Commit Graph

260 Commits

Author SHA1 Message Date
Kostya Serebryany 6289536922 [libFuzzer] print the file name before executing the input so that if there is a crash we know which files has caused it
llvm-svn: 269450
2016-05-13 18:10:33 +00:00
Kostya Serebryany 8b0d90a6d4 [libFuzzer] simplify FuzzerInterface.h
llvm-svn: 269448
2016-05-13 18:04:35 +00:00
Kostya Serebryany 781e8da888 [libFuzzer] add a driver file to use AFL on LLVMFuzzerTestOneInput
llvm-svn: 269141
2016-05-10 23:46:50 +00:00
Mike Aizatsky 1aa501e7e8 [libfuzzer] Refactoring coverage state-management code.
It is now less state-dependent and will allow easier comparing of
coverages of different units.

Differential Revision: http://reviews.llvm.org/D20085

llvm-svn: 269140
2016-05-10 23:43:15 +00:00
Kostya Serebryany ca9694ba2c [libFuzzer] add a test for libFuzzer+ubsan, extend the docs on using libFuzzer+ubsan
llvm-svn: 268968
2016-05-09 21:02:36 +00:00
Kostya Serebryany 61b07ac75b [libFuzzer] better document the -merge=1 flag
llvm-svn: 268957
2016-05-09 19:11:36 +00:00
Kostya Serebryany 8b8f7a3cda [libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print the OOM reproducer.
llvm-svn: 268821
2016-05-06 23:38:07 +00:00
Kostya Serebryany 52b394e981 [libFuzzer] add exeprimental -rss_limit_mb flag to fight against OOMs
llvm-svn: 268807
2016-05-06 21:58:35 +00:00
Kostya Serebryany baf7fd0b16 [libFuzzer] print stats after running individual inputs
llvm-svn: 268547
2016-05-04 20:44:50 +00:00
Kostya Serebryany 2fe9304d62 [libFuzzer] enable detect_leaks=1, add proper docs
llvm-svn: 268088
2016-04-29 18:49:55 +00:00
Kostya Serebryany 0e0bcc4bdb [libFuzzer] disable leak detection if we have tried it for 1000 times w/o finding a leak [part 2]
llvm-svn: 267771
2016-04-27 19:52:56 +00:00
Kostya Serebryany 7018a1aaa4 [libFuzzer] disable leak detection if we have tried it for 1000 times w/o finding a leak
llvm-svn: 267770
2016-04-27 19:52:34 +00:00
Kostya Serebryany 9ba19182be [libFuzzer] remove dead code
llvm-svn: 267455
2016-04-25 19:41:45 +00:00
Kostya Serebryany 1bfd583d82 [libFuzzer] added -detect_leaks flag (0 by default for now). When enabled, it will help finding leaks while fuzzing
llvm-svn: 266838
2016-04-20 00:24:21 +00:00
Kostya Serebryany ebb932d060 [libFuzzer] try to print correct time in seconds when reporting a timeout. Don't report timeouts while still loading the corpus.
llvm-svn: 266693
2016-04-18 22:50:39 +00:00
Kostya Serebryany 09087bba4d [libFuzzer] warn if the corpus is empty
llvm-svn: 266670
2016-04-18 21:14:11 +00:00
Mehdi Amini b550cb1750 [NFC] Header cleanup
Removed some unused headers, replaced some headers with forward class declarations.

Found using simple scripts like this one:
clear && ack --cpp -l '#include "llvm/ADT/IndexedMap.h"' | xargs grep -L 'IndexedMap[<]' | xargs grep -n --color=auto 'IndexedMap'

Patch by Eugene Kosov <claprix@yandex.ru>

Differential Revision: http://reviews.llvm.org/D19219

From: Mehdi Amini <mehdi.amini@apple.com>
llvm-svn: 266595
2016-04-18 09:17:29 +00:00
Kostya Serebryany b60397f54c [libFuzzer] add a better warning for command line flags with -- (two dashes)
llvm-svn: 266480
2016-04-15 21:56:29 +00:00
Hans Wennborg e631996350 Remove redundant .c_str(), as suggested by PR25633
llvm-svn: 265988
2016-04-11 20:35:17 +00:00
Mike Aizatsky 94e29668b0 [libfuzzer] defensive assert
llvm-svn: 265866
2016-04-08 23:32:24 +00:00
Mike Aizatsky f13cbee12e [libfuzzer] adding license headers to cpp files
Differential Revision: http://reviews.llvm.org/D18705

llvm-svn: 265174
2016-04-01 18:38:58 +00:00
Kostya Serebryany 9e1a238357 [libFuzzer] more docs
llvm-svn: 264803
2016-03-29 23:07:36 +00:00
Kostya Serebryany f3ab6d9e10 [libFuzzer] use fflush after every Printf
llvm-svn: 264459
2016-03-25 20:31:26 +00:00
Kostya Serebryany f389ae12c1 [libFuzzer] handle SIGTERM
llvm-svn: 264338
2016-03-24 21:03:58 +00:00
Kostya Serebryany 315167339e [libFuzzer] don't report memory leaks if we are dying due to a timeout (just use _Exit instead of exit in the timeout callback)
llvm-svn: 264237
2016-03-24 01:32:08 +00:00
Kostya Serebryany 6278f933a8 [libFuzzer] use fdopen+vfprintf instead of fsnprintf+write
llvm-svn: 264230
2016-03-24 00:57:32 +00:00
Kostya Serebryany 49e409068a [libFuzzer] add a flag close_fd_mask so that we can silence spammy targets by closing stderr/stdout
llvm-svn: 263831
2016-03-18 20:58:29 +00:00
Benjamin Kramer d96b0c14fb [Fuzzer] Guard no_sanitize_memory attributes behind __has_feature.
Otherwise GCC fails to build it because it doesn't know the attribute.

llvm-svn: 263787
2016-03-18 14:19:19 +00:00
Kostya Serebryany c43b584c1c [libFuzzer] read corpus dirs recursively
llvm-svn: 263773
2016-03-18 01:36:00 +00:00
Kostya Serebryany 945761b8c2 [libFuzzer] improve -merge functionality
llvm-svn: 263769
2016-03-18 00:23:29 +00:00
Kostya Serebryany c5575aabd6 [libFuzzer] deprecate several flags
llvm-svn: 263739
2016-03-17 19:59:39 +00:00
Kostya Serebryany 23dbc390af [libFuzzer] add __attribute__((no_sanitize_memory)) to two functions that may be called from signal handler(s) or from msan. This will hopefully avoid msan false reports which I can't reproduce
llvm-svn: 263737
2016-03-17 19:42:35 +00:00
Mike Aizatsky 298516ffa9 [libfuzzer] speeding up corpus load
llvm-svn: 263591
2016-03-15 21:47:21 +00:00
Kostya Serebryany 0c5e3af862 [libFuzzer] use max_len exactly equal to the max size of input. Fix 32-bit build
llvm-svn: 263518
2016-03-15 01:28:00 +00:00
Kostya Serebryany 64d24578d8 [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes.
llvm-svn: 263323
2016-03-12 01:57:04 +00:00
Mike Aizatsky 243fe2b3a0 [libfuzzer] adding std:string to allowed adaptable argument.
llvm-svn: 262757
2016-03-04 23:18:01 +00:00
Kostya Serebryany 5c3701c621 [libFuzzer] log less when re-loading files; fix a silly bug: when running single files actually run all of them, not just the first one
llvm-svn: 262754
2016-03-04 22:35:40 +00:00
Mike Aizatsky b8627a89a6 [libfuzzer] arbitrary function adapter.
The adapter automates converting sequence of bytes into arbitrary
arguments.

Differential Revision: http://reviews.llvm.org/D17829

llvm-svn: 262673
2016-03-03 23:45:29 +00:00
Kostya Serebryany e483ed2825 [libFuzzer] when interrupted, call _Exit() instead of exit()
llvm-svn: 262667
2016-03-03 22:36:37 +00:00
Kostya Serebryany 4394b31e1d [libFuzzer] add -Werror for libFuzzer build rule
llvm-svn: 262517
2016-03-02 21:08:16 +00:00
Dmitry Vyukov 2eed1218e5 libfuzzer: fix compiler warnings
- unused sigaction/setitimer result (used in assert)
- unchecked fscanf return value
- signed/unsigned comparison

llvm-svn: 262472
2016-03-02 09:54:40 +00:00
Kostya Serebryany 3d95dd9149 [libFuzzer] deprecate exit_on_first flag
llvm-svn: 262417
2016-03-01 22:33:14 +00:00
Kostya Serebryany 228d5b1ce4 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag.
llvm-svn: 262415
2016-03-01 22:19:21 +00:00
Kostya Serebryany f84df30e4f [libFuzzer] remove FuzzerSanitizerOptions.cpp
llvm-svn: 262354
2016-03-01 17:46:32 +00:00
Rafael Espindola 5cd721ae12 Refactor duplicated code for linking with pthread.
llvm-svn: 262344
2016-03-01 15:54:40 +00:00
Kostya Serebryany bf821db932 [libFuzzer] fixing the bot
llvm-svn: 262106
2016-02-27 03:14:23 +00:00
Kostya Serebryany 2d4f8f168b [libFuzzer] speedup path coverage handling
llvm-svn: 262102
2016-02-27 01:50:16 +00:00
Kostya Serebryany 66ff0756e4 [libFuzzer] add -print_final_stats=1 flag
llvm-svn: 262084
2016-02-26 22:42:23 +00:00
Kostya Serebryany da63c1d09a [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds
llvm-svn: 262073
2016-02-26 21:33:56 +00:00
Kostya Serebryany a35f7d383f [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup loading the corpus
llvm-svn: 261267
2016-02-18 21:49:10 +00:00