Commit Graph

5 Commits

Author SHA1 Message Date
Justin Bogner 5204717208 cmake: Invent add_llvm_fuzzer to set up fuzzer targets
This moves the cmake configuration for fuzzers in LLVM to a new macro,
add_llvm_fuzzer. This will make it easier to keep things consistent
while implementing llvm.org/pr34314.

I've also made a couple of minor functional changes here:

- the fuzzers now use add_llvm_executable rather than add_llvm_tool.
  This means they won't create install targets and stuff like that,
  because those made little sense for these fuzzers.
- I've grouped these under "Fuzzers" rather than in with "Tools" for
  people who build with IDEs.

llvm-svn: 312200
2017-08-31 00:36:33 +00:00
George Karpenkov 0ac90d3f78 Update LLVM fuzzers to use the libFuzzer bundled with the compiler toolchain
Differential Revision: https://reviews.llvm.org/D37041

llvm-svn: 311515
2017-08-23 00:40:58 +00:00
Mehdi Amini 03b42e41bf Remove every uses of getGlobalContext() in LLVM (but the C API)
At the same time, fixes InstructionsTest::CastInst unittest: yes
you can leave the IR in an invalid state and exit when you don't
destroy the context (like the global one), no longer now.

This is the first part of http://reviews.llvm.org/D19094

From: Mehdi Amini <mehdi.amini@apple.com>
llvm-svn: 266379
2016-04-14 21:59:01 +00:00
Kostya Serebryany 20bb5e71b2 [libFuzzer] make LLVMFuzzerTestOneInput (the fuzzer target function) return int instead of void. The actual return value is not *yet* used (and expected to be 0). This change is API breaking, so the fuzzers will need to be updated.
llvm-svn: 249214
2015-10-02 23:34:06 +00:00
Karl Schimpf b9c2c71d09 Build a lib/Fuzzer version for llvm-as.
Summary:
This CL is associated with a fuzzing effort to find bugs in LLVM. The
first step is to fuzz llvm-as to find potential issues in generating
IR. Both afl-fuzz and LLVM's lib/Fuzzer are being used.

This CL introduces the executable that implements the in-process
fuzzer using LLVM's lib/Fuzzer. The motivation for using lib/Fuzzer is
based on time comparisons between afl-fuzz and lib/Fuzzer. Early
results show that per-process, the lib/Fuzzer implemenation of llvm-as
(i.e. this CL) generates over 30 times the number of mutations found
by afl-fuzz, per hour runtime. The speedup is due to the removal of
overhead of forking a process, and loading the executable into memory.

I placed this under the tools directory, since it is an executable. It
is also only conditionally built if (using cmake) the flag
LLVM_USEE_SANITIZE_COVERAGE is used, so that it isn't built by
default.

Reviewers: kcc, filcab

Subscribers: llvm-commits

Differential Revision: http://reviews.llvm.org/D12438

llvm-svn: 246458
2015-08-31 17:55:32 +00:00