Roll src/third_party/libFuzzer/src/ fda403cf9..873dc11d9 (29 commits)

https://chromium.googlesource.com/chromium/llvm-project/compiler-rt/lib/fuzzer.git/+log/fda403cf93ec..873dc11d9a52 $ git log fda403cf9..873dc11d9 --date=short --no-merges --format='%ad %ae %s' 2018-06-07 kcc [libFuzzer] When printing NEW_FUNC, use 1-base indexing. 2018-06-07 phosek [Fuzzer] Update the header path for fdio/spawn.h on Fuchsia 2018-06-07 kcc [libFuzzer] make the corpus elements aware of their data flow traces 2018-06-06 kcc [libFuzzer] remove an experimental flag -use_feature_frequency 2018-06-06 phosek [Fuzzer] Use private libc++ even for Fuchsia 2018-06-06 phosek [CMake] Passthrough additional flags to custom libcxx CMake build 2018-06-06 ibiryukov Fix compile error with libstdc++. 2018-06-06 kcc [libFuzzer] initial implementation of -data_flow_trace. It parses the data flow trace and prints the summary, but doesn't use the information in any other way yet 2018-06-02 phosek [Fuzzer] Migrate Fuchsia port from launchpad to fdio_spawn 2018-05-31 kcc [libFuzzer] add collect_data_flow.py that allows to run the data-flow tracer several times on subsets of inputs bytes, to overcome DFSan out-of-label failures 2018-05-26 phosek [Fuzzer] Update _zx_port_wait function use in Fuchsia port 2018-05-24 george.karpenkov [libFuzzer] Run libFuzzer unit tests only on host architecture. 2018-05-24 kcc [libFuzzer] DataFlow tracer now tags a subset of the input. A separate script merges traces from the subsets 2018-05-23 kcc [libFuzzer] fix two off-by-ones (!!) in the data flow tracer 2018-05-23 kcc [libFuzzer] change the output format for the DataFlow tracer 2018-05-23 dor1s [libFuzzer] Don't complain about lack of interesting inputs when -runs=0. 2018-05-23 kcc [libFuzzer] modify -print_corpus_stats to print whether the input reaches the focus function 2018-05-21 kcc [libFuzzer] reinstate -dump_coverage, which is still in use (reverts r332036) 2018-05-16 kcc [libFuzzer] add an experimental flag -focus_function: libFuzzer will try to focus on inputs that trigger that function 2018-05-15 kcc [libFuzzer] deprecate equivalence_server 2018-05-11 kcc [libFuzzer] refactor the implementation of -print_coverage 2018-05-10 kcc [libFuzzer] remove the dump_coverage flag, it hasn't been working with the inline sanitizer coverage anyway 2018-05-10 kcc [libFuzzer] remove the experimental support for clang coverage instrumentation. This mode has not been used and our experiments with https://github.com/google/fuzzer-test-suite show that this signal is weaker than the SanitizerCoverage 2018-05-10 kcc [libFuzzer] Experimental data flow tracer for fuzz targets. 2018-05-10 kamil wrong usages of sem_open in the libFuzzer 2018-05-08 morehouse [libFuzzer] Guard symbolization with try-lock. 2018-05-02 morehouse [libFuzzer] Don't short-circuit from CrashCallback. 2018-05-01 morehouse [libFuzzer] Report at most one crash per input. 2018-04-24 delcypher [LibFuzzer] Tweak `MutationDispatcher::Mutate_CopyPart` mutation. Created with: roll-dep src/third_party/libFuzzer/src R=metzman@chromium.org Bug: 850742 Change-Id: I5f438e8d92f2021d61cdaab87de05d1a3784c22e Reviewed-on: https://chromium-review.googlesource.com/1092876Reviewed-by: Jonathan Metzman <metzman@chromium.org> Commit-Queue: Max Moroz <mmoroz@chromium.org> Cr-Commit-Position: refs/heads/master@{#565754}

Roll src/third_party/libFuzzer/src/ fda403cf9..873dc11d9 (29 commits)
https://chromium.googlesource.com/chromium/llvm-project/compiler-rt/lib/fuzzer.git/+log/fda403cf93ec..873dc11d9a52 $ git log fda403cf9..873dc11d9 --date=short --no-merges --format='%ad %ae %s' 2018-06-07 kcc [libFuzzer] When printing NEW_FUNC, use 1-base indexing. 2018-06-07 phosek [Fuzzer] Update the header path for fdio/spawn.h on Fuchsia 2018-06-07 kcc [libFuzzer] make the corpus elements aware of their data flow traces 2018-06-06 kcc [libFuzzer] remove an experimental flag -use_feature_frequency 2018-06-06 phosek [Fuzzer] Use private libc++ even for Fuchsia 2018-06-06 phosek [CMake] Passthrough additional flags to custom libcxx CMake build 2018-06-06 ibiryukov Fix compile error with libstdc++. 2018-06-06 kcc [libFuzzer] initial implementation of -data_flow_trace. It parses the data flow trace and prints the summary, but doesn't use the information in any other way yet 2018-06-02 phosek [Fuzzer] Migrate Fuchsia port from launchpad to fdio_spawn 2018-05-31 kcc [libFuzzer] add collect_data_flow.py that allows to run the data-flow tracer several times on subsets of inputs bytes, to overcome DFSan out-of-label failures 2018-05-26 phosek [Fuzzer] Update _zx_port_wait function use in Fuchsia port 2018-05-24 george.karpenkov [libFuzzer] Run libFuzzer unit tests only on host architecture. 2018-05-24 kcc [libFuzzer] DataFlow tracer now tags a subset of the input. A separate script merges traces from the subsets 2018-05-23 kcc [libFuzzer] fix two off-by-ones (!!) in the data flow tracer 2018-05-23 kcc [libFuzzer] change the output format for the DataFlow tracer 2018-05-23 dor1s [libFuzzer] Don't complain about lack of interesting inputs when -runs=0. 2018-05-23 kcc [libFuzzer] modify -print_corpus_stats to print whether the input reaches the focus function 2018-05-21 kcc [libFuzzer] reinstate -dump_coverage, which is still in use (reverts r332036) 2018-05-16 kcc [libFuzzer] add an experimental flag -focus_function: libFuzzer will try to focus on inputs that trigger that function 2018-05-15 kcc [libFuzzer] deprecate equivalence_server 2018-05-11 kcc [libFuzzer] refactor the implementation of -print_coverage 2018-05-10 kcc [libFuzzer] remove the dump_coverage flag, it hasn't been working with the inline sanitizer coverage anyway 2018-05-10 kcc [libFuzzer] remove the experimental support for clang coverage instrumentation. This mode has not been used and our experiments with https://github.com/google/fuzzer-test-suite show that this signal is weaker than the SanitizerCoverage 2018-05-10 kcc [libFuzzer] Experimental data flow tracer for fuzz targets. 2018-05-10 kamil wrong usages of sem_open in the libFuzzer 2018-05-08 morehouse [libFuzzer] Guard symbolization with try-lock. 2018-05-02 morehouse [libFuzzer] Don't short-circuit from CrashCallback. 2018-05-01 morehouse [libFuzzer] Report at most one crash per input. 2018-04-24 delcypher [LibFuzzer] Tweak `MutationDispatcher::Mutate_CopyPart` mutation. Created with: roll-dep src/third_party/libFuzzer/src R=metzman@chromium.org Bug: 850742 Change-Id: I5f438e8d92f2021d61cdaab87de05d1a3784c22e Reviewed-on: https://chromium-review.googlesource.com/1092876Reviewed-by: Jonathan Metzman <metzman@chromium.org> Commit-Queue: Max Moroz <mmoroz@chromium.org> Cr-Commit-Position: refs/heads/master@{#565754}
5e09a6b7 · Max Moroz · Commit Bot · ee44456b · 5e09a6b7 · 5e09a6b7
Commit 5e09a6b7 authored Jun 08, 2018 by Max Moroz Committed by Commit Bot Jun 08, 2018
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

DEPS DEPS +1 -1

third_party/libFuzzer/BUILD.gn third_party/libFuzzer/BUILD.gn +3 -1

No files found.
--- a/DEPS
+++ b/DEPS
@@ -166,7 +166,7 @@ vars = {
  # Three lines of non-changing comments so that
  # the commit queue can handle CLs rolling libFuzzer
  # and whatever else without interference from each other.
-  'libfuzzer_revision': 'fda403cf93ecb8792cb1d061564d89a6553ca020',
+  'libfuzzer_revision': '873dc11d9a5281034e2cb74d0e87e9149a0e1045',
  # Three lines of non-changing comments so that
  # the commit queue can handle CLs rolling devtools-node-modules
  # and whatever else without interference from each other.

--- a/third_party/libFuzzer/BUILD.gn
+++ b/third_party/libFuzzer/BUILD.gn
@@ -13,8 +13,8 @@ fuzzing_engine_add_configs =
 source_set("libfuzzer") {
  sources = [
-    "src/FuzzerClangCounters.cpp",
    "src/FuzzerCrossOver.cpp",
+    "src/FuzzerDataFlowTrace.cpp",
    "src/FuzzerDriver.cpp",
    "src/FuzzerExtFunctionsDlsym.cpp",
    "src/FuzzerExtFunctionsDlsymWin.cpp",
@@ -29,11 +29,13 @@ source_set("libfuzzer") {
    "src/FuzzerMerge.cpp",
    "src/FuzzerMutate.cpp",
    "src/FuzzerSHA1.cpp",
+    "src/FuzzerShmemFuchsia.cpp",
    "src/FuzzerShmemPosix.cpp",
    "src/FuzzerShmemWindows.cpp",
    "src/FuzzerTracePC.cpp",
    "src/FuzzerUtil.cpp",
    "src/FuzzerUtilDarwin.cpp",
+    "src/FuzzerUtilFuchsia.cpp",
    "src/FuzzerUtilLinux.cpp",
    "src/FuzzerUtilPosix.cpp",
    "src/FuzzerUtilWindows.cpp",