similar to: Fuzzing complex programs

Displaying 20 results from an estimated 6000 matches similar to: "Fuzzing complex programs"

2015 Sep 03
2
Fuzzing complex programs
I'm fairly sure your compiler (or rather linker) errors are coming from the fact that you are not linking to the C++ runtime library. Use `clang++ -std=c++11 *.o`, and I'm reasonably sure it will do what you want. -- Mats On 3 September 2015 at 12:26, Greg Stark via llvm-dev < llvm-dev at lists.llvm.org> wrote: > On Sun, Aug 30, 2015 at 3:30 PM, Greg Stark <stark at
2015 Aug 11
3
libfuzzer questions
First off, thanks -- this is a pretty great library and it feels like I'm learning a lot. I'm getting some more experience with libfuzzer and finding that I have a couple of questions: - How does libfuzzer decide to write a new test file? What distinguishes this one from all the other cases for which new test inputs were not written? Must be something about the path taken through the
2015 Sep 05
3
Some feedback on Libfuzzer
HI think I have a fairly nicely integrated Libfuzzer based fuzzer in Postgres now. I can run things like: SELECT fuzz(100000,'select regexp_matches(''foo/bar/baz'',$1,''g'')') Which makes it convenient to fuzz arbitrary public functions available in SQL. (I haven't figured out what interface to make for fuzzing internal functions which take char
2015 Aug 30
2
Fuzzing complex programs
On Sun, Aug 30, 2015 at 9:11 AM, Brian Cain via llvm-dev < llvm-dev at lists.llvm.org> wrote: > > > On Sun, Aug 30, 2015 at 9:30 AM, Greg Stark via llvm-dev < > llvm-dev at lists.llvm.org> wrote: > >> I have a project I want to do based on Libfuzzer. Is there a separate >> list for it or should I bring up any ideas for it here? >> >> No separate
2017 Feb 01
2
Fuzzing bitcode reader
On Wed, Feb 1, 2017 at 8:45 AM, Mehdi Amini <mehdi.amini at apple.com> wrote: > > > On Feb 1, 2017, at 8:34 AM, Michael Kruse via llvm-dev < > llvm-dev at lists.llvm.org> wrote: > > > > Hi all, > > > > The blog entry [1] suggest that one of the buildbots constantly fuzzes > > clang and clang-format. However, the actual bot [2] only tests the
2017 Feb 01
3
Fuzzing bitcode reader
Hi all, The blog entry [1] suggest that one of the buildbots constantly fuzzes clang and clang-format. However, the actual bot [2] only tests the fuzzer itself over a well-known set of bugs in standard software (eg. Heartbleed [3] seems to be among them). Has there actually ever been a buildbot that fuzzes clang/LLVM itself? Another (obvious?) fuzzing candidate would be the LLVM's bitcode
2017 Feb 01
3
Fuzzing bitcode reader
On Wed, Feb 1, 2017 at 9:19 AM, Michael Kruse <llvmdev at meinersbur.de> wrote: > 2017-02-01 18:07 GMT+01:00 Kostya Serebryany <kcc at google.com>: > > Yes, I used to run clang-fuzzer and clang-format-fuzzer on this bot, but > not > > any more. > > The reason is simple -- the bot was always red (well, orange) and the > bugs > > were never fixed. >
2015 Aug 11
3
libfuzzer questions
On Mon, Aug 10, 2015 at 8:08 PM, Kostya Serebryany <kcc at google.com> wrote: > > > On Mon, Aug 10, 2015 at 5:53 PM, Brian Cain via llvm-dev < > llvm-dev at lists.llvm.org> wrote: > >> >> First off, thanks -- this is a pretty great library and it feels like I'm >> learning a lot. >> > > Thanks! > > >> I'm getting some
2019 Nov 02
2
[PATCH nbdkit 0/2] Implement fuzzing using Clang's libFuzzer.
libFuzzer is Clang's fuzzer, and alternative to using AFL: https://llvm.org/docs/LibFuzzer.html I implemented an alternative method of fuzzing for libnbd earlier today and it's pretty simple: https://github.com/libguestfs/libnbd/commit/c19a6fbae9a21a7d4693418706c59e81ed256875 However it's considerably more difficult to use libFuzzer with non-library code -- in this case nbdkit.
2019 Nov 04
3
[PATCH nbdkit v2 0/2] Implement fuzzing using Clang's libFuzzer.
v1 was here: https://www.redhat.com/archives/libguestfs/2019-November/msg00003.html This version depends on: https://www.redhat.com/archives/libguestfs/2019-November/msg00004.html and this series: https://www.redhat.com/archives/libguestfs/2019-November/msg00009.html The delta has been reduced slightly because of changes made possible by cleaning up and fixing the quit path in nbdkit. It's
2017 Feb 10
2
Adding a decoder fuzz target
Thanks for your comments, Ralph and Jean-Marc. Please find attached the amended patch: - decodes a sequence of input packets rather than just one (I'm planning on using the Opus test vectors as the seed corpus) - decides on decoder setup and FEC independently of the packet data - uses Opus functions to parse ToC Cheers, Felicia On Sun, Jan 29, 2017 at 9:48 PM Jean-Marc Valin <jmvalin at
2015 Dec 03
2
fuzzer crash (but not the good kind)
Ah, yes -- you need to clone with --recursive. I will try the workaround though. On Dec 3, 2015 1:12 PM, "Kostya Serebryany" <kcc at google.com> wrote: > > > On Wed, Dec 2, 2015 at 7:17 PM, Brian Cain <brian.cain at gmail.com> wrote: > >> Kostya, >> >> Here's the git repo: https://bitbucket.org/ebadf/fuzzpy >> >> I've only
2015 Sep 05
3
Some feedback on Libfuzzer
Greg, This is lots of useful feedback! I'll reply to individual bullets when time permits (mostly after the holidays). If you find a bug in Postgres with libFuzzer, please let us know so that we can add it to http://llvm.org/docs/LibFuzzer.html#trophies On Sat, Sep 5, 2015 at 8:40 AM, Greg Stark via llvm-dev < llvm-dev at lists.llvm.org> wrote: > On Sat, Sep 5, 2015 at 1:50 PM,
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
I am working of using libfuzzer and asan to test out a third-party library. As demonstrated in the tutorial, I wrote a fuzz target to fuzz a specific function in the library. The fuzz target is then linked to the library and compiles clean and I do see some tests generated by the fuzzer. However, I have some questions regarding the "right" way to go about doing this. I have doubts that
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
Hi Mitch, Thank you for the response. 1. You don't need to build the library with `-fsanitize-coverage=...`, using `-fsanitize=fuzzer-no-link,address` should be sufficient. - Acknowledged 2. (although you can actually build object files/shared libraries with -fsanitize=fuzzer, and the libFuzzer main won't be linked, if this makes your build process easier). - with just the *fuzzer
2015 Dec 02
2
fuzzer crash (but not the good kind)
Kostya, I think I've found what looks like a reproducible bug in libFuzzer. The code under test is built with ASan and the first ASan CHECK failure shows fuzzer in the stack trace. (see below) One of the factors that may be unique in my testing is that each iteration can take a very long time to execute (tens or hundreds of seconds). Let me know if you need more info, I think it
2015 Dec 03
2
fuzzer crash (but not the good kind)
Kostya, Here's the git repo: https://bitbucket.org/ebadf/fuzzpy I've only tested it on arm7 and x86_64 linux, I expect there's a good chance it may not work on other OSs. If you can build it successfully ("./build.sh", requires clang and clang++ in your path), then you should run the "testemail" case like so: while true; do ITERS=1000 ./run.sh
2015 Sep 03
2
Fuzzing complex programs
On Thu, Sep 3, 2015 at 6:25 PM, Kostya Serebryany <kcc at google.com> wrote: > Not sure I understood this correctly. > Example? I've made a Postgres module which is dynamically loaded by Postgres as a shared library from which I can call the fuzzer on the SQL function of my choice. Postgres has enough meta information about the functions that I think the eventual interface might
2015 Sep 03
2
Fuzzing complex programs
On Thu, Sep 3, 2015 at 11:03 AM, Greg Stark <stark at mit.edu> wrote: > On Thu, Sep 3, 2015 at 6:54 PM, Kostya Serebryany <kcc at google.com> wrote: > > Looks correct. > > Ah! With a fresh pair of eyes it's obvious what was wrong. I had > compiled everything with sanitize-coverage except the Fuzzer code > itself but that included the file with the wrapper
2017 Feb 01
2
Fuzzing bitcode reader
2017-02-01 17:45 GMT+01:00 Mehdi Amini <mehdi.amini at apple.com>: > >> On Feb 1, 2017, at 8:34 AM, Michael Kruse via llvm-dev <llvm-dev at lists.llvm.org> wrote: >> >> Hi all, >> >> The blog entry [1] suggest that one of the buildbots constantly fuzzes >> clang and clang-format. However, the actual bot [2] only tests the >> fuzzer itself