[llvm] [DevPolicy] Add guidelines for fuzzer-generated issue reports (PR #112372)
Yingwei Zheng via llvm-commits
llvm-commits at lists.llvm.org
Wed Oct 16 04:59:59 PDT 2024
================
@@ -853,6 +853,69 @@ their patch with every possible configuration.
* 3rd step: If Galina could not help you, please escalate to the
`Infrastructure Working Group <mailto:iwg at llvm.org>`_.
+Guidelines for fuzzer-generated issues
+--------------------------------------
+
+Fuzzing is a valuable tool for finding compiler bugs, and the LLVM project
+welcomes fuzzer-generated test cases. However, some additional guidelines
+should be followed to make such reports maximally useful.
+
+Fuzzer-generated issues should indicate that they are such, either in the
+issue description, or (for organization members) by applying the
+``fuzzer-generated`` label.
+
+Issues should include a minimized reproducer (including both the necessary code
+and command line arguments) both as part of the issue description and as a
+godbolt.org link. An effort should be made to deduplicate issues that likely
+have the same root cause, and check whether a similar issue has already been
+reported. Reports should always be submitted against current LLVM ``main``,
+not a released version.
+
+If possible, provide information on when an issue was introduced (e.g. by
+checking older versions on godbolt). A regression from the last LLVM release
+has higher priority than an issue that existed for decades.
+
+The remaining guidelines depend on the type of issue the fuzzer detects.
+
+**For miscompilations:** These issues are usually detected by looking for
+different results when using ``-O0`` and ``-O2``, or similar. When reporting
+miscompilations, please make sure that your fuzzing methodology can only
+generate well-defined, deterministic code. Results between optimizations levels
+can legitimately differ if the code invokes undefined behavior, or includes
+non-deterministic operations. Note that running cleanly under sanitizers is
+not sufficient to establish absense of undefined behavior.
+
+Reports using ``-Ofast``, ``-ffast-math``, or other flags that permit
+floating-point reassociation/approximation must include a credible root cause
+analysis, as behavior differences are likely to be caused by legal transforms.
+
----------------
dtcxzyw wrote:
Would be better to add a link to `-opt-bisect-limit` for pass-level bug localization.
https://github.com/llvm/llvm-project/pull/112372
More information about the llvm-commits
mailing list