summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] remove usage of the old coverage instrumentationKostya Serebryany2017-02-283-70/+0
| | | | llvm-svn: 296536
* Mark some libFuzzer tests as XFAIL'd on DarwinMehdi Amini2017-02-284-0/+7
| | | | | | | | We're bringing up a bot on Green Dragon right now: http://green.lab.llvm.org/green/view/Experimental/job/libFuzzer llvm-svn: 296526
* [libFuzzer] Update traces hooks test after r293741Justin Bogner2017-02-221-5/+3
| | | | | | This test now passes on darwin. llvm-svn: 295902
* [libFuzzer] Mark a test that infinite loops as unsupportedJustin Bogner2017-02-223-5/+11
| | | | | | | We need to investigate this, but for now it just causes too much headache when trying to run these tests. llvm-svn: 295900
* [libFuzzer] increase the size of FixedWord from 27 to 64, see PR31950Kostya Serebryany2017-02-144-1/+24
| | | | llvm-svn: 295117
* Use "%zd" format specifier for printing number of testcases executed.Kostya Serebryany2017-02-141-1/+1
| | | | | | | | | | | | | | | | | | Summary: This helps to avoid signed integer overflow after running a fast fuzz target for several hours, e.g.: <...> Done -1097903291 runs in 54001 second(s) Reviewers: kcc Reviewed By: kcc Differential Revision: https://reviews.llvm.org/D29941 llvm-svn: 295112
* [libFuzzer] Use stoull instead of stol to ensure 64 bits.Marcos Pividori2017-02-101-2/+2
| | | | | | Differential revision: https://reviews.llvm.org/D29831 llvm-svn: 294769
* [CMake] Fix pthread handling for out-of-tree buildsEric Fiselier2017-02-101-2/+2
| | | | | | | | | | | | | | | LLVM defines `PTHREAD_LIB` which is used by AddLLVM.cmake and various projects to correctly link the threading library when needed. Unfortunately `PTHREAD_LIB` is defined by LLVM's `config-ix.cmake` file which isn't installed and therefore can't be used when configuring out-of-tree builds. This causes such builds to fail since `pthread` isn't being correctly linked. This patch attempts to fix that problem by renaming and exporting `LLVM_PTHREAD_LIB` as part of`LLVMConfig.cmake`. I renamed `PTHREAD_LIB` because It seemed likely to cause collisions with downstream users of `LLVMConfig.cmake`. llvm-svn: 294690
* [libFuzzer] Export external functions on tests.Marcos Pividori2017-02-101-0/+12
| | | | | | | | | | | | | We need to export external functions so they are found when calling GetProcAddress() on Windows. But we can't use `__declspec(dllexport)` because we want the targets to be completely independent from the fuzz engines and don't depend on other header files. Also, we don't want to include platform specific code managed with conditional macros. So, the solution is to add the exported symbols with linker flags in cmake. Differential revision: https://reviews.llvm.org/D29752 llvm-svn: 294688
* [libFuzzer] Use dynamic loading for External Functions on Windows.Marcos Pividori2017-02-102-1/+61
| | | | | | | | | | | | | | | | | | | Replace weak aliases with dynamic loading. Weak aliases were generating some problems when linking for MT on Windows. For MT, compiler-rt's libraries are statically linked to the main executable the same than libFuzzer, so if we use weak aliases, we are providing two different default implementations for the same weak function and the linker fails. In this diff I re implement ExternalFunctions() using dynamic loading, so it works in both cases (MD and MT). Also, dynamic loading is simpler, since we are not defining any auxiliary external function, and we don't need to deal with weak aliases. This is equivalent to the implementation using dlsym(RTLD_DEFAULT, FnName) for Posix. Differential revision: https://reviews.llvm.org/D29751 llvm-svn: 294687
* [libFuzzer] Use long long to ensure 64 bits.Marcos Pividori2017-02-083-3/+3
| | | | | | | | | | We should always use unsigned long long to ensure 64 bits. On Windows, unsigned long is 4 bytes. This was the reason why value-profile-cmp4.test was failing on Windows. Differential Revision: https://reviews.llvm.org/D29617 llvm-svn: 294390
* [libFuzzer] Use custom target instead of list of binaries for tests.Marcos Pividori2017-02-084-16/+8
| | | | | | | | | | Update cmake to use a custom target TestBinaries instead of a list of targets. This simplifies cmake, and fix some errors. This way, we don't have to propagate the values into parents directories. We only need to use add_dependencies. Differential Revision: https://reviews.llvm.org/D29593 llvm-svn: 294389
* [libFuzzer] Properly use Handle instead of FD on Windows.Marcos Pividori2017-02-084-1/+12
| | | | | | | | | | | For Windows, sanitizers work with Handles, not with posix file descriptors, because they use the windows-specific API. So we need to convert the fds to handles before passing them to the sanitizer library. After this change, close_fd_mask is fixed for Windows (this fix some tests too). Differential Revision: https://reviews.llvm.org/D29548 llvm-svn: 294388
* [libFuzzer] Change Uninstrumented test name.Marcos Pividori2017-02-083-2/+2
| | | | | | | | | On Windows, executables with the word "uninst" included in their names are associated with administrator privileges. Differential Revision: https://reviews.llvm.org/D29549 llvm-svn: 294387
* [libFuzzer] fuzzer-jobs requires posix.Marcos Pividori2017-02-081-0/+2
| | | | llvm-svn: 294386
* [libFuzzer] Update fuzzer.test to properly set environment variables.Marcos Pividori2017-02-081-1/+1
| | | | | | | | Use env to set environment variables, so it works on Windows and Linux. Differential Revision: https://reviews.llvm.org/D29537 llvm-svn: 294385
* [libFuzzer] Don't add newline character when using echo in tests.Marcos Pividori2017-02-082-3/+3
| | | | | | | | | Add the option "-n", so we don't add a new line character at the end of the file when using echo. (on Windows this means 2 characters). Differential Revision: https://reviews.llvm.org/D29536 llvm-svn: 294384
* [libFuzzer] Disable ulimit test on windows.Marcos Pividori2017-02-081-0/+2
| | | | | | Differential Revision: https://reviews.llvm.org/D29535 llvm-svn: 294383
* [libFuzzer] Remove ? wildcard on tests.Marcos Pividori2017-02-081-7/+10
| | | | | | | | We can not use the wildcard ? on Windows. Differential Revision: https://reviews.llvm.org/D29534 llvm-svn: 294382
* [libFuzzer] Update fuzzer-segv to set environment variables.Marcos Pividori2017-02-081-1/+1
| | | | | | | | Use env to set environment variables, so it works on Linux and Windows. Differential Revision: https://reviews.llvm.org/D29533 llvm-svn: 294381
* [libFuzzer] Properly configure tests for Windows.Marcos Pividori2017-02-081-0/+17
| | | | | | | | | | This configuration is necessary, and is included in all tests suites. We need to execute: `config.test_format = lit.formats.ShTest(False)` Otherwise, lit will try to use bash, which generates many problems. Differential Revision: https://reviews.llvm.org/D29529 llvm-svn: 294380
* [libFuzzer] Simplify dump_coverage test.Marcos Pividori2017-02-081-11/+7
| | | | | | | | | | Environment variables are handled differently on Windows. In this case it is not necessary to use environment variables. So, I simplify the test to work on Windows. Differential Revision: https://reviews.llvm.org/D29532 llvm-svn: 294379
* [libFuzzer] Update Load test to work on 32 bits.Marcos Pividori2017-02-081-1/+1
| | | | | | | | | | We should ensure the size of the variable `a` is 8 bytes. Otherwise, this generates a stack buffer overflow inside the memcpy call in 32 bits machines. (We write more bytes than the size of a, when it is 4 bytes) Differential Revision: https://reviews.llvm.org/D29602 llvm-svn: 294378
* [libFuzzer] Update test to consider different exceptions.Marcos Pividori2017-02-082-2/+2
| | | | | | Differential Revision: https://reviews.llvm.org/D29531 llvm-svn: 294377
* [libFuzzer] Temporarily fix Shmem for Windows.Marcos Pividori2017-02-082-0/+65
| | | | | | | | | In this diff, I add stubs for shared memory on Windows. Now we can compile and use libFuzzer without support for shared memory. Differential Revision: https://reviews.llvm.org/D29544 llvm-svn: 294376
* [libFuzzer] replace std::random_shuffle with std::shuffle as ↵Kostya Serebryany2017-02-074-10/+7
| | | | | | std::random_shuffle is being deprecated in C++17. Also simplify fuzzer::Random. NFC llvm-svn: 294366
* [libFuzzer] make code less clever to avoid fallthrough in switch (and in ↵Kostya Serebryany2017-02-061-3/+3
| | | | | | turn avoid compiler warnings). NFC. Suggested by Christian Holler. llvm-svn: 294239
* [libFuzzer] properly hide the memcmp interceptor from msanKostya Serebryany2017-02-031-1/+1
| | | | llvm-svn: 294061
* [libfuzzer] chromium-related compilation fixesMike Aizatsky2017-02-033-10/+13
| | | | | | | | Reviewers: kcc Differential Revision: https://reviews.llvm.org/D29502 llvm-svn: 294035
* [libFuzzer] reorganize the tracing code to make it easier to experiment with ↵Kostya Serebryany2017-02-022-19/+36
| | | | | | inlined coverage instrumentation. NFC llvm-svn: 293928
* [libFuzzer] Properly handle exceptions with UnhandledExceptionFilter.Marcos Pividori2017-02-021-5/+2
| | | | | | | | | | | | | | | | | | | | | | | Use SetUnhandledExceptionFilter instead of AddVectoredExceptionHandler. According to the documentation on Structured Exception Handling, this is the order for the Exception Dispatching: + If the process is being debugged, the system notifies the debugger. + The Vectored Exception Handler is called. + The system attempts to locate a frame-based exception handler by searching the stack frames of the thread in which the exception occurred. + If no frame-based handler can be found, the UnhandledExceptionFilter filter is called. + Default handling based on the exception type. So, similar to what we do for asan, we should use SetUnhandledExceptionFilter instead of AddVectoredExceptionHandler, so user's code that is being fuzzed can execute frame-based exception handlers before we catch them . We want to catch unhandled exceptions, not all the exceptions. Differential Revision: https://reviews.llvm.org/D29462 llvm-svn: 293920
* [libFuzzer] Disable afl tests on non-posix systems.Marcos Pividori2017-02-012-0/+4
| | | | | | | | AflDriver is not supported on non posix systems. Differential Revision: https://reviews.llvm.org/D29422 llvm-svn: 293830
* [libFuzzer] Disable equivalence tests on non posix systems.Marcos Pividori2017-02-011-0/+2
| | | | | | | | We can not run this test until we implement shared memory on Windows. Differential Revision: https://reviews.llvm.org/D29421 llvm-svn: 293829
* [libFuzzer] Isolate merge tests that require posix.Marcos Pividori2017-02-012-8/+23
| | | | | | Differential Revision: https://reviews.llvm.org/D29420 llvm-svn: 293828
* [libFuzzer] Add features `windows` and `posix` for lit tests.Marcos Pividori2017-02-013-0/+11
| | | | | | | | | | | | Add 2 features: posix and windows. Sometimes we want some specific tests only for posix and we use: REQUIRES: posix Sometimes we want some specific tests only for windows and we use: REQUIRES: windows Differential Revision: https://reviews.llvm.org/D29418 llvm-svn: 293827
* [libFuzzer] Accept different extensions.Marcos Pividori2017-02-011-1/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D29417 llvm-svn: 293826
* [libFuzzer] Fix test because cmd prompt does not expand wildcard.Marcos Pividori2017-02-011-1/+1
| | | | | | | | | | Commands should expand the wildcards on Windows, the cmd prompt doesn't. Because of that sancov was not finding the needed file. To deal with this, we use ls and xargs from gnu win utils. Differential Revision: https://reviews.llvm.org/D29374 llvm-svn: 293825
* [libFuzzer] Do not use llvm-objdump for disassembling a DSO.Marcos Pividori2017-02-011-4/+1
| | | | | | | | | | | | | | | | | When disassembling a DSO, for calls to functions from the PLT, llvm-objdump only prints the offset from the PLT, like: <.plt+0x30>. While objdump and dumpbin print the function name, like: <__sanitizer_cov_trace_pc_guard@plt> When analyzing the coverage in libFuzzer we dissasemble and look for the calls to __sanitizer_cov_trace_pc_guard. So, this fails when using llvm-objdump on a DSO. Differential Revision: https://reviews.llvm.org/D29372 llvm-svn: 293791
* [libFuzzer] Properly check if we can use dumpbin.Marcos Pividori2017-02-011-1/+1
| | | | | | | | The flag "/sumary" is necessary, otherwise it returns a non-zero value. Differential Revision: https://reviews.llvm.org/D29371 llvm-svn: 293790
* [libFuzzer] increase the default size for shmemKostya Serebryany2017-02-014-12/+12
| | | | llvm-svn: 293722
* [libFuzzer] Implement TmpDir() for Windows.Marcos Pividori2017-01-301-1/+11
| | | | | | Differential Revision: https://reviews.llvm.org/D28977 llvm-svn: 293516
* [libfuzzer] include errno.h. On Ubuntu 14.04 we got away w/o it, but other ↵Kostya Serebryany2017-01-281-0/+1
| | | | | | systems seem to require it llvm-svn: 293389
* [libFuzzer] make shmem more robust in the presence of signalsKostya Serebryany2017-01-272-3/+17
| | | | llvm-svn: 293339
* [libFuzzer] simplify the value profiling callback further: don't use (idx ↵Kostya Serebryany2017-01-273-10/+11
| | | | | | MOD prime) on the hot path where it is useless anyway llvm-svn: 293239
* [libFuzzer] make sure (again) that __builtin_popcountl is compiled into popcntKostya Serebryany2017-01-271-0/+8
| | | | llvm-svn: 293237
* [libFuzzer] simplify the value profile code and disable asan/msan on itKostya Serebryany2017-01-273-6/+19
| | | | llvm-svn: 293236
* [libFuzzer] remove a bit of stale codeKostya Serebryany2017-01-262-6/+0
| | | | llvm-svn: 293129
* [libFuzzer] further simplify __sanitizer_cov_trace_pc_guardKostya Serebryany2017-01-262-9/+7
| | | | llvm-svn: 293128
* [libFuzzer] simplify the code for __sanitizer_cov_trace_pc_guard and make ↵Kostya Serebryany2017-01-265-4/+31
| | | | | | sure it is not asan/msan-instrumented llvm-svn: 293125
* [libFuzzer] don't call GetPreviousInstructionPc on the hot path -- only when ↵Kostya Serebryany2017-01-261-18/+22
| | | | | | dumping the PCs llvm-svn: 293117
OpenPOWER on IntegriCloud