[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tinycc-devel] Testing with AFL and Valgrind
From: |
Jacek Wielemborek |
Subject: |
Re: [Tinycc-devel] Testing with AFL and Valgrind |
Date: |
Sat, 17 Oct 2015 00:24:14 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0 |
W dniu 16.10.2015 o 23:54, Edmund Grimley Evans pisze:
> Somebody recently reported on a short file, discovered by afl-fuzz,
Actually, that was me ;) I'm glad you gave afl-fuzz a try. Employing
Valgrind is also interesting idea, but perhaps ASAN would catch as much
with less execution speed penalty? Just rebuild TCC with afl-gcc and
AFL_USE_ASAN=1 environment variable.
Another thing that might help is posting the input dictionaries here so
that the next person trying to fuzz tinycc wouldn't have to start from
scratch. Perhaps posting the whole input/output directory is a good idea
as well. Also, have you looked at the files output_directory/queue to
see the code coverage of the test cases? This way you could get a hint
at features that could also be included in the input test case list (GCC
extensions for example?).
Cheers,
d33tah
signature.asc
Description: OpenPGP digital signature