Serebryany2016-10-197-8/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and files. Example of output: COVERAGE: COVERED: in DSO2(int) /pathto/DSO2.cpp:6 COVERED: in DSO2(int) /pathto/DSO2.cpp:8 COVERED: in DSO1(int) /pathto/DSO1.cpp:6 COVERED: in DSO1(int) /pathto/DSO1.cpp:8 COVERED: in LLVMFuzzerTestOneInput /pathto/DSOTestMain.cpp:16 COVERED: in LLVMFuzzerTestOneInput /pathto/DSOTestMain.cpp:19 COVERED: in LLVMFuzzerTestOneInput /pathto/DSOTestMain.cpp:25 COVERED: in LLVMFuzzerTestOneInput /pathto/DSOTestMain.cpp:26 MODULE_WITH_COVERAGE: /pathto/libLLVMFuzzer-DSO1.so UNCOVERED_LINE: in DSO1(int) /pathto/DSO1.cpp:9 UNCOVERED_FUNC: in Uncovered1() MODULE_WITH_COVERAGE: /pathto/libLLVMFuzzer-DSO2.so UNCOVERED_LINE: in DSO2(int) /pathto/DSO2.cpp:9 UNCOVERED_FUNC: in Uncovered2() MODULE_WITH_COVERAGE: /pathto/LLVMFuzzer-DSOTest UNCOVERED_LINE: in LLVMFuzzerTestOneInput /pathto/DSOTestMain.cpp:21 UNCOVERED_LINE: in LLVMFuzzerTestOneInput /pathto/DSOTestMain.cpp:27 UNCOVERED_FILE: /pathto/DSOTestExtra.cpp Several things are not perfect here: * we are using objdump+awk instead of sancov because sancov does not support DSOs yet. * this breaks in the presence of ASAN_OPTIONS=strip_path_prefix=... (need to implement another API to get the module name by PC) llvm-svn: 284554
* [libFuzzer] detect leaks after every run when executing fixed inputs ↵Kostya Serebryany2016-10-183-2/+6
| | | | | | (./fuzzer -runs=1000000 my-file) llvm-svn: 284514
* [libFuzzer] reshuffle the code for -exit_on_src_pos and -exit_on_itemKostya Serebryany2016-10-182-15/+12
| | | | llvm-svn: 284508
* [libFuzzer] swap bytes in integers when handling CMP tracesKostya Serebryany2016-10-155-15/+49
| | | | llvm-svn: 284301
OpenPOWER on IntegriCloud