summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] use less memory for mergeKostya Serebryany2016-12-173-9/+13
| | | | llvm-svn: 290039
* [libFuzzer] speed up __sanitizer_cov_trace_switch a bit more (remove DIV)Kostya Serebryany2016-12-171-1/+11
| | | | llvm-svn: 290034
* [libFuzzer] remove stale testKostya Serebryany2016-12-171-3/+0
| | | | llvm-svn: 290033
* [libFuzzer] when tracing switch statements, handle only one case at a time ↵Kostya Serebryany2016-12-173-6/+16
| | | | | | (to make things faster). Also ensure that the signals from value profile do not intersect with the regular coverage llvm-svn: 290031
* [libfuzzer] removing experimental FuzzerFnAdapterMike Aizatsky2016-12-174-322/+0
| | | | | | | | | | | | Summary: This is superceded by protobuf mutation work. Reviewers: kcc Subscribers: mgorny Differential Revision: https://reviews.llvm.org/D27865 llvm-svn: 290018
* [libFuzzer] avoid msan false positives in more casesKostya Serebryany2016-12-163-6/+12
| | | | llvm-svn: 289999
* [libFuzzer] add an experimental flag -experimental_len_control=1 that sets ↵Kostya Serebryany2016-12-166-9/+32
| | | | | | max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code llvm-svn: 289998
* [libFuzzer] Fix index error in SearchMemory() implementation for Windows.Marcos Pividori2016-12-161-1/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D27731 llvm-svn: 289966
* [libFuzzer] Remove unnecessary includes of posix headers.Marcos Pividori2016-12-163-3/+0
| | | | | | | | | Remove includes of "unistd.h" header, which is missing in non posix systems. Differential Revision: https://reviews.llvm.org/D277300 llvm-svn: 289965
* [libFuzzer] Update tests to use more general functions instead of posix ↵Marcos Pividori2016-12-162-1/+8
| | | | | | | | | | | specific. Replace sleep() posix function by a more portable sleep_for() function from std. Also, ignore memmem() and strcasestr() on Windows. Differential Revision: https://reviews.llvm.org/D27729 llvm-svn: 289964
* [libFuzzer] enable the failure-resistant merge by default (with ↵Kostya Serebryany2016-12-154-27/+31
| | | | | | trace-pc-guard only) llvm-svn: 289772
* [libFuzzer] disable msan for one more hook that reads target's data that ↵Kostya Serebryany2016-12-141-0/+3
| | | | | | might be uninitialized llvm-svn: 289680
* [libFuzzer] fix an UB (invalid shift) spotted by ubsan. The code worked fine ↵Kostya Serebryany2016-12-131-1/+1
| | | | | | by luck, because the way shifts actually work on clang+x86 llvm-svn: 289607
* [libFuzzer] Add missing header needed for Windows.Marcos Pividori2016-12-131-0/+1
| | | | llvm-svn: 289564
* [libFuzzer] Avoid name collision with Windows API.Marcos Pividori2016-12-135-6/+6
| | | | | | | | | | Windows uses some macros to replace DeleteFile() by DeleteFileA() or DeleteFileW(). This was causing an error at link time. DeleteFile was renamed to RemoveFile(). Differential Revision: https://reviews.llvm.org/D27577 llvm-svn: 289563
* [libFuzzer] Implement DirName() for Windows.Marcos Pividori2016-12-131-1/+135
| | | | | | | | | | | | | | | | | | | | Implement DirName from scratch to avoid dependencies on external libraries. It's based on MSDN documentation for Naming Files, Paths, and Namespaces. The algorithm can't simply start from the end and look backwards for the first separator, because we need to preserve the prefix that represent the root location. We shouldn't remove anything there. In Windows we have many different options, like: \\Server\Share\ , \ , C: , C:\ , \\?\C:\ , \\?\UNC\Server\Share\ We remove the last separator in the rest of the path, if it exists. It was implemented to have a similar behaviour to dirname() in linux, removing trailing separators, returning "." when the path doesn't contain separators, etc. Differential Revision: https://reviews.llvm.org/D27579 llvm-svn: 289562
* [libFuzzer] Fix bug in detecting timeouts when input string is empty.Marcos Pividori2016-12-135-1/+24
| | | | | | | | | | | | | | I added a new flag RunningCB to know if the Fuzzer's main thread is running the CB function, instead of using (!CurrentUnitSize). (!CurrentUnitSize) doesn't work properly. For example, in FuzzerLoop.cpp, inside ShuffleAndMinimize() function, we execute the callback with an empty string (size=0). Previous implementation failed to detect timeouts in that execution. Also, I add a regression test for that case. Differential Revision: https://reviews.llvm.org/D27433 llvm-svn: 289561
* [libFuzzer] Clean up headers and file formatting of LibFuzzer files.Marcos Pividori2016-12-1323-28/+48
| | | | | | | | | | | | Reorganize #includes to follow LLVM Coding Standards. Include some missing headers. Required to use `Printf()`. Aside from that, this patch contains no functional change. It is purely a re-organization. Differential Revision: https://reviews.llvm.org/D27363 llvm-svn: 289560
* [libFuzzer] Properly use unsigned for workers, jobs and NumberOfCpuCores.Marcos Pividori2016-12-134-12/+12
| | | | | | | | | | | std::thread::hardware_concurrency() returns an unsigned, so I modify NumberOfCpuCores() to return unsigned too. The number of cpus is used to define the number of workers, so I decided to update the worker and jobs flags to be declared as unsigned too. Differential Revision: https://reviews.llvm.org/D27685 llvm-svn: 289559
* [libFuzzer] Properly use unsigned for Process ID.Marcos Pividori2016-12-134-7/+7
| | | | | | | | | | Use unsigned for PID instead of signed int. GetCurrentProcessId() returns an unsigned (DWORD) so we must be sure we can deal with all possible values. I use a long unsigned to be sure it can hold a 32 bit unsigned (DWORD). Differential Revision: https://reviews.llvm.org/D27281 llvm-svn: 289558
* [libFuzzer] Improve Signal Handler interface.Marcos Pividori2016-12-135-132/+97
| | | | | | | | | | | | Add new flags to FuzzingOptions to represent the different conditions on the signal handling. These options are passed when calling SetSignalHandler(). This changes simplify the implementation of Windows's exception handling. Now we can define a unique handler for all the exceptions. Differential Revision: https://reviews.llvm.org/D27238 llvm-svn: 289557
* [libFuzzer] don't require extra flags with -minimize_crash=1 (default to ↵Kostya Serebryany2016-12-132-10/+16
| | | | | | -max_total_time=600). Also respect exact_artifact_path when outputting the end result llvm-svn: 289506
* [libFuzzer] Implement Timers for Windows.Marcos Pividori2016-12-121-1/+32
| | | | | | | | | | Implemented timeouts for Windows using TimerQueueTimers. Timers are used to supervise the time of execution of the callback function that is being fuzzed. Differential Revision: https://reviews.llvm.org/D27237 llvm-svn: 289495
* [libFuzzer] split one slow test into several, for more parallel testingKostya Serebryany2016-12-124-6/+7
| | | | llvm-svn: 289481
* [libFuzzer] make SimpleCmpTest a bit simpler to crack and more verboseKostya Serebryany2016-12-121-15/+26
| | | | llvm-svn: 289477
* [libFuzzer] build libFuzzer itself with asanKostya Serebryany2016-12-123-3/+4
| | | | llvm-svn: 289469
* [libFuzzer] respect -max_len during mergeKostya Serebryany2016-12-123-1/+8
| | | | llvm-svn: 289467
* [libFuzzer] don't depend on time in a testKostya Serebryany2016-12-111-1/+1
| | | | llvm-svn: 289368
* [libFuzzer] test cleanup (3)Kostya Serebryany2016-12-101-1/+0
| | | | llvm-svn: 289314
* [libFuzzer] test cleanup (2)Kostya Serebryany2016-12-101-15/+0
| | | | llvm-svn: 289313
* [libFuzzer] test cleanupKostya Serebryany2016-12-108-60/+33
| | | | llvm-svn: 289312
* [libFuzzer] switch all libFuzzer tests to use ↵Kostya Serebryany2016-12-106-10/+6
| | | | | | -fsanitize-coverage=trace-pc-guard. Support for the previosly used instrumentation will be removed in the following changes llvm-svn: 289311
* [libFuzzer] use __sanitizer_get_module_and_offset_for_pc to get the module ↵Kostya Serebryany2016-12-102-7/+15
| | | | | | name while printing the coverage llvm-svn: 289310
* [libFuzzer] implement crash-resistant merge ↵Kostya Serebryany2016-12-098-8/+488
| | | | | | (https://github.com/google/sanitizers/issues/722). This is a first experimental variant that needs some more testing, thus not yet adding a lit test (but there are unit tests). llvm-svn: 289166
* [libFuzzer] include FuzzerIO.h and hopefully fix the Mac build. reported by ↵Kostya Serebryany2016-12-071-0/+1
| | | | | | Dejan Mircevski llvm-svn: 288979
* [libFuzzer] refactor the code to allow collecting features in different ↵Kostya Serebryany2016-12-053-37/+42
| | | | | | ways. Also initialize a couple of Fuzzer:: members that might have been used uninitialized :( llvm-svn: 288731
* Resubmit "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-028-113/+328
| | | | | | | | This resubmits r288529, which was resubmitted because it broke a fuzzer bot. According to kcc@ the test that broke was flakey and it is unlikely to be a result of this patch. llvm-svn: 288549
* Revert "[LibFuzzer] Split FuzzerUtil for Posix and Windows."Zachary Turner2016-12-028-328/+113
| | | | | | | This reverts commit r288529, as it seems to introduce some problems on the Linux bots. llvm-svn: 288533
* [LibFuzzer] Introduce a portable WeakAlias implementation.Zachary Turner2016-12-022-0/+55
| | | | | | | | | | | | | Windows doesn't really support weak aliases, but with some linker magic we can get something that's pretty close on Windows. This introduces an interface to accessing weakly aliased symbols that will work on any platform. Linker magic changes to come in a separate patch. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27235 llvm-svn: 288530
* [LibFuzzer] Split FuzzerUtil for Posix and Windows.Zachary Turner2016-12-028-113/+328
| | | | | | | | | | Pave the way for separating out platform specific utility functions into separate files. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27234 llvm-svn: 288529
* [libFuzzer] add a test for r288389 (-rss_limit_mb=0 means no limit).Kostya Serebryany2016-12-011-0/+3
| | | | llvm-svn: 288392
* [libFuzzer] treat -rss_limit_mb=0 as no limitKostya Serebryany2016-12-011-1/+1
| | | | llvm-svn: 288389
* revert r288283 as it causes debug info (line numbers) to be lost in ↵Kostya Serebryany2016-12-011-1/+1
| | | | | | instrumented code. also revert r288299 which was a workaround for the problem. llvm-svn: 288300
* [libFuzzer] temporary disable a part of the test broken by r288283Kostya Serebryany2016-12-011-1/+1
| | | | llvm-svn: 288299
* [libFuzzer] extend -rss_limit_mb to crash instantly on a single malloc that ↵Kostya Serebryany2016-11-306-4/+55
| | | | | | exceeds the limit llvm-svn: 288281
* [libFuzzer] extend -print_coverage to print the comma-separated list of ↵Kostya Serebryany2016-11-305-2/+29
| | | | | | covered dirs. Note: the Windows stub for DirName is left unimplemented llvm-svn: 288276
* [LibFuzzer] Add Windows implementations of some IO functions.Zachary Turner2016-11-305-49/+250
| | | | | | | | | | | | | This patch moves some posix specific file i/o code into a new file, FuzzerIOPosix.cpp, and provides implementations for these functions on Windows in FuzzerIOWindows.cpp. This is another incremental step towards getting libfuzzer working on Windows, although it still should not be expected to be fully working. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27233 llvm-svn: 288275
* [LibFuzzer] Split up some functions among different headers.Zachary Turner2016-11-3018-87/+191
| | | | | | | | | | | | | | | | | | | | | In an effort to get libfuzzer working on Windows, we need to make a distinction between what functions require platform specific code (e.g. different code on Windows vs Linux) and what code doesn't. IO functions, for example, tend to be platform specific. This patch separates out some of the functions which will need to have platform specific implementations into different headers, so that we can then provide different implementations for each platform. Aside from that, this patch contains no functional change. It is purely a re-organization. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27230 llvm-svn: 288264
* [LibFuzzer] Add macro flags for Posix and Windows.Zachary Turner2016-11-301-2/+10
| | | | | | | | | | | This is the beginning of an effort to get libfuzzer working on Windows. This is a NFC to just add some macros for platform detection on Windows. Patch by Marcos Pividori Differential Revision: https://reviews.llvm.org/D27229 llvm-svn: 288249
* [libFuzzer] replace 'auto' with 'auto *' to better follow the LLVM styleKostya Serebryany2016-11-141-3/+3
| | | | llvm-svn: 286870
OpenPOWER on IntegriCloud