Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 0c1c70aef4a1d97188fde20e894bafeccd64224c / llvm / lib / Fuzzer / FuzzerDriver.cpp
  1. 87a3811 [libFuzzer] add an assert to protect against LLVMFuzzerInitialize changing argv[0] by Kostya Serebryany · 9 years ago
  2. 98d592c [libFuzzer] experimental support for 'equivalance fuzzing' by Kostya Serebryany · 9 years ago
  3. 38b5d3c [libFuzzer] improve -minimize_crash: honor -artifact_prefix= and don't special case 2-byte inputs by Kostya Serebryany · 9 years ago
  4. bb91170 [libFuzzer] remove stale code by Kostya Serebryany · 9 years ago
  5. 4aa0590 [libFuzzer] improve error handling during the merge (handle various IO failures) by Kostya Serebryany · 9 years ago
  6. 2a8440d [libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually (second attempt) by Kostya Serebryany · 9 years ago
  7. 823c181 [libFuzzer] fix UB and simplify the computation of the RNG seed (https://llvm.org/bugs/show_bug.cgi?id=31456) by Kostya Serebryany · 9 years ago
  8. 9b415be [libfuzzer] dump_coverage command line flag by Mike Aizatsky · 9 years ago
  9. fa1030e Revert "[libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code" by Daniel Jasper · 9 years ago
  10. be7003f [libFuzzer] add an experimental flag -experimental_len_control=1 that sets max_len to 1M and tries to increases the actual max sizes of mutations very gradually. Also remove a bit of dead code by Kostya Serebryany · 9 years ago
  11. 628b43a [libFuzzer] enable the failure-resistant merge by default (with trace-pc-guard only) by Kostya Serebryany · 9 years ago
  12. 178fe58 [libFuzzer] Clean up headers and file formatting of LibFuzzer files. by Marcos Pividori · 9 years ago
  13. 6e3d885 [libFuzzer] Properly use unsigned for workers, jobs and NumberOfCpuCores. by Marcos Pividori · 9 years ago
  14. c59b692 [libFuzzer] Improve Signal Handler interface. by Marcos Pividori · 9 years ago
  15. a31300e [libFuzzer] don't require extra flags with -minimize_crash=1 (default to -max_total_time=600). Also respect exact_artifact_path when outputting the end result by Kostya Serebryany · 9 years ago
  16. 111e1d6 [libFuzzer] implement crash-resistant merge (https://github.com/google/sanitizers/issues/722). This is a first experimental variant that needs some more testing, thus not yet adding a lit test (but there are unit tests). by Kostya Serebryany · 9 years ago
  17. 6fa57ad Resubmit "[LibFuzzer] Split FuzzerUtil for Posix and Windows." by Zachary Turner · 9 years ago
  18. 3cfeab7 Revert "[LibFuzzer] Split FuzzerUtil for Posix and Windows." by Zachary Turner · 9 years ago
  19. 34dcfb9 [LibFuzzer] Split FuzzerUtil for Posix and Windows. by Zachary Turner · 9 years ago
  20. 24a148b [LibFuzzer] Split up some functions among different headers. by Zachary Turner · 9 years ago
  21. 6c77811 [libFuzzer] replace 'auto' with 'auto *' to better follow the LLVM style by Kostya Serebryany · 9 years ago
  22. 53c894d [libFuzzer] use a valid ASCII string for a dummy seed corpus by Kostya Serebryany · 9 years ago
  23. fc1c405 [libFuzzer] use less stack by Kostya Serebryany · 9 years ago
  24. 8a56917 [libFuzzer] fix -error_exitcode=N, now with a test by Kostya Serebryany · 9 years ago
  25. bb59ef7 [libFuzzer] detect leaks after every run when executing fixed inputs (./fuzzer -runs=1000000 my-file) by Kostya Serebryany · 9 years ago
  26. f9b8e8b [libFuzzer] better algorithm for -minimize_crash by Kostya Serebryany · 9 years ago
  27. a5f94fb [libFuzzer] add -trace_cmp=1 (guiding mutations based on the observed CMP instructions). This is a reincarnation of the previously deleted -use_traces, but using a different approach for collecting traces. Still a toy, but at least it scales well. Also fix -merge in trace-pc-guard mode by Kostya Serebryany · 9 years ago
  28. a17d23e [libFuzzer] add -trace_malloc= flag by Kostya Serebryany · 9 years ago
  29. c5325ed [libFuzzer] when shrinking the corpus, delete evicted files previously created by the current process by Kostya Serebryany · 9 years ago
  30. 9adc7c8 [libFuzzer] control the reload interval by a flag, make it 10 seconds by default by Kostya Serebryany · 9 years ago
  31. 936b1e7 [libFuzzer] be more careful with memory usage, print peak rss in status lines by Kostya Serebryany · 9 years ago
  32. 1c73f1b [libFuzzer] refactoring to make -shrink=1 work for value profile, added a test. by Kostya Serebryany · 9 years ago
  33. 2455f0d [libFuzzer] clear the corpus elements if they are evicted (i.e. smaller elements with proper coverage are found). Make sure we never try to mutate empty element. Print the corpus size in bytes in the status lines by Kostya Serebryany · 9 years ago
  34. d216922 [libFuzzer] implement the -shrink=1 option that tires to make elements of the corpus smaller, off by default by Kostya Serebryany · 9 years ago
  35. e7e790b [libFuzzer] remove unused option by Kostya Serebryany · 9 years ago
  36. 5ff481f [libFuzzer] add -exit_on_src_pos to test libFuzzer itself, add a test script for RE2 that uses this flag by Kostya Serebryany · 9 years ago
  37. 16a145f [libFuzzer] fix merging with trace-pc-guard by Kostya Serebryany · 9 years ago
  38. ab73c69 [libFuzzer] move value profiling logic into TracePC by Kostya Serebryany · 9 years ago
  39. be0ed59 [libFuzzer] simplify the crash minimizer; split MaxLen into two: MaxInputLen and MaxMutationLen, allow MaxMutationLen to be less than MaxInputLen by Kostya Serebryany · 9 years ago
  40. 624f59f [libFuzzer] add 'features' to the corpus elements, allow mutations with Size > MaxSize, fix sha1 in corpus stats; various refactorings by Kostya Serebryany · 9 years ago
  41. 29bb664 [libFuzzer] add stats to the corpus; more refactoring by Kostya Serebryany · 9 years ago
  42. 6f5a804 [libFuzzer] refactoring: split the large header into many; NFC by Kostya Serebryany · 9 years ago
  43. 09aa01a [libFuzzer] refactoring: move the Corpus into a separate class; delete two unused experimental features by Kostya Serebryany · 9 years ago
  44. b706b48 [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer by Kostya Serebryany · 9 years ago
  45. 4529960 [libFuzzer] don't print help for internal flags by Kostya Serebryany · 9 years ago
  46. 5c04bd2 [libFuzzer] remove use_traces=1 since use_value_profile seems to be strictly better by Kostya Serebryany · 9 years ago
  47. e2d0f63 [libFuzzer] add -minimize_crash flag (to minimize crashers). also add two tests that I failed to commit last time by Kostya Serebryany · 9 years ago
  48. a016a45 [libFuzzer] fix a bug when running a single unit of N bytes with -max_len=M, M<N, caused a buffer overflow by Kostya Serebryany · 9 years ago
  49. 0f0fa4f [libFizzer] rename -print_new_cov_pcs=1 into -print_pcs=1 and make it more useful: print PCs only after the initial corpus has been read and symbolize them by Kostya Serebryany · 9 years ago
  50. d46a59f [libFuzzer] new experimental feature: value profiling. Profiles values that affect control flow and treats new values as new coverage. by Kostya Serebryany · 9 years ago
  51. bdb220c [libFuzzer] print a verbose message after executing inputs in non-fuzzing mode by Kostya Serebryany · 9 years ago
  52. c135b55 [libFuzzer] add hooks for strstr, strcasestr, strcasecmp, strncasecmp by Kostya Serebryany · 9 years ago
  53. f0b3e85 [libfuzzer] moving is_ascii handler inside mutation dispatcher. by Mike Aizatsky · 9 years ago
  54. 042d1a7 [libFuzzer] make the single-run output more reliable by Kostya Serebryany · 9 years ago
  55. 1873a49 [LibFuzzer] Declare and use sanitizer functions in ``fuzzer::ExternalFunctions`` by Dan Liew · 9 years ago
  56. 1f88b12 [libfuzzer] prune_corpus option for disabling pruning during the load. by Mike Aizatsky · 9 years ago
  57. d3c3311 [LibFuzzer] Reimplement how the optional user functions are called. by Dan Liew · 9 years ago
  58. f817731 [libFuzzer] when an invalid flag is given, warn, but don't crash by Kostya Serebryany · 9 years ago
  59. af432a4 [libfuzzer] Trying random unit prefixes during corpus load. by Mike Aizatsky · 9 years ago
  60. 6289536 [libFuzzer] print the file name before executing the input so that if there is a crash we know which files has caused it by Kostya Serebryany · 9 years ago
  61. 8b8f7a3 [libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print the OOM reproducer. by Kostya Serebryany · 9 years ago
  62. 52b394e [libFuzzer] add exeprimental -rss_limit_mb flag to fight against OOMs by Kostya Serebryany · 9 years ago
  63. baf7fd0 [libFuzzer] print stats after running individual inputs by Kostya Serebryany · 9 years ago
  64. 1bfd583 [libFuzzer] added -detect_leaks flag (0 by default for now). When enabled, it will help finding leaks while fuzzing by Kostya Serebryany · 10 years ago
  65. 09087bb [libFuzzer] warn if the corpus is empty by Kostya Serebryany · 10 years ago
  66. b550cb1 [NFC] Header cleanup by Mehdi Amini · 10 years ago
  67. b60397f [libFuzzer] add a better warning for command line flags with -- (two dashes) by Kostya Serebryany · 10 years ago
  68. e631996 Remove redundant .c_str(), as suggested by PR25633 by Hans Wennborg · 10 years ago
  69. f389ae1 [libFuzzer] handle SIGTERM by Kostya Serebryany · 10 years ago
  70. 49e4090 [libFuzzer] add a flag close_fd_mask so that we can silence spammy targets by closing stderr/stdout by Kostya Serebryany · 10 years ago
  71. 945761b [libFuzzer] improve -merge functionality by Kostya Serebryany · 10 years ago
  72. c5575aa [libFuzzer] deprecate several flags by Kostya Serebryany · 10 years ago
  73. 0c5e3af [libFuzzer] use max_len exactly equal to the max size of input. Fix 32-bit build by Kostya Serebryany · 10 years ago
  74. 64d2457 [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. by Kostya Serebryany · 10 years ago
  75. 5c3701c [libFuzzer] log less when re-loading files; fix a silly bug: when running single files actually run all of them, not just the first one by Kostya Serebryany · 10 years ago
  76. 3d95dd9 [libFuzzer] deprecate exit_on_first flag by Kostya Serebryany · 10 years ago
  77. 228d5b1 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. by Kostya Serebryany · 10 years ago
  78. 66ff075 [libFuzzer] add -print_final_stats=1 flag by Kostya Serebryany · 10 years ago
  79. a35f7d3 [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup loading the corpus by Kostya Serebryany · 10 years ago
  80. 8a5bef0 [libFuzzer] remove std::vector operations from hot paths, NFC by Kostya Serebryany · 10 years ago
  81. 29bcb9f [libFuzzer] remove the C++-ish variant of FuzzerDriver from the interface by Kostya Serebryany · 10 years ago
  82. 7ec0c56 [libFuzzer] get rid of UserSuppliedFuzzer; NFC by Kostya Serebryany · 10 years ago
  83. a399221 [libFuzzer] simplify the code around Random. NFC by Kostya Serebryany · 10 years ago
  84. ecab57b [libFuzzer] remove UserSuppliedFuzzer from the interface (it was a bad idea). by Kostya Serebryany · 10 years ago
  85. 9d14e4b [libFuzzer] make -runs=N flag also affect the simple runner (will execute every input N times) by Kostya Serebryany · 10 years ago
  86. bfbe7fc [libFuzzer] allow passing 1 or more files as individual inputs by Kostya Serebryany · 10 years ago
  87. 54a6363 [libFuzzer] add -timeout_exitcode option by Kostya Serebryany · 10 years ago
  88. 9768e7f [libFuzzer] add -abort_on_timeout option by Kostya Serebryany · 10 years ago
  89. 311f27c [libFuzzer] use std::mt19937 for generating random numbers by default. Fix MyStoll to handle negative values. Use std::any_of instead of std::find_if by Kostya Serebryany · 10 years ago
  90. 476f0ce [libFuzzer] replace vector with a simpler data structure in the Dictionaries to avoid memory allocations on hot path by Kostya Serebryany · 10 years ago
  91. ae5b956 [libFuzzer] do mutations based on memcmp/strcmp interceptors under a separate flag (-use_memcmp, default=1) by Kostya Serebryany · 10 years ago
  92. 4282d30 [libFuzzer] use custom stol; also introduce __libfuzzer_is_present so that users can check for its presence. by Kostya Serebryany · 10 years ago
  93. b65805a [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary by Kostya Serebryany · 10 years ago
  94. 152ac7a [libFuzzer] add a position hint to the dictionary-based mutator by Kostya Serebryany · 10 years ago
  95. 8b11f87 [libfuzzer] print_new_cov_pcs experimental option. by Mike Aizatsky · 10 years ago
  96. 550e9c8 [libFuzzer] deprecate -save_minimized_corpus, -merge can be used instead by Kostya Serebryany · 10 years ago
  97. a1a5c69 [LibFuzzer] Introducing FUZZER_FLAG_UNSIGNED and using it for seeding. by Mike Aizatsky · 10 years ago
  98. 2d0ef14 [libFuzzer] add a flag -exact_artifact_path by Kostya Serebryany · 10 years ago
  99. b569368 [libFuzzer] don't crash when reporting a leak in test_single_input mode by Kostya Serebryany · 10 years ago
  100. a9c2387 output_csv libfuzzer option by Mike Aizatsky · 10 years ago