RPCS3/llvm
1
0
Fork 0
mirror of https://github.com/RPCS3/llvm.git synced 2025-04-16 04:52:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
139,147 Commits 39 Branches 10 Tags
Commit Graph

27 Commits

Author SHA1 Message Date
Kostya Serebryany
d4d50f6f47 [libFuzzer] add ShrinkValueProfileTest, move code around, NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@283286 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-05 01:09:40 +00:00
Kostya Serebryany
1acd70c658 [libFuzzer] fix a recent bugs (buffer overflow) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@283021 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-01 07:13:25 +00:00
Kostya Serebryany
f46303af79 [libFuzzer] implement the -shrink=1 option that tires to make elements of the corpus smaller, off by default 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282995 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-10-01 01:04:29 +00:00
Kostya Serebryany
ec49d2d369 [libFuzzer] more the feature set to InputCorpus; on feature update, change the feature counter of the old best input 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282829 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-30 01:19:56 +00:00
Kostya Serebryany
efa54824a3 [sanitizer-coverage/libFuzzer] make the guards for trace-pc 32-bit; create one array of guards per function, instead of one guard per BB. reorganize the code so that trace-pc-guard does not create unneeded globals 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282735 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-29 17:43:24 +00:00
Kostya Serebryany
d3cf92ddf9 [libFuzzer] speedup TracePC::FinalizeTrace 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282562 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-28 01:16:24 +00:00
Kostya Serebryany
65f502816c [libFuzzer] add -exit_on_src_pos to test libFuzzer itself, add a test script for RE2 that uses this flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282458 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-27 00:10:20 +00:00
Kostya Serebryany
e2e54904b7 [libFuzzer] simplify HandleTrace again, start re-running interesting units and collecting their features. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282316 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-23 23:51:58 +00:00
Kostya Serebryany
73508a3cb1 [libFuzzer] simplify the TracePC logic 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282222 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-23 01:20:07 +00:00
Kostya Serebryany
28f017d845 [libFuzzer] change ValueBitMap to remember the number of bits in it 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282216 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-23 00:22:46 +00:00
Kostya Serebryany
e9b850b5c5 [libFuzzer] add 'features' to the corpus elements, allow mutations with Size > MaxSize, fix sha1 in corpus stats; various refactorings 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282129 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-22 01:34:58 +00:00
Kostya Serebryany
e52f15bf1a [libFuzzer] more refactoring 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282113 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-21 21:17:23 +00:00
Kostya Serebryany
2a546868cb [libFuzzer] refactoring: split the large header into many; NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282044 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-21 01:50:50 +00:00
Kostya Serebryany
304a0b44f3 [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281866 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-18 21:47:08 +00:00
Kostya Serebryany
2bed90363f [libFuzzer] use 'if guard' instead of 'if guard >= 0' with trace-pc; change the guard type to intptr_t; use separate array for 8-bit counters 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281845 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-18 04:52:23 +00:00
Kostya Serebryany
338f974b6e [libFuzzer] properly reset the guards when reseting the coverage. Also try to fix check-fuzzer on the bot 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281814 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-17 06:01:55 +00:00
Kostya Serebryany
b9cc2c457f [libFuzzer] change trace-pc to use 8-byte guards 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281810 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-17 05:04:47 +00:00
Kostya Serebryany
dcc5ba2671 [libFuzzer] make caller-callee feedback work with trace-pc-guard 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281667 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-15 22:16:15 +00:00
Kostya Serebryany
f0b5dd76ab [libFuzzer] implement print_pcs with trace-pc-guard. Change the trace-pc-guard heuristic for 8-bit counters to look more like in AFL (not that it's provable better, but the existin test preferes this heuristic) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281577 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-15 04:36:45 +00:00
Kostya Serebryany
26586a8660 [libFuzzer] add 8-bit counters to trace-pc-guard handler 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281568 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-15 01:30:18 +00:00
Kostya Serebryany
a4826c1b99 [libFuzzer] start using trace-pc-guard as an alternative source of coverage 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281435 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-14 02:13:06 +00:00
Kostya Serebryany
2fb93610ff [libFuzzer] add more __attribute__((visibility("default"))) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@279143 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-18 20:52:52 +00:00
Kostya Serebryany
b4d6119096 [libFuzzer] refactoring around PCMap, NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@278825 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-16 17:37:13 +00:00
Dan Liew
47f223bd24 [LibFuzzer] Provide stub implementation of __sanitizer_cov_trace_pc_indir 
Calls to this function are currently injected by the
``SanitizerCoverageModule`` pass when the both the ``indirect-calls``
and ``trace-pc`` sanitizer coverage options are enabled and the code
being instrumented has indirect calls. Previously because LibFuzzer did
not define this function this would lead to link errors when building
some of the tests on OSX.

Differential Revision: http://reviews.llvm.org/D20946

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@271938 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-06-06 20:27:09 +00:00
Mike Aizatsky
0d68393b0f [libfuzzer] Refactoring coverage state-management code. 
It is now less state-dependent and will allow easier comparing of
coverages of different units.

Differential Revision: http://reviews.llvm.org/D20085

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@269140 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-10 23:43:15 +00:00
Kostya Serebryany
a6b4efd1d0 [libFuzzer] speedup path coverage handling 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262102 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-27 01:50:16 +00:00
Kostya Serebryany
1ff29eb9ca [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262073 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-26 21:33:56 +00:00