Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 0c1c70aef4a1d97188fde20e894bafeccd64224c / llvm / lib / Fuzzer / FuzzerTracePC.cpp
  1. 0e37f8e [libfuzzer] fixing collected pc addresses for coverage by Mike Aizatsky · 9 years ago
  2. 1d8c2ce [libFuzzer] use table of recent compares for memcmp/strcmp (to unify the code between cmp and memcmp handling) by Kostya Serebryany · 9 years ago
  3. 4986e81 [libFuzzer] disable -print_pcs by default (was enabled by mistake) by Kostya Serebryany · 9 years ago
  4. 11a22bc [libFuzzer] cleaner implementation of -print_pcs=1 by Kostya Serebryany · 9 years ago
  5. d723804 [libFuzzer] make __sanitizer_cov_trace_switch more predictable by Kostya Serebryany · 9 years ago
  6. 9b415be [libfuzzer] dump_coverage command line flag by Mike Aizatsky · 9 years ago
  7. 01c82f5 [libFuzzer] speed up __sanitizer_cov_trace_switch a bit more (remove DIV) by Kostya Serebryany · 9 years ago
  8. 00e638e [libFuzzer] when tracing switch statements, handle only one case at a time (to make things faster). Also ensure that the signals from value profile do not intersect with the regular coverage by Kostya Serebryany · 9 years ago
  9. 3a4e2dd [libFuzzer] avoid msan false positives in more cases by Kostya Serebryany · 9 years ago
  10. d9d9a54 [libFuzzer] disable msan for one more hook that reads target's data that might be uninitialized by Kostya Serebryany · 9 years ago
  11. 1394ce2 [libFuzzer] use __sanitizer_get_module_and_offset_for_pc to get the module name while printing the coverage by Kostya Serebryany · 9 years ago
  12. fe1094b [libFuzzer] refactor the code to allow collecting features in different ways. Also initialize a couple of Fuzzer:: members that might have been used uninitialized :( by Kostya Serebryany · 9 years ago
  13. 1cba0a9 [libFuzzer] extend -print_coverage to print the comma-separated list of covered dirs. Note: the Windows stub for DirName is left unimplemented by Kostya Serebryany · 9 years ago
  14. 24a148b [LibFuzzer] Split up some functions among different headers. by Zachary Turner · 9 years ago
  15. 2356791 [libFuzzer] do not initialize parts of TracePC -- let them be initialized by the linker. Add no-msan attribute to the memcmp hook. by Kostya Serebryany · 9 years ago
  16. 94c427c [libFuzzer] speculatively trying to fix the Mac build; second attempt by Kostya Serebryany · 9 years ago
  17. 2fabeca [libFuzzer] simplify TracePC::HandleTrace even further. Also, when dealing with -exit_on_src_pos, symbolize every PC only once by Kostya Serebryany · 9 years ago
  18. 06b8757 [libFuzzer] simplify the code in TracePC::HandleTrace a bit more by Kostya Serebryany · 9 years ago
  19. a5b2e54 [libFuzzer] simplify the code to print new PCs by Kostya Serebryany · 9 years ago
  20. 275e260 [libFuzzer] simplify the code in TracePC::HandleTrace by Kostya Serebryany · 9 years ago
  21. 3364f90 [libFuzzer] simplify the code for use_cmp, also use the position hint when available, add a test by Kostya Serebryany · 9 years ago
  22. 95b1a43 [libFuzzer] extend -print_coverage to also print uncovered lines, functions, and files. by Kostya Serebryany · 9 years ago
  23. 9a4b10a [libFuzzer] swap bytes in integers when handling CMP traces by Kostya Serebryany · 9 years ago
  24. a5f94fb [libFuzzer] add -trace_cmp=1 (guiding mutations based on the observed CMP instructions). This is a reincarnation of the previously deleted -use_traces, but using a different approach for collecting traces. Still a toy, but at least it scales well. Also fix -merge in trace-pc-guard mode by Kostya Serebryany · 9 years ago
  25. 17d176e1 [libFuzzer] reapply r283946: refactoring to speed things up, NFC. Now with a fix for gcc build by Kostya Serebryany · 9 years ago
  26. 90d990e Revert "[libFuzzer] refactoring to speed things up, NFC" by Daniel Jasper · 9 years ago
  27. a09d11e [libFuzzer] refactoring to speed things up, NFC by Kostya Serebryany · 9 years ago
  28. d19919a [libFuzzer] implement value profile for switch, increase the size of the PCs array, make sure we don't overflow it by Kostya Serebryany · 9 years ago
  29. 1c73f1b [libFuzzer] refactoring to make -shrink=1 work for value profile, added a test. by Kostya Serebryany · 9 years ago
  30. 379359c [libFuzzer] add ShrinkValueProfileTest, move code around, NFC by Kostya Serebryany · 9 years ago
  31. d1f31d0 [libFuzzer] fix a recent bugs (buffer overflow) by Kostya Serebryany · 9 years ago
  32. d216922 [libFuzzer] implement the -shrink=1 option that tires to make elements of the corpus smaller, off by default by Kostya Serebryany · 9 years ago
  33. 2c55613 [libFuzzer] more the feature set to InputCorpus; on feature update, change the feature counter of the old best input by Kostya Serebryany · 9 years ago
  34. a9b0dd0 [sanitizer-coverage/libFuzzer] make the guards for trace-pc 32-bit; create one array of guards per function, instead of one guard per BB. reorganize the code so that trace-pc-guard does not create unneeded globals by Kostya Serebryany · 9 years ago
  35. 3ee6c21 [libFuzzer] speedup TracePC::FinalizeTrace by Kostya Serebryany · 9 years ago
  36. 5ff481f [libFuzzer] add -exit_on_src_pos to test libFuzzer itself, add a test script for RE2 that uses this flag by Kostya Serebryany · 9 years ago
  37. 0800b81 [libFuzzer] simplify HandleTrace again, start re-running interesting units and collecting their features. by Kostya Serebryany · 9 years ago
  38. 87a598e [libFuzzer] simplify the TracePC logic by Kostya Serebryany · 9 years ago
  39. d28099d [libFuzzer] change ValueBitMap to remember the number of bits in it by Kostya Serebryany · 9 years ago
  40. 624f59f [libFuzzer] add 'features' to the corpus elements, allow mutations with Size > MaxSize, fix sha1 in corpus stats; various refactorings by Kostya Serebryany · 9 years ago
  41. 8658618 [libFuzzer] more refactoring by Kostya Serebryany · 9 years ago
  42. 6f5a804 [libFuzzer] refactoring: split the large header into many; NFC by Kostya Serebryany · 9 years ago
  43. b706b48 [libFuzzer] add -print_coverage=1 flag to print coverage directly from libFuzzer by Kostya Serebryany · 9 years ago
  44. 8e781a8 [libFuzzer] use 'if guard' instead of 'if guard >= 0' with trace-pc; change the guard type to intptr_t; use separate array for 8-bit counters by Kostya Serebryany · 9 years ago
  45. bc3789a [libFuzzer] properly reset the guards when reseting the coverage. Also try to fix check-fuzzer on the bot by Kostya Serebryany · 9 years ago
  46. 3e36ec1 [libFuzzer] change trace-pc to use 8-byte guards by Kostya Serebryany · 9 years ago
  47. 0984517 [libFuzzer] make caller-callee feedback work with trace-pc-guard by Kostya Serebryany · 9 years ago
  48. 5350178 [libFuzzer] implement print_pcs with trace-pc-guard. Change the trace-pc-guard heuristic for 8-bit counters to look more like in AFL (not that it's provable better, but the existin test preferes this heuristic) by Kostya Serebryany · 9 years ago
  49. a5277d5 [libFuzzer] add 8-bit counters to trace-pc-guard handler by Kostya Serebryany · 9 years ago
  50. a00b243 [libFuzzer] start using trace-pc-guard as an alternative source of coverage by Kostya Serebryany · 9 years ago
  51. 32661f9 [libFuzzer] add more __attribute__((visibility("default"))) by Kostya Serebryany · 9 years ago
  52. c98ef71 [libFuzzer] refactoring around PCMap, NFC by Kostya Serebryany · 9 years ago
  53. 5914407 [LibFuzzer] Provide stub implementation of __sanitizer_cov_trace_pc_indir by Dan Liew · 9 years ago
  54. 1aa501e [libfuzzer] Refactoring coverage state-management code. by Mike Aizatsky · 9 years ago
  55. 2d4f8f1 [libFuzzer] speedup path coverage handling by Kostya Serebryany · 10 years ago
  56. da63c1d [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds by Kostya Serebryany · 10 years ago