Hi, Michael,
The abort is fine. We could replace it with a different error message, but it would remain an error; the input simply is fuzzed nonsense. Note for future fuzzing: a core dump due to an abort is actually a good sign, it's not similar to e.g. a core dump due to a segfault (hinting at random memory overwrites or suchlike, which could potentially be abused). The abort due to an assert means that someone thought and explicitely tested for situations which shouldn't occur, exactly so that further problems downstream can't materialize. So: assert --> fine, segfault --> potentially interesting. Thanks for your prompt fix and detailed explanation. I am kind of new to the language fuzzing area. So it is very appreciated that you can give such guidance. It is also great that you can fix those bugs in such a short time, which makes it possible for me to learn more about the root cause. Best, Zhuo
_______________________________________________ Tinycc-devel mailing list Tinycc-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/tinycc-devel