[llvm-dev] llvm-mc-[dis]assemble-fuzzer status?
Kostya Serebryany via llvm-dev
llvm-dev at lists.llvm.org
Tue Aug 29 17:30:55 PDT 2017
On Tue, Aug 29, 2017 at 10:15 AM, Justin Bogner <mail at justinbogner.com>
wrote:
> Kostya Serebryany <kcc at google.com> writes:
> > On Fri, Aug 25, 2017 at 8:51 AM, Daniel Sanders <
> daniel_l_sanders at apple.com> wrote:
> >> On 23 Aug 2017, at 00:21, George Karpenkov via llvm-dev <
> llvm-dev at lists.llvm.org> wrote:
> >>> I have tried to compile llvm-mc-assemble-fuzzer, and
> >>> llvm-mc-disassemble-fuzzer, and I couldn’t build either of those.
> >>> For the first one, the reason is that it refers to a nonexistent
> >>> enum,
> ...
> >>> Are those libraries maintained and/or used?
> >>
> >> I haven't used it for quite a while now. My original motivator was the
> >> Mips assembler/disassembler being very buggy. I was using it to find
> >> crashes and generate interesting test cases for round-trip testing of
> the
> >> assembler/disassembler. Since then, the Mips MC layer has become much
> more
> >> stable and I've also changed jobs.
> >>
> >> That said, I'd like to set up a bot to make use of these tools,
> >
> > As soon as these fuzz targets build, don't immediately crash, and have
> > someone who cares about them, I can add them to OSS-Fuzz for automated
> > continuous fuzzing.
>
> These both compile and run again as of r312011, though I suspect they'll
> need some small changes to play well in OSS Fuzz and the like. They use
> an approach to command line arguments that won't work for features like
> -merge or parallel fuzzing (they could pretty easily be updated to use
> "-ignore_remaining_args=1" like llvm-isel-fuzzer does though).
>
Yep. I may not have time to update these fuzzers though. Volunteers?
Also, even with -ignore_remaining_args=1 we may not be able to use them
(and llvm-isel-fuzzer) on oss-fuzz.
I'd suggest to at least change llvm-isel-fuzzer (and others) to have a
default value of flags, such that running e.g.
./bin/llvm-isel-fuzzer # no flags
will work (and fuzz one default config).
If we like how it works on oss-fuzz, we may then extend llvm-isel-fuzzer
to parse the command arguments (or a config type, etc) from the
executable's name.
--kcc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170829/8dbcf98d/attachment.html>
More information about the llvm-dev
mailing list