[lld] r308809 - Don't crash on an empty section with an ALIGN.
George Rimar via llvm-commits
llvm-commits at lists.llvm.org
Mon Jul 24 08:35:59 PDT 2017
><llvm-commits at lists.llvm.org> wrote:
>> I noticed that during last weeks we had several fixes committed to fix LLD crashes
>> because of uncommon scripts. Like this one or discarding synthetic sections earlier.
>>
>> About a year ago we used AFL (http://lcamtuf.coredump.cx/afl/) for fuzzing LLD.
>> That time we fuzzed input objects (binaries).
>> As far I know it is possible to teach AFL about some syntax and provide a dictionary of keywords,
>> and as a result it probably should be able to generate and test linkerscripts.
>> Which probably can reveal more uncommon cases leading to crashes/hangs may be.
>>
>
>It shouldn't be particularly hard to do mutation based on the linker
>script grammar.
>Maybe you can use `libFuzzer`, but I havne't looked into it (IIRC Peter did).
>
>You can also try something like what's described in
>"Skeletal Program Enumeration for Rigorous Compiler Testing"
>https://arxiv.org/abs/1610.03148 . For your first run(s), you can
>probably ignore scoping, and just swap, e.g. directives.
>
>Thanks,
>
>--
>Davide
Yep, I do not expect mutation be hard to do. Never tried this before though.
Also never used libFuzzer, will take a look on it and that link tomorrow.
Then probably try to do dome trivial mutation to check how it works in general.
Thanks !
George.
More information about the llvm-commits
mailing list