* Create reg1

* Create reg2

* Create reg3

* Create reg4

* Rename testcases/others/regex/reg4 to testcases/others/regexp/reg4

* Rename testcases/others/regex/reg3 to testcases/others/regexp/reg3

* Rename testcases/others/regex/reg2 to testcases/others/regexp/reg2

* Rename testcases/others/regex/reg1 to testcases/others/regexp/reg1

Some targets needs to include afl-llvm-rt.o not only when linking, see https://github.com/google/fuzzbench/issues/110.
This change seems to not break nothing in AFL++.

* fix a little mistake

http://man7.org/linux/man-pages/man3/shmat.3p.html

if `shmat` fail, it will return -1.
>        On success, a valid shared memory identifier is returned.  On error,
       -1 is returned, and errno is set to indicate the error.

* if shmat() is error, it will return -1.
So I modify all error condition.

conductive => conducive

This reverts commit 36fc97ac.

to /usr/local/lib/afl, as installed

Add dictionary for regexp.

Make tests using ./test-instr use paths that are less likely to be optimized out.

Also fix copied test and remove trailing whitespace.

PR #15 added new statistics outputed to the out/fuzzer_stats file. Add tests for it.

- create a .travis/ directory in which we can put helper scripts for travis
- create .travis/check_fuzzer_stats.sh to parse out/fuzzer_stats and check for expected key:value pairs.
- run several jobs to test for different environment variables ( AFL_EXIT_WHEN_DONE, AFL_BENCH_JUST_ONE, AFL_BENCH_UNTIL_CRASH, and manual stopping)

As of current trunk LLVM, the instrumentation no longer functions correctly
because the IR may have already been simplified to remove explicit branches.
For example, on this snippet of the sample test-instr.c file:

> if (buf[0] == '0')

Clang 10.0.0 (trunk 370425) (llvm/trunk 370432) produces the following IR:

%cmp2 = icmp eq i8 %19, 48, !dbg !36
%.sink = select i1 %cmp2, i8* getelementptr inbounds ([26 x i8], [26 x i8]* @.str.1, i64 0, i64 0), i8* getelementptr inbounds ([31 x i8], [31 x i8]* @.str.2, i64 0, i64 0), !dbg !37
%call6 = tail call i32 (i32, i8*, ...) @__printf_chk(i32 1, i8* %.sink) #6, !dbg !38

Previously, Clang 8.0.0-3~ubuntu18.04.1 (tags/RELEASE_800/final) produced the following IR:

%29 = icmp eq i8 %28, 48, !dbg !37
br i1 %29, label %30, label %38, !dbg !38

This change causes the input-dependent branch of test-instr.c to be invisible
to the instrumentation, resulting in an error when testing the instrumentation
after compilation. As a workaround, run the instrumentation earlier, likely
before the 'simplifycfg' pass simplifies out the branch.

When shutting down LLVM, the custom pass shared library can be prematurely unloaded, resulting in a dangling pointer. As a workaround, instruct the linker to mark the custom pass not to be unloaded at runtime.

References:
https://groups.google.com/forum/#!msg/afl-users/TDLrTu3V_Pw/K4svutarAAAJ
https://stackoverflow.com/questions/47712670/segmentation-fault-in-llvm-pass-when-using-registerstandardpasses

Upstream bugs:
https://bugs.llvm.org/show_bug.cgi?id=34573
https://bugs.llvm.org/show_bug.cgi?id=39321
https://bugs.llvm.org/show_bug.cgi?id=36183

Gather more metrics and print them in the fuzzer_stats report to better understand how a fuzzer behaves:

- peak_rss_mb: the maximum rss value reached during the fuzzing. This is collected by the parent process at the end of the fuzzing session using `getrusage` on `RUSAGE_CHILDREN` (the parent process needs to end and wait for the children to use the `RUSAGE_CHILDREN` option).

- slowest_exec_ms: duration of the slowest execution in ms that is not considered as a hang. This work is inspired by libFuzzer which already calculates this metric in a equivalent way.

- make sure the forkserver and current runner are killed when the session stops programmatically before calling waitpid

* Prepare for v2.54b release.

* fix a typo

* Fix compilation errors for QEMU mode for recent glibc
See QEMU git commit 75e5b70e6b5dcc4f2219992d7cffa462aa406af0

* Added QEMU mode to Travis

* Minor README improvements

* Add some more cross-links for docs