Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate fuzzing with cargo fuzz #971

Open
fitzgen opened this issue Sep 8, 2017 · 1 comment
Open

Investigate fuzzing with cargo fuzz #971

fitzgen opened this issue Sep 8, 2017 · 1 comment
Labels
A-testing help wanted

Comments

@fitzgen
Copy link
Member

fitzgen commented Sep 8, 2017

https://github.com/rust-fuzz/cargo-fuzz

Uses libFuzzer behind the scenes.

Unsure if this is really worth it, hence "investigate" rather than "use". libFuzzer is pretty much throwing random bytes (whose next generations are then guided by coverage information from the last generations) at a function and seeing if it can trigger a panic or segfault or something. For us, the function would be something like "treat these bytes as C/C++ header source and generate bindings to them". This is likely to bounce off of libclang's parser more than it would ever even get into bindgen code, but who knows: maybe the coverage guiding works better than I think?
@fitzgen fitzgen mentioned this issue Sep 8, 2017
Open
3 tasks
@pvdrz
Copy link
Contributor

pvdrz commented Sep 19, 2022

maybe we could do a more structured approach but that would require being able to emit valid c code out of nowhere. This c_quote! crate idea it's becoming more and more necessary :p

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-testing help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fitzgen @pvdrz