RPCS3/llvm
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm.git synced 2024-12-01 07:30:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
128,210 Commits 39 Branches 10 Tags 850 MiB
1ff29eb9ca
Commit Graph

212 Commits

Author SHA1 Message Date
Kostya Serebryany
1ff29eb9ca [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262073 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-26 21:33:56 +00:00
Kostya Serebryany
a755f1bd65 [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup loading the corpus 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@261267 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-18 21:49:10 +00:00
Kostya Serebryany
b73d5ba466 [libFuzzer] fix the libFuzzer bot 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@261184 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-18 02:02:40 +00:00
Kostya Serebryany
73b0e08885 [libFuzzer] don't timeout when loading the corpus. Be a bit more verbose when loading large corpus. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@261143 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-17 19:42:34 +00:00
Kostya Serebryany
2d7392fe48 [libFuzzer] remove std::vector operations from hot paths, NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260829 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 17:56:51 +00:00
Kostya Serebryany
49429cee7f [libFuzzer] don't require seed in fuzzer::Mutate, instead use the global Fuzzer object for fuzzer::Mutate. This makes custom mutators fast 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260810 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 06:24:18 +00:00
Kostya Serebryany
5a08f1b013 [libFuzzer] remove the C++-ish variant of FuzzerDriver from the interface 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260801 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:59:26 +00:00
Kostya Serebryany
d1eacb8ffc [libFuzzer] simplify CTOR of MutationDispatcher 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260800 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:46:26 +00:00
Kostya Serebryany
1d35d47455 [libFuzzer] get rid of MutationDispatcher::Impl (simplify the code; NFC) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260799 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:37:24 +00:00
Kostya Serebryany
efb0cc7640 [libFuzzer] get rid of UserSuppliedFuzzer; NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260798 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:25:16 +00:00
Kostya Serebryany
728ca1266f [libFuzzer] simplify the code around Random. NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260797 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:00:53 +00:00
Kostya Serebryany
f71ac00d01 [libFuzzer] remove UserSuppliedFuzzer from the interface (it was a bad idea). 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260796 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 02:39:30 +00:00
Kostya Serebryany
e6d7e3d948 [libFuzzer] provide a plain C interface for custom mutators (experimental) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260794 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 02:29:38 +00:00
Kostya Serebryany
14c6007ab2 [libFuzzer] make -runs=N flag also affect the simple runner (will execute every input N times) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260649 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-12 02:32:03 +00:00
Mike Aizatsky
dff48e6497 [libfuzzer] Removing coverage-related flags from asan options. 
Summary:
Reasons to remove are twofold:
 - we don't really need coverage=1 for libfuzzer operation
 - makes controlling coverage for fuzzer processes non-trivial.

Differential Revision: http://reviews.llvm.org/D17168

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260611 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-11 22:20:34 +00:00
Kostya Serebryany
5a91878f44 [libFuzzer] hot fix a test 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259732 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-04 00:12:28 +00:00
Kostya Serebryany
598f7017b4 [libFuzzer] don't write the test unit when a leak is detected (since we don't know which unit causes the leak) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259731 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-04 00:02:17 +00:00
Kostya Serebryany
7cec6c634b [libFuzzer] don't create too many trace-based mutations as it may be too slow 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259600 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-02 23:17:45 +00:00
Kostya Serebryany
485551ecaf [libFuzzer] allow passing 1 or more files as individual inputs 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259459 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-02 03:03:47 +00:00
Kostya Serebryany
05de8e95f6 [libFuzzer] fail if the corpus dir does not exist 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259454 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-02 02:07:26 +00:00
Kostya Serebryany
58b3c64b6b [libFuzzer] add -timeout_exitcode option 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259265 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-29 23:30:07 +00:00
Kostya Serebryany
fb614ec4d4 [libFuzzer] re-enable test for -abort_on_timeout=1, this time protecting from ASAN_OPTIONS set outside 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259263 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-29 23:19:00 +00:00
Ivan Krasin
79890da71d Temporary disable broken fuzzer/timeout tests. 
Reviewers: kcc

Differential Revision: http://reviews.llvm.org/D16543

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258702 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-25 19:05:45 +00:00
Kostya Serebryany
d75ddafc2f [libFuzzer] add -abort_on_timeout option 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258631 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-23 19:34:19 +00:00
Kostya Serebryany
21a169fad1 [libFuzzer] add more fields to DictionaryEntry to count the number of uses and successes 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258589 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 23:55:14 +00:00
Ivan Krasin
da57df2854 Use std::piecewise_constant_distribution instead of ad-hoc binary search. 
Summary:
Fix the issue with the most recently discovered unit receiving much less attention.

Note: this is the second attempt (prev: r258473). Now, libc++ build is fixed.

Reviewers: aizatsky, kcc

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D16487

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258571 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 22:28:27 +00:00
Ivan Krasin
55b3567cb1 Revert r258473 as it's breaking the build with libc++ 
Reviewers: kcc

Differential Revision: http://reviews.llvm.org/D16441

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258479 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 03:21:52 +00:00
Ivan Krasin
3e0fdb8944 Use std::piecewise_constant_distribution instead of ad-hoc binary search. 
Summary:
Fix the issue with the most recently discovered unit receiving much less attention.

Note: I had to change the seed for one test to make it pass. Alternatively,
the number of runs could be increased. I believe that the average time of
'foo' discovery is not increased, just seed=1 was particularly convenient
for the previous PRNG scheme used.

Reviewers: aizatsky, kcc

Subscribers: llvm-commits, kcc

Differential Revision: http://reviews.llvm.org/D16419

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258473 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 01:32:34 +00:00
Kostya Serebryany
75da488104 [libFuzzer] don't do expensive memmem if the result will not be used 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258462 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 01:04:58 +00:00
Kostya Serebryany
7e85cfa5be [libFuzzer] don't use std::vector in one more hot path 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258380 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-21 01:52:14 +00:00
Mike Aizatsky
b1020e3809 [libfuzzer] use %p for printing addresses 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258370 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-21 00:02:09 +00:00
Kostya Serebryany
429a7edf9b [libFuzzer] use std::mt19937 for generating random numbers by default. Fix MyStoll to handle negative values. Use std::any_of instead of std::find_if 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258178 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-19 20:33:57 +00:00
Kostya Serebryany
baa00e52a5 [libFuzzer] replace vector with a simpler data structure in the Dictionaries to avoid memory allocations on hot path 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257985 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-16 03:53:32 +00:00
Kostya Serebryany
1e595319e3 [libFuzzer] introduce LLVMFuzzerInitialize 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257980 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-16 01:23:12 +00:00
Kostya Serebryany
f7dd1d2c0c [libFuzzer] move some code from public interface header to a non-public header. NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257963 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-16 00:04:36 +00:00
Kostya Serebryany
f1af856009 [libFuzzer] do mutations based on memcmp/strcmp interceptors under a separate flag (-use_memcmp, default=1) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257873 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-15 06:24:05 +00:00
Kostya Serebryany
9039b1ff4e [libFuzzer] use custom stol; also introduce __libfuzzer_is_present so that users can check for its presence. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257848 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-15 00:17:37 +00:00
Kostya Serebryany
a416b73b12 [libFuzzer] suggest a dictionary to the user of some of the trace-based dictionary entries were successful 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257736 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-14 02:36:44 +00:00
Kostya Serebryany
92e8dcd607 [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257713 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:46:01 +00:00
Kostya Serebryany
3888fb079a [libFuzzer] make sure we find buffer overflow in the input buffer. Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257701 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:02:30 +00:00
Kostya Serebryany
43a24b5d93 [libFuzzer] make sure to update CurrentUnit when drilling 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257560 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 01:58:27 +00:00
Kostya Serebryany
53ff84bf11 [libFuzzer] add a macro LLVM_FUZZER_DEFINES_SANITIZER_WEAK_HOOOKS 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257482 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 16:50:18 +00:00
Kostya Serebryany
7b0624d17e [libFuzzer] when a new unit is discovered using a dictionary, print all used dictionary entries 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257435 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 02:36:59 +00:00
Kostya Serebryany
71afbb96dc [libFuzzer] add various debug prints. Also don't mutate based on a cmp trace like (a eq a) or (a neq a) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257434 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 02:08:37 +00:00
Kostya Serebryany
d89bfb65a8 [libFuzzer] extend the weak memcmp/strcmp/strncmp interceptors to receive the result of the computations. With that, don't do any mutations if memcmp/etc returned 0 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257423 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 00:43:42 +00:00
Kostya Serebryany
38c36e3216 [libFuzzer] debug prints in tracing 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257249 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 03:46:08 +00:00
Kostya Serebryany
7fddde9543 [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257248 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 03:08:58 +00:00
Kostya Serebryany
295ef47f9e [libFuzzer] don't limit memcmp tracing with 8 bytes 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257245 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 01:39:55 +00:00
Kostya Serebryany
461ac91112 [libFuzzer] refactor the way we collect cmp traces (don't use std::vector, don't limit with 8 bytes) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257239 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 00:38:40 +00:00
Kostya Serebryany
ab240104f0 [libFuzzer] add a position hint to the dictionary-based mutator 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257013 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-07 01:49:35 +00:00