OSchip
/
llvm-project
mirror of https://github.com/THU-DSP-LAB/llvm-project.git
13
0
Fork 6
Code Issues Packages Projects Releases Wiki Activity
257,842 Commits 32 Branches 0 Tags 2.2 GiB
Commit Graph

74 Commits

Author SHA1 Message Date
Kostya Serebryany 2c55613a08 [libFuzzer] more the feature set to InputCorpus; on feature update, change the feature counter of the old best input 
llvm-svn: 282829
 2016-09-30 01:19:56 +00:00
Kostya Serebryany a9b0dd0e51 [sanitizer-coverage/libFuzzer] make the guards for trace-pc 32-bit; create one array of guards per function, instead of one guard per BB. reorganize the code so that trace-pc-guard does not create unneeded globals 
llvm-svn: 282735
 2016-09-29 17:43:24 +00:00
Kostya Serebryany 3ee6c213d6 [libFuzzer] speedup TracePC::FinalizeTrace 
llvm-svn: 282562
 2016-09-28 01:16:24 +00:00
Kostya Serebryany 5ff481fd9e [libFuzzer] add -exit_on_src_pos to test libFuzzer itself, add a test script for RE2 that uses this flag 
llvm-svn: 282458
 2016-09-27 00:10:20 +00:00
Kostya Serebryany 0800b81a21 [libFuzzer] simplify HandleTrace again, start re-running interesting units and collecting their features. 
llvm-svn: 282316
 2016-09-23 23:51:58 +00:00
Kostya Serebryany 87a598e19f [libFuzzer] simplify the TracePC logic 
llvm-svn: 282222
 2016-09-23 01:20:07 +00:00
Kostya Serebryany d28099de5d [libFuzzer] change ValueBitMap to remember the number of bits in it 
llvm-svn: 282216
 2016-09-23 00:22:46 +00:00
Kostya Serebryany 624f59f4d8 [libFuzzer] add 'features' to the corpus elements, allow mutations with Size > MaxSize, fix sha1 in corpus stats; various refactorings 
llvm-svn: 282129
 2016-09-22 01:34:58 +00:00
Kostya Serebryany 8658618ea0 [libFuzzer] more refactoring 
llvm-svn: 282113
 2016-09-21 21:17:23 +00:00
Kostya Serebryany 6f5a804cdb [libFuzzer] refactoring: split the large header into many; NFC 
llvm-svn: 282044
 2016-09-21 01:50:50 +00:00
Kostya Serebryany b706b481ba [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer 
llvm-svn: 281866
 2016-09-18 21:47:08 +00:00
Kostya Serebryany 8e781a888a [libFuzzer] use 'if guard' instead of 'if guard >= 0' with trace-pc; change the guard type to intptr_t; use separate array for 8-bit counters 
llvm-svn: 281845
 2016-09-18 04:52:23 +00:00
Kostya Serebryany bc3789a919 [libFuzzer] properly reset the guards when reseting the coverage. Also try to fix check-fuzzer on the bot 
llvm-svn: 281814
 2016-09-17 06:01:55 +00:00
Kostya Serebryany 3e36ec1d18 [libFuzzer] change trace-pc to use 8-byte guards 
llvm-svn: 281810
 2016-09-17 05:04:47 +00:00
Kostya Serebryany 0984517021 [libFuzzer] make caller-callee feedback work with trace-pc-guard 
llvm-svn: 281667
 2016-09-15 22:16:15 +00:00
Kostya Serebryany 5350178487 [libFuzzer] implement print_pcs with trace-pc-guard. Change the trace-pc-guard heuristic for 8-bit counters to look more like in AFL (not that it's provable better, but the existin test preferes this heuristic) 
llvm-svn: 281577
 2016-09-15 04:36:45 +00:00
Kostya Serebryany a5277d59d0 [libFuzzer] add 8-bit counters to trace-pc-guard handler 
llvm-svn: 281568
 2016-09-15 01:30:18 +00:00
Kostya Serebryany a00b243c75 [libFuzzer] start using trace-pc-guard as an alternative source of coverage 
llvm-svn: 281435
 2016-09-14 02:13:06 +00:00
Kostya Serebryany 32661f9d66 [libFuzzer] add more __attribute__((visibility("default"))) 
llvm-svn: 279143
 2016-08-18 20:52:52 +00:00
Kostya Serebryany c98ef718ea [libFuzzer] refactoring around PCMap, NFC 
llvm-svn: 278825
 2016-08-16 17:37:13 +00:00
Dan Liew 5914407185 [LibFuzzer] Provide stub implementation of __sanitizer_cov_trace_pc_indir 
Calls to this function are currently injected by the
``SanitizerCoverageModule`` pass when the both the ``indirect-calls``
and ``trace-pc`` sanitizer coverage options are enabled and the code
being instrumented has indirect calls. Previously because LibFuzzer did
not define this function this would lead to link errors when building
some of the tests on OSX.

Differential Revision: http://reviews.llvm.org/D20946

llvm-svn: 271938
 2016-06-06 20:27:09 +00:00
Mike Aizatsky 1aa501e7e8 [libfuzzer] Refactoring coverage state-management code. 
It is now less state-dependent and will allow easier comparing of
coverages of different units.

Differential Revision: http://reviews.llvm.org/D20085

llvm-svn: 269140
 2016-05-10 23:43:15 +00:00
Kostya Serebryany 2d4f8f168b [libFuzzer] speedup path coverage handling 
llvm-svn: 262102
 2016-02-27 01:50:16 +00:00
Kostya Serebryany da63c1d09a [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds 
llvm-svn: 262073
 2016-02-26 21:33:56 +00:00