RPCSX/llvm
1
0
Fork 0
mirror of https://github.com/RPCSX/llvm.git synced 2025-04-05 09:41:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
137,271 Commits 27 Branches 0 Tags
Commit Graph

55 Commits

Author SHA1 Message Date
Kostya Serebryany
0c7940eaf1 [libFuzzer] use __attribute__((target("popcnt"))) only on x86_64 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@279601 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-24 01:38:42 +00:00
Kostya Serebryany
bb66a7d956 [libFuzzer] collect 64 states for value profile, not 65 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@279588 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-23 23:37:37 +00:00
Kostya Serebryany
aa4e23e1bb [sanitizer-coverage/libFuzzer] instrument comparisons with __sanitizer_cov_trace_cmp[1248] instead of __sanitizer_cov_trace_cmp, don't pass the comparison type to save a bit performance. Use these new callbacks in libFuzzer 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@279027 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-18 01:25:28 +00:00
Kostya Serebryany
ac9c0f4d45 [libFuzzer] force proper popcnt instruction 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@279002 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-17 23:09:57 +00:00
Kostya Serebryany
2e1aa9cd1c [libFuzzer] new experimental feature: value profiling. Profiles values that affect control flow and treats new values as new coverage. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@278839 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-16 19:33:51 +00:00
Kostya Serebryany
3487192114 [libFuzzer] properly intercept memmem 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@276006 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-07-19 18:29:06 +00:00
Kostya Serebryany
730992dc3b [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmp 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@275648 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-07-15 23:27:19 +00:00
Mike Aizatsky
8bbe924637 [libfuzzer] moving is_ascii handler inside mutation dispatcher. 
Summary: It also fixes a bug, when first random might not be ascii.

Differential Revision: http://reviews.llvm.org/D21573

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@273611 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-06-23 20:44:48 +00:00
Richard Smith
0513d1e203 Fix compilation with GCC, which treats this as a constructor name not a type 
name. (GCC is correct here per the latest language DRs.)


git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@271044 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-27 21:05:35 +00:00
Kostya Serebryany
1c5d1efdb3 [libFuzzer] refactor: hide CurrentUnitData inside an interface function. NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270922 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-26 21:32:30 +00:00
Kostya Serebryany
34fca4b9ec [libFuzzer] reimplement the way we do -only_ascii to allow more 'const' in function declarations. Add a test for -only_ascii. NFC intended 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270900 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-26 20:03:02 +00:00
Kostya Serebryany
b30f32650e [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@263323 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-12 01:57:04 +00:00
Dmitry Vyukov
f984411dc5 libfuzzer: fix compiler warnings 
- unused sigaction/setitimer result (used in assert)
- unchecked fscanf return value
- signed/unsigned comparison



git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262472 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-02 09:54:40 +00:00
Kostya Serebryany
efb0cc7640 [libFuzzer] get rid of UserSuppliedFuzzer; NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260798 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 03:25:16 +00:00
Kostya Serebryany
7cec6c634b [libFuzzer] don't create too many trace-based mutations as it may be too slow 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@259600 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-02 23:17:45 +00:00
Kostya Serebryany
75da488104 [libFuzzer] don't do expensive memmem if the result will not be used 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@258462 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-22 01:04:58 +00:00
Kostya Serebryany
baa00e52a5 [libFuzzer] replace vector with a simpler data structure in the Dictionaries to avoid memory allocations on hot path 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257985 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-16 03:53:32 +00:00
Kostya Serebryany
f1af856009 [libFuzzer] do mutations based on memcmp/strcmp interceptors under a separate flag (-use_memcmp, default=1) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257873 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-15 06:24:05 +00:00
Kostya Serebryany
92e8dcd607 [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257713 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:46:01 +00:00
Kostya Serebryany
3888fb079a [libFuzzer] make sure we find buffer overflow in the input buffer. Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257701 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:02:30 +00:00
Kostya Serebryany
53ff84bf11 [libFuzzer] add a macro LLVM_FUZZER_DEFINES_SANITIZER_WEAK_HOOOKS 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257482 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 16:50:18 +00:00
Kostya Serebryany
7b0624d17e [libFuzzer] when a new unit is discovered using a dictionary, print all used dictionary entries 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257435 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 02:36:59 +00:00
Kostya Serebryany
71afbb96dc [libFuzzer] add various debug prints. Also don't mutate based on a cmp trace like (a eq a) or (a neq a) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257434 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 02:08:37 +00:00
Kostya Serebryany
d89bfb65a8 [libFuzzer] extend the weak memcmp/strcmp/strncmp interceptors to receive the result of the computations. With that, don't do any mutations if memcmp/etc returned 0 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257423 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 00:43:42 +00:00
Kostya Serebryany
38c36e3216 [libFuzzer] debug prints in tracing 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257249 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 03:46:08 +00:00
Kostya Serebryany
7fddde9543 [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257248 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 03:08:58 +00:00
Kostya Serebryany
295ef47f9e [libFuzzer] don't limit memcmp tracing with 8 bytes 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257245 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 01:39:55 +00:00
Kostya Serebryany
461ac91112 [libFuzzer] refactor the way we collect cmp traces (don't use std::vector, don't limit with 8 bytes) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257239 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-09 00:38:40 +00:00
Kostya Serebryany
325442be58 [libFuzzer] make trace-based fuzzing not crash in presence of threads 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@256876 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-06 00:03:35 +00:00
Kostya Serebryany
01400f4e22 [libFuzzer] remove default initializer as a workaround for https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68399. Don't need it anyway. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@253419 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-18 01:08:30 +00:00
Kostya Serebryany
22e2376e14 [libFuzzer] Marking exported symbols as visible. Patch by Mike Aizatsky 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@248954 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-09-30 22:22:37 +00:00
Kostya Serebryany
8eaf34eed8 [libFuzzer] refactor the code to allow building libFuzzer on platforms that don't have dfsan and don't support weak functions 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@247321 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-09-10 18:48:38 +00:00
Kostya Serebryany
88d071c626 [libFuzzer] remove a piece of stale code 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@247067 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-09-08 20:40:10 +00:00
Kostya Serebryany
87e6608466 [libFuzzer] more accurate logic for traces, 80-char fix 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@246888 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-09-04 22:32:25 +00:00
Kostya Serebryany
234cfada18 [libFuzzer] add two flags, -tbm_depth and -tbm_width to control how the trace-based-mutations are applied 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@244712 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-08-12 01:55:37 +00:00
Kostya Serebryany
c2f74a9478 [libFuzzer] avoid build warnings in non-assert build (useful warning in this case) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@244177 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-08-05 23:44:42 +00:00
Kostya Serebryany
5707219e94 [libFuzzer] in dfsan mode, set labels every time we start recording traces as opposed to doing it at process startup. This ensures that the labels are fresh. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@244165 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-08-05 23:02:57 +00:00
Kostya Serebryany
d2f9ac2486 [libFuzzer] use data-flow feedback from strcmp 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@244084 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-08-05 18:23:01 +00:00
Kostya Serebryany
8d4c8061c9 [libFuzzer] start refactoring the Mutator and adding tests to it 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243817 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-08-01 01:42:51 +00:00
Kostya Serebryany
f7aa7e6f49 [libFuzzer] make sure that 2-byte arguments of switch() are handled properly 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243781 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-31 20:58:55 +00:00
Kostya Serebryany
207cfe14a9 [libFuzzer] record traces from the switch statements only when told to do so 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243768 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-31 18:09:08 +00:00
Kostya Serebryany
26e09e2da5 [libFuzzer] support switch interception in dfsan mode 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243760 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-31 17:05:05 +00:00
Kostya Serebryany
02c18f4db9 [libFuzzer] trace switch statements and apply mutations based on the expected case values 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243726 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-31 01:33:06 +00:00
Kostya Serebryany
dd6dcb6cee [libFuzzer] fix the strncmp interceptor -- it should respect short strings. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243691 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-30 21:22:22 +00:00
Kostya Serebryany
11186e1752 [libFuzzer] implement strncmp hook for data-flow-guided fuzzing (w/ and w/o dfsan), add a test 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243611 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-30 02:33:45 +00:00
Kostya Serebryany
c01d39e6b8 [libFuzzer] implement memcmp hook for data-flow-guided fuzzing (w/o dfsan), extend the memcmp fuzzer test 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243603 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-30 01:34:58 +00:00
Kostya Serebryany
c830cebe1f [libFuzzer] ensure that the dfsan tracing hooks actually run (using -verbosity=3 in tests) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243365 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-28 01:25:00 +00:00
Kostya Serebryany
322fda4b3e [libFuzzer] when using cmp traces, first check that the CMP is evaluated to one value much more frequently than to the other value (heuristic) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243363 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-28 00:59:53 +00:00
Kostya Serebryany
33a9a09cd7 [libFuzzer] allow users to supply their own implementation of rand 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@243078 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-07-24 01:06:40 +00:00
Kostya Serebryany
873d4e200d [lib/Fuzzer] relax an assertion 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238608 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-05-29 20:31:17 +00:00