maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
256,430 Commits 23 Branches 0 Tags 2.2 GiB
Commit Graph

22 Commits

Author SHA1 Message Date
Kostya Serebryany 6ac64c3a6d [libFuzzer] replace std::random_shuffle with std::shuffle as std::random_shuffle is being deprecated in C++17. Also simplify fuzzer::Random. NFC 
llvm-svn: 294366
 2017-02-07 22:37:34 +00:00
Reid Kleckner e8ee89f8b0 Include <algorithm> for std::max etc 
llvm-svn: 290730
 2016-12-30 00:15:40 +00:00
Kostya Serebryany 2a8440df70 [libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually (second attempt) 
llvm-svn: 290637
 2016-12-27 23:24:55 +00:00
Daniel Jasper fa1030e40b Revert "[libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code" 
This reverts commit r289998.

See comment:
https://reviews.llvm.org/rL289998

llvm-svn: 290043
 2016-12-17 12:27:49 +00:00
Kostya Serebryany be7003f99c [libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code 
llvm-svn: 289998
 2016-12-16 22:42:05 +00:00
Marcos Pividori 7c1defd738 [libFuzzer] Avoid name collision with Windows API. 
Windows uses some macros to replace DeleteFile() by DeleteFileA() or
DeleteFileW(). This was causing an error at link time.
DeleteFile was renamed to RemoveFile().

Differential Revision: https://reviews.llvm.org/D27577

llvm-svn: 289563
 2016-12-13 17:46:40 +00:00
Marcos Pividori 178fe58745 [libFuzzer] Clean up headers and file formatting of LibFuzzer files. 
Reorganize #includes to follow LLVM Coding Standards.
Include some missing headers. Required to use `Printf()`.

Aside from that, this patch contains no functional change.
It is purely a re-organization.

Differential Revision: https://reviews.llvm.org/D27363

llvm-svn: 289560
 2016-12-13 17:46:11 +00:00
Zachary Turner 24a148b1d4 [LibFuzzer] Split up some functions among different headers. 
In an effort to get libfuzzer working on Windows, we need to make
a distinction between what functions require platform specific
code (e.g. different code on Windows vs Linux) and what code
doesn't.  IO functions, for example, tend to be platform
specific.

This patch separates out some of the functions which will need
to have platform specific implementations into different headers,
so that we can then provide different implementations for each
platform.

Aside from that, this patch contains no functional change.  It
is purely a re-organization.

Patch by Marcos Pividori
Differential Revision: https://reviews.llvm.org/D27230

llvm-svn: 288264
 2016-11-30 19:06:14 +00:00
Kostya Serebryany a5f94fb6c9 [libFuzzer] add -trace_cmp=1 (guiding mutations based on the observed CMP instructions). This is a reincarnation of the previously deleted -use_traces, but using a different approach for collecting traces. Still a toy, but at least it scales well. Also fix -merge in trace-pc-guard mode 
llvm-svn: 284273
 2016-10-14 20:20:33 +00:00
Kostya Serebryany c5325ed29d [libFuzzer] when shrinking the corpus, delete evicted files previously created by the current process 
llvm-svn: 283682
 2016-10-08 23:24:45 +00:00
Kostya Serebryany cd04ec25dd [libFuzzer] fix use-after-free in libFuzzer found by ... fuzzing. 
llvm-svn: 283675
 2016-10-08 21:57:48 +00:00
Kostya Serebryany 936b1e774f [libFuzzer] be more careful with memory usage, print peak rss in status lines 
llvm-svn: 283418
 2016-10-06 05:14:00 +00:00
Kostya Serebryany 1c73f1bf27 [libFuzzer] refactoring to make -shrink=1 work for value profile, added a test. 
llvm-svn: 283409
 2016-10-05 22:56:21 +00:00
Kostya Serebryany 2455f0d013 [libFuzzer] clear the corpus elements if they are evicted (i.e. smaller elements with proper coverage are found). Make sure we never try to mutate empty element. Print the corpus size in bytes in the status lines 
llvm-svn: 283279
 2016-10-05 00:25:17 +00:00
Kostya Serebryany 5a52a11ce4 [libFuzzer] change the probabilities so that we choose only the inputs that are known to be minimal inputs for at least one coverage feature (works only with -shrink=1 for now) 
llvm-svn: 283178
 2016-10-04 01:51:44 +00:00
Kostya Serebryany d216922a80 [libFuzzer] implement the -shrink=1 option that tires to make elements of the corpus smaller, off by default 
llvm-svn: 282995
 2016-10-01 01:04:29 +00:00
Kostya Serebryany 2c55613a08 [libFuzzer] more the feature set to InputCorpus; on feature update, change the feature counter of the old best input 
llvm-svn: 282829
 2016-09-30 01:19:56 +00:00
Kostya Serebryany 16a145fd0f [libFuzzer] fix merging with trace-pc-guard 
llvm-svn: 282224
 2016-09-23 01:58:51 +00:00
Kostya Serebryany 624f59f4d8 [libFuzzer] add 'features' to the corpus elements, allow mutations with Size > MaxSize, fix sha1 in corpus stats; various refactorings 
llvm-svn: 282129
 2016-09-22 01:34:58 +00:00
Kostya Serebryany 29bb664075 [libFuzzer] add stats to the corpus; more refactoring 
llvm-svn: 282121
 2016-09-21 22:42:17 +00:00
Kostya Serebryany 20801e1b8a [libFuzzer] more refactoring; don't compute sha1sum every time we mutate a unit from the corpus, use the stored one. 
llvm-svn: 282115
 2016-09-21 21:41:48 +00:00
Kostya Serebryany 6f5a804cdb [libFuzzer] refactoring: split the large header into many; NFC 
llvm-svn: 282044
 2016-09-21 01:50:50 +00:00