- User Since
- Mar 29 2019, 12:30 PM (25 w, 2 d)
Jun 28 2019
Thanks for the reviews.
I followed Matt Morehouse's advice: mainly, I adapted the test so that it uses libFuzzer's default SanitizerCoverage options instead of trace-pc, and I rewrote some parts of the code to make it less redundant.
Jun 21 2019
I followed Roman Lebedev's advice and adapted the sanitizer_coverage_no_prune.cc test to create a sanitizer_coverage_whitelist_blacklist.cc test under make check_sanitizer. I can only try the test on a Linux machine, and it passes on that machine.
Jun 20 2019
Apr 5 2019
It's good as it is, you can submit the patch. Thanks for your time!
Apr 1 2019
Looks good to me! Here are the results without / with patch.
Mar 30 2019
There is a problem with that generic solution which is that nothing in it forces libfuzzer to generate multiple byte values and in my experiments the data I get is always very poorly distributed, so in practice it is not that generic.
I tried a fuzz target that would force libfuzzer to have at least one instance of every possible byte value, but libfuzzer wouldn't manage to generate appropriate data.
However I can confirm that the following fuzz target can be used to differentiate between pre-patch and patched versions following the (non-)reproducibility test we talked about: