George Karpenkov <ekarpenkov at apple.com> writes:> Should -DCMAKE_CXX_COMPILER be also specified?CMake is smart enough to infer that from C_COMPILER: % grep CMAKE_CXX_COMPILER CMakeCache.txt CMAKE_CXX_COMPILER:FILEPATH=/Users/bogner/llvm-lkgc/bin/clang++>> On Aug 24, 2017, at 11:29 AM, Justin Bogner <mail at justinbogner.com> wrote: >> >> (kcc, george: sorry for the re-send, the first was from a non-list email >> address) >> >> My configuration for building the fuzzers in the LLVM tree doesn't seem to >> work any more (possibly as of moving libFuzzer to compiler-rt, but there >> have been a few other changes in the last week or so that may be related). >> >> I'm building with a fresh top-of-tree clang and setting >> -DLLVM_USE_SANITIZER=Address and -DLLVM_USE_SANITIZE_COVERAGE=On, which >> was working before: >> >> % cmake -GNinja \ >> -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_ASSERTIONS=On \ >> -DLLVM_ENABLE_WERROR=On \ >> -DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On \ >> -DCMAKE_C_COMPILER=$HOME/llvm-lkgc/bin/clang \ >> $HOME/code/llvm-src >> >> But when I run any of the fuzzers, it looks like the sanitizer coverage >> hasn't been set up correctly: >> >> % ./bin/llvm-as-fuzzer 2017-08-24 11:14:33 >> INFO: Seed: 4089166883 >> INFO: Loaded 1 modules (50607 guards): 50607 [0x10e14ef80, 0x10e18063c), >> INFO: Loaded 1 PC tables (0 PCs): 0 [0x10e2870a8,0x10e2870a8), >> ERROR: The size of coverage PC tables does not match the number of instrumented PCs. This might be a bug in the compiler, please contact the libFuzzer developers. >> >> From the build logs, it looks like we're now building objects with these >> sanitizer flags: >> >> -fsanitize=address >> -fsanitize-address-use-after-scope >> -fsanitize=fuzzer-no-link >> >> We're then linking the fuzzer binaries with these: >> >> -fsanitize=address >> -fsanitize-address-use-after-scope >> -fsanitize=fuzzer-no-link >> -fsanitize=fuzzer >> >> Any idea what's wrong or where to start looking?
Right. One difference is that I was previously building a debug build, trying release one now.> On Aug 24, 2017, at 11:39 AM, Justin Bogner <mail at justinbogner.com> wrote: > > George Karpenkov <ekarpenkov at apple.com> writes: >> Should -DCMAKE_CXX_COMPILER be also specified? > > CMake is smart enough to infer that from C_COMPILER: > > % grep CMAKE_CXX_COMPILER CMakeCache.txt > CMAKE_CXX_COMPILER:FILEPATH=/Users/bogner/llvm-lkgc/bin/clang++ > >>> On Aug 24, 2017, at 11:29 AM, Justin Bogner <mail at justinbogner.com> wrote: >>> >>> (kcc, george: sorry for the re-send, the first was from a non-list email >>> address) >>> >>> My configuration for building the fuzzers in the LLVM tree doesn't seem to >>> work any more (possibly as of moving libFuzzer to compiler-rt, but there >>> have been a few other changes in the last week or so that may be related). >>> >>> I'm building with a fresh top-of-tree clang and setting >>> -DLLVM_USE_SANITIZER=Address and -DLLVM_USE_SANITIZE_COVERAGE=On, which >>> was working before: >>> >>> % cmake -GNinja \ >>> -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_ASSERTIONS=On \ >>> -DLLVM_ENABLE_WERROR=On \ >>> -DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On \ >>> -DCMAKE_C_COMPILER=$HOME/llvm-lkgc/bin/clang \ >>> $HOME/code/llvm-src >>> >>> But when I run any of the fuzzers, it looks like the sanitizer coverage >>> hasn't been set up correctly: >>> >>> % ./bin/llvm-as-fuzzer 2017-08-24 11:14:33 >>> INFO: Seed: 4089166883 >>> INFO: Loaded 1 modules (50607 guards): 50607 [0x10e14ef80, 0x10e18063c), >>> INFO: Loaded 1 PC tables (0 PCs): 0 [0x10e2870a8,0x10e2870a8), >>> ERROR: The size of coverage PC tables does not match the number of instrumented PCs. This might be a bug in the compiler, please contact the libFuzzer developers. >>> >>> From the build logs, it looks like we're now building objects with these >>> sanitizer flags: >>> >>> -fsanitize=address >>> -fsanitize-address-use-after-scope >>> -fsanitize=fuzzer-no-link >>> >>> We're then linking the fuzzer binaries with these: >>> >>> -fsanitize=address >>> -fsanitize-address-use-after-scope >>> -fsanitize=fuzzer-no-link >>> -fsanitize=fuzzer >>> >>> Any idea what's wrong or where to start looking?
Indeed, I can reproduce in release build. Looking into it. As a workaround, for now you could try to use debug build of fuzzers.> On Aug 24, 2017, at 11:39 AM, Justin Bogner <mail at justinbogner.com> wrote: > > George Karpenkov <ekarpenkov at apple.com> writes: >> Should -DCMAKE_CXX_COMPILER be also specified? > > CMake is smart enough to infer that from C_COMPILER: > > % grep CMAKE_CXX_COMPILER CMakeCache.txt > CMAKE_CXX_COMPILER:FILEPATH=/Users/bogner/llvm-lkgc/bin/clang++ > >>> On Aug 24, 2017, at 11:29 AM, Justin Bogner <mail at justinbogner.com> wrote: >>> >>> (kcc, george: sorry for the re-send, the first was from a non-list email >>> address) >>> >>> My configuration for building the fuzzers in the LLVM tree doesn't seem to >>> work any more (possibly as of moving libFuzzer to compiler-rt, but there >>> have been a few other changes in the last week or so that may be related). >>> >>> I'm building with a fresh top-of-tree clang and setting >>> -DLLVM_USE_SANITIZER=Address and -DLLVM_USE_SANITIZE_COVERAGE=On, which >>> was working before: >>> >>> % cmake -GNinja \ >>> -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_ASSERTIONS=On \ >>> -DLLVM_ENABLE_WERROR=On \ >>> -DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On \ >>> -DCMAKE_C_COMPILER=$HOME/llvm-lkgc/bin/clang \ >>> $HOME/code/llvm-src >>> >>> But when I run any of the fuzzers, it looks like the sanitizer coverage >>> hasn't been set up correctly: >>> >>> % ./bin/llvm-as-fuzzer 2017-08-24 11:14:33 >>> INFO: Seed: 4089166883 >>> INFO: Loaded 1 modules (50607 guards): 50607 [0x10e14ef80, 0x10e18063c), >>> INFO: Loaded 1 PC tables (0 PCs): 0 [0x10e2870a8,0x10e2870a8), >>> ERROR: The size of coverage PC tables does not match the number of instrumented PCs. This might be a bug in the compiler, please contact the libFuzzer developers. >>> >>> From the build logs, it looks like we're now building objects with these >>> sanitizer flags: >>> >>> -fsanitize=address >>> -fsanitize-address-use-after-scope >>> -fsanitize=fuzzer-no-link >>> >>> We're then linking the fuzzer binaries with these: >>> >>> -fsanitize=address >>> -fsanitize-address-use-after-scope >>> -fsanitize=fuzzer-no-link >>> -fsanitize=fuzzer >>> >>> Any idea what's wrong or where to start looking?
+mascasa@ FYI Also, I am going to file a bug to implement some improvements in the way we build and use fuzz targets in LLVM. And, take a look at the last night's trophies: https://bugs.chromium.org/p/oss-fuzz/issues/list?q=label:Proj-llvm On Thu, Aug 24, 2017 at 11:47 AM, George Karpenkov <ekarpenkov at apple.com> wrote:> Indeed, I can reproduce in release build. Looking into it. > As a workaround, for now you could try to use debug build of fuzzers. > > On Aug 24, 2017, at 11:39 AM, Justin Bogner <mail at justinbogner.com> > wrote: > > > > George Karpenkov <ekarpenkov at apple.com> writes: > >> Should -DCMAKE_CXX_COMPILER be also specified? > > > > CMake is smart enough to infer that from C_COMPILER: > > > > % grep CMAKE_CXX_COMPILER CMakeCache.txt > > CMAKE_CXX_COMPILER:FILEPATH=/Users/bogner/llvm-lkgc/bin/clang++ > > > >>> On Aug 24, 2017, at 11:29 AM, Justin Bogner <mail at justinbogner.com> > wrote: > >>> > >>> (kcc, george: sorry for the re-send, the first was from a non-list > email > >>> address) > >>> > >>> My configuration for building the fuzzers in the LLVM tree doesn't > seem to > >>> work any more (possibly as of moving libFuzzer to compiler-rt, but > there > >>> have been a few other changes in the last week or so that may be > related). > >>> > >>> I'm building with a fresh top-of-tree clang and setting > >>> -DLLVM_USE_SANITIZER=Address and -DLLVM_USE_SANITIZE_COVERAGE=On, > which > >>> was working before: > >>> > >>> % cmake -GNinja \ > >>> -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_ASSERTIONS=On \ > >>> -DLLVM_ENABLE_WERROR=On \ > >>> -DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On \ > >>> -DCMAKE_C_COMPILER=$HOME/llvm-lkgc/bin/clang \ > >>> $HOME/code/llvm-src > >>> > >>> But when I run any of the fuzzers, it looks like the sanitizer coverage > >>> hasn't been set up correctly: > >>> > >>> % ./bin/llvm-as-fuzzer > 2017-08-24 11:14:33 > >>> INFO: Seed: 4089166883 > >>> INFO: Loaded 1 modules (50607 guards): 50607 [0x10e14ef80, > 0x10e18063c), > >>> INFO: Loaded 1 PC tables (0 PCs): 0 [0x10e2870a8,0x10e2870a8), > >>> ERROR: The size of coverage PC tables does not match the number of > instrumented PCs. This might be a bug in the compiler, please contact the > libFuzzer developers. > >>> > >>> From the build logs, it looks like we're now building objects with > these > >>> sanitizer flags: > >>> > >>> -fsanitize=address > >>> -fsanitize-address-use-after-scope > >>> -fsanitize=fuzzer-no-link > >>> > >>> We're then linking the fuzzer binaries with these: > >>> > >>> -fsanitize=address > >>> -fsanitize-address-use-after-scope > >>> -fsanitize=fuzzer-no-link > >>> -fsanitize=fuzzer > >>> > >>> Any idea what's wrong or where to start looking? > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170824/60cd723f/attachment-0001.html>