kmc7468/cs420
1
0
Fork 0
mirror of https://github.com/kmc7468/cs420.git synced 2025-12-14 22:38:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c67cd9941f25f7ddb72e301e28fad155bf28d388
cs420/tests
History
Minseong Jang c67cd9941f Add fuzzer users manual
2022-03-08 11:02:53 +09:00
..
.gitignore
Fix hw1 fuzzer
2020-03-26 22:59:02 +09:00
fuzz.py
Support float in fuzzer
2022-02-23 23:06:19 +09:00
README.md
Add fuzzer users manual
2022-03-08 11:02:53 +09:00
reduce-criteria-template.sh
Fix reduce criteria
2022-02-23 23:07:44 +09:00
test_examples.rs
Update skeleton
2020-06-21 21:51:54 +09:00

README.md

KECC Fuzzer User's Manual

Introduction

You can find a buggy input program for your homework implementation by using fuzzer.

Usual debugging process consists of two stages. These stages are:

Fuzzing

Fuzzer randomly generates input C program and feeds it to your implementation for homework. If the output value is not the expected value, then fuzzer stops generating and terminates. Now you can debug your solution by inspecting generated test_polished.c. Generated buggy input program is guaranteed undefined-behavior free. (We use clang's UndefinedBehaviorSanitizer to detect undefined behavior in the generated input program and skip it if any undefined behavior detected.)

Reducing

After the fuzzing stage, you may found a buggy input program in test_polished.c. However, it is highly likely that the input program is too big (about 3~5K lines of code) to manually inspect. In this stage, we use creduce to reduce the buggy input program as much as possible. Reduced buggy input program is saved to test_reduced.c.

[NOTICE] The buggy input program after reducing stage may contain undefined behaviors. To workaround this, please refer to this issue: kaist-cp/cs420#218

For now, fuzzer is supported only for Homework 1 (C AST Printer) and Homework 2 (IRgen).

Installation

# Ubuntu 20.04
sudo apt install -y make cmake python3 csmith libcsmith-dev creduce

[NOTICE] The fuzzer supports Ubuntu 20.04 only. It may work for other platforms, but if it doesn't, please run the fuzzer in Ubuntu 20.04.

Usage

python3 tests/fuzz.py [OPTIONS]

Use -h option to display all available options.

Examples

Homework 1

  • Fuzzing

    # Try infinitely many test cases until find a buggy one.
python3 tests/fuzz.py -p

# Try 300 test cases until find a buggy one.
python3 tests/fuzz.py -p -n 300

  • Reducing

    # Reduce `test_polished.c` to `test_reduced.c`.
python3 tests/fuzz.py -p -r

Homework 2

  • Fuzzing

    # Try infinitely many test cases until find a buggy one.
python3 tests/fuzz.py -i

# Try 300 test cases until find a buggy one.
python3 tests/fuzz.py -i -n 300

  • Reducing

    # Reduce `test_polished.c` to `test_reduced.c`.
python3 tests/fuzz.py -i -r

Suggested Readings

Reference in New Issue View Git Blame Copy Permalink