aboutsummaryrefslogtreecommitdiff
path: root/llvm/lib/Fuzzer/FuzzerMutate.cpp
AgeCommit message (Collapse)AuthorFilesLines
2016-08-19[libFuzzer] fix the non-debug build warningsKostya Serebryany1-1/+2
llvm-svn: 279321
2016-08-17[libFuzzer] given 0 and 255 more preference when inserting repeated bytesKostya Serebryany1-1/+2
llvm-svn: 278986
2016-08-17[libFuzzer] one more mutation: ChangeBinaryInteger; also fix the breakage ↵Kostya Serebryany1-1/+38
from r278970 llvm-svn: 278982
2016-08-17Replace a few more "fall through" comments with LLVM_FALLTHROUGHJustin Bogner1-1/+1
Follow up to r278902. I had missed "fall through", with a space. llvm-svn: 278970
2016-08-17[libFuzzer] more mutationsKostya Serebryany1-18/+69
llvm-svn: 278950
2016-08-15[libFuzzer] add InsertRepeatedBytes and EraseBytes.Kostya Serebryany1-7/+29
New mutation: InsertRepeatedBytes. Updated mutation: EraseByte => EraseBytes. This helps https://github.com/google/sanitizers/issues/710 where libFuzzer was not able to find a known bug. Now it finds it in minutes. Hopefully, the change is general enough to help other targets. llvm-svn: 278687
2016-07-15[libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmpKostya Serebryany1-3/+2
llvm-svn: 275648
2016-06-23[libfuzzer] moving is_ascii handler inside mutation dispatcher.Mike Aizatsky1-1/+7
Summary: It also fixes a bug, when first random might not be ascii. Differential Revision: http://reviews.llvm.org/D21573 llvm-svn: 273611
2016-06-07[LibFuzzer] Declare and use sanitizer functions in ``fuzzer::ExternalFunctions``Dan Liew1-4/+4
This fixes linking problems on OSX. Unfortunately it turns out we need to use an instance of the ``fuzzer::ExternalFunctions`` object in several places so this commit also replaces all instances with a single global instance. It also turns out initializing a global ``fuzzer::ExternalFunctions`` before main is entered (i.e. letting the object be initialised by the global initializers) is not safe (on OSX the call to ``Printf()`` in the CTOR crashes if it is called from a global initializer) so we instead have a global ``fuzzer::ExternalFunctions*`` and initialize it inside ``FuzzerDriver()``. Multiple unit tests depend also depend on the ``fuzzer::ExternalFunctions*`` global so a ``main()`` function has been added that initializes it before running any tests. Differential Revision: http://reviews.llvm.org/D20943 llvm-svn: 272072
2016-06-07[libfuzzer] custom crossover interface function.Mike Aizatsky1-0/+23
Differential Revision: http://reviews.llvm.org/D21089 llvm-svn: 272054
2016-06-03[libfuzzer] hiding custom mutator handling in MutationDispatcher.Mike Aizatsky1-19/+42
Summary: Refactoring, no functional changes. Differential Revision: http://reviews.llvm.org/D20975 llvm-svn: 271740
2016-02-13[libFuzzer] remove std::vector operations from hot paths, NFCKostya Serebryany1-1/+2
llvm-svn: 260829
2016-02-13[libFuzzer] don't require seed in fuzzer::Mutate, instead use the global ↵Kostya Serebryany1-6/+0
Fuzzer object for fuzzer::Mutate. This makes custom mutators fast llvm-svn: 260810
2016-02-13[libFuzzer] simplify CTOR of MutationDispatcherKostya Serebryany1-18/+18
llvm-svn: 260800
2016-02-13[libFuzzer] get rid of MutationDispatcher::Impl (simplify the code; NFC)Kostya Serebryany1-132/+37
llvm-svn: 260799
2016-02-13[libFuzzer] get rid of UserSuppliedFuzzer; NFCKostya Serebryany1-0/+7
llvm-svn: 260798
2016-02-13[libFuzzer] simplify the code around Random. NFCKostya Serebryany1-5/+5
llvm-svn: 260797
2016-01-22[libFuzzer] add more fields to DictionaryEntry to count the number of uses ↵Kostya Serebryany1-27/+50
and successes llvm-svn: 258589
2016-01-21[libFuzzer] don't use std::vector in one more hot pathKostya Serebryany1-6/+29
llvm-svn: 258380
2016-01-19[libFuzzer] use std::mt19937 for generating random numbers by default. Fix ↵Kostya Serebryany1-3/+2
MyStoll to handle negative values. Use std::any_of instead of std::find_if llvm-svn: 258178
2016-01-16[libFuzzer] replace vector with a simpler data structure in the Dictionaries ↵Kostya Serebryany1-26/+25
to avoid memory allocations on hot path llvm-svn: 257985
2016-01-14[libFuzzer] suggest a dictionary to the user of some of the trace-based ↵Kostya Serebryany1-13/+59
dictionary entries were successful llvm-svn: 257736
2016-01-12[libFuzzer] when a new unit is discovered using a dictionary, print all used ↵Kostya Serebryany1-2/+12
dictionary entries llvm-svn: 257435
2016-01-09[libFuzzer] change the way trace-based mutations are applied. Instead of a ↵Kostya Serebryany1-0/+6
custom code just rely on the automatically created dictionary llvm-svn: 257248
2016-01-07[libFuzzer] add a position hint to the dictionary-based mutatorKostya Serebryany1-20/+50
llvm-svn: 257013
2016-01-06[libFuzzer] extend the dictionary mutator to optionally overwrite data with ↵Kostya Serebryany1-5/+12
the dict entry llvm-svn: 256900
2015-12-19[libFuzzer] make CrossOver just one of the other mutationsKostya Serebryany1-0/+23
llvm-svn: 256081
2015-12-19[libFuzzer] print successfull mutations sequencesKostya Serebryany1-13/+30
llvm-svn: 256071
2015-10-08[libFuzzer] fix 32-bit buildKostya Serebryany1-1/+1
llvm-svn: 249646
2015-09-08[libFuzzer] add one more mutator: Mutate_ChangeASCIIIntegerKostya Serebryany1-0/+34
llvm-svn: 247027
2015-09-04[libFuzzer] when a single mutation fails try a few more times with other ↵Kostya Serebryany1-7/+14
mutations before returning un-mutated data llvm-svn: 246828
2015-09-04[libFuzzer] actually make the dictionaries work (+docs)Kostya Serebryany1-7/+47
llvm-svn: 246825
2015-09-03[libFuzzer] refactor the mutation functions so that they are now methods of ↵Kostya Serebryany1-17/+16
a class. NFC llvm-svn: 246808
2015-08-06[libFuzzer] add one more mutation strategy: byte shufflingKostya Serebryany1-1/+15
llvm-svn: 244188
2015-08-01[libFuzzer] more refactoring of the Mutator and adding tests to itKostya Serebryany1-13/+28
llvm-svn: 243818
2015-08-01[libFuzzer] start refactoring the Mutator and adding tests to itKostya Serebryany1-7/+11
llvm-svn: 243817
2015-07-24[libFuzzer] allow users to supply their own implementation of randKostya Serebryany1-12/+13
llvm-svn: 243078
2015-05-22[lib/Fuzzer] extend the fuzzer interface to allow user-supplied mutatorsKostya Serebryany1-24/+25
llvm-svn: 238059
2015-02-19[fuzzer] properly annotate fallthrough, add one more entry to FAQKostya Serebryany1-1/+1
llvm-svn: 229880
2015-02-04[fuzzer] make multi-process execution more verbose; fix mutation to actually ↵Kostya Serebryany1-8/+16
respect mutation depth and to never produce empty units llvm-svn: 228170
2015-01-29Reverting r227452, which adds back the fuzzer library. Now excluding the ↵Aaron Ballman1-0/+62
fuzzer library based on LLVM_USE_SANITIZE_COVERAGE being set or unset. llvm-svn: 227464
2015-01-29Temporarily reverting the fuzzer library as it causes too many build issues ↵Aaron Ballman1-62/+0
for MSVC users. This reverts: 227445, 227395, 227389, 227357, 227254, 227252 llvm-svn: 227452
2015-01-27Add a Fuzzer libraryKostya Serebryany1-0/+62
Summary: A simple genetic in-process coverage-guided fuzz testing library. I've used this fuzzer to test clang-format (it found 12+ bugs, thanks djasper@ for the fixes!) and it may also help us test other parts of LLVM. So why not keep it in the LLVM repository? I plan to add the cmake build rules later (in a separate patch, if that's ok) and also add a clang-format-fuzzer target. See README.txt for details. Test Plan: Tests will follow separately. Reviewers: djasper, chandlerc, rnk Reviewed By: rnk Subscribers: majnemer, ygribov, dblaikie, llvm-commits Differential Revision: http://reviews.llvm.org/D7184 llvm-svn: 227252
generated by cgit v1.1 at 2025-10-15 15:21:14 +0000