Build a lib/Fuzzer version for llvm-as.
Summary:
This CL is associated with a fuzzing effort to find bugs in LLVM. The
first step is to fuzz llvm-as to find potential issues in generating
IR. Both afl-fuzz and LLVM's lib/Fuzzer are being used.
This CL introduces the executable that implements the in-process
fuzzer using LLVM's lib/Fuzzer. The motivation for using lib/Fuzzer is
based on time comparisons between afl-fuzz and lib/Fuzzer. Early
results show that per-process, the lib/Fuzzer implemenation of llvm-as
(i.e. this CL) generates over 30 times the number of mutations found
by afl-fuzz, per hour runtime. The speedup is due to the removal of
overhead of forking a process, and loading the executable into memory.
I placed this under the tools directory, since it is an executable. It
is also only conditionally built if (using cmake) the flag
LLVM_USEE_SANITIZE_COVERAGE is used, so that it isn't built by
default.
Reviewers: kcc, filcab
Subscribers: llvm-commits
Differential Revision: http://reviews.llvm.org/D12438
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@246458
91177308-0d34-0410-b5e6-
96231b3b80d8
projects / oota-llvm.git / commit