[llvm-dev] Fuzzing bitcode reader

Michael Kruse via llvm-dev llvm-dev at lists.llvm.org
Wed Feb 1 08:34:40 PST 2017


Hi all,

The blog entry [1] suggest that one of the buildbots constantly fuzzes
clang and clang-format. However, the actual bot [2] only tests the
fuzzer itself over a well-known set of bugs in standard software (eg.
Heartbleed [3] seems to be among them). Has there actually ever been a
buildbot that fuzzes clang/LLVM itself?

Another (obvious?) fuzzing candidate would be the LLVM's bitcode
reader. I ran afl-fuzz on it and it found lots of failed assertions
within seconds. Isn't fuzzing done on a regular basis as [1] suggests
should be done? Should I report the crashes found by it?

Michael


[1] http://blog.llvm.org/2015/04/fuzz-all-clangs.html
[2] http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fuzzer/
[3] https://github.com/google/fuzzer-test-suite/tree/master/openssl-1.0.1f


More information about the llvm-dev mailing list