W dniu 16.10.2015 o 23:54, Edmund Grimley Evans pisze: > Somebody recently reported on a short file, discovered by afl-fuzz,
Actually, that was me ;) I'm glad you gave afl-fuzz a try. Employing Valgrind is also interesting idea, but perhaps ASAN would catch as much with less execution speed penalty? Just rebuild TCC with afl-gcc and AFL_USE_ASAN=1 environment variable. Another thing that might help is posting the input dictionaries here so that the next person trying to fuzz tinycc wouldn't have to start from scratch. Perhaps posting the whole input/output directory is a good idea as well. Also, have you looked at the files output_directory/queue to see the code coverage of the test cases? This way you could get a hint at features that could also be included in the input test case list (GCC extensions for example?). Cheers, d33tah
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tinycc-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/tinycc-devel
