aboutsummaryrefslogtreecommitdiff
path: root/llvm/lib/Fuzzer/FuzzerDriver.cpp
AgeCommit message (Collapse)AuthorFilesLines
2016-09-10[libFuzzer] don't print help for internal flags Kostya Serebryany1-0/+1
llvm-svn: 281124
2016-09-09[libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly ↵Kostya Serebryany1-1/+0
better llvm-svn: 281007
2016-09-01[libFuzzer] add -minimize_crash flag (to minimize crashers). also add two ↵Kostya Serebryany1-8/+99
tests that I failed to commit last time llvm-svn: 280332
2016-08-30[libFuzzer] fix a bug when running a single unit of N bytes with -max_len=M, ↵Kostya Serebryany1-5/+5
M<N, caused a buffer overflow llvm-svn: 280098
2016-08-25[libFizzer] rename -print_new_cov_pcs=1 into -print_pcs=1 and make it more ↵Kostya Serebryany1-1/+1
useful: print PCs only after the initial corpus has been read and symbolize them llvm-svn: 279787
2016-08-16[libFuzzer] new experimental feature: value profiling. Profiles values that ↵Kostya Serebryany1-0/+3
affect control flow and treats new values as new coverage. llvm-svn: 278839
2016-08-15[libFuzzer] print a verbose message after executing inputs in non-fuzzing modeKostya Serebryany1-0/+4
llvm-svn: 278724
2016-07-15[libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmpKostya Serebryany1-0/+1
llvm-svn: 275648
2016-06-23[libfuzzer] moving is_ascii handler inside mutation dispatcher.Mike Aizatsky1-2/+2
Summary: It also fixes a bug, when first random might not be ascii. Differential Revision: http://reviews.llvm.org/D21573 llvm-svn: 273611
2016-06-17[libFuzzer] make the single-run output more reliableKostya Serebryany1-2/+2
llvm-svn: 272998
2016-06-07[LibFuzzer] Declare and use sanitizer functions in ``fuzzer::ExternalFunctions``Dan Liew1-3/+7
This fixes linking problems on OSX. Unfortunately it turns out we need to use an instance of the ``fuzzer::ExternalFunctions`` object in several places so this commit also replaces all instances with a single global instance. It also turns out initializing a global ``fuzzer::ExternalFunctions`` before main is entered (i.e. letting the object be initialised by the global initializers) is not safe (on OSX the call to ``Printf()`` in the CTOR crashes if it is called from a global initializer) so we instead have a global ``fuzzer::ExternalFunctions*`` and initialize it inside ``FuzzerDriver()``. Multiple unit tests depend also depend on the ``fuzzer::ExternalFunctions*`` global so a ``main()`` function has been added that initializes it before running any tests. Differential Revision: http://reviews.llvm.org/D20943 llvm-svn: 272072
2016-06-07[libfuzzer] prune_corpus option for disabling pruning during the load.Mike Aizatsky1-0/+1
Summary: The option is very useful for testing, plus I intend to measure its effect on fuzzer effectiveness. Differential Revision: http://reviews.llvm.org/D21084 llvm-svn: 272035
2016-06-02[LibFuzzer] Reimplement how the optional user functions are called.Dan Liew1-8/+6
The motivation for this change is to fix linking issues on OSX. However this only partially fixes linking issues (the uninstrumented tests and a few others won't succesfully link yet). This change introduces a struct of function pointers (``fuzzer::ExternalFuntions``) which when initialised will point to the optional functions if they are available. Currently these ``LLVMFuzzerInitialize`` and ``LLVMFuzzerCustomMutator`` functions. Two implementations of ``fuzzer::ExternalFunctions`` constructor are provided one for Linux and one for OSX. The OSX implementation uses ``dlsym()`` because the prior implementation using weak symbols does not work unless the additional flags are passed to the linker. The Linux implementation continues to use weak symbols because the ``dlsym()`` approach does not work unless additional flags are passed to the linker. Differential Revision: http://reviews.llvm.org/D20741 llvm-svn: 271491
2016-06-01[libFuzzer] when an invalid flag is given, warn, but don't crashKostya Serebryany1-2/+3
llvm-svn: 271404
2016-05-24[libfuzzer] Trying random unit prefixes during corpus load.Mike Aizatsky1-0/+1
Differential Revision: http://reviews.llvm.org/D20301 llvm-svn: 270632
2016-05-13[libFuzzer] print the file name before executing the input so that if there ↵Kostya Serebryany1-1/+2
is a crash we know which files has caused it llvm-svn: 269450
2016-05-06[libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print ↵Kostya Serebryany1-3/+4
the OOM reproducer. llvm-svn: 268821
2016-05-06[libFuzzer] add exeprimental -rss_limit_mb flag to fight against OOMsKostya Serebryany1-0/+17
llvm-svn: 268807
2016-05-04[libFuzzer] print stats after running individual inputsKostya Serebryany1-1/+2
llvm-svn: 268547
2016-04-20[libFuzzer] added -detect_leaks flag (0 by default for now). When enabled, ↵Kostya Serebryany1-0/+1
it will help finding leaks while fuzzing llvm-svn: 266838
2016-04-18[libFuzzer] warn if the corpus is emptyKostya Serebryany1-1/+4
llvm-svn: 266670
2016-04-18[NFC] Header cleanupMehdi Amini1-7/+5
Removed some unused headers, replaced some headers with forward class declarations. Found using simple scripts like this one: clear && ack --cpp -l '#include "llvm/ADT/IndexedMap.h"' | xargs grep -L 'IndexedMap[<]' | xargs grep -n --color=auto 'IndexedMap' Patch by Eugene Kosov <claprix@yandex.ru> Differential Revision: http://reviews.llvm.org/D19219 From: Mehdi Amini <mehdi.amini@apple.com> llvm-svn: 266595
2016-04-15[libFuzzer] add a better warning for command line flags with -- (two dashes)Kostya Serebryany1-0/+3
llvm-svn: 266480
2016-04-11Remove redundant .c_str(), as suggested by PR25633Hans Wennborg1-1/+1
llvm-svn: 265988
2016-03-24[libFuzzer] handle SIGTERMKostya Serebryany1-0/+1
llvm-svn: 264338
2016-03-18[libFuzzer] add a flag close_fd_mask so that we can silence spammy targets ↵Kostya Serebryany1-0/+5
by closing stderr/stdout llvm-svn: 263831
2016-03-18[libFuzzer] improve -merge functionalityKostya Serebryany1-2/+1
llvm-svn: 263769
2016-03-17[libFuzzer] deprecate several flagsKostya Serebryany1-10/+4
llvm-svn: 263739
2016-03-15[libFuzzer] use max_len exactly equal to the max size of input. Fix 32-bit buildKostya Serebryany1-1/+2
llvm-svn: 263518
2016-03-12[libFuzzer] try to use max_len based on the items of the corpus instead of ↵Kostya Serebryany1-4/+13
blindly defaulting to 64 bytes. llvm-svn: 263323
2016-03-04[libFuzzer] log less when re-loading files; fix a silly bug: when running ↵Kostya Serebryany1-1/+1
single files actually run all of them, not just the first one llvm-svn: 262754
2016-03-01[libFuzzer] deprecate exit_on_first flagKostya Serebryany1-6/+8
llvm-svn: 262417
2016-03-01[libFuzzer] add generic signal handlers so that libFuzzer can report at ↵Kostya Serebryany1-1/+6
least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. llvm-svn: 262415
2016-02-26[libFuzzer] add -print_final_stats=1 flagKostya Serebryany1-0/+2
llvm-svn: 262084
2016-02-18[libFuzzer] only read MaxLen bytes from every file in the corpus to speedup ↵Kostya Serebryany1-1/+1
loading the corpus llvm-svn: 261267
2016-02-13[libFuzzer] remove std::vector operations from hot paths, NFCKostya Serebryany1-1/+1
llvm-svn: 260829
2016-02-13[libFuzzer] remove the C++-ish variant of FuzzerDriver from the interfaceKostya Serebryany1-6/+7
llvm-svn: 260801
2016-02-13[libFuzzer] get rid of UserSuppliedFuzzer; NFCKostya Serebryany1-3/+3
llvm-svn: 260798
2016-02-13[libFuzzer] simplify the code around Random. NFCKostya Serebryany1-11/+10
llvm-svn: 260797
2016-02-13[libFuzzer] remove UserSuppliedFuzzer from the interface (it was a bad idea).Kostya Serebryany1-13/+3
llvm-svn: 260796
2016-02-12[libFuzzer] make -runs=N flag also affect the simple runner (will execute ↵Kostya Serebryany1-2/+5
every input N times) llvm-svn: 260649
2016-02-02[libFuzzer] allow passing 1 or more files as individual inputsKostya Serebryany1-2/+28
llvm-svn: 259459
2016-01-29[libFuzzer] add -timeout_exitcode optionKostya Serebryany1-0/+1
llvm-svn: 259265
2016-01-23[libFuzzer] add -abort_on_timeout optionKostya Serebryany1-0/+1
llvm-svn: 258631
2016-01-19[libFuzzer] use std::mt19937 for generating random numbers by default. Fix ↵Kostya Serebryany1-4/+10
MyStoll to handle negative values. Use std::any_of instead of std::find_if llvm-svn: 258178
2016-01-16[libFuzzer] replace vector with a simpler data structure in the Dictionaries ↵Kostya Serebryany1-1/+2
to avoid memory allocations on hot path llvm-svn: 257985
2016-01-15[libFuzzer] do mutations based on memcmp/strcmp interceptors under a ↵Kostya Serebryany1-0/+1
separate flag (-use_memcmp, default=1) llvm-svn: 257873
2016-01-15[libFuzzer] use custom stol; also introduce __libfuzzer_is_present so that ↵Kostya Serebryany1-1/+17
users can check for its presence. llvm-svn: 257848
2016-01-09[libFuzzer] change the way trace-based mutations are applied. Instead of a ↵Kostya Serebryany1-2/+0
custom code just rely on the automatically created dictionary llvm-svn: 257248
2016-01-07[libFuzzer] add a position hint to the dictionary-based mutatorKostya Serebryany1-1/+1
llvm-svn: 257013
generated by cgit v1.1 at 2025-10-14 07:53:11 +0000