[llvm-dev] [RFC] Implementing LLVM MC Protobuf Fuzzer for Assembly and Encoding for RISC-V target
via llvm-dev
llvm-dev at lists.llvm.org
Mon Oct 15 12:29:24 PDT 2018
Hello,
We have implemented LLVM Machine Code Protobuf fuzzers for the RISC-V
target as part of a Summer internship project with our intern Jocelyn
Wei.
The fuzzers for the assembler and disassembler proved to be useful. We
uncovered bugs and detected compatibility issues with other tools, e.g.,
by running a driver program that implements a round trip with a golden
(i.e., more tested) tool such as GNU AS.
We built different fuzzer versions to experiment with the level of
fuzzing for the instruction operands.
The versions are labeled sample, semi-constrained, unconstrained. We fix
opcodes, and depending on the fuzzer version, allow number of operands,
operand value ranges, and operand types to vary.
The code is available for review:
https://reviews.llvm.org/D51710 Implemented Protobuf fuzzer for LLVM
RISC-V MC Disassembler
https://reviews.llvm.org/D51144 Implemented Protobuf fuzzer for LLVM
RISC-V MC Assembler
We would like to assess people's interest in adding this type of tool to
the LLVM code base.
It can be further improved for RISC-V target and also expanded to other
targets.
We have a Poster about the fuzzers at the LLVM Dev Conf this week.
Please visit our poster and come by with your comments and suggestions.
We appreciate your feebdack.
Thank you,
Ana.
--
Ana Pazos
Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project.
More information about the llvm-dev
mailing list