Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / ae5b9567bc2f86fe83e5c59b3909dc8dcae30e2a / llvm / lib / Fuzzer / FuzzerLoop.cpp
  1. 4b35874 [libFuzzer] suggest a dictionary to the user of some of the trace-based dictionary entries were successful by Kostya Serebryany · 10 years ago
  2. 98abb2c [libFuzzer] make CurrentUnit a POD object instead of vector to avoid extra allocations by Kostya Serebryany · 10 years ago
  3. d50a3ee [libFuzzer] make sure we find buffer overflow in the input buffer. Previously, re-using the same vector object was hiding buffer overflows (unless we used annotated vector) by Kostya Serebryany · 10 years ago
  4. 72fdb32 [libFuzzer] make sure to update CurrentUnit when drilling by Kostya Serebryany · 10 years ago
  5. b65805a [libFuzzer] change the way trace-based mutations are applied. Instead of a custom code just rely on the automatically created dictionary by Kostya Serebryany · 10 years ago
  6. 8b11f87 [libfuzzer] print_new_cov_pcs experimental option. by Mike Aizatsky · 10 years ago
  7. 27ab2d7 [libFuzzer] make CrossOver just one of the other mutations by Kostya Serebryany · 10 years ago
  8. 14c5028 [libFuzzer] print successfull mutations sequences by Kostya Serebryany · 10 years ago
  9. 8617aaa [libFuzzer] don't reload the corpus more than once every second by Kostya Serebryany · 10 years ago
  10. 9e48cda [libFuzzer] compute base64 in-process instead of using an external lib. Since libFuzzer should not depend on anything, just re-implement base64 encoder. PR25746 by Kostya Serebryany · 10 years ago
  11. 71552ce Libfuzzer: do not pass null into user function by Mike Aizatsky · 10 years ago
  12. 2d0ef14 [libFuzzer] add a flag -exact_artifact_path by Kostya Serebryany · 10 years ago
  13. 2a48c24 [libFuzzer] make libFuzzer build even with a compiler that does not have sanitizer headers by Kostya Serebryany · 10 years ago
  14. a9c2387 output_csv libfuzzer option by Mike Aizatsky · 10 years ago
  15. dc3135d [libFuzzer] experimental flag -drill (another search heuristic; Mike Aizatsky's idea) by Kostya Serebryany · 10 years ago
  16. 5eab74e [libFuzzer] make libFuzzer link if there is no sanitizer coverage instrumentation (it will fail at start-up time) by Kostya Serebryany · 10 years ago
  17. b8d0da1 [libFuzzer] print a bit fewer lines by Kostya Serebryany · 10 years ago
  18. e692621 [libFuzzer] when choosing the next unit to mutate, give some preference to the most recent units (they are more likely to be interesting) by Kostya Serebryany · 10 years ago
  19. 9cc3b0d [libFuzzer] add -merge flag to merge corpora by Kostya Serebryany · 10 years ago
  20. 94660b3 [libFuzzer] remove some old code; also make __sanitizer_get_total_unique_caller_callee_pairs weak so that newer libFuzzer works with older asan by Kostya Serebryany · 10 years ago
  21. 2e9fca9 [libFuzzer] use the indirect caller-callee counter as an independent search heuristic by Kostya Serebryany · 10 years ago
  22. 09d2a5f [libFuzzer] more refactoring the code that checks the coverage. NFC by Kostya Serebryany · 10 years ago
  23. 007c9b2 [libFuzzer] refactoring the code that checks the coverage. NFC by Kostya Serebryany · 10 years ago
  24. b360256 [libFuzzer] remove the deprecated 'tokens' feature by Kostya Serebryany · 10 years ago
  25. fed509e [libFuzzer] add -shuffle flag by Kostya Serebryany · 10 years ago
  26. d6edce9 [libFuzzer] print a stack trace on timeout by Kostya Serebryany · 10 years ago
  27. a9da9b4 [libFuzzer] reduce the size of artifacts printed on the screen by Kostya Serebryany · 10 years ago
  28. b91c62b [libFuzzer] When -test_single_input crashes the test it is not necessary to write crash-file because input is already known to the user. Patch by Mike Aizatsky by Kostya Serebryany · 10 years ago
  29. e95022a [libFuzzer] don't print large artifacts to stderr by Kostya Serebryany · 10 years ago
  30. bd5d1cd [libFuzzer] add -artifact_prefix flag by Kostya Serebryany · 10 years ago
  31. 20bb5e7 [libFuzzer] make LLVMFuzzerTestOneInput (the fuzzer target function) return int instead of void. The actual return value is not *yet* used (and expected to be 0). This change is API breaking, so the fuzzers will need to be updated. by Kostya Serebryany · 10 years ago
  32. 65d0a14 [libFuzzer] remove experimental flag and functionality by Kostya Serebryany · 10 years ago
  33. b85db17 [libFuzzer] add a flag -max_total_time by Kostya Serebryany · 10 years ago
  34. dd02f1f [libFuzzer] perform fewer crossover operations compared to plain mutations by Kostya Serebryany · 10 years ago
  35. 468ed78 [libFuzzer] remove -iterations as redundant (there is also -num_runs) by Kostya Serebryany · 10 years ago
  36. 7d21166 [libFuzzer] actually make the dictionaries work (+docs) by Kostya Serebryany · 10 years ago
  37. a9346c2 [libFuzzer] honour -only_ascii=1 when reading the initial corpus. Also, remove ugly #ifdef by Kostya Serebryany · 10 years ago
  38. 12c7837 [libFuzzer] add two flags, -tbm_depth and -tbm_width to control how the trace-based-mutations are applied by Kostya Serebryany · 10 years ago
  39. 1688098 [libFuzzer] add colons to the stats output to avoid confusion by Kostya Serebryany · 10 years ago
  40. 69ab31a Fix unused variable 'X' in release builds. by Nick Lewycky · 10 years ago
  41. bc7c0ad [libFuzzer] add -only_ascii flag by Kostya Serebryany · 10 years ago
  42. 70926ae [libFuzzer] add option -report_slow_units=Nsec to control when slow units are printed by Kostya Serebryany · 10 years ago
  43. 1165efd [libFuzzer] limit the size of the inputs printed to stderr by Kostya Serebryany · 10 years ago
  44. 404c69f [libFuzzer] allow users to supply their own implementation of rand by Kostya Serebryany · 10 years ago
  45. 2b7d2e9 [libFuzzer] dump long running units to disk by Kostya Serebryany · 10 years ago
  46. 2ea204e [lib/Fuzzer] make assertions more informative and update comments for the user-supplied mutator by Kostya Serebryany · 10 years ago
  47. 316b571 [lib/Fuzzer] make the fuzzing timeout 1200 seconds by default (was: infinity) by Kostya Serebryany · 10 years ago
  48. c8228dd [lib/Fuzzer] fix build with assertions by Kostya Serebryany · 10 years ago
  49. 7c180ea [lib/Fuzzer] fully get rid of std::cerr in libFuzzer by Kostya Serebryany · 10 years ago
  50. f3c7cb4 [lib/Fuzzer] remove -use_coverage_pairs=1, an experimental feature that is unlikely to ever scale by Kostya Serebryany · 10 years ago
  51. f342459 [lib/Fuzzer] extend the fuzzer interface to allow user-supplied mutators by Kostya Serebryany · 10 years ago
  52. 490bbd6 [lib/Fuzzer] change the meaning of -timeout flag: now timeout is applied to every unit of work separately by Kostya Serebryany · 10 years ago
  53. cbb2334 [lib/Fuzzer] more efficient reload logic; also don't spam git too much by Kostya Serebryany · 10 years ago
  54. 2da7b84 [lib/Fuzzer] when -sync_command=<CMD> is given, periodically execute 'CMD CORPUS' to synchronize with other processes by Kostya Serebryany · 10 years ago
  55. a8f01bc Code cleanup: Reindent Fuzzer::MutateAndTestOne. by Logan Chien · 10 years ago
  56. 2252625 [lib/Fuzzer] rename FuzzerDFSan.cpp to FuzzerTraceState.cpp; update comments. NFC expected by Kostya Serebryany · 10 years ago
  57. 1ac8055 [lib/Fuzzer] use -fsanitize-coverage=trace-cmp when building LLVM with LLVM_USE_SANITIZE_COVERAGE; in lib/Fuzzer try to reload the corpus to pick up new units from other processes by Kostya Serebryany · 10 years ago
  58. beb24c3 [lib/Fuzzer] change the way we use taint information for fuzzing. Now, we run a single unit and collect suggested mutations based on tracing+taint data, then apply the suggested mutations one by one. The previous scheme was slower and more complex. by Kostya Serebryany · 10 years ago
  59. 7d470cf [lib/Fuzzer] minor refactoring/simplification, NFC by Kostya Serebryany · 10 years ago
  60. ca6a2a2 [lib/Fuzzer] on crash print the contents of the crashy input as base64 by Kostya Serebryany · 10 years ago
  61. 52a788e [fuzzer] Add support for token-based fuzzing (e.g. for C++). Allow string flags. by Kostya Serebryany · 11 years ago
  62. 16901a9 [fuzzer] when a single unit takes over 1 second to run and it is the slowest one so far, print it. by Kostya Serebryany · 11 years ago
  63. 03db8b9 [fuzzer] print various stats in a unified way by Kostya Serebryany · 11 years ago
  64. 16d03bd DFSan-based fuzzer (proof of concept). by Kostya Serebryany · 11 years ago
  65. be5e0ed [sanitizer/coverage] Add AFL-style coverage counters (search heuristic for fuzzing). by Kostya Serebryany · 11 years ago
  66. 2e3622b [fuzzer] one more experimental search mode: -use_coverage_pairs=1 by Kostya Serebryany · 11 years ago
  67. 016852c [fuzzer] split main() into FuzzerDriver() that takes a callback as a parameter and a tiny main() in a separate file by Kostya Serebryany · 11 years ago
  68. 92e0476 [fuzzer] add flag prefer_small_during_initial_shuffle, be a bit more verbose by Kostya Serebryany · 11 years ago
  69. 33f8669 [fuzzer] add -runs=N to limit the number of runs per session. Also, make sure we do some mutations w/o cross over. by Kostya Serebryany · 11 years ago
  70. 5b266a8 [fuzzer] make multi-process execution more verbose; fix mutation to actually respect mutation depth and to never produce empty units by Kostya Serebryany · 11 years ago
  71. fe43aa8 [fuzzer]: fix exit code, add more diagnostics by Kostya Serebryany · 11 years ago
  72. 4b96ce9 [fuzzer] update the include line to use the new header name by Kostya Serebryany · 11 years ago
  73. 2c1b33b [fuzzer] add -use_full_coverage_set=1 which solves FullCoverageSetTest. This does not scale very well yet, but might be a good start. by Kostya Serebryany · 11 years ago
  74. 6d768fc [fuzzer] minor cleanup based on reviews: remove redundant includes, fix a copy-pasto in tests by Kostya Serebryany · 11 years ago
  75. ef11698 Reverting r227452, which adds back the fuzzer library. Now excluding the fuzzer library based on LLVM_USE_SANITIZE_COVERAGE being set or unset. by Aaron Ballman · 11 years ago
  76. 7b54ed2 Temporarily reverting the fuzzer library as it causes too many build issues for MSVC users. This reverts: 227445, 227395, 227389, 227357, 227254, 227252 by Aaron Ballman · 11 years ago
  77. 265cf04 [fuzzer] add option -save_minimized_corpus by Kostya Serebryany · 11 years ago
  78. a8fbcf0 Add lit-style tests for the Fuzzer library by Kostya Serebryany · 11 years ago
  79. d53b43f Add a Fuzzer library by Kostya Serebryany · 11 years ago