summaryrefslogtreecommitdiffstats
path: root/llvm/lib/Fuzzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [libFuzzer] enable reduce_inputs=1 by default (seems to be a big win usually)Kostya Serebryany2017-07-193-6/+6
| | | | llvm-svn: 308541
* [libFuzzer] when adding a reduced input print REDUCED instead of NEWKostya Serebryany2017-07-183-5/+8
| | | | llvm-svn: 308336
* [libFuzzer] improve -reduce_inputs=1: now only consider the unique features ↵Kostya Serebryany2017-07-184-26/+23
| | | | | | of very input (seems to work much better) llvm-svn: 308253
* [libFuzzer] disable fuzzer-flags.test on windows to fix the botsKostya Serebryany2017-07-181-0/+3
| | | | llvm-svn: 308246
* Revert "[libFuzzer] Add a dependency on symbolizer from libFuzzer tests"George Karpenkov2017-07-171-1/+1
| | | | | | | | This reverts commit 546e006a023cccd0fd32afd442ab992d3515d4b8. Reverting until I can figure out llvm-symbolizer breakages on mac os. llvm-svn: 308202
* [libFuzzer] remove stale codeKostya Serebryany2017-07-152-9/+4
| | | | llvm-svn: 308075
* [libFuzzer] Allow non-fuzzer args after -ignore_remaining_args=1Justin Bogner2017-07-147-13/+72
| | | | | | | | | | | With this change, libFuzzer will ignore any arguments after a sigil argument, but it will preserve these arguments at the end of the command line when launching subprocesses. Using this, its possible to handle positional and single-dash arguments to the program under test by discarding everything up to -ignore_remaining_args=1 in LLVMFuzzerInitialize. llvm-svn: 308069
* [libFuzzer] fix stats during mergeKostya Serebryany2017-07-141-1/+0
| | | | llvm-svn: 308061
* [libFuzzer] update the comments in afl/afl_driver.cppKostya Serebryany2017-07-141-2/+2
| | | | llvm-svn: 307981
* [libFuzzer] remove stale code; NFCKostya Serebryany2017-07-143-52/+0
| | | | llvm-svn: 307980
* [libFuzzer] simplify the handling of memmem/strstrKostya Serebryany2017-07-1410-129/+61
| | | | llvm-svn: 307977
* [libFuzzer] move code around; NFCKostya Serebryany2017-07-132-69/+60
| | | | llvm-svn: 307973
* [libFuzzer] make sure that -reduce_inputs=1 deletes redundant files in the ↵Kostya Serebryany2017-07-132-3/+21
| | | | | | corpus llvm-svn: 307875
* [libFuzzer] experimental feature -reduce_inputs (off by default) that tries ↵Kostya Serebryany2017-07-139-16/+102
| | | | | | to replace elements in the corpus with smaller ones that have the same feature set. Still needs tuning llvm-svn: 307873
* [libFuzzer] relax test/shrink.test a bit (got broken on windows)Kostya Serebryany2017-07-121-1/+1
| | | | llvm-svn: 307862
* [libFuzzer] remove include <sanitizer/coverage_interface.h>, not needed any ↵Kostya Serebryany2017-07-121-3/+0
| | | | | | more llvm-svn: 307858
* [libFuzzer] refactoring in preparation for -reduce_inputs; NFC intendedKostya Serebryany2017-07-125-32/+40
| | | | llvm-svn: 307857
* [libFuzzer] Add a dependency on symbolizer from libFuzzer testsGeorge Karpenkov2017-07-121-1/+1
| | | | | | | | | Some libFuzzer tests on Linux would fail with bizarre error messages unless llvm-symbolizer binary is present. Differential Revision: https://reviews.llvm.org/D35313 llvm-svn: 307826
* [libFuzzer] NFC Declare LIBFUZZER_FLAGS_BASE outside of an if-blockGeorge Karpenkov2017-07-121-1/+1
| | | | | | | | | | | The current code relies on the assumption that tests are included only if LLVM_USE_SANITIZE_COVERAGE is enabled. This commit makes it easier to relax the assumption in the future, as the variable LIBFUZZER_FLAGS_BASE is used further in libFuzzer tests. Differential Revision: https://reviews.llvm.org/D35314 llvm-svn: 307825
* [libFuzzer] Do not use LLVM ostream in testsGeorge Karpenkov2017-07-121-0/+3
| | | | | | Differential Revision: https://reviews.llvm.org/D35312 llvm-svn: 307824
* [LibFuzzer] Fix `-Wcomment` warning emitted by GCC.Dan Liew2017-07-111-2/+2
| | | | | | | | | | | | | | | ``` ./FuzzerIOWindows.cpp:185:1: warning: multi-line comment [-Wcomment] // Parse a directory ending in separator, like: SomeDir\ ^ ./FuzzerIOWindows.cpp:200:1: warning: multi-line comment [-Wcomment] // Parse a servername and share, like: SomeServer\SomeShare\ ^ ``` Differential Revision: https://reviews.llvm.org/D35244 llvm-svn: 307687
* [LibFuzzer] Fix `-Wpedantic` warning reported by Eric Christopher.Dan Liew2017-07-111-1/+2
| | | | | | | | | | | | | | | | | | | | The warning is reproducible with GCC 4.8. Thanks to David Blaikie for the suggested fix. The reported warning was ``` /usr/local/google/home/echristo/sources/llvm/lib/Fuzzer/FuzzerExtFunctions.def:29:10: warning: ISO C++ forbids casting between pointer-to-function and pointer-to-object [-Wpedantic] EXT_FUNC(__lsan_enable, void, (), false); ^ /usr/local/google/home/echristo/sources/llvm/lib/Fuzzer/FuzzerExtFunctionsWeak.cpp:44:24: note: in definition of macro ‘EXT_FUNC’ CheckFnPtr((void *)::NAME, #NAME, WARN); ^ ``` Differential Revision: https://reviews.llvm.org/D35243 llvm-svn: 307686
* FuzzerUtilDarwin.cpp: We need to pass modifiable strings to posix_spawnMatthias Braun2017-07-071-2/+11
| | | | | | | | This fixes a bug where unmodifiable strings where passed to posix_spawn. This is an attempt to unbreak the greendragon libFuzzer bot. llvm-svn: 307424
* [libFuzzer] change the default max_len from 64 to 4096. This will affect ↵Kostya Serebryany2017-06-159-8/+17
| | | | | | cases where libFuzzer is run w/o initial corpus or with a corpus of very small items. llvm-svn: 305521
* Fixing section name for Darwin platforms for sanitizer coverageGeorge Karpenkov2017-06-141-1/+1
| | | | | | On Darwin, section names have a 16char length limit. llvm-svn: 305429
* [libFuzzer] really restrict the new test to Linux (fails on Mac/Windows ↵Kostya Serebryany2017-06-141-1/+3
| | | | | | currently) llvm-svn: 305346
* [libFuzzer] restrict the new test to Linux (fails on Mac currently)Kostya Serebryany2017-06-131-0/+1
| | | | llvm-svn: 305335
* [libFuzzer] initial support of -fsanitize-coverage=inline-8bit-counters in ↵Kostya Serebryany2017-06-138-9/+83
| | | | | | libFuzzer. This is not fully functional yet, but simple tests work llvm-svn: 305331
* Fix the includes in lib/Fuzzer on Windows that have orderingChandler Carruth2017-06-062-2/+6
| | | | | | | dependencies and add comments to tell future maintainers about those requirements. llvm-svn: 304843
* Sort the remaining #include lines in include/... and lib/....Chandler Carruth2017-06-0667-93/+92
| | | | | | | | | | | | | | | | | | | | | | | | | I did this a long time ago with a janky python script, but now clang-format has built-in support for this. I fed clang-format every line with a #include and let it re-sort things according to the precise LLVM rules for include ordering baked into clang-format these days. I've reverted a number of files where the results of sorting includes isn't healthy. Either places where we have legacy code relying on particular include ordering (where possible, I'll fix these separately) or where we have particular formatting around #include lines that I didn't want to disturb in this patch. This patch is *entirely* mechanical. If you get merge conflicts or anything, just ignore the changes in this patch and run clang-format over your #include lines in the files. Sorry for any noise here, but it is important to keep these things stable. I was seeing an increasing number of patches with irrelevant re-ordering of #include lines because clang-format was used. This patch at least isolates that churn, makes it easy to skip when resolving conflicts, and gets us to a clean baseline (again). llvm-svn: 304787
* [llvm] Remove double semicolonsMandeep Singh Grang2017-06-061-1/+1
| | | | | | | | | | | | Reviewers: craig.topper, arsenm, mehdi_amini Reviewed By: mehdi_amini Subscribers: mehdi_amini, wdng, nhaehnle, javed.absar, llvm-commits Differential Revision: https://reviews.llvm.org/D33924 llvm-svn: 304767
* [libFuzzer] fix a test to match the new sanitizer run-timeKostya Serebryany2017-05-311-4/+4
| | | | llvm-svn: 304333
* [libFuzzer] Don't replace custom signal handlers.Vitaly Buka2017-05-252-2/+17
| | | | | | | | | | | | | | | Summary: This allows to keep handlers installed by sanitizers. In other cases third-party code can replace handlers after libFuzzer initialization anyway. Reviewers: kcc Subscribers: llvm-commits Differential Revision: https://reviews.llvm.org/D33522 llvm-svn: 303828
* [libFuzzer] fix tests on WindowsKostya Serebryany2017-05-151-0/+1
| | | | llvm-svn: 303128
* [libFuzzer] improve the afl driver and it's tests. Make it possible to run ↵Kostya Serebryany2017-05-153-13/+77
| | | | | | individual inputs with afl driver llvm-svn: 303125
* [libFuzzer] fix a warning from Wunreachable-code-loop-increment reported by ↵Kostya Serebryany2017-05-151-1/+1
| | | | | | Christian Holler. This also fixes a logical bug, which however does not affect the libFuzzer's ability too much (I wasn't able to create a differentiating test) llvm-svn: 303087
* [libFuzzer] fix a compiler warningKostya Serebryany2017-05-101-1/+2
| | | | llvm-svn: 302747
* [libFuzzer] update docs on -print_coverage/-dump_coverageKostya Serebryany2017-05-091-4/+4
| | | | llvm-svn: 302498
* [libFuzzer] make sure the input data is not overwritten in the fuzz target ↵Kostya Serebryany2017-05-096-1/+39
| | | | | | (if it is -- report an error) llvm-svn: 302494
* [libFuzzer] exit without running atexit handlers in libfuzzer's crash handlerVitaly Buka2017-05-031-1/+1
| | | | | | | | | | | | | | | Summary: It's not safe to assume that atexit handlers can be run once the app crashed. Patch by Jochen Eisinger. Reviewers: kcc, vitalybuka Subscribers: llvm-commits Differential Revision: https://reviews.llvm.org/D32640 llvm-svn: 302076
* Fuzzer: Mark test/cxxstring.test UNSUPPORTED: windowsDuncan P. N. Exon Smith2017-04-281-0/+2
| | | | | | | | | This has been mysteriously failing since r301593, which cleaned up the types of things like size_t and SIZE_MAX for freestanding targets. Reid and Kostya suggested marking it as UNSUPPORTED on windows, given that no one has been able to reproduce locally. llvm-svn: 301719
* Remove unnecessary semicolonSanjoy Das2017-04-281-1/+1
| | | | | | This shows up as a -Wpendatic error on GCC. llvm-svn: 301616
* Fixup for r301054: Use an explicit constructor.Kuba Mracek2017-04-211-1/+1
| | | | llvm-svn: 301061
* Fixup for r301054: Only use __attribute__((no_sanitize("memory"))) when it's ↵Kuba Mracek2017-04-211-1/+5
| | | | | | available. llvm-svn: 301058
* [libFuzzer] Always build libFuzzer Kuba Mracek2017-04-211-34/+40
| | | | | | | | | | | | | | | There are two reasons why users might want to build libfuzzer: - To fuzz LLVM itself - To get the libFuzzer.a archive file, so that they can attach it to their code This change always builds libfuzzer, and supports the second use case if the specified flag is set. The point of this patch is to have something that can potentially be shipped with the compiler, and this also ensures that the version of libFuzzer is correct to use with that compiler. Patch by George Karpenkov. Differential Revision: https://reviews.llvm.org/D32096 llvm-svn: 301054
* Fixup for r301007: Restrict the -D hack to Darwin.Kuba Mracek2017-04-211-7/+9
| | | | llvm-svn: 301017
* Revert r301010: Bot failures on Windows, NetBSD and even some old Darwin.Kuba Mracek2017-04-211-20/+14
| | | | llvm-svn: 301012
* [libFuzzer] Always build libFuzzerKuba Mracek2017-04-211-14/+20
| | | | | | | | | | | | | | | There are two reasons why users might want to build libfuzzer: - To fuzz LLVM itself - To get the libFuzzer.a archive file, so that they can attach it to their code This change always builds libfuzzer, and supports the second use case if the specified flag is set. The point of this patch is to have something that can potentially be shipped with the compiler, and this also ensures that the version of libFuzzer is correct to use with that compiler. Patch by George Karpenkov. Differential Revision: https://reviews.llvm.org/D32096 llvm-svn: 301010
* [libFuzzer] Changing thread_local to __thread in libFuzzerKuba Mracek2017-04-211-0/+13
| | | | | | | | Old Apple compilers do not support thread_local keyword. This patch adds -Dthread_local=__thread when the compiler doesn't support thread_local. Differential Revision: https://reviews.llvm.org/D32312 llvm-svn: 301007
* [libFuzzer] Check for target(popcnt) capability before usageKuba Mracek2017-04-211-2/+10
| | | | | | | | | | | Older compilers (e.g. LLVM 3.4) do not support the attribute target("popcnt"). In order to support those, this diff check the attribute support using the preprocessor. Patch by George Karpenkov. Differential Revision: https://reviews.llvm.org/D32311 llvm-svn: 300999
OpenPOWER on IntegriCloud