[llvm] r247425 - [libFuzzer] mention more trophies
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Fri Sep 11 13:12:02 PDT 2015
You may also want to add "8bit-counters" to -fsanitize-coverage=...
On Fri, Sep 11, 2015 at 10:36 AM, Kostya Serebryany <kcc at google.com> wrote:
>
>
> On Fri, Sep 11, 2015 at 10:14 AM, Yonghong Song <yhs at plumgrid.com> wrote:
>
>> Currently, it starts with an empty corpus. One option may be converting
>> the existing test_verifier test cases into corpus so that fuzzer
>> can start with better initial coverage.
>>
>
> Yes, I would certainly start from that.
> Please let me know how it goes.
>
>
>> I have not experimented this yet. Any suggestions?
>>
>> On Fri, Sep 11, 2015 at 10:09 AM, Kostya Serebryany <kcc at google.com>
>> wrote:
>>
>>>
>>>
>>> On Fri, Sep 11, 2015 at 10:07 AM, Alexei Starovoitov <
>>> alexei.starovoitov at gmail.com> wrote:
>>>
>>>> On Fri, Sep 11, 2015 at 9:34 AM, Kostya Serebryany via llvm-commits
>>>> <llvm-commits at lists.llvm.org> wrote:
>>>> > +
>>>> > +* Linux Kernel's BPF verifier: https://github.com/iovisor/bpf-fuzzer
>>>>
>>>> yep :)
>>>> It found one bug so far, but looks like we need custom
>>>> instruction generation. Pure random fuzzing cannot generate
>>>> long enough instruction sequences to stress all pieces of verifier.
>>>>
>>>
>>> Did you fuzz starting from an empty corpus, or you gave it something to
>>> start with?
>>>
>>>
>>
>>
>> --
>> Yonghong
>> http://www.plumgrid.com/plumgrid-ignition/
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150911/aab3c78d/attachment.html>
More information about the llvm-commits
mailing list