[llvm-dev] Applying for GSoC 2021(Fuzzing LLVM-IR Passes) (original) (raw)
Johannes Doerfert via llvm-dev llvm-dev at lists.llvm.org
Mon Mar 8 15:17:26 PST 2021
- Previous message: [llvm-dev] Applying for GSoC 2021(Fuzzing LLVM-IR Passes)
- Next message: [llvm-dev] Applying for GSoC 2021(Fuzzing LLVM-IR Passes)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Having Alive2 as oracle would certainly be great.
Some rough ideas that can be worked on in parallel if we have multiple GSoC students: - mutation rules we know are sound, e.g., remove guarantees, add 1 iteration loops, etc. - input generation, equivalence checking (alive, partial evaluation, ...) - fragment extraction from larger codes + input tracking -> reproducer splitting, faster equivalence checking, ...
We certainly can come up with more things.
Would either or both of your (or anyone else) be interested in co-mentoring students? We have multiple interested ones already, even though my project description is lacking any detail.
~ Johannes
On 3/8/21 3:34 PM, Florian Hahn wrote:
On Mar 8, 2021, at 20:26, John Regehr via llvm-dev <llvm-dev at lists.llvm.org> wrote:
Hi folks, an angle related to IR fuzzing that I would be happy to help out with is using Alive2 as a test oracle. Using Alive2 incurs a set of problems (not all IR features supported, can be very slow) but has corresponding advantages (considers all inputs at once, handles UB gracefully). If anyone’s interested in combing LLVM’s libFuzzer & Alive2, I’ve put up https://reviews.llvm.org/D96654 which uses Alive2 to verify candidates generated by fuzzing. It works out quite well, but I think there’s lots of potential to improve the ‘interestingness’ of the IR generated by libFuzzer. Cheers, Florian
- Previous message: [llvm-dev] Applying for GSoC 2021(Fuzzing LLVM-IR Passes)
- Next message: [llvm-dev] Applying for GSoC 2021(Fuzzing LLVM-IR Passes)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]