RPCS3/llvm
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm.git synced 2025-01-07 12:30:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
148,078 Commits 39 Branches 10 Tags 850 MiB
1d830459ca
Commit Graph

100 Commits

Author SHA1 Message Date
Kostya Serebryany
7634af30c1 [libFuzzer] extend help for -minimize_crash to cover ASAN_OPTIONS=dedup_token_length=3 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@300800 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-04-19 23:58:05 +00:00
Kostya Serebryany
47ba2c1622 [libFuzzer] remove -output_csv option. It duplicates the default output and got out of sync 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@300768 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-04-19 21:34:58 +00:00
Kostya Serebryany
d4cfbc56b1 [libFuzzer] update -help: mention -exact_artifact_path in help for -minimize_crash and -cleanse_crash 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@300642 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-04-19 01:22:04 +00:00
Kostya Serebryany
b662731542 [libFuzzer] experimental option -cleanse_crash: tries to replace all bytes in a crash reproducer with garbage, while still preserving the crash 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@300498 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-04-17 20:58:21 +00:00
Vitaly Buka
f79a56c244 [libFuzzer] fix type in signal name. 
Fixes PR32576.

Patch by Jakub Zawadzki.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@299968 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-04-11 18:20:05 +00:00
Kostya Serebryany
5db3fb7fb6 [libFuzzer] add two experimental flags to make corpus merging more scalable: -save_coverage_summary/-load_coverage_summary. This is still WIP, the documentation will come later if these flags survive 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@298548 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-03-22 20:32:44 +00:00
Kostya Serebryany
2362f32e0e [libFuzzer] Experimenting with dictionary minimization. 
Summary:
Tracking issue: https://github.com/google/oss-fuzz/issues/331


Reviewers: kcc

Reviewed By: kcc

Differential Revision: https://reviews.llvm.org/D30940

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@298031 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-03-17 01:40:09 +00:00
Kostya Serebryany
74041145bc [libFuzzer] experimental support for 'equivalance fuzzing' 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@292646 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-01-20 20:57:07 +00:00
Kostya Serebryany
c4a7209e7b [libFuzzer] remove stale code 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@292325 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-01-18 01:10:18 +00:00
Kostya Serebryany
db5325aae3 [libFuzzer] use table of recent compares for memcmp/strcmp (to unify the code between cmp and memcmp handling) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@292287 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-01-17 23:09:05 +00:00
Kostya Serebryany
93bacfd838 [libFuzzer] improve error handling during the merge (handle various IO failures) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@291182 91177308-0d34-0410-b5e6-96231b3b80d8
 2017-01-05 22:05:47 +00:00
Kostya Serebryany
d31ce373a9 [libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually (second attempt) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@290637 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-27 23:24:55 +00:00
Mike Aizatsky
d576930959 [libfuzzer] dump_coverage command line flag 
Reviewers: kcc, vitalybuka

Differential Revision: https://reviews.llvm.org/D27942

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@290138 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-19 22:18:08 +00:00
Daniel Jasper
a21e8a0091 Revert "[libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code" 
This reverts commit r289998.

See comment:
https://reviews.llvm.org/rL289998

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@290043 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-17 12:27:49 +00:00
Kostya Serebryany
eb30028464 [libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@289998 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-16 22:42:05 +00:00
Kostya Serebryany
abe2ee53b6 [libFuzzer] enable the failure-resistant merge by default (with trace-pc-guard only) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@289772 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-15 06:21:21 +00:00
Marcos Pividori
611506b936 [libFuzzer] Properly use unsigned for workers, jobs and NumberOfCpuCores. 
std:🧵:hardware_concurrency() returns an unsigned, so I modify
NumberOfCpuCores() to return unsigned too.
The number of cpus is used to define the number of workers, so I decided
to update the worker and jobs flags to be declared as unsigned too.

Differential Revision: https://reviews.llvm.org/D27685

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@289559 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-13 17:45:53 +00:00
Kostya Serebryany
a3def13005 [libFuzzer] implement crash-resistant merge (https://github.com/google/sanitizers/issues/722). This is a first experimental variant that needs some more testing, thus not yet adding a lit test (but there are unit tests). 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@289166 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-12-09 01:17:24 +00:00
Kostya Serebryany
2d1f4f5e9e [libFuzzer] fix -error_exitcode=N, now with a test 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@285958 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-11-03 19:31:18 +00:00
Kostya Serebryany
302a19a141 [libFuzzer] enable use_cmp by default 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@285353 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-27 21:44:37 +00:00
Kostya Serebryany
3af68729f8 [libFuzzer] add -trace_cmp=1 (guiding mutations based on the observed CMP instructions). This is a reincarnation of the previously deleted -use_traces, but using a different approach for collecting traces. Still a toy, but at least it scales well. Also fix -merge in trace-pc-guard mode 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@284273 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-14 20:20:33 +00:00
Kostya Serebryany
f980fc0b37 [libFuzzer] add -trace_malloc= flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@284149 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-13 19:06:46 +00:00
Kostya Serebryany
1a60ba886d [libFuzzer] when shrinking the corpus, delete evicted files previously created by the current process 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@283682 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-08 23:24:45 +00:00
Kostya Serebryany
19e25ecdf5 [libFuzzer] control the reload interval by a flag, make it 10 seconds by default 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@283676 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-08 22:12:14 +00:00
Kostya Serebryany
f46303af79 [libFuzzer] implement the -shrink=1 option that tires to make elements of the corpus smaller, off by default 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282995 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-01 01:04:29 +00:00
Kostya Serebryany
5d78fc63a4 [libFuzzer] remove unused option 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282971 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-30 22:29:57 +00:00
Kostya Serebryany
65f502816c [libFuzzer] add -exit_on_src_pos to test libFuzzer itself, add a test script for RE2 that uses this flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282458 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-27 00:10:20 +00:00
Kostya Serebryany
e4977b2b7e [libFuzzer] add stats to the corpus; more refactoring 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282121 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-21 22:42:17 +00:00
Kostya Serebryany
60dd435850 [libFuzzer] refactoring: move the Corpus into a separate class; delete two unused experimental features 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282042 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-21 01:04:43 +00:00
Kostya Serebryany
304a0b44f3 [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281866 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-18 21:47:08 +00:00
Kostya Serebryany
05e1dea79e [libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly better 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281007 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-09 01:17:03 +00:00
Kostya Serebryany
501485f6e4 [libFuzzer] add -minimize_crash flag (to minimize crashers). also add two tests that I failed to commit last time 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@280332 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-01 01:22:27 +00:00
Kostya Serebryany
7750b380af [libFizzer] rename -print_new_cov_pcs=1 into -print_pcs=1 and make it more useful: print PCs only after the initial corpus has been read and symbolize them 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@279787 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-25 22:35:08 +00:00
Kostya Serebryany
2e1aa9cd1c [libFuzzer] new experimental feature: value profiling. Profiles values that affect control flow and treats new values as new coverage. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@278839 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-16 19:33:51 +00:00
Kostya Serebryany
730992dc3b [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmp 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@275648 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-07-15 23:27:19 +00:00
Mike Aizatsky
c7f790d744 [libfuzzer] prune_corpus option for disabling pruning during the load. 
Summary:
The option is very useful for testing, plus I intend to measure
its effect on fuzzer effectiveness.

Differential Revision: http://reviews.llvm.org/D21084

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@272035 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-06-07 18:16:32 +00:00
Mike Aizatsky
b0d0618635 [libfuzzer] Trying random unit prefixes during corpus load. 
Differential Revision: http://reviews.llvm.org/D20301

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270632 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-24 23:14:29 +00:00
Kostya Serebryany
2f120989e3 [libFuzzer] better document the -merge=1 flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@268957 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-09 19:11:36 +00:00
Kostya Serebryany
f01dfdd8aa [libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print the OOM reproducer. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@268821 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-06 23:38:07 +00:00
Kostya Serebryany
815a884f59 [libFuzzer] add exeprimental -rss_limit_mb flag to fight against OOMs 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@268807 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-06 21:58:35 +00:00
Kostya Serebryany
168e51186d [libFuzzer] enable detect_leaks=1, add proper docs 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@268088 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-04-29 18:49:55 +00:00
Kostya Serebryany
a0a13e0ee1 [libFuzzer] added -detect_leaks flag (0 by default for now). When enabled, it will help finding leaks while fuzzing 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@266838 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-04-20 00:24:21 +00:00
Kostya Serebryany
7544ffc130 [libFuzzer] more docs 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@264803 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-29 23:07:36 +00:00
Kostya Serebryany
d32f138d30 [libFuzzer] handle SIGTERM 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@264338 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-24 21:03:58 +00:00
Kostya Serebryany
4aa62c5d17 [libFuzzer] add a flag close_fd_mask so that we can silence spammy targets by closing stderr/stdout 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@263831 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-18 20:58:29 +00:00
Kostya Serebryany
ab641c1abd [libFuzzer] improve -merge functionality 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@263769 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-18 00:23:29 +00:00
Kostya Serebryany
bcace10c40 [libFuzzer] deprecate several flags 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@263739 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-17 19:59:39 +00:00
Kostya Serebryany
b30f32650e [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@263323 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-12 01:57:04 +00:00
Kostya Serebryany
66bb64fd43 [libFuzzer] deprecate exit_on_first flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262417 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-01 22:33:14 +00:00
Kostya Serebryany
7a1dcf9965 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262415 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-01 22:19:21 +00:00