[PATCH] Fuzzer: When using token-based fuzzing, put spaces between them
Kostya Serebryany
kcc at google.com
Thu May 21 14:07:15 PDT 2015
Yea, I've seen these weird inputs.
But just blindly adding ' ' after all tokens might be a bad idea,
because we lose fun ways the tokens may get combined. (e.g. '1' and '2'
will be combined into a '12').
Note, the -tokens feature is a toy so far (although it does work great for
clang-fuzzer).
While we are at it, I want to remind everyone interested that
http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fuzzer
shows a large variety of assert failures and memory bugs in clang and
clang-format
and you are welcome to fix those!
On Wed, May 20, 2015 at 11:42 PM, Justin Bogner <mail at justinbogner.com>
wrote:
> Hey Kostya,
>
> I was playing with clang-fuzz and the -tokens= flag, and I noticed most
> of the generated inputs contain things like "elsedeletecontinue1union",
> where a bunch of tokens are concatenated together with no spaces, such
> that we just get long ascii identifiers rather than distinct tokens. It
> seems like we're more likely to get interesting input out of the tokens
> if we space-delimit them.
>
> WDYT?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150521/e60ee1e9/attachment.html>
More information about the llvm-commits
mailing list