RPCS3/llvm-mirror
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm-mirror.git synced 2025-04-11 20:22:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
131,417 Commits 6 Branches 6 Tags
Commit Graph

44 Commits

Author SHA1 Message Date
Kostya Serebryany
5b93d4b15a [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. 
llvm-svn: 263323
 2016-03-12 01:57:04 +00:00
Dmitry Vyukov
d77444bc90 libfuzzer: fix compiler warnings 
- unused sigaction/setitimer result (used in assert)
- unchecked fscanf return value
- signed/unsigned comparison

llvm-svn: 262472
 2016-03-02 09:54:40 +00:00
Kostya Serebryany
b9687a1cc3 [libFuzzer] get rid of UserSuppliedFuzzer; NFC 
llvm-svn: 260798
 2016-02-13 03:25:16 +00:00
Kostya Serebryany
aa6ade3737 [libFuzzer] don't create too many trace-based mutations as it may be too slow 
llvm-svn: 259600
 2016-02-02 23:17:45 +00:00
Kostya Serebryany
f7155b3e82 [libFuzzer] don't do expensive memmem if the result will not be used 
llvm-svn: 258462
 2016-01-22 01:04:58 +00:00
Kostya Serebryany
0ae292d42e [libFuzzer] replace vector with a simpler data structure in the Dictionaries to avoid memory allocations on hot path 
llvm-svn: 257985
 2016-01-16 03:53:32 +00:00
Kostya Serebryany
b40c61f46c [libFuzzer] do mutations based on memcmp/strcmp interceptors under a separate flag (-use_memcmp, default=1) 
llvm-svn: 257873
 2016-01-15 06:24:05 +00:00
Kostya Serebryany
f050542d8f [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations 
llvm-svn: 257713
 2016-01-13 23:46:01 +00:00
Kostya Serebryany
89262beb8c [libFuzzer] make sure we find buffer overflow in the input buffer. Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) 
llvm-svn: 257701
 2016-01-13 23:02:30 +00:00
Kostya Serebryany
7902538e08 [libFuzzer] add a macro LLVM_FUZZER_DEFINES_SANITIZER_WEAK_HOOOKS 
llvm-svn: 257482
 2016-01-12 16:50:18 +00:00
Kostya Serebryany
df2508fcaf [libFuzzer] when a new unit is discovered using a dictionary, print all used dictionary entries 
llvm-svn: 257435
 2016-01-12 02:36:59 +00:00
Kostya Serebryany
929ac07474 [libFuzzer] add various debug prints. Also don't mutate based on a cmp trace like (a eq a) or (a neq a) 
llvm-svn: 257434
 2016-01-12 02:08:37 +00:00
Kostya Serebryany
dbfeeafbb3 [libFuzzer] extend the weak memcmp/strcmp/strncmp interceptors to receive the result of the computations. With that, don't do any mutations if memcmp/etc returned 0 
llvm-svn: 257423
 2016-01-12 00:43:42 +00:00
Kostya Serebryany
b57e7c0541 [libFuzzer] debug prints in tracing 
llvm-svn: 257249
 2016-01-09 03:46:08 +00:00
Kostya Serebryany
bdc66ac566 [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary 
llvm-svn: 257248
 2016-01-09 03:08:58 +00:00
Kostya Serebryany
591d2f9d2d [libFuzzer] don't limit memcmp tracing with 8 bytes 
llvm-svn: 257245
 2016-01-09 01:39:55 +00:00
Kostya Serebryany
71864fdc77 [libFuzzer] refactor the way we collect cmp traces (don't use std::vector, don't limit with 8 bytes) 
llvm-svn: 257239
 2016-01-09 00:38:40 +00:00
Kostya Serebryany
7d302bb908 [libFuzzer] make trace-based fuzzing not crash in presence of threads 
llvm-svn: 256876
 2016-01-06 00:03:35 +00:00
Kostya Serebryany
3250d874fb [libFuzzer] remove default initializer as a workaround for https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68399. Don't need it anyway. 
llvm-svn: 253419
 2015-11-18 01:08:30 +00:00
Kostya Serebryany
8474784569 [libFuzzer] Marking exported symbols as visible. Patch by Mike Aizatsky 
llvm-svn: 248954
 2015-09-30 22:22:37 +00:00
Kostya Serebryany
19cfb70c6a [libFuzzer] refactor the code to allow building libFuzzer on platforms that don't have dfsan and don't support weak functions 
llvm-svn: 247321
 2015-09-10 18:48:38 +00:00
Kostya Serebryany
a2e2e93ba1 [libFuzzer] remove a piece of stale code 
llvm-svn: 247067
 2015-09-08 20:40:10 +00:00
Kostya Serebryany
22e4458e65 [libFuzzer] more accurate logic for traces, 80-char fix 
llvm-svn: 246888
 2015-09-04 22:32:25 +00:00
Kostya Serebryany
a9d3e6b2dc [libFuzzer] add two flags, -tbm_depth and -tbm_width to control how the trace-based-mutations are applied 
llvm-svn: 244712
 2015-08-12 01:55:37 +00:00
Kostya Serebryany
c721977710 [libFuzzer] avoid build warnings in non-assert build (useful warning in this case) 
llvm-svn: 244177
 2015-08-05 23:44:42 +00:00
Kostya Serebryany
4338e69a99 [libFuzzer] in dfsan mode, set labels every time we start recording traces as opposed to doing it at process startup. This ensures that the labels are fresh. 
llvm-svn: 244165
 2015-08-05 23:02:57 +00:00
Kostya Serebryany
897a5553b1 [libFuzzer] use data-flow feedback from strcmp 
llvm-svn: 244084
 2015-08-05 18:23:01 +00:00
Kostya Serebryany
82464edd32 [libFuzzer] start refactoring the Mutator and adding tests to it 
llvm-svn: 243817
 2015-08-01 01:42:51 +00:00
Kostya Serebryany
a9e61b09d8 [libFuzzer] make sure that 2-byte arguments of switch() are handled properly 
llvm-svn: 243781
 2015-07-31 20:58:55 +00:00
Kostya Serebryany
ccad0c6979 [libFuzzer] record traces from the switch statements only when told to do so 
llvm-svn: 243768
 2015-07-31 18:09:08 +00:00
Kostya Serebryany
fead0c3ca4 [libFuzzer] support switch interception in dfsan mode 
llvm-svn: 243760
 2015-07-31 17:05:05 +00:00
Kostya Serebryany
71a4e8ccbf [libFuzzer] trace switch statements and apply mutations based on the expected case values 
llvm-svn: 243726
 2015-07-31 01:33:06 +00:00
Kostya Serebryany
e76cb85ac7 [libFuzzer] fix the strncmp interceptor -- it should respect short strings. 
llvm-svn: 243691
 2015-07-30 21:22:22 +00:00
Kostya Serebryany
433c6e8b4b [libFuzzer] implement strncmp hook for data-flow-guided fuzzing (w/ and w/o dfsan), add a test 
llvm-svn: 243611
 2015-07-30 02:33:45 +00:00
Kostya Serebryany
d6ac2f5889 [libFuzzer] implement memcmp hook for data-flow-guided fuzzing (w/o dfsan), extend the memcmp fuzzer test 
llvm-svn: 243603
 2015-07-30 01:34:58 +00:00
Kostya Serebryany
fc26c8ec1c [libFuzzer] ensure that the dfsan tracing hooks actually run (using -verbosity=3 in tests) 
llvm-svn: 243365
 2015-07-28 01:25:00 +00:00
Kostya Serebryany
afb5a6f493 [libFuzzer] when using cmp traces, first check that the CMP is evaluated to one value much more frequently than to the other value (heuristic) 
llvm-svn: 243363
 2015-07-28 00:59:53 +00:00
Kostya Serebryany
02e05d0662 [libFuzzer] allow users to supply their own implementation of rand 
llvm-svn: 243078
 2015-07-24 01:06:40 +00:00
Kostya Serebryany
74916b0deb [lib/Fuzzer] relax an assertion 
llvm-svn: 238608
 2015-05-29 20:31:17 +00:00
Kostya Serebryany
6fa7ac36da [lib/Fuzzer] fully get rid of std::cerr in libFuzzer 
llvm-svn: 238081
 2015-05-23 01:22:35 +00:00
Kostya Serebryany
c28d1607f2 [lib/Fuzzer] start getting rid of std::cerr. Sadly, these parts of C++ library used in libFuzzer badly interract with the same code used in the target function and also with dfsan. It's easier to just not use std::cerr than to defeat these issues. 
llvm-svn: 238078
 2015-05-23 01:07:46 +00:00
Kostya Serebryany
933c6b41dd [lib/Fuzzer] remove the -dfsan=1 flag, just use -use_traces=1 (w/ or w/o dfsan) 
llvm-svn: 237083
 2015-05-12 01:58:34 +00:00
Kostya Serebryany
56ab38ba4f [lib/Fuzzer] don't record traces when trace collection is off 
llvm-svn: 237067
 2015-05-11 23:25:28 +00:00
Kostya Serebryany
a4fe522adc [lib/Fuzzer] rename FuzzerDFSan.cpp to FuzzerTraceState.cpp; update comments. NFC expected 
llvm-svn: 237050
 2015-05-11 21:16:27 +00:00