[llvm-dev] Fuzzing bitcode reader
Mehdi Amini via llvm-dev
llvm-dev at lists.llvm.org
Wed Feb 1 08:45:33 PST 2017
> On Feb 1, 2017, at 8:34 AM, Michael Kruse via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>
> Hi all,
>
> The blog entry [1] suggest that one of the buildbots constantly fuzzes
> clang and clang-format. However, the actual bot [2] only tests the
> fuzzer itself over a well-known set of bugs in standard software (eg.
> Heartbleed [3] seems to be among them).
Isn’t it this stage? http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fuzzer/builds/2755/steps/stage2%2Fasan%2Bassertions%20check-fuzzer/logs/stdio
> Has there actually ever been a
> buildbot that fuzzes clang/LLVM itself?
>
> Another (obvious?) fuzzing candidate would be the LLVM's bitcode
> reader. I ran afl-fuzz on it and it found lots of failed assertions
> within seconds. Isn't fuzzing done on a regular basis as [1] suggests
> should be done? Should I report the crashes found by it?
The bitcode reader is known to not be robust against malformed inputs.
—
Mehdi
More information about the llvm-dev
mailing list