RPCSX/llvm
1
0
Fork 0
mirror of https://github.com/RPCSX/llvm.git synced 2025-01-01 01:14:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
138,538 Commits 27 Branches 0 Tags 473 MiB
a6b3c30ea2
Commit Graph

35 Commits

Author SHA1 Message Date
Kostya Serebryany
2a546868cb [libFuzzer] refactoring: split the large header into many; NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@282044 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-21 01:50:50 +00:00
Kostya Serebryany
b3d4112198 [libFuzzer] use sleep() instead of std::this_thread::sleep_for to avoid coverage from instrumented libc++ 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281933 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-19 20:32:34 +00:00
Kostya Serebryany
304a0b44f3 [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@281866 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-09-18 21:47:08 +00:00
Kostya Serebryany
7526feb22f [libFuzzer] when printing the reproducer input, also print the base input and the mutation sequence 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@278975 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-17 20:45:23 +00:00
Dan Liew
a3e4fd51f1 [LibFuzzer] Fix -jobs=<N> where <N> > 1 and the number of workers is > 1 on macOS. 
The original `ExecuteCommand()` called `system()` from the C library.
The C library implementation of this on macOS contains a mutex which
serializes calls to `system()`. This prevented the `-jobs=` flag
from running copies of the fuzzing binary in parallel which is
the opposite of what is intended.

To fix this on macOS an alternative implementation of `ExecuteCommand()`
is provided that can be used concurrently. This is provided in
`FuzzerUtilDarwin.cpp` which is guarded to only compile code on Apple
platforms. The existing implementation has been moved to a new file
`FuzzerUtilLinux.cpp` which is guarded to only compile code on Linux.

This commit includes a simple test to check that LibFuzzer is being
executed in parallel when requested.

Differential Revision: https://reviews.llvm.org/D22742

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@278544 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-08-12 18:29:36 +00:00
Kostya Serebryany
6effb7148b [libFuzzer] make OOM-handling more portable. Instead of sending a signal to the main fuzzing thread, print the message in the getrusage thread and exit. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270945 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-27 00:54:15 +00:00
Kostya Serebryany
34fca4b9ec [libFuzzer] reimplement the way we do -only_ascii to allow more 'const' in function declarations. Add a test for -only_ascii. NFC intended 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270900 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-26 20:03:02 +00:00
Dan Liew
036e9cc7c7 [LibFuzzer] Fix implementation of `GetPeakRSSMb()` on Mac OSX. 
On Linux ``rusage.ru_maxrss`` is in KiB but on Mac OSX it is in bytes.

Differential Revision: http://reviews.llvm.org/D20410

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270173 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-20 01:37:54 +00:00
Dan Liew
adef8786dd [LibFuzzer] Fix `NumberOfCpuCores()` on Mac OSX. 
The ``nprocs`` command does not exist under Mac OSX so use
``sysctl`` instead on that platform.

Whilst I'm here

* Use ``pclose()`` instead of ``fclose()`` which the ``popen()``
  documentation says should be used.
* Check for errors that were previously unhandled.

Differential Revision: http://reviews.llvm.org/D20409

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@270172 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-20 01:30:36 +00:00
Kostya Serebryany
f01dfdd8aa [libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print the OOM reproducer. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@268821 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-05-06 23:38:07 +00:00
Kostya Serebryany
d32f138d30 [libFuzzer] handle SIGTERM 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@264338 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-24 21:03:58 +00:00
Dmitry Vyukov
f984411dc5 libfuzzer: fix compiler warnings 
- unused sigaction/setitimer result (used in assert)
- unchecked fscanf return value
- signed/unsigned comparison



git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262472 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-02 09:54:40 +00:00
Kostya Serebryany
7a1dcf9965 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262415 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-03-01 22:19:21 +00:00
Kostya Serebryany
86b1b67565 [libFuzzer] add -print_final_stats=1 flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@262084 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-26 22:42:23 +00:00
Kostya Serebryany
2d7392fe48 [libFuzzer] remove std::vector operations from hot paths, NFC 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@260829 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-02-13 17:56:51 +00:00
Kostya Serebryany
baa00e52a5 [libFuzzer] replace vector with a simpler data structure in the Dictionaries to avoid memory allocations on hot path 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257985 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-16 03:53:32 +00:00
Kostya Serebryany
92e8dcd607 [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257713 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-13 23:46:01 +00:00
Kostya Serebryany
7b0624d17e [libFuzzer] when a new unit is discovered using a dictionary, print all used dictionary entries 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@257435 91177308-0d34-0410-b5e6-96231b3b80d8
 2016-01-12 02:36:59 +00:00
Kostya Serebryany
3f8065b694 [libFuzzer] compute base64 in-process instead of using an external lib. Since libFuzzer should not depend on anything, just re-implement base64 encoder. PR25746 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254784 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-12-04 22:29:39 +00:00
Kostya Serebryany
1a42a60ebc [libFuzzer] experimental flag -drill (another search heuristic; Mike Aizatsky's idea) 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252838 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-12 01:02:01 +00:00
Kostya Serebryany
331a8c8a87 [libFuzzer] print a bit fewer lines 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@252123 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-11-05 01:19:42 +00:00
Kostya Serebryany
9b24e29d72 [libFuzzer] print a stack trace on timeout 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@250571 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-10-16 23:04:31 +00:00
Kostya Serebryany
446d906a52 [libFuzzer] adding a parser for AFL-style dictionaries + tests. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@246800 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-09-03 20:23:46 +00:00
Kostya Serebryany
580504f120 [libFuzzer] honour -only_ascii=1 when reading the initial corpus. Also, remove ugly #ifdef 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@246689 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-09-02 19:08:08 +00:00
Kostya Serebryany
89f52ac188 [libFuzzer] add -only_ascii flag 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@244559 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-08-11 01:44:42 +00:00
Kostya Serebryany
d434a0a1b2 [lib/Fuzzer] fully get rid of std::cerr in libFuzzer 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238081 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-05-23 01:22:35 +00:00
Kostya Serebryany
05ef67b6b9 [lib/Fuzzer] when -sync_command=<CMD> is given, periodically execute 'CMD CORPUS' to synchronize with other processes 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@237617 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-05-18 21:34:20 +00:00
Kostya Serebryany
6f1b9541ba [lib/Fuzzer] Add SHA1 implementation from public domain. 
Summary:
This adds a SHA1 implementation taken from public domain code.
The change is trivial, but as it involves third-party code I'd like
a second pair of eyes before commit.

LibFuzzer can not use SHA1 from openssl because openssl may not be available
and because we may be fuzzing openssl itself.
Using sha1sum via a pipe is too slow.

Test Plan: n/a

Reviewers: chandlerc

Reviewed By: chandlerc

Subscribers: majnemer, llvm-commits

Differential Revision: http://reviews.llvm.org/D9733

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@237400 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-05-14 22:41:49 +00:00
Kostya Serebryany
b8a0c0ecb3 [lib/Fuzzer] use sha1sum for the file hash 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@237198 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-05-12 22:03:34 +00:00
Kostya Serebryany
eaba2dd2f1 [lib/Fuzzer] guess the right number of workers if -jobs=N is given but -workers=M is not. Update the docs. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@237163 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-05-12 18:51:57 +00:00
Kostya Serebryany
01055ec7e3 [fuzzer] document the -tokens flag. Also change the diagnostic output 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@233842 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-04-01 21:33:20 +00:00
Kostya Serebryany
3399e1fd73 [fuzzer] Add support for token-based fuzzing (e.g. for C++). Allow string flags. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@233745 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-03-31 20:13:20 +00:00
Aaron Ballman
94879c0134 Reverting r227452, which adds back the fuzzer library. Now excluding the fuzzer library based on LLVM_USE_SANITIZE_COVERAGE being set or unset. 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227464 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-01-29 16:58:29 +00:00
Aaron Ballman
f316f2ea52 Temporarily reverting the fuzzer library as it causes too many build issues for MSVC users. This reverts: 227445, 227395, 227389, 227357, 227254, 227252 
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227452 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-01-29 15:49:22 +00:00
Kostya Serebryany
c9baf3befb Add a Fuzzer library 
Summary:
A simple genetic in-process coverage-guided fuzz testing library.

I've used this fuzzer to test clang-format
(it found 12+ bugs, thanks djasper@ for the fixes!)
and it may also help us test other parts of LLVM.
So why not keep it in the LLVM repository?

I plan to add the cmake build rules later (in a separate patch, if that's ok)
and also add a clang-format-fuzzer target.

See README.txt for details.

Test Plan: Tests will follow separately.

Reviewers: djasper, chandlerc, rnk

Reviewed By: rnk

Subscribers: majnemer, ygribov, dblaikie, llvm-commits

Differential Revision: http://reviews.llvm.org/D7184

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227252 91177308-0d34-0410-b5e6-96231b3b80d8
 2015-01-27 22:08:41 +00:00