Kostya Serebryany
|
e641dd6479
|
[libFuzzer] more accurate logic for traces, 80-char fix
llvm-svn: 246888
|
2015-09-04 22:32:25 +00:00 |
Kostya Serebryany
|
12c7837381
|
[libFuzzer] add two flags, -tbm_depth and -tbm_width to control how the trace-based-mutations are applied
llvm-svn: 244712
|
2015-08-12 01:55:37 +00:00 |
Kostya Serebryany
|
d46369d8b3
|
[libFuzzer] avoid build warnings in non-assert build (useful warning in this case)
llvm-svn: 244177
|
2015-08-05 23:44:42 +00:00 |
Kostya Serebryany
|
4cc10d432a
|
[libFuzzer] in dfsan mode, set labels every time we start recording traces as opposed to doing it at process startup. This ensures that the labels are fresh.
llvm-svn: 244165
|
2015-08-05 23:02:57 +00:00 |
Kostya Serebryany
|
7f4227d59a
|
[libFuzzer] use data-flow feedback from strcmp
llvm-svn: 244084
|
2015-08-05 18:23:01 +00:00 |
Kostya Serebryany
|
8ce7424e9c
|
[libFuzzer] start refactoring the Mutator and adding tests to it
llvm-svn: 243817
|
2015-08-01 01:42:51 +00:00 |
Kostya Serebryany
|
fe7e41e8f5
|
[libFuzzer] make sure that 2-byte arguments of switch() are handled properly
llvm-svn: 243781
|
2015-07-31 20:58:55 +00:00 |
Kostya Serebryany
|
73932e5fe3
|
[libFuzzer] record traces from the switch statements only when told to do so
llvm-svn: 243768
|
2015-07-31 18:09:08 +00:00 |
Kostya Serebryany
|
cd6a4665e0
|
[libFuzzer] support switch interception in dfsan mode
llvm-svn: 243760
|
2015-07-31 17:05:05 +00:00 |
Kostya Serebryany
|
fb7d8d9d06
|
[libFuzzer] trace switch statements and apply mutations based on the expected case values
llvm-svn: 243726
|
2015-07-31 01:33:06 +00:00 |
Kostya Serebryany
|
c9dc96bfc6
|
[libFuzzer] fix the strncmp interceptor -- it should respect short strings.
llvm-svn: 243691
|
2015-07-30 21:22:22 +00:00 |
Kostya Serebryany
|
b74ba421fc
|
[libFuzzer] implement strncmp hook for data-flow-guided fuzzing (w/ and w/o dfsan), add a test
llvm-svn: 243611
|
2015-07-30 02:33:45 +00:00 |
Kostya Serebryany
|
0e776a2250
|
[libFuzzer] implement memcmp hook for data-flow-guided fuzzing (w/o dfsan), extend the memcmp fuzzer test
llvm-svn: 243603
|
2015-07-30 01:34:58 +00:00 |
Kostya Serebryany
|
ae7df1ca4d
|
[libFuzzer] ensure that the dfsan tracing hooks actually run (using -verbosity=3 in tests)
llvm-svn: 243365
|
2015-07-28 01:25:00 +00:00 |
Kostya Serebryany
|
35959592a3
|
[libFuzzer] when using cmp traces, first check that the CMP is evaluated to one value much more frequently than to the other value (heuristic)
llvm-svn: 243363
|
2015-07-28 00:59:53 +00:00 |
Kostya Serebryany
|
404c69f2c8
|
[libFuzzer] allow users to supply their own implementation of rand
llvm-svn: 243078
|
2015-07-24 01:06:40 +00:00 |
Kostya Serebryany
|
3fe7682fb0
|
[lib/Fuzzer] relax an assertion
llvm-svn: 238608
|
2015-05-29 20:31:17 +00:00 |
Kostya Serebryany
|
7c180eafc1
|
[lib/Fuzzer] fully get rid of std::cerr in libFuzzer
llvm-svn: 238081
|
2015-05-23 01:22:35 +00:00 |
Kostya Serebryany
|
20e9bcbfc8
|
[lib/Fuzzer] start getting rid of std::cerr. Sadly, these parts of C++ library used in libFuzzer badly interract with the same code used in the target function and also with dfsan. It's easier to just not use std::cerr than to defeat these issues.
llvm-svn: 238078
|
2015-05-23 01:07:46 +00:00 |
Kostya Serebryany
|
d8c54724a8
|
[lib/Fuzzer] remove the -dfsan=1 flag, just use -use_traces=1 (w/ or w/o dfsan)
llvm-svn: 237083
|
2015-05-12 01:58:34 +00:00 |
Kostya Serebryany
|
8817e86efd
|
[lib/Fuzzer] don't record traces when trace collection is off
llvm-svn: 237067
|
2015-05-11 23:25:28 +00:00 |
Kostya Serebryany
|
225262562f
|
[lib/Fuzzer] rename FuzzerDFSan.cpp to FuzzerTraceState.cpp; update comments. NFC expected
llvm-svn: 237050
|
2015-05-11 21:16:27 +00:00 |