summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] increase kFeatureSetSize to 2^21 and make InputCorpus scale to ↵Kostya Serebryany2017-03-242-12/+11
| | | | | | that size. This will potentially make libFuzzer more sensitive on targets with lots of signals llvm-svn: 298671
* [libFuzzer] fix non-linux buildKostya Serebryany2017-03-231-0/+2
| | | | llvm-svn: 298666
* [libFuzzer] create experimental support for user-provided coverage signalKostya Serebryany2017-03-239-28/+169
| | | | llvm-svn: 298654
* [libFuzzer] add two experimental flags to make corpus merging more scalable: ↵Kostya Serebryany2017-03-227-7/+109
| | | | | | -save_coverage_summary/-load_coverage_summary. This is still WIP, the documentation will come later if these flags survive llvm-svn: 298548
* [libFuzzer] inline the code of __sanitizer_cov_trace_pc_guard into itKostya Serebryany2017-03-172-9/+3
| | | | llvm-svn: 298032
* [libFuzzer] Experimenting with dictionary minimization.Kostya Serebryany2017-03-172-0/+82
| | | | | | | | | | | | | | Summary: Tracking issue: https://github.com/google/oss-fuzz/issues/331 Reviewers: kcc Reviewed By: kcc Differential Revision: https://reviews.llvm.org/D30940 llvm-svn: 298031
* [libFuzzer] add a test with two different bugsKostya Serebryany2017-03-172-0/+23
| | | | llvm-svn: 298030
* [libFuzzer] add a dummy LLVMFuzzerMutate to afl/afl_driver.cpp ↵Kostya Serebryany2017-03-151-0/+7
| | | | | | (https://github.com/google/oss-fuzz/issues/460) llvm-svn: 297919
* [libFuzzer] call __sanitizer_print_memory_profile with two paramsKostya Serebryany2017-03-152-2/+2
| | | | llvm-svn: 297916
* Revert "[libFuzzer] Use ChooseUnitIdxToMutate to pick item for crossover."Vitaly Buka2017-03-152-3/+3
| | | | | | | | Fails LLVMFuzzer.LLVMFuzzer.value-profile-strncmp.test. This reverts commit r297891. llvm-svn: 297912
* [libFuzzer] Use ChooseUnitIdxToMutate to pick item for crossover.Vitaly Buka2017-03-152-3/+3
| | | | | | Differential Revision: https://reviews.llvm.org/D30683 llvm-svn: 297891
* [libFuzzer] remove even more stale codeKostya Serebryany2017-03-152-18/+0
| | | | llvm-svn: 297797
* [libFuzzer] simplify code a bitKostya Serebryany2017-03-152-20/+2
| | | | llvm-svn: 297796
* [libFuzzer] remove more stale codeKostya Serebryany2017-03-144-83/+4
| | | | llvm-svn: 297785
* [libFuzzer] don't clear Counters in TracePC::CollectFeatures since they will ↵Kostya Serebryany2017-03-142-4/+3
| | | | | | be cleared anyway in ResetMaps llvm-svn: 297783
* [libFuzzer] remove stale codeKostya Serebryany2017-03-143-42/+4
| | | | llvm-svn: 297781
* [libFuzzer] Reorder includes in testVitaly Buka2017-03-131-2/+2
| | | | llvm-svn: 297692
* [libFuzzer] Fix compilation of CustomCrossOverAndMutateTest on WindowsVitaly Buka2017-03-131-1/+2
| | | | llvm-svn: 297690
* [libFuzzer] add more iterations to LLVMFuzzer-Memcmp64BytesTestKostya Serebryany2017-03-111-1/+1
| | | | llvm-svn: 297554
* [libFuzzer] reduce the number of vector resizes during merge ↵Kostya Serebryany2017-03-111-6/+7
| | | | | | (https://github.com/google/oss-fuzz/issues/445) llvm-svn: 297551
* [libFuzzer] print how much memory is consumed by the outer merge process ↵Kostya Serebryany2017-03-112-2/+12
| | | | | | (https://github.com/google/oss-fuzz/issues/445) llvm-svn: 297546
* [libFuzzer] add test/LargeTest.cpp, mostly for manual experiments with large ↵Kostya Serebryany2017-03-111-0/+37
| | | | | | number of edges, not yet suitable for unit testing llvm-svn: 297544
* [libFuzzer] remove fuzzer-jobs.test which is flaky and not very usefulKostya Serebryany2017-03-111-31/+0
| | | | llvm-svn: 297543
* [fuzzer] Don't crash if LLVMFuzzerMutate was called by CustomCrossOverVitaly Buka2017-03-075-2/+40
| | | | | | | | | | Reviewers: kcc Subscribers: llvm-commits, mgorny Differential Revision: https://reviews.llvm.org/D30682 llvm-svn: 297202
* Un-XFAIL Fuzzer/test/dump_coverage.test. This now passes on Darwin (after ↵Kuba Mracek2017-03-071-2/+0
| | | | | | r297094). llvm-svn: 297110
* [libfuzzer] do not use xargs for shell expansionMike Aizatsky2017-03-061-1/+1
| | | | | | | | | Summary: After https://reviews.llvm.org/rL296904 xargs shouldn't be necesssary. Differential Revision: https://reviews.llvm.org/D30371 llvm-svn: 297094
* un-Xfail Fuzzer test that decided to pass on Green DragonMehdi Amini2017-03-031-1/+0
| | | | | | It may be flacky, I'll turn it into unsupported if it fails again. llvm-svn: 296913
* [libFuzzer] remove usage of the old coverage instrumentationKostya Serebryany2017-02-283-70/+0
| | | | llvm-svn: 296536
* Mark some libFuzzer tests as XFAIL'd on DarwinMehdi Amini2017-02-284-0/+7
| | | | | | | | We're bringing up a bot on Green Dragon right now: http://green.lab.llvm.org/green/view/Experimental/job/libFuzzer llvm-svn: 296526
* [libFuzzer] Update traces hooks test after r293741Justin Bogner2017-02-221-5/+3
| | | | | | This test now passes on darwin. llvm-svn: 295902
* [libFuzzer] Mark a test that infinite loops as unsupportedJustin Bogner2017-02-223-5/+11
| | | | | | | We need to investigate this, but for now it just causes too much headache when trying to run these tests. llvm-svn: 295900
* [libFuzzer] increase the size of FixedWord from 27 to 64, see PR31950Kostya Serebryany2017-02-144-1/+24
| | | | llvm-svn: 295117
* Use "%zd" format specifier for printing number of testcases executed.Kostya Serebryany2017-02-141-1/+1
| | | | | | | | | | | | | | | | | | Summary: This helps to avoid signed integer overflow after running a fast fuzz target for several hours, e.g.: <...> Done -1097903291 runs in 54001 second(s) Reviewers: kcc Reviewed By: kcc Differential Revision: https://reviews.llvm.org/D29941 llvm-svn: 295112
* [libFuzzer] Use stoull instead of stol to ensure 64 bits.Marcos Pividori2017-02-101-2/+2
| | | | | | Differential revision: https://reviews.llvm.org/D29831 llvm-svn: 294769
* [CMake] Fix pthread handling for out-of-tree buildsEric Fiselier2017-02-101-2/+2
| | | | | | | | | | | | | | | LLVM defines `PTHREAD_LIB` which is used by AddLLVM.cmake and various projects to correctly link the threading library when needed. Unfortunately `PTHREAD_LIB` is defined by LLVM's `config-ix.cmake` file which isn't installed and therefore can't be used when configuring out-of-tree builds. This causes such builds to fail since `pthread` isn't being correctly linked. This patch attempts to fix that problem by renaming and exporting `LLVM_PTHREAD_LIB` as part of`LLVMConfig.cmake`. I renamed `PTHREAD_LIB` because It seemed likely to cause collisions with downstream users of `LLVMConfig.cmake`. llvm-svn: 294690
* [libFuzzer] Export external functions on tests.Marcos Pividori2017-02-101-0/+12
| | | | | | | | | | | | | We need to export external functions so they are found when calling GetProcAddress() on Windows. But we can't use `__declspec(dllexport)` because we want the targets to be completely independent from the fuzz engines and don't depend on other header files. Also, we don't want to include platform specific code managed with conditional macros. So, the solution is to add the exported symbols with linker flags in cmake. Differential revision: https://reviews.llvm.org/D29752 llvm-svn: 294688
* [libFuzzer] Use dynamic loading for External Functions on Windows.Marcos Pividori2017-02-102-1/+61
| | | | | | | | | | | | | | | | | | | Replace weak aliases with dynamic loading. Weak aliases were generating some problems when linking for MT on Windows. For MT, compiler-rt's libraries are statically linked to the main executable the same than libFuzzer, so if we use weak aliases, we are providing two different default implementations for the same weak function and the linker fails. In this diff I re implement ExternalFunctions() using dynamic loading, so it works in both cases (MD and MT). Also, dynamic loading is simpler, since we are not defining any auxiliary external function, and we don't need to deal with weak aliases. This is equivalent to the implementation using dlsym(RTLD_DEFAULT, FnName) for Posix. Differential revision: https://reviews.llvm.org/D29751 llvm-svn: 294687
* [libFuzzer] Use long long to ensure 64 bits.Marcos Pividori2017-02-083-3/+3
| | | | | | | | | | We should always use unsigned long long to ensure 64 bits. On Windows, unsigned long is 4 bytes. This was the reason why value-profile-cmp4.test was failing on Windows. Differential Revision: https://reviews.llvm.org/D29617 llvm-svn: 294390
* [libFuzzer] Use custom target instead of list of binaries for tests.Marcos Pividori2017-02-084-16/+8
| | | | | | | | | | Update cmake to use a custom target TestBinaries instead of a list of targets. This simplifies cmake, and fix some errors. This way, we don't have to propagate the values into parents directories. We only need to use add_dependencies. Differential Revision: https://reviews.llvm.org/D29593 llvm-svn: 294389
* [libFuzzer] Properly use Handle instead of FD on Windows.Marcos Pividori2017-02-084-1/+12
| | | | | | | | | | | For Windows, sanitizers work with Handles, not with posix file descriptors, because they use the windows-specific API. So we need to convert the fds to handles before passing them to the sanitizer library. After this change, close_fd_mask is fixed for Windows (this fix some tests too). Differential Revision: https://reviews.llvm.org/D29548 llvm-svn: 294388
* [libFuzzer] Change Uninstrumented test name.Marcos Pividori2017-02-083-2/+2
| | | | | | | | | On Windows, executables with the word "uninst" included in their names are associated with administrator privileges. Differential Revision: https://reviews.llvm.org/D29549 llvm-svn: 294387
* [libFuzzer] fuzzer-jobs requires posix.Marcos Pividori2017-02-081-0/+2
| | | | llvm-svn: 294386
* [libFuzzer] Update fuzzer.test to properly set environment variables.Marcos Pividori2017-02-081-1/+1
| | | | | | | | Use env to set environment variables, so it works on Windows and Linux. Differential Revision: https://reviews.llvm.org/D29537 llvm-svn: 294385
* [libFuzzer] Don't add newline character when using echo in tests.Marcos Pividori2017-02-082-3/+3
| | | | | | | | | Add the option "-n", so we don't add a new line character at the end of the file when using echo. (on Windows this means 2 characters). Differential Revision: https://reviews.llvm.org/D29536 llvm-svn: 294384
* [libFuzzer] Disable ulimit test on windows.Marcos Pividori2017-02-081-0/+2
| | | | | | Differential Revision: https://reviews.llvm.org/D29535 llvm-svn: 294383
* [libFuzzer] Remove ? wildcard on tests.Marcos Pividori2017-02-081-7/+10
| | | | | | | | We can not use the wildcard ? on Windows. Differential Revision: https://reviews.llvm.org/D29534 llvm-svn: 294382
* [libFuzzer] Update fuzzer-segv to set environment variables.Marcos Pividori2017-02-081-1/+1
| | | | | | | | Use env to set environment variables, so it works on Linux and Windows. Differential Revision: https://reviews.llvm.org/D29533 llvm-svn: 294381
* [libFuzzer] Properly configure tests for Windows.Marcos Pividori2017-02-081-0/+17
| | | | | | | | | | This configuration is necessary, and is included in all tests suites. We need to execute: `config.test_format = lit.formats.ShTest(False)` Otherwise, lit will try to use bash, which generates many problems. Differential Revision: https://reviews.llvm.org/D29529 llvm-svn: 294380
* [libFuzzer] Simplify dump_coverage test.Marcos Pividori2017-02-081-11/+7
| | | | | | | | | | Environment variables are handled differently on Windows. In this case it is not necessary to use environment variables. So, I simplify the test to work on Windows. Differential Revision: https://reviews.llvm.org/D29532 llvm-svn: 294379
* [libFuzzer] Update Load test to work on 32 bits.Marcos Pividori2017-02-081-1/+1
| | | | | | | | | | We should ensure the size of the variable `a` is 8 bytes. Otherwise, this generates a stack buffer overflow inside the memcpy call in 32 bits machines. (We write more bytes than the size of a, when it is 4 bytes) Differential Revision: https://reviews.llvm.org/D29602 llvm-svn: 294378
OpenPOWER on IntegriCloud