bitcoinfuzz icon indicating copy to clipboard operation
bitcoinfuzz copied to clipboard
verified publisher icon brunoerg

Make bitcoinfuzz "agnostic" and add support for AFL++

Open brunoerg opened this issue 7 months ago • 4 comments

I strongly believe that we could find more bugs if we support other fuzzers than libfuzzer. We could follow the same approach of Bitcoin Core and make bitcoinfuzz "agnostic". It means that we could fuzz it using different fuzzers (libfuzzer, AFL, etc).

brunoerg avatar May 06 '25 21:05 brunoerg

I think this a good start point for you @i-am-yuvi

brunoerg avatar May 06 '25 21:05 brunoerg

Yes

yuvicc avatar May 08 '25 01:05 yuvicc

Have you tried just using e.g. afl-clang-fast++ instead of clang? It also supports the fuzzer sanitizer flag and will link against it's own LLVMFuzzerTestOneInput driver, so you wouldn't really need to change anything about your build system.

dergoegge avatar Sep 03 '25 09:09 dergoegge

Have you tried just using e.g. afl-clang-fast++ instead of clang? It also supports the fuzzer sanitizer flag and will link against it's own LLVMFuzzerTestOneInput driver, so you wouldn't really need to change anything about your build system.

I just tried it and worked fine, nice suggestion! I think it worth to add it on the documentation.

brunoerg avatar Sep 03 '25 15:09 brunoerg