Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 01ddc1cfd546f95d5536b7054bbfd444c44b6da4 / llvm / lib / Fuzzer / FuzzerInternal.h
  1. 4fc6dd7 [libFuzzer] add two experimental flags to make corpus merging more scalable: -save_coverage_summary/-load_coverage_summary. This is still WIP, the documentation will come later if these flags survive by Kostya Serebryany · 9 years ago
  2. 7024043 [libFuzzer] remove even more stale code by Kostya Serebryany · 9 years ago
  3. 862a845 [libFuzzer] simplify code a bit by Kostya Serebryany · 9 years ago
  4. f81cc09 [libFuzzer] remove more stale code by Kostya Serebryany · 9 years ago
  5. a43a299 [libFuzzer] remove stale code by Kostya Serebryany · 9 years ago
  6. 41e7a27 [libFuzzer] remove usage of the old coverage instrumentation by Kostya Serebryany · 9 years ago
  7. 419634b [libFuzzer] remove a bit of stale code by Kostya Serebryany · 9 years ago
  8. 98d592c [libFuzzer] experimental support for 'equivalance fuzzing' by Kostya Serebryany · 9 years ago
  9. 4aa0590 [libFuzzer] improve error handling during the merge (handle various IO failures) by Kostya Serebryany · 9 years ago
  10. 64d4147 [libFuzzer] Fix bug in detecting timeouts when input string is empty. by Marcos Pividori · 9 years ago
  11. 178fe58 [libFuzzer] Clean up headers and file formatting of LibFuzzer files. by Marcos Pividori · 9 years ago
  12. 111e1d6 [libFuzzer] implement crash-resistant merge (https://github.com/google/sanitizers/issues/722). This is a first experimental variant that needs some more testing, thus not yet adding a lit test (but there are unit tests). by Kostya Serebryany · 9 years ago
  13. 05f7791 [libFuzzer] extend -rss_limit_mb to crash instantly on a single malloc that exceeds the limit by Kostya Serebryany · 9 years ago
  14. 24a148b [LibFuzzer] Split up some functions among different headers. by Zachary Turner · 9 years ago
  15. a5b2e54 [libFuzzer] simplify the code to print new PCs by Kostya Serebryany · 9 years ago
  16. bb59ef7 [libFuzzer] detect leaks after every run when executing fixed inputs (./fuzzer -runs=1000000 my-file) by Kostya Serebryany · 9 years ago
  17. 8dfed45 [libFuzzer] reshuffle the code for -exit_on_src_pos and -exit_on_item by Kostya Serebryany · 9 years ago
  18. f9b8e8b [libFuzzer] better algorithm for -minimize_crash by Kostya Serebryany · 9 years ago
  19. 1c73f1b [libFuzzer] refactoring to make -shrink=1 work for value profile, added a test. by Kostya Serebryany · 9 years ago
  20. 4820cc9 [libFuzzer] remove dfsan support and some related stale code. This is not being used and as is is pretty weak anyway by Kostya Serebryany · 9 years ago
  21. d216922 [libFuzzer] implement the -shrink=1 option that tires to make elements of the corpus smaller, off by default by Kostya Serebryany · 9 years ago
  22. 90f8f36 [libFuzzer] remove some experimental code by Kostya Serebryany · 9 years ago
  23. b3949ef [libFuzzer] remove the code for -print_pcs=1 with the old coverage. It still works with the new one (trace-pc-guard) by Kostya Serebryany · 9 years ago
  24. 5ff481f [libFuzzer] add -exit_on_src_pos to test libFuzzer itself, add a test script for RE2 that uses this flag by Kostya Serebryany · 9 years ago
  25. 0800b81 [libFuzzer] simplify HandleTrace again, start re-running interesting units and collecting their features. by Kostya Serebryany · 9 years ago
  26. 16a145f [libFuzzer] fix merging with trace-pc-guard by Kostya Serebryany · 9 years ago
  27. ab73c69 [libFuzzer] move value profiling logic into TracePC by Kostya Serebryany · 9 years ago
  28. d28099d [libFuzzer] change ValueBitMap to remember the number of bits in it by Kostya Serebryany · 9 years ago
  29. be0ed59 [libFuzzer] simplify the crash minimizer; split MaxLen into two: MaxInputLen and MaxMutationLen, allow MaxMutationLen to be less than MaxInputLen by Kostya Serebryany · 9 years ago
  30. 624f59f [libFuzzer] add 'features' to the corpus elements, allow mutations with Size > MaxSize, fix sha1 in corpus stats; various refactorings by Kostya Serebryany · 9 years ago
  31. 29bb664 [libFuzzer] add stats to the corpus; more refactoring by Kostya Serebryany · 9 years ago
  32. 20801e1 [libFuzzer] more refactoring; don't compute sha1sum every time we mutate a unit from the corpus, use the stored one. by Kostya Serebryany · 9 years ago
  33. 225d8e4 [libFuzzer] fix libc++ build by Kostya Serebryany · 9 years ago
  34. 556894f [libFuzzer] more refactoring; NFC by Kostya Serebryany · 9 years ago
  35. 6f5a804 [libFuzzer] refactoring: split the large header into many; NFC by Kostya Serebryany · 9 years ago
  36. 09aa01a [libFuzzer] refactoring: move the Corpus into a separate class; delete two unused experimental features by Kostya Serebryany · 9 years ago
  37. b706b48 [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer by Kostya Serebryany · 9 years ago
  38. 8e781a8 [libFuzzer] use 'if guard' instead of 'if guard >= 0' with trace-pc; change the guard type to intptr_t; use separate array for 8-bit counters by Kostya Serebryany · 9 years ago
  39. bc3789a [libFuzzer] properly reset the guards when reseting the coverage. Also try to fix check-fuzzer on the bot by Kostya Serebryany · 9 years ago
  40. 3e36ec1 [libFuzzer] change trace-pc to use 8-byte guards by Kostya Serebryany · 9 years ago
  41. 0984517 [libFuzzer] make caller-callee feedback work with trace-pc-guard by Kostya Serebryany · 9 years ago
  42. 5350178 [libFuzzer] implement print_pcs with trace-pc-guard. Change the trace-pc-guard heuristic for 8-bit counters to look more like in AFL (not that it's provable better, but the existin test preferes this heuristic) by Kostya Serebryany · 9 years ago
  43. a5277d5 [libFuzzer] add 8-bit counters to trace-pc-guard handler by Kostya Serebryany · 9 years ago
  44. a00b243 [libFuzzer] start using trace-pc-guard as an alternative source of coverage by Kostya Serebryany · 9 years ago
  45. b991cc1 [libFuzzer] print a visible message if merge fails due to a crash by Kostya Serebryany · 9 years ago
  46. b76a2a5 [libFuzzer] improve -print_pcs to not print new PCs coming from libFuzzer itself by Kostya Serebryany · 9 years ago
  47. 8ea4f98 [libFuzzer] remove unneeded call by Kostya Serebryany · 9 years ago
  48. 5c04bd2 [libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly better by Kostya Serebryany · 9 years ago
  49. 0f0fa4f [libFizzer] rename -print_new_cov_pcs=1 into -print_pcs=1 and make it more useful: print PCs only after the initial corpus has been read and symbolize them by Kostya Serebryany · 9 years ago
  50. f67357c [libFuzzer] simplify the code, NFC by Kostya Serebryany · 9 years ago
  51. bceadcf [libFuzzer] use __attribute__((target("popcnt"))) only on x86_64 by Kostya Serebryany · 9 years ago
  52. 0c537b1 [libFuzzer] one more mutation: ChangeBinaryInteger; also fix the breakage from r278970 by Kostya Serebryany · 9 years ago
  53. a9a5480 [libFuzzer] when printing the reproducer input, also print the base input and the mutation sequence by Kostya Serebryany · 9 years ago
  54. a7398ba [libFuzzer] more mutations by Kostya Serebryany · 9 years ago
  55. d46a59f [libFuzzer] new experimental feature: value profiling. Profiles values that affect control flow and treats new values as new coverage. by Kostya Serebryany · 9 years ago
  56. c98ef71 [libFuzzer] refactoring around PCMap, NFC by Kostya Serebryany · 9 years ago
  57. dfbe59b [libFuzzer] add InsertRepeatedBytes and EraseBytes. by Kostya Serebryany · 9 years ago
  58. b4bbc3b [sanitizers] trace buffer API to use user-allocated buffer. by Mike Aizatsky · 9 years ago
  59. c135b55 [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmp by Kostya Serebryany · 9 years ago
  60. f0b3e85 [libfuzzer] moving is_ascii handler inside mutation dispatcher. by Mike Aizatsky · 9 years ago
  61. 1873a49 [LibFuzzer] Declare and use sanitizer functions in ``fuzzer::ExternalFunctions`` by Dan Liew · 9 years ago
  62. 41d6683 [libfuzzer] custom crossover interface function. by Mike Aizatsky · 9 years ago
  63. 1f88b12 [libfuzzer] prune_corpus option for disabling pruning during the load. by Mike Aizatsky · 9 years ago
  64. 70fd3e4 [libfuzzer] hiding custom mutator handling in MutationDispatcher. by Mike Aizatsky · 9 years ago
  65. d3c3311 [LibFuzzer] Reimplement how the optional user functions are called. by Dan Liew · 9 years ago
  66. 0edb563 [libFuzzer] make OOM-handling more portable. Instead of sending a signal to the main fuzzing thread, print the message in the getrusage thread and exit. by Kostya Serebryany · 9 years ago
  67. 8fc3a27 [libFuzzer] more refactoring: make sure CurrentUnitData is awlays a valid pointer to read from by Kostya Serebryany · 9 years ago
  68. d838412 [libFuzzer] more refactoring around CurrentUnit. Also add a threading test on which we currently have a race (when reporting bugs from multiple threads) by Kostya Serebryany · 9 years ago
  69. f26017b [libFuzzer] refactor: hide CurrentUnitData inside an interface function. NFC by Kostya Serebryany · 9 years ago
  70. 4b92326 [libFuzzer] when there is a leak in the existing corpus report the reproducer properly by Kostya Serebryany · 9 years ago
  71. f1f3f93 [libFuzzer] reimplement the way we do -only_ascii to allow more 'const' in function declarations. Add a test for -only_ascii. NFC intended by Kostya Serebryany · 9 years ago
  72. af432a4 [libfuzzer] Trying random unit prefixes during corpus load. by Mike Aizatsky · 9 years ago
  73. 3868e46 [LibFuzzer] Work around crashes in ``__sanitizer_malloc_hook()`` under Mac OSX. by Dan Liew · 9 years ago
  74. 8b0d90a [libFuzzer] simplify FuzzerInterface.h by Kostya Serebryany · 9 years ago
  75. 1aa501e [libfuzzer] Refactoring coverage state-management code. by Mike Aizatsky · 9 years ago
  76. 8b8f7a3 [libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print the OOM reproducer. by Kostya Serebryany · 9 years ago
  77. 52b394e [libFuzzer] add exeprimental -rss_limit_mb flag to fight against OOMs by Kostya Serebryany · 9 years ago
  78. baf7fd0 [libFuzzer] print stats after running individual inputs by Kostya Serebryany · 10 years ago
  79. 2fe9304 [libFuzzer] enable detect_leaks=1, add proper docs by Kostya Serebryany · 10 years ago
  80. 7018a1a [libFuzzer] disable leak detection if we have tried it for 1000 times w/o finding a leak by Kostya Serebryany · 10 years ago
  81. 9ba1918 [libFuzzer] remove dead code by Kostya Serebryany · 10 years ago
  82. 1bfd583 [libFuzzer] added -detect_leaks flag (0 by default for now). When enabled, it will help finding leaks while fuzzing by Kostya Serebryany · 10 years ago
  83. ebb932d [libFuzzer] try to print correct time in seconds when reporting a timeout. Don't report timeouts while still loading the corpus. by Kostya Serebryany · 10 years ago
  84. f389ae1 [libFuzzer] handle SIGTERM by Kostya Serebryany · 10 years ago
  85. 49e4090 [libFuzzer] add a flag close_fd_mask so that we can silence spammy targets by closing stderr/stdout by Kostya Serebryany · 10 years ago
  86. 945761b [libFuzzer] improve -merge functionality by Kostya Serebryany · 10 years ago
  87. c5575aa [libFuzzer] deprecate several flags by Kostya Serebryany · 10 years ago
  88. 64d2457 [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. by Kostya Serebryany · 10 years ago
  89. 3d95dd9 [libFuzzer] deprecate exit_on_first flag by Kostya Serebryany · 10 years ago
  90. 228d5b1 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. by Kostya Serebryany · 10 years ago
  91. 66ff075 [libFuzzer] add -print_final_stats=1 flag by Kostya Serebryany · 10 years ago
  92. da63c1d [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds by Kostya Serebryany · 10 years ago
  93. a35f7d3 [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup loading the corpus by Kostya Serebryany · 10 years ago
  94. 8a5bef0 [libFuzzer] remove std::vector operations from hot paths, NFC by Kostya Serebryany · 10 years ago
  95. 1deb049 [libFuzzer] don't require seed in fuzzer::Mutate, instead use the global Fuzzer object for fuzzer::Mutate. This makes custom mutators fast by Kostya Serebryany · 10 years ago
  96. 2319496 [libFuzzer] simplify CTOR of MutationDispatcher by Kostya Serebryany · 10 years ago
  97. 292cf03 [libFuzzer] get rid of MutationDispatcher::Impl (simplify the code; NFC) by Kostya Serebryany · 10 years ago
  98. 7ec0c56 [libFuzzer] get rid of UserSuppliedFuzzer; NFC by Kostya Serebryany · 10 years ago
  99. a399221 [libFuzzer] simplify the code around Random. NFC by Kostya Serebryany · 10 years ago
  100. ecab57b [libFuzzer] remove UserSuppliedFuzzer from the interface (it was a bad idea). by Kostya Serebryany · 10 years ago