summaryrefslogtreecommitdiff
path: root/lib/fuzzer
Commit message (Collapse)AuthorAgeFilesLines
* [libFuzzer][MSVC] Use alternatename for ext functionsJonathan Metzman2019-01-153-57/+84
| | | | | | | | | | | | | | | | | Summary: Use alternatename for external functions only when using MSVC since Clang doesn't support it and MSVC doesn't support Clang's method (weak aliases). Reviewers: morehouse Reviewed By: morehouse Subscribers: rnk, thakis, mgorny Differential Revision: https://reviews.llvm.org/D56514 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@351152 91177308-0d34-0410-b5e6-96231b3b80d8
* [libfuzzer][MSVC] Make calls to builtin functions work with MSVCJonathan Metzman2019-01-096-25/+127
| | | | | | | | | | | | | | | | | | Summary: Replace calls to builtin functions with macros or functions that call the Windows-equivalents when targeting windows and call the original builtin functions everywhere else. This change makes more parts of libFuzzer buildable with MSVC. Reviewers: vitalybuka Reviewed By: vitalybuka Subscribers: mgorny, rnk, thakis Differential Revision: https://reviews.llvm.org/D56439 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@350766 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] make len_control less aggressiveKostya Serebryany2018-12-141-1/+1
| | | | git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@349210 91177308-0d34-0410-b5e6-96231b3b80d8
* [test] Add missing cmake include for building libFuzzer aloneMichal Gorny2018-12-061-0/+2
| | | | | | | | | | | | | | Include CompilerRTCompile in fuzzer tests explicitly. Otherwise, when building only libFuzzer, CMake fails due to: CMake Error at cmake/Modules/AddCompilerRT.cmake:395 (sanitizer_test_compile): Unknown CMake command "sanitizer_test_compile". Call Stack (most recent call first): lib/fuzzer/tests/CMakeLists.txt:53 (generate_compiler_rt_tests) Differential Revision: https://reviews.llvm.org/D55378 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@348524 91177308-0d34-0410-b5e6-96231b3b80d8
* [fuzzer] Read files as binaryJonathan Metzman2018-11-062-3/+3
| | | | | | | | | | | | Summary: Read corpus files as binary to avoid automatic conversions Reviewers: Dor1s, morehouse Reviewed By: Dor1s, morehouse Differential Revision: https://reviews.llvm.org/D54180 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@346279 91177308-0d34-0410-b5e6-96231b3b80d8
* Follow Windows' approach for NetBSD in AlarmCallback()Kamil Rytarowski2018-11-061-1/+2
| | | | | | | | NetBSD's current behavior needs to ignore check for InFuzzingThread() in Fuzzer::AlarmCallback(). git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@346194 91177308-0d34-0410-b5e6-96231b3b80d8
* [compiler-rt][Fuzzer] Fix the fuzzer test buildPetr Hosek2018-11-021-2/+2
| | | | | | | | | This fixes the issue introduced in r345765 which changed the way in which the embedded libc++ is being built but omitted tests. Differential Revision: https://reviews.llvm.org/D54058 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@346052 91177308-0d34-0410-b5e6-96231b3b80d8
* [compiler-rt][Fuzzer] Use the new C++ ABI namespace CMake supportPetr Hosek2018-10-311-1/+1
| | | | | | | | | libc++ now supports customizing the ABI namespace directly from the CMake build so we no longer need to rely on custom CFLAGS. Differential Revision: https://reviews.llvm.org/D53939 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@345765 91177308-0d34-0410-b5e6-96231b3b80d8
* [libfuzzer][Windows] Silence linker warning in unittestJonathan Metzman2018-10-141-3/+1
| | | | | | | | | | | | | | | | Summary: Silence warning when linking unittest binary by not passing -lstdc++ to the linker since it is ignored. Reviewers: morehouse Reviewed By: morehouse Subscribers: mgorny Differential Revision: https://reviews.llvm.org/D53225 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@344480 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Generalize the code for getting the previous offset for ↵George Karpenkov2018-10-101-13/+33
| | | | | | | | | | | | | different architectures Without this change, tests in coverage.test and dump_coverage.test are failing on non-x86_64 platforms. The diff is copied from sanitizer_common library, an alternative would be to link it together with libFuzzer. Differential Revision: https://reviews.llvm.org/D53040 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@344104 91177308-0d34-0410-b5e6-96231b3b80d8
* [lib/fuzzer] Fix logging for FuchsiaPetr Hosek2018-10-022-8/+17
| | | | | | | | | | | | | | | | | This change fixes two aspects of logging on Fuchsia: 1. When logging to stdout, the output file descriptor should not be closed in ExecuteCommand, as it prevent fdio_spawn_etc from succeeding in subsequent calls. 2. When logging to a file in anything other than standalone Zircon, the log file needs to be created in mutable storage. The best indicator where this is relative to the Fuchsia component will be given by '-artifact_prefix=...', so save the log file relative to that path. Patch by: aarongreen Differential Revision: https://reviews.llvm.org/D52562 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@343607 91177308-0d34-0410-b5e6-96231b3b80d8
* [fuzzer] Replace FuzzerExtFunctionsDlsymWin.cpp with ↵Jonathan Metzman2018-09-202-63/+1
| | | | | | | | | | | | | | | | | | | | | FuzzerExtFunctionsWeakAlias.cpp Summary: Replace FuzzerExtFunctionsDlsymWin.cpp with FuzzerExtFunctionsWeakAlias.cpp to get externally defined functions (eg: LLVMFuzzerInitialize, LLVMFuzzerCustomMutator, etc) working again. Also enable tests that depended on these functions (on windows) Reviewers: rnk, morehouse Reviewed By: rnk, morehouse Subscribers: rnk, morehouse, mgorny Differential Revision: https://reviews.llvm.org/D51700 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@342698 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Avoid fuzzer symbols being hidden.Matt Morehouse2018-09-171-1/+1
| | | | | | | | Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1490845#c5. Patch By: Mike Hommey git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@342423 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] [Windows] Include windows.h and psapi.h with lowercaseMartin Storsjo2018-09-112-3/+3
| | | | | | | | | | | | | This fixes building on a case sensitive filesystem with mingw-w64 headers, where all headers are lowercase, and matches how these headers are included elsewhere in compiler-rt. Also include these headers with angle brackets, as they are system headers. Differential Revision: https://reviews.llvm.org/D51913 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@341983 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Enable tests on WindowsMatt Morehouse2018-09-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: Enable tests on Windows and make check-fuzzer pass on it. Make check-fuzzer pass on Windows by fixing libFuzzer, fixing tests, and by disabling tests on Windows. Most of these are disabled temporarily as support for the tests and the features they test will be added incrementally. Other tests will not be enabled since they require things that are not on Windows (eg: afl_driver tests). Every test that was explicitly disabled on Windows has a comment explaining why (unless obvious like merge-posix.test). The lit.cfg file was modified to support running tests on windows. fuzzer-dirs.test was fixed by making the Windows implementation print the same error message as the posix version. merge-control-file.test was fixed by making the test binary end with the ".exe" extension (on all platforms). Patch By: metzman Reviewers: morehouse Reviewed By: morehouse Subscribers: srhines, mgorny Differential Revision: https://reviews.llvm.org/D51549 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@341385 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Port to WindowsMatt Morehouse2018-08-309-12/+48
| | | | | | | | | | | | | | | | | | | | Summary: Port libFuzzer to windows-msvc. This patch allows libFuzzer targets to be built and run on Windows, using -fsanitize=fuzzer and/or fsanitize=fuzzer-no-link. It allows these forms of coverage instrumentation to work on Windows as well. It does not fix all issues, such as those with -fsanitize-coverage=stack-depth, which is not usable on Windows as of this patch. It also does not fix any libFuzzer integration tests. Nearly all of them fail to compile, fixing them will come in a later patch, so libFuzzer tests are disabled on Windows until them. Patch By: metzman Reviewers: morehouse, rnk Reviewed By: morehouse, rnk Subscribers: #sanitizers, delcypher, morehouse, kcc, eraman Differential Revision: https://reviews.llvm.org/D51022 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@341082 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Remove mutation stats and weighted mutation selection.Max Moroz2018-08-296-99/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: This was an experimental feature. After evaluating it with: 1) https://github.com/google/fuzzer-test-suite/tree/master/engine-comparison 2) enabling on real world fuzz targets running at ClusterFuzz and OSS-Fuzz The following conclusions were made: 1) With fuzz targets that have reached a code coverage plateau, the feature does not improve libFuzzer's ability to discover new coverage and may actually negatively impact it. 2) With fuzz targets that have not yet reached a code coverage plateau, the feature might speed up new units discovery in some cases, but it is quite rare and hard to confirm with a high level on confidence. Revert of https://reviews.llvm.org/D48054 and https://reviews.llvm.org/D49621. Reviewers: metzman, morehouse Reviewed By: metzman, morehouse Subscribers: delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D51455 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@340976 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert "[libFuzzer] Port to Windows"Matt Morehouse2018-08-299-48/+12
| | | | | | This reverts r340949 due to bot breakage again. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@340954 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Port to WindowsMatt Morehouse2018-08-299-12/+48
| | | | | | | | | | | | | | | | | | Summary: Port libFuzzer to windows-msvc. This patch allows libFuzzer targets to be built and run on Windows, using -fsanitize=fuzzer and/or fsanitize=fuzzer-no-link. It allows these forms of coverage instrumentation to work on Windows as well. It does not fix all issues, such as those with -fsanitize-coverage=stack-depth, which is not usable on Windows as of this patch. It also does not fix any libFuzzer integration tests. Nearly all of them fail to compile, fixing them will come in a later patch, so libFuzzer tests are disabled on Windows until them. Reviewers: morehouse, rnk Reviewed By: morehouse, rnk Subscribers: #sanitizers, delcypher, morehouse, kcc, eraman Differential Revision: https://reviews.llvm.org/D51022 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@340949 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert "[libFuzzer] Port to Windows"Matt Morehouse2018-08-289-48/+12
| | | | | | This reverts commit r340860 due to failing tests. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@340867 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Port to WindowsMatt Morehouse2018-08-289-12/+48
| | | | | | | | | | | | | | | | | | | | Summary: Port libFuzzer to windows-msvc. This patch allows libFuzzer targets to be built and run on Windows, using -fsanitize=fuzzer and/or fsanitize=fuzzer-no-link. It allows these forms of coverage instrumentation to work on Windows as well. It does not fix all issues, such as those with -fsanitize-coverage=stack-depth, which is not usable on Windows as of this patch. It also does not fix any libFuzzer integration tests. Nearly all of them fail to compile, fixing them will come in a later patch, so libFuzzer tests are disabled on Windows until them. Patch By: metzman Reviewers: morehouse, rnk Reviewed By: morehouse, rnk Subscribers: morehouse, kcc, eraman Differential Revision: https://reviews.llvm.org/D51022 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@340860 91177308-0d34-0410-b5e6-96231b3b80d8
* [sanitizer][fuzzer] Transition back to ZX_TIME_INFINITEPetr Hosek2018-08-271-7/+4
| | | | | | | | | | Now that all Zircon calls have been transitioned to take time as signed value, we can transition back to ZX_TIME_INFINITE, undoing the change made in r337802. Differential Revision: https://reviews.llvm.org/D51266 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@340764 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert "[libFuzzer] Use std::discrete_distribution for input selection."Matt Morehouse2018-08-171-4/+7
| | | | | | | This reverts r339973 due to msan.test failing on sanitizer-x86_64-linux-fuzzer bot. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@339976 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Use std::discrete_distribution for input selection.Matt Morehouse2018-08-171-7/+4
| | | | | | | | | | | | | | | | | Summary: Since we're casting from double to size_t during input selection, we really want a discrete distribution over size_t rather than a piecewise distribution over doubles. Reviewers: kcc Reviewed By: kcc Subscribers: llvm-commits Differential Revision: https://reviews.llvm.org/D50356 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@339973 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Optimize handle unstable checks by reducing iterationsMax Moroz2018-08-083-16/+21
| | | | | | | | | | | | | | | | | | Summary: We only run the 3rd check if 2nd check finds unstable edges. 3rd UpdateUnstableCounters is now merged with ApplyUnstableCounters to only run 1 iteration. Patch by Kyungtak Woo (@kevinwkt). Reviewers: Dor1s, metzman, morehouse Reviewed By: Dor1s, morehouse Subscribers: delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D50411 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@339249 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Add unstable function printing to print_unstable_stats flagMax Moroz2018-08-061-2/+14
| | | | | | | | | | | | | | | | | | | Summary: There may be cases in which a user wants to know which part of their code is unstable. We use ObservedFuncs and UnstableCounters to print at exit which of the ObservedFunctions are unstable under the -print_unstable_stats flag. Patch by Kyungtak Woo (@kevinwkt). Reviewers: Dor1s, metzman, morehouse Reviewed By: Dor1s, metzman, morehouse Subscribers: delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D50264 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@339081 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Initial implementation of weighted mutation leveraging during ↵Max Moroz2018-08-026-27/+76
| | | | | | | | | | | | | | | | | | | | | runtime. Summary: Added functions that calculate stats while fuzz targets are running and give mutations weight based on how much new coverage they provide, and choose better performing mutations more often. Patch by Kodé Williams (@kodewilliams). Reviewers: Dor1s, metzman, morehouse Reviewed By: Dor1s, morehouse Subscribers: delcypher, kcc, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D49621 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@338776 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] use absolute distance in addition to the hamming distance in ↵Kostya Serebryany2018-08-021-10/+5
| | | | | | value profiling; our A/B testing have (somewhat weak) indication that this provides an additional signal for corpus expansion git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@338661 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Handle unstable edges by disregarding unstable edgesMax Moroz2018-07-245-7/+19
| | | | | | | | | | | | | | | | | | | | Summary: Added a new mode within flag -handle_unstable for new unstable handling algorithm that does the following: When an edge is shown as unstable, copy to UnstableCounters the value 0. During ApplyUnstableCounters we copy back the value 0 to ModuleInline8bitCounters if the edge was unstable. This way we would be ignoring completely features that were collected through non-determinism. Unstable hits would be counted as if it never hit. Reviewers: metzman, Dor1s, kcc, morehouse Reviewed By: metzman, morehouse Subscribers: delcypher, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D49684 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337853 91177308-0d34-0410-b5e6-96231b3b80d8
* [sanitizer][fuzzer] Temporarily transition to ZX_TIME_INFINITE_OLDPetr Hosek2018-07-241-4/+7
| | | | | | | | | | | This is a preparation for breaking change when all Zircon calls that take time as an argument will start using signed valued. We will transition back to ZX_TIME_INFITINE after all the changes to these symbols are done and become part of the Fuchsia SDK. Differential Revision: https://reviews.llvm.org/D49694 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337802 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert "[Fuzzer] Update path to libc++ headers"Petr Hosek2018-07-241-2/+2
| | | | | | This reverts commit r337775 since r337727 has been reverted in r337782. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337784 91177308-0d34-0410-b5e6-96231b3b80d8
* [Fuzzer] Update path to libc++ headersPetr Hosek2018-07-231-2/+2
| | | | | | | | | The path to headers which are installed into libc++ build directory has changed in r337727 which broke the libFuzzer build. Differential Revision: https://reviews.llvm.org/D49705 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337775 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Handle unstable edges by using minimum hit countsMax Moroz2018-07-237-19/+54
| | | | | | | | | | | | | | | | | | | | | | | | Summary: Created unstable_handle flag that takes 1 or 2, depending on the handling type. Modified RunOne to accommodate the following heuristic: Use the first CollectFeatures to count how many features there are. If no new features, CollectFeatures like before. If there is new feature, we run CB 2 more times, Check which edges are unstable per input and we store the least amount of hit counts for each edge. Apply these hit counts back to inline8bitcounters so that CollectFeatures can work as intended. Modified UnstableCounters to 8int_t and created a bitset UnstableSet to tell which edges are unstable. Patch by Kyungtak Woo (@kevinwkt). Reviewers: Dor1s, metzman, morehouse Reviewed By: Dor1s, morehouse Subscribers: delcypher, #sanitizers, llvm-commits, kcc Differential Revision: https://reviews.llvm.org/D49525 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337696 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] when -print_coverage=1 is given, print more stats (the number of ↵Kostya Serebryany2018-07-192-14/+18
| | | | | | seeds that hit every given function) git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337501 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] fix the bot (the no-assert build)Kostya Serebryany2018-07-191-0/+1
| | | | git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337437 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] first experimental attempt at DFT-based mutations ↵Kostya Serebryany2018-07-197-9/+54
| | | | | | (DFT=data-flow-trace) git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337434 91177308-0d34-0410-b5e6-96231b3b80d8
* [Fuzzer] Improve crash unwinding on FuchsiaPetr Hosek2018-07-181-36/+237
| | | | | | | | | | | | | | | | | | | | | | | | | | Fuchsia doesn't have signals; instead it expects processes to have a dedicated exception thread that binds to the process' exception port and waits for exception packets to be delivered. On the other hand, libFuzzer and sanitizer_common use expect to collect crash information via libunwind from the same thread that caused the exception. The long term fix is to improve support for remote unwinding in libunbwind, plumb this through sanitizer_common and libFuzzer, and handle the exception exclusively on the exception thread. In the meantime, this revision has the exception thread "resurrect" the crashing thread by: * saving its general purpose register state onto the crashing thread's stack, * setting the crashing thread's program counter to an assembly trampoline with the CFI information needed by libunwind, and * resuming the crashed thread. Patch By: aarongreen Differential Revision: https://reviews.llvm.org/D48509 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337418 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Create single template for visiting Inline8bitCountersMax Moroz2018-07-182-27/+25
| | | | | | | | | | | | | | | | | | Summary: Created IterateInline8bitCounters, a single template for visiting Inline8bitCounters (nested for loop) Made InitializeUnstableCounters and UpdateUnstableCounters both send a lambda to IterateInline8bitCounters. Patch by Kyungtak Woo (@kevinwkt). Reviewers: Dor1s, metzman, kcc, morehouse Reviewed By: metzman, morehouse Subscribers: delcypher, llvm-commits, #sanitizers Differential Revision: https://reviews.llvm.org/D49453 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337403 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Mutation tracking and logging implemented.Max Moroz2018-07-176-21/+50
| | | | | | | | | | | | | | | | | | | Summary: Code now exists to track number of mutations that are used in fuzzing in total and ones that produce new coverage. The stats are currently being dumped to the command line. Patch by Kodé Williams (@kodewilliams). Reviewers: metzman, Dor1s, morehouse, kcc Reviewed By: Dor1s, morehouse, kcc Subscribers: delcypher, kubamracek, kcc, morehouse, llvm-commits, #sanitizers, mgorny Differential Revision: https://reviews.llvm.org/D48054 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337324 91177308-0d34-0410-b5e6-96231b3b80d8
* libFuzzer: prevent irrelevant strings from leaking into auto-dictionaryMatt Morehouse2018-07-177-26/+18
| | | | | | | | | | | | | | | | This is a fix for bug 37047. https://bugs.llvm.org/show_bug.cgi?id=37047 Implemented by basically reversing the logic. Previously all strings were considered, with some operations excluded. Now strings are excluded by default, and only strings during the CB considered. Patch By: pdknsk Differential Revision: https://reviews.llvm.org/D48800 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337296 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert r337194 (https://reviews.llvm.org/D48891) due to compilation errors.Max Moroz2018-07-166-36/+5
| | | | git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337206 91177308-0d34-0410-b5e6-96231b3b80d8
* [CMake] Use cxx-headers as a depedency for C++ headersPetr Hosek2018-07-161-2/+2
| | | | | | | | | | | | We no longer pass CLANG_DEFAULT_CXX_STDLIB to the runtimes build as it was causing issues so we can no longer use this variable. We instead use cxx-headers as a dependency whenever this is available since both XRay and libFuzzer are built as static libraries so this is sufficient. Differential Revision: https://reviews.llvm.org/D49346 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337199 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Mutation tracking and logging implemented.Max Moroz2018-07-166-5/+36
| | | | | | | | | | | | | | | | | | | Summary: Code now exists to track number of mutations that are used in fuzzing in total and ones that produce new coverage. The stats are currently being dumped to the command line. Patch by Kodé Williams (@kodewilliams). Reviewers: metzman, Dor1s, morehouse, kcc Reviewed By: Dor1s, morehouse, kcc Subscribers: delcypher, kubamracek, kcc, morehouse, llvm-commits, #sanitizers, mgorny Differential Revision: https://reviews.llvm.org/D48054 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337194 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Implement stat::stability_rate based on the percentage of ↵Max Moroz2018-07-167-0/+87
| | | | | | | | | | | | | | | | | | | | | unstable edges. Summary: Created a -print_unstable_stats flag. When -print_unstable_stats=1, we run it 2 more times on interesting inputs poisoning unstable edges in an array. On program termination, we run PrintUnstableStats() which will print a line with a stability percentage like AFL does. Patch by Kyungtak Woo (@kevinwkt). Reviewers: metzman, Dor1s, kcc, morehouse Reviewed By: metzman, Dor1s, morehouse Subscribers: delcypher, llvm-commits, #sanitizers, kcc, morehouse, Dor1s Differential Revision: https://reviews.llvm.org/D49212 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337187 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert r337175 (https://reviews.llvm.org/D49212) due to unintentional format ↵Max Moroz2018-07-167-118/+31
| | | | | | changes. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337180 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Implement stat::stability_rate based on the percentage of ↵Max Moroz2018-07-167-31/+118
| | | | | | | | | | | | | | | | | | | | | unstable edges. Summary: Created a -print_unstable_stats flag. When -print_unstable_stats=1, we run it 2 more times on interesting inputs poisoning unstable edges in an array. On program termination, we run PrintUnstableStats() which will print a line with a stability percentage like AFL does. Patch by Kyungtak Woo (@kevinwkt). Reviewers: metzman, Dor1s, kcc, morehouse Reviewed By: metzman, Dor1s, morehouse Subscribers: delcypher, llvm-commits, #sanitizers, kcc, morehouse, Dor1s Differential Revision: https://reviews.llvm.org/D49212 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@337175 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert "[Fuzzer] Afl driver changing iterations handling"Matt Morehouse2018-07-101-19/+5
| | | | | | | | | | | This reverts rL334510 due to breakage of afl_driver's command line interface. Patch By: Jonathan Metzman Differential Revision: https://reviews.llvm.org/D49141 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336719 91177308-0d34-0410-b5e6-96231b3b80d8
* [CMake] Add compiler-rt header files to the list of sources for targetsDan Liew2018-07-101-2/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when building with an IDE so that header files show up in the UI. This massively improves the development workflow in IDEs. To implement this a new function `compiler_rt_process_sources(...)` has been added that adds header files to the list of sources when the generator is an IDE. For non-IDE generators (e.g. Ninja/Makefile) no changes are made to the list of source files. The function can be passed a list of headers via the `ADDITIONAL_HEADERS` argument. For each runtime library a list of explicit header files has been added and passed via `ADDITIONAL_HEADERS`. For `tsan` and `sanitizer_common` a list of headers was already present but it was stale and has been updated to reflect the current state of the source tree. The original version of this patch used file globbing (`*.{h,inc,def}`) to find the headers but the approach was changed due to this being a CMake anti-pattern (if the list of headers changes CMake won't automatically re-generate if globbing is used). The LLVM repo contains a similar function named `llvm_process_sources()` but we don't use it here for several reasons: * It depends on the `LLVM_ENABLE_OPTION` cache variable which is not set in standalone compiler-rt builds. * We would have to `include(LLVMProcessSources)` which I'd like to avoid because it would include a bunch of stuff we don't need. Differential Revision: https://reviews.llvm.org/D48422 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336663 91177308-0d34-0410-b5e6-96231b3b80d8
* [libFuzzer] Make -fsanitize=memory,fuzzer work.Matt Morehouse2018-07-094-10/+43
| | | | | | | | | | | This patch allows libFuzzer to fuzz applications instrumented with MSan without recompiling libFuzzer with MSan instrumentation. Fixes https://github.com/google/sanitizers/issues/958. Differential Revision: https://reviews.llvm.org/D48891 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336619 91177308-0d34-0410-b5e6-96231b3b80d8
* Revert "[libFuzzer] Mutation tracking and logging implemented"Matt Morehouse2018-07-096-61/+22
| | | | | | This reverts r336597 due to bot breakage. git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@336616 91177308-0d34-0410-b5e6-96231b3b80d8
View Lorry Controller Status