Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / a3d1e03cd7a6e3d4ba91e3f0eca33003d679ea4a / llvm / lib / Fuzzer / FuzzerLoop.cpp
  1. b76a2a5 [libFuzzer] improve -print_pcs to not print new PCs coming from libFuzzer itself by Kostya Serebryany · 9 years ago
  2. 8ea4f98 [libFuzzer] remove unneeded call by Kostya Serebryany · 9 years ago
  3. b077d3f [libfuzzer] simplified unit truncation; do not write trunc items to disc by Mike Aizatsky · 9 years ago
  4. 0f0fa4f [libFizzer] rename -print_new_cov_pcs=1 into -print_pcs=1 and make it more useful: print PCs only after the initial corpus has been read and symbolize them by Kostya Serebryany · 9 years ago
  5. f67357c [libFuzzer] simplify the code, NFC by Kostya Serebryany · 9 years ago
  6. a9a5480 [libFuzzer] when printing the reproducer input, also print the base input and the mutation sequence by Kostya Serebryany · 9 years ago
  7. d46a59f [libFuzzer] new experimental feature: value profiling. Profiles values that affect control flow and treats new values as new coverage. by Kostya Serebryany · 9 years ago
  8. c98ef71 [libFuzzer] refactoring around PCMap, NFC by Kostya Serebryany · 9 years ago
  9. 728447b [libFuzzer] make libFuzzer work with a bit older clang versions by Kostya Serebryany · 9 years ago
  10. ff1f210 [libFuzzer] don't print bogus error message by Kostya Serebryany · 9 years ago
  11. b4bbc3b [sanitizers] trace buffer API to use user-allocated buffer. by Mike Aizatsky · 9 years ago
  12. f0b3e85 [libfuzzer] moving is_ascii handler inside mutation dispatcher. by Mike Aizatsky · 9 years ago
  13. fd6ad5b [libFuzzer] use the new chainable malloc hooks instead of the old un-chainable ones, use atomic for malloc/free counters instead of a thread local counter in the main thread. This should make on-the-spot leak detection in libFuzzer more reliable by Kostya Serebryany · 9 years ago
  14. 53b7b3c [libFuzzer] add 'weak' back to __sanitizer_malloc_hook and __sanitizer_free_hook by Kostya Serebryany · 9 years ago
  15. 76f4252 [libFuzzer] add a test that is built w/o coverage instrumentation but has the coverage rt (it should now fail with a descriptive message) by Kostya Serebryany · 9 years ago
  16. 1873a49 [LibFuzzer] Declare and use sanitizer functions in ``fuzzer::ExternalFunctions`` by Dan Liew · 9 years ago
  17. 1f88b12 [libfuzzer] prune_corpus option for disabling pruning during the load. by Mike Aizatsky · 9 years ago
  18. 70fd3e4 [libfuzzer] hiding custom mutator handling in MutationDispatcher. by Mike Aizatsky · 9 years ago
  19. d3c3311 [LibFuzzer] Reimplement how the optional user functions are called. by Dan Liew · 9 years ago
  20. f641442 [libFuzzer] use __sanitizer_print_memory_profile to print the memory profile on OOM by Kostya Serebryany · 9 years ago
  21. 4795210 [libFuzzer] fix a use-after-free (!) in libFuzzer caused by r270905: that CL caused a push_back in the main corpus invalidating the vector<> iterators in rare cases. by Kostya Serebryany · 9 years ago
  22. 311cc83 [libFuzzer] fix a failure that occurs when running individual inputs by Kostya Serebryany · 9 years ago
  23. 0edb563 [libFuzzer] make OOM-handling more portable. Instead of sending a signal to the main fuzzing thread, print the message in the getrusage thread and exit. by Kostya Serebryany · 9 years ago
  24. 8fc3a27 [libFuzzer] more refactoring: make sure CurrentUnitData is awlays a valid pointer to read from by Kostya Serebryany · 9 years ago
  25. d838412 [libFuzzer] more refactoring around CurrentUnit. Also add a threading test on which we currently have a race (when reporting bugs from multiple threads) by Kostya Serebryany · 9 years ago
  26. f26017b [libFuzzer] refactor: hide CurrentUnitData inside an interface function. NFC by Kostya Serebryany · 9 years ago
  27. 4b92326 [libFuzzer] when there is a leak in the existing corpus report the reproducer properly by Kostya Serebryany · 9 years ago
  28. f1f3f93 [libFuzzer] reimplement the way we do -only_ascii to allow more 'const' in function declarations. Add a test for -only_ascii. NFC intended by Kostya Serebryany · 9 years ago
  29. ff2e6ba [libFuzzer] print stats if we crash on empty input by Kostya Serebryany · 9 years ago
  30. af432a4 [libfuzzer] Trying random unit prefixes during corpus load. by Mike Aizatsky · 9 years ago
  31. 3868e46 [LibFuzzer] Work around crashes in ``__sanitizer_malloc_hook()`` under Mac OSX. by Dan Liew · 9 years ago
  32. a0788e7 [libFuzzer] do the merge faster and a bit less precise by Kostya Serebryany · 9 years ago
  33. 8b0d90a [libFuzzer] simplify FuzzerInterface.h by Kostya Serebryany · 9 years ago
  34. 1aa501e [libfuzzer] Refactoring coverage state-management code. by Mike Aizatsky · 9 years ago
  35. 8b8f7a3 [libFuzzer] enhance -rss_limit_mb and enable by default. Now it will print the OOM reproducer. by Kostya Serebryany · 9 years ago
  36. 52b394e [libFuzzer] add exeprimental -rss_limit_mb flag to fight against OOMs by Kostya Serebryany · 9 years ago
  37. 7018a1a [libFuzzer] disable leak detection if we have tried it for 1000 times w/o finding a leak by Kostya Serebryany · 10 years ago
  38. 9ba1918 [libFuzzer] remove dead code by Kostya Serebryany · 10 years ago
  39. 1bfd583 [libFuzzer] added -detect_leaks flag (0 by default for now). When enabled, it will help finding leaks while fuzzing by Kostya Serebryany · 10 years ago
  40. ebb932d [libFuzzer] try to print correct time in seconds when reporting a timeout. Don't report timeouts while still loading the corpus. by Kostya Serebryany · 10 years ago
  41. 94e2966 [libfuzzer] defensive assert by Mike Aizatsky · 10 years ago
  42. 3151673 [libFuzzer] don't report memory leaks if we are dying due to a timeout (just use _Exit instead of exit in the timeout callback) by Kostya Serebryany · 10 years ago
  43. d96b0c1 [Fuzzer] Guard no_sanitize_memory attributes behind __has_feature. by Benjamin Kramer · 10 years ago
  44. 945761b [libFuzzer] improve -merge functionality by Kostya Serebryany · 10 years ago
  45. c5575aa [libFuzzer] deprecate several flags by Kostya Serebryany · 10 years ago
  46. 23dbc39 [libFuzzer] add __attribute__((no_sanitize_memory)) to two functions that may be called from signal handler(s) or from msan. This will hopefully avoid msan false reports which I can't reproduce by Kostya Serebryany · 10 years ago
  47. 64d2457 [libFuzzer] try to use max_len based on the items of the corpus instead of blindly defaulting to 64 bytes. by Kostya Serebryany · 10 years ago
  48. e483ed2 [libFuzzer] when interrupted, call _Exit() instead of exit() by Kostya Serebryany · 10 years ago
  49. 3d95dd9 [libFuzzer] deprecate exit_on_first flag by Kostya Serebryany · 10 years ago
  50. 228d5b1 [libFuzzer] add generic signal handlers so that libFuzzer can report at least something if ASan is not handlig the signals for us. Remove abort_on_timeout flag. by Kostya Serebryany · 10 years ago
  51. 66ff075 [libFuzzer] add -print_final_stats=1 flag by Kostya Serebryany · 10 years ago
  52. da63c1d [libFuzzer] initial implementation of path coverage based on -fsanitize-coverage=trace-pc. This does not scale well yet, but already cracks FullCoverageSetTest in seconds by Kostya Serebryany · 10 years ago
  53. a35f7d3 [libFuzzer] only read MaxLen bytes from every file in the corpus to speedup loading the corpus by Kostya Serebryany · 10 years ago
  54. cfbcf90 [libFuzzer] don't timeout when loading the corpus. Be a bit more verbose when loading large corpus. by Kostya Serebryany · 10 years ago
  55. 8a5bef0 [libFuzzer] remove std::vector operations from hot paths, NFC by Kostya Serebryany · 10 years ago
  56. 1deb049 [libFuzzer] don't require seed in fuzzer::Mutate, instead use the global Fuzzer object for fuzzer::Mutate. This makes custom mutators fast by Kostya Serebryany · 10 years ago
  57. 7ec0c56 [libFuzzer] get rid of UserSuppliedFuzzer; NFC by Kostya Serebryany · 10 years ago
  58. 22cc5e2 [libFuzzer] provide a plain C interface for custom mutators (experimental) by Kostya Serebryany · 10 years ago
  59. b92602a [libFuzzer] don't write the test unit when a leak is detected (since we don't know which unit causes the leak) by Kostya Serebryany · 10 years ago
  60. 54a6363 [libFuzzer] add -timeout_exitcode option by Kostya Serebryany · 10 years ago
  61. 9768e7f [libFuzzer] add -abort_on_timeout option by Kostya Serebryany · 10 years ago
  62. df91910 Use std::piecewise_constant_distribution instead of ad-hoc binary search. by Ivan Krasin · 10 years ago
  63. d84f74c Revert r258473 as it's breaking the build with libc++ by Ivan Krasin · 10 years ago
  64. b008fd4 Use std::piecewise_constant_distribution instead of ad-hoc binary search. by Ivan Krasin · 10 years ago
  65. e313f8f [libfuzzer] use %p for printing addresses by Mike Aizatsky · 10 years ago
  66. 628bc3e [libFuzzer] move some code from public interface header to a non-public header. NFC by Kostya Serebryany · 10 years ago
  67. 4b35874 [libFuzzer] suggest a dictionary to the user of some of the trace-based dictionary entries were successful by Kostya Serebryany · 10 years ago
  68. 98abb2c [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations by Kostya Serebryany · 10 years ago
  69. d50a3ee [libFuzzer] make sure we find buffer overflow in the input buffer. Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) by Kostya Serebryany · 10 years ago
  70. 72fdb32 [libFuzzer] make sure to update CurrentUnit when drilling by Kostya Serebryany · 10 years ago
  71. b65805a [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary by Kostya Serebryany · 10 years ago
  72. 8b11f87 [libfuzzer] print_new_cov_pcs experimental option. by Mike Aizatsky · 10 years ago
  73. 27ab2d7 [libFuzzer] make CrossOver just one of the other mutations by Kostya Serebryany · 10 years ago
  74. 14c5028 [libFuzzer] print successfull mutations sequences by Kostya Serebryany · 10 years ago
  75. 8617aaa [libFuzzer] don't reload the corpus more than once every second by Kostya Serebryany · 10 years ago
  76. 9e48cda [libFuzzer] compute base64 in-process instead of using an external lib. Since libFuzzer should not depend on anything, just re-implement base64 encoder. PR25746 by Kostya Serebryany · 10 years ago
  77. 71552ce Libfuzzer: do not pass null into user function by Mike Aizatsky · 10 years ago
  78. 2d0ef14 [libFuzzer] add a flag -exact_artifact_path by Kostya Serebryany · 10 years ago
  79. 2a48c24 [libFuzzer] make libFuzzer build even with a compiler that does not have sanitizer headers by Kostya Serebryany · 10 years ago
  80. a9c2387 output_csv libfuzzer option by Mike Aizatsky · 10 years ago
  81. dc3135d [libFuzzer] experimental flag -drill (another search heuristic; Mike Aizatsky's idea) by Kostya Serebryany · 10 years ago
  82. 5eab74e [libFuzzer] make libFuzzer link if there is no sanitizer coverage instrumentation (it will fail at start-up time) by Kostya Serebryany · 10 years ago
  83. b8d0da1 [libFuzzer] print a bit fewer lines by Kostya Serebryany · 10 years ago
  84. e692621 [libFuzzer] when choosing the next unit to mutate, give some preference to the most recent units (they are more likely to be interesting) by Kostya Serebryany · 10 years ago
  85. 9cc3b0d [libFuzzer] add -merge flag to merge corpora by Kostya Serebryany · 10 years ago
  86. 94660b3 [libFuzzer] remove some old code; also make __sanitizer_get_total_unique_caller_callee_pairs weak so that newer libFuzzer works with older asan by Kostya Serebryany · 10 years ago
  87. 2e9fca9 [libFuzzer] use the indirect caller-callee counter as an independent search heuristic by Kostya Serebryany · 10 years ago
  88. 09d2a5f [libFuzzer] more refactoring the code that checks the coverage. NFC by Kostya Serebryany · 10 years ago
  89. 007c9b2 [libFuzzer] refactoring the code that checks the coverage. NFC by Kostya Serebryany · 10 years ago
  90. b360256 [libFuzzer] remove the deprecated 'tokens' feature by Kostya Serebryany · 10 years ago
  91. fed509e [libFuzzer] add -shuffle flag by Kostya Serebryany · 10 years ago
  92. d6edce9 [libFuzzer] print a stack trace on timeout by Kostya Serebryany · 10 years ago
  93. a9da9b4 [libFuzzer] reduce the size of artifacts printed on the screen by Kostya Serebryany · 10 years ago
  94. b91c62b [libFuzzer] When -test_single_input crashes the test it is not necessary to write crash-file because input is already known to the user. Patch by Mike Aizatsky by Kostya Serebryany · 10 years ago
  95. e95022a [libFuzzer] don't print large artifacts to stderr by Kostya Serebryany · 10 years ago
  96. bd5d1cd [libFuzzer] add -artifact_prefix flag by Kostya Serebryany · 10 years ago
  97. 20bb5e7 [libFuzzer] make LLVMFuzzerTestOneInput (the fuzzer target function) return int instead of void. The actual return value is not *yet* used (and expected to be 0). This change is API breaking, so the fuzzers will need to be updated. by Kostya Serebryany · 10 years ago
  98. 65d0a14 [libFuzzer] remove experimental flag and functionality by Kostya Serebryany · 10 years ago
  99. b85db17 [libFuzzer] add a flag -max_total_time by Kostya Serebryany · 10 years ago
  100. dd02f1f [libFuzzer] perform fewer crossover operations compared to plain mutations by Kostya Serebryany · 10 years ago