RPCS3/llvm
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm.git synced 2025-04-12 02:47:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
128,874 Commits 39 Branches 10 Tags
Commit Graph

99 Commits

Author SHA1 Message Date
Kostya Serebryany
b30f32650e [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@263323 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-12 01:57:04 +00:00
Kostya Serebryany
2ef77db652 [libFuzzer] when interrupted, call _Exit() instead of exit() 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262667 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-03 22:36:37 +00:00
Kostya Serebryany
66bb64fd43 [libFuzzer] deprecate exit_on_first flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262417 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-01 22:33:14 +00:00
Kostya Serebryany
7a1dcf9965 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262415 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-01 22:19:21 +00:00
Kostya Serebryany
86b1b67565 [libFuzzer] add -print_final_stats=1 flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262084 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-26 22:42:23 +00:00
Kostya Serebryany
1ff29eb9ca [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262073 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-26 21:33:56 +00:00
Kostya Serebryany
a755f1bd65 [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup loading the corpus 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@261267 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-18 21:49:10 +00:00
Kostya Serebryany
73b0e08885 [libFuzzer] don't timeout when loading the corpus. Be a bit more verbose when loading large corpus. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@261143 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-17 19:42:34 +00:00
Kostya Serebryany
2d7392fe48 [libFuzzer] remove std::vector operations from hot paths, NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260829 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 17:56:51 +00:00
Kostya Serebryany
49429cee7f [libFuzzer] don't require seed in fuzzer::Mutate, instead use the global Fuzzer object for fuzzer::Mutate. This makes custom mutators fast 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260810 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 06:24:18 +00:00
Kostya Serebryany
efb0cc7640 [libFuzzer] get rid of UserSuppliedFuzzer; NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260798 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:25:16 +00:00
Kostya Serebryany
e6d7e3d948 [libFuzzer] provide a plain C interface for custom mutators (experimental) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260794 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 02:29:38 +00:00
Kostya Serebryany
598f7017b4 [libFuzzer] don't write the test unit when a leak is detected (since we don't know which unit causes the leak) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259731 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-04 00:02:17 +00:00
Kostya Serebryany
58b3c64b6b [libFuzzer] add -timeout_exitcode option 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259265 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-29 23:30:07 +00:00
Kostya Serebryany
d75ddafc2f [libFuzzer] add -abort_on_timeout option 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258631 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-23 19:34:19 +00:00
Ivan Krasin
da57df2854 Use std::piecewise_constant_distribution instead of ad-hoc binary search. 
Summary:
Fix the issue with the most recently discovered unit receiving much less attention.

Note: this is the second attempt (prev: r258473). Now, libc++ build is fixed.

Reviewers: aizatsky, kcc

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D16487

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258571 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 22:28:27 +00:00
Ivan Krasin
55b3567cb1 Revert r258473 as it's breaking the build with libc++ 
Reviewers: kcc

Differential Revision: http://reviews.llvm.org/D16441

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258479 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 03:21:52 +00:00
Ivan Krasin
3e0fdb8944 Use std::piecewise_constant_distribution instead of ad-hoc binary search. 
Summary:
Fix the issue with the most recently discovered unit receiving much less attention.

Note: I had to change the seed for one test to make it pass. Alternatively,
the number of runs could be increased. I believe that the average time of
'foo' discovery is not increased, just seed=1 was particularly convenient
for the previous PRNG scheme used.

Reviewers: aizatsky, kcc

Subscribers: llvm-commits, kcc

Differential Revision: http://reviews.llvm.org/D16419

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258473 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 01:32:34 +00:00
Mike Aizatsky
b1020e3809 [libfuzzer] use %p for printing addresses 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258370 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-21 00:02:09 +00:00
Kostya Serebryany
f7dd1d2c0c [libFuzzer] move some code from public interface header to a non-public header. NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257963 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-16 00:04:36 +00:00
Kostya Serebryany
a416b73b12 [libFuzzer] suggest a dictionary to the user of some of the trace-based dictionary entries were successful 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257736 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-14 02:36:44 +00:00
Kostya Serebryany
92e8dcd607 [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257713 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:46:01 +00:00
Kostya Serebryany
3888fb079a [libFuzzer] make sure we find buffer overflow in the input buffer. Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257701 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:02:30 +00:00
Kostya Serebryany
43a24b5d93 [libFuzzer] make sure to update CurrentUnit when drilling 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257560 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 01:58:27 +00:00
Kostya Serebryany
7fddde9543 [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257248 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 03:08:58 +00:00
Mike Aizatsky
1cea7723fa [libfuzzer] print_new_cov_pcs experimental option. 
Differential Revision: http://reviews.llvm.org/D15901

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@256882 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-06 00:21:22 +00:00
Kostya Serebryany
a1e5f35b02 [libFuzzer] make CrossOver just one of the other mutations 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@256081 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-12-19 02:49:09 +00:00
Kostya Serebryany
7ed616c150 [libFuzzer] print successfull mutations sequences 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@256071 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-12-19 01:09:49 +00:00
Kostya Serebryany
d33fc70ecf [libFuzzer] don't reload the corpus more than once every second 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254824 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-12-05 02:09:22 +00:00
Kostya Serebryany
3f8065b694 [libFuzzer] compute base64 in-process instead of using an external lib. Since libFuzzer should not depend on anything, just re-implement base64 encoder. PR25746 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254784 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-12-04 22:29:39 +00:00
Mike Aizatsky
ba2d199d49 Libfuzzer: do not pass null into user function 
Differential Revision: http://reviews.llvm.org/D15098

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254558 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-12-02 22:43:53 +00:00
Kostya Serebryany
e8d7ae6209 [libFuzzer] add a flag -exact_artifact_path 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254100 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-25 21:40:46 +00:00
Kostya Serebryany
ad9ec32c1f [libFuzzer] make libFuzzer build even with a compiler that does not have sanitizer headers 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@253003 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-13 01:54:40 +00:00
Mike Aizatsky
c1a030fd64 output_csv libfuzzer option 
Summary:
The option outputs statistics in CSV format preceded by 1 header line.
This is intended for machine processing of the output.
-verbosity=0 should likely be set.

Differential Revision: http://reviews.llvm.org/D14600

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252856 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-12 04:38:40 +00:00
Kostya Serebryany
1a42a60ebc [libFuzzer] experimental flag -drill (another search heuristic; Mike Aizatsky's idea) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252838 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-12 01:02:01 +00:00
Kostya Serebryany
f41e3780b3 [libFuzzer] make libFuzzer link if there is no sanitizer coverage instrumentation (it will fail at start-up time) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252533 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-09 23:17:45 +00:00
Kostya Serebryany
331a8c8a87 [libFuzzer] print a bit fewer lines 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252123 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-05 01:19:42 +00:00
Kostya Serebryany
d022e94463 [libFuzzer] when choosing the next unit to mutate, give some preference to the most recent units (they are more likely to be interesting) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252097 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-04 23:22:25 +00:00
Kostya Serebryany
242325ad98 [libFuzzer] add -merge flag to merge corpora 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251168 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-24 01:16:40 +00:00
Kostya Serebryany
b33343ddb1 [libFuzzer] remove some old code; also make __sanitizer_get_total_unique_caller_callee_pairs weak so that newer libFuzzer works with older asan 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251133 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-23 18:37:58 +00:00
Kostya Serebryany
7bcc4cdbdd [libFuzzer] use the indirect caller-callee counter as an independent search heuristic 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251078 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-22 23:55:39 +00:00
Kostya Serebryany
41180c6eba [libFuzzer] more refactoring the code that checks the coverage. NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251075 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-22 22:56:45 +00:00
Kostya Serebryany
1969ec112d [libFuzzer] refactoring the code that checks the coverage. NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251074 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-22 22:50:47 +00:00
Kostya Serebryany
a3619c6b43 [libFuzzer] remove the deprecated 'tokens' feature 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@251069 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-22 21:48:09 +00:00
Kostya Serebryany
2a50aa48db [libFuzzer] add -shuffle flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250603 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-17 04:38:26 +00:00
Kostya Serebryany
9b24e29d72 [libFuzzer] print a stack trace on timeout 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250571 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-16 23:04:31 +00:00
Kostya Serebryany
5792846506 [libFuzzer] reduce the size of artifacts printed on the screen 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250565 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-16 22:47:20 +00:00
Kostya Serebryany
17062e257e [libFuzzer] When -test_single_input crashes the test it is not necessary to write crash-file because input is already known to the user. Patch by Mike Aizatsky 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250564 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-16 22:41:47 +00:00
Kostya Serebryany
002f1b00d6 [libFuzzer] don't print large artifacts to stderr 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@249808 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-09 04:03:14 +00:00
Kostya Serebryany
22d6013f13 [libFuzzer] add -artifact_prefix flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@249807 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-09 03:57:59 +00:00