Displaying 20 results from an estimated 377 matches for "fsanit".
Did you mean:
fsanity
2017 Aug 24
5
Building LLVM's fuzzers
...): 0 [0x10e2870a8,0x10e2870a8),
ERROR: The size of coverage PC tables does not match the number of instrumented PCs. This might be a bug in the compiler, please contact the libFuzzer developers.
>From the build logs, it looks like we're now building objects with these
sanitizer flags:
-fsanitize=address
-fsanitize-address-use-after-scope
-fsanitize=fuzzer-no-link
We're then linking the fuzzer binaries with these:
-fsanitize=address
-fsanitize-address-use-after-scope
-fsanitize=fuzzer-no-link
-fsanitize=fuzzer
Any idea what's wrong or where to start looking?
2017 Aug 24
3
Building LLVM's fuzzers
...The size of coverage PC tables does not match the number of instrumented PCs. This might be a bug in the compiler, please contact the libFuzzer developers.
>>
>> From the build logs, it looks like we're now building objects with these
>> sanitizer flags:
>>
>> -fsanitize=address
>> -fsanitize-address-use-after-scope
>> -fsanitize=fuzzer-no-link
>>
>> We're then linking the fuzzer binaries with these:
>>
>> -fsanitize=address
>> -fsanitize-address-use-after-scope
>> -fsanitize=fuzzer-no-link
>> -fs...
2017 Aug 24
3
Building LLVM's fuzzers
...odules/HandleLLVMOptions.cmake
> index 04596a6ff63..5465d8d95ba 100644
> --- a/cmake/modules/HandleLLVMOptions.cmake
> +++ b/cmake/modules/HandleLLVMOptions.cmake
> @@ -665,6 +665,9 @@ if(LLVM_USE_SANITIZER)
> endif()
> if (LLVM_USE_SANITIZE_COVERAGE)
> append("-fsanitize=fuzzer-no-link" CMAKE_C_FLAGS CMAKE_CXX_FLAGS)
> +
> + # Dead stripping messes up coverage instrumentation.
> + set(LLVM_NO_DEAD_STRIP ON)
> endif()
> endif()
>
> Any arguments against that?
We shouldn't do this. We really only want to prevent dead stripp...
2013 Sep 06
2
[LLVMdev] [lld] buildbot configuration on using -fsanitize options
Hi All, Chandler,
After listening to Chandlers presentation at Going native 2013,
I think "lld" should add a buildbot configuration to turn on building
lld with -fsanitize options and have buildbot configurations to run on
* darwin
* linux (ubuntu).
I was not really sure on if llvm changes use a buildbot with the
-fsanitize options turned on / how stable the llvm libraries are when
compiled using those options.
Does it make sense to have
* llvm built in the...
2013 Sep 09
0
[LLVMdev] [lld] buildbot configuration on using -fsanitize options
...one.
Alex
On Sep 6, 2013, at 2:27 PM, Shankar Easwaran <shankare at codeaurora.org> wrote:
> Hi All, Chandler,
>
> After listening to Chandlers presentation at Going native 2013,
>
> I think "lld" should add a buildbot configuration to turn on building lld with -fsanitize options and have buildbot configurations to run on
>
> * darwin
> * linux (ubuntu).
>
> I was not really sure on if llvm changes use a buildbot with the -fsanitize options turned on / how stable the llvm libraries are when compiled using those options.
>
> Does it make se...
2017 Aug 24
3
Building LLVM's fuzzers
> On Aug 24, 2017, at 2:55 PM, Kostya Serebryany <kcc at google.com> wrote:
>
> Interesting.
> This is a relatively new addition (fsanitize-coverage=pc-tables, which is now a part of -fsanitize=fuzzer).
> The tests worked (did they? On Mac?) so I thought everything is ok.
For tests we never compile the tested target with -O3 (and that wouldn’t be sufficient),
and for testing fuzzers I was always building them in debug
> Y...
2020 Apr 03
4
Segfault after compiling wget with dfsan
....org/gnu/wget/wget-1.19.5.tar.gz). But when compiled with
dfsan, it encountered a null pointer dereference error.
Following an old post:
http://lists.llvm.org/pipermail/cfe-dev/2014-May/037160.html . I was trying
to use a blacklist for openssl functions.
My commands are:
export CC="clang -g -fsanitize=dataflow
-fsanitize-blacklist=/tmp/openssl-list.txt
export LDFLAGS=" -fsanitize=dataflow
-fsanitize-blacklist=/tmp/openssl-list.txt
./configure --with-ssl=openssl
make
I've tried with clang 9,10, and the nightly build of 11 today.
The error is:
when trying to run "src/wget www.go...
2016 Sep 20
2
[cfe-dev] Recent clang regressions
I get some failing tests from compiler-rt.
FAIL: cfi :: cross-dso/stats.cpp (30831 of 30893)
******************** TEST 'cfi :: cross-dso/stats.cpp' FAILED
********************
Script:
--
/usr/local/google/home/prazek/llvm-build-release/./bin/clang -fuse-ld=gold
-flto -fsanitize=cfi -fwhole-program-vtables --driver-mode=g++
-fsanitize-cfi-cross-dso -fvisibility=default -DSHARED_LIB -fPIC -g
-fsanitize-stats -shared -o
/usr/local/google/home/prazek/llvm-build-release/projects/compiler-rt/test/cfi/Devirt/cross-dso/Output/
stats.cpp.tmp.so
/usr/local/google/home/prazek/llv...
2013 Sep 09
2
[LLVMdev] [lld] buildbot configuration on using -fsanitize options
Hi Alex,
+ Galina
Ubuntu/Debian should work as well, I wanted one flavor where lld could
be built on linux platform.
I will want to have a seperate buildbot to seperate failures if any due
to the fsanitize options.
Do you know if llvm itself gets tested as a complete build with the
fsanitize options ?
Enabling tsan seems to be a good idea too.
Thanks
Shankar Easwaran
On 9/8/2013 10:22 PM, Alex Rosenberg wrote:
> There are existing Darwin and Win7 builders, and a few Debian configs that a...
2017 Aug 24
4
Building LLVM's fuzzers
...nkov <ekarpenkov at apple.com
>> >
>> > wrote:
>> >
>> >>
>> >> On Aug 24, 2017, at 2:55 PM, Kostya Serebryany <kcc at google.com> wrote:
>> >>
>> >> Interesting.
>> >> This is a relatively new addition (fsanitize-coverage=pc-tables, which
>> is
>> >> now a part of -fsanitize=fuzzer).
>> >> The tests worked (did they? On Mac?) so I thought everything is ok.
>> >>
>> >>
>> >> For tests we never compile the tested target with -O3 (and that
&g...
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
Hi Mitch,
Thank you for the response.
1. You don't need to build the library with `-fsanitize-coverage=...`,
using `-fsanitize=fuzzer-no-link,address` should be sufficient. -
Acknowledged
2. (although you can actually build object files/shared libraries with
-fsanitize=fuzzer, and the libFuzzer main won't be linked, if this makes
your build process easier). - with just the *fuzzer...
2017 Aug 24
2
Building LLVM's fuzzers
...cs'
>
>
>
> On Thu, Aug 24, 2017 at 3:07 PM, George Karpenkov <ekarpenkov at apple.com>
> wrote:
>
>>
>> On Aug 24, 2017, at 2:55 PM, Kostya Serebryany <kcc at google.com> wrote:
>>
>> Interesting.
>> This is a relatively new addition (fsanitize-coverage=pc-tables, which is
>> now a part of -fsanitize=fuzzer).
>> The tests worked (did they? On Mac?) so I thought everything is ok.
>>
>>
>> For tests we never compile the tested target with -O3 (and that wouldn’t
>> be sufficient),
>> and for testi...
2019 Nov 12
2
Using Libfuzzer on a library - linking the library to the fuzz target
...p=0x7ff38f83ac20 uninitialized,
fixing it*. I am not sure what this means. Also, I can see that the apifunc
is called and it runs but it does not show up in the *NEW_FUNC[x/xxx]: *log
lines in the libfuzzer output.
To enable fuzzing. First I build the library with the following libfuzzer
flags.
*-fsanitize=fuzzer-no-link,address -fsanitize-coverage=edge,indirect-calls*
I also had to make a blacklist to avoid some buffer overflow and use after
free error during this build.
After this, I link the fuzz target with the library and use the following
libfuzzer options.
*-fsanitize=fuzzer,address*
I am...
2017 Aug 24
3
Building LLVM's fuzzers
...y on the optimizer).
>>
>> Is there a simple way to reproduce the link failure?
>>
>
>
> ninja compiler-rt
> echo 'extern "C" int LLVMFuzzerTestOneInput(const unsigned char *a,
> unsigned long b){return 0; } ' > test.cc
> clang -O3 test.cc -fsanitize=fuzzer # works
> clang -O3 test.cc -Wl,-gc-sections -fsanitize=fuzzer # fails
>
It seems that the issue is that older versions of ld.bfd have a bug which
causes it not to define __start_ and __stop_ symbols if the only reference
to those symbols is from a constructor.
If I add an artifi...
2018 Mar 19
2
Suggestions for how coroutines and UBSan codegen can play nice with one another?
Hello all!
(+cc Vedant Kumar, who I've been told knows a lot about UBSan!)
I am trying to fix an assert that occurs when the transforms in
llvm/lib/Transforms/Coroutines are applied to LLVM IR that has been
generated with UBSan enabled -- specifically, '-fsanitize=null'.
You can see an example of the assert in this 26-line C++ file here:
https://godbolt.org/g/Gw9UZq
Note that without the '-fsanitize=null' option this compiles fine, but when
that option is used, Clang/LLVM crashes due to "error in backend: cannot
move instruction since i...
2017 Aug 25
2
Building LLVM's fuzzers
...reproduce the link failure?
> >>>
> >>
> >>
> >> ninja compiler-rt
> >> echo 'extern "C" int LLVMFuzzerTestOneInput(const unsigned char *a,
> >> unsigned long b){return 0; } ' > test.cc
> >> clang -O3 test.cc -fsanitize=fuzzer # works
> >> clang -O3 test.cc -Wl,-gc-sections -fsanitize=fuzzer # fails
> >>
> >
> > It seems that the issue is that older versions of ld.bfd have a bug which
> > causes it not to define __start_ and __stop_ symbols if the only
> reference
> &g...
2017 Jul 21
3
Where does the LLVM implement the Ubsan's instrumentations?
> I think your best bet for controlling code bloat is to compile with
> -fsanitize=undefined -fsanitize-trap=undefined.
Also you may not need all of UBSan's checks at the same time -- so pick
and choose among its checks using the finer-grained flags.
If you're really stuck against a hard limit on code size, try applying
UBSan to a subset of files in your project at...
2018 May 14
3
RFC: Implementing -fno-delete-null-pointer-checks in clang
...M, Philip Reames via llvm-dev wrote:
> Fair warning, the following is a devil's advocate position, but it's
> also a serious question.
>
> Given the entire point of this flag appears to be bug mitigation, why
> not frame this as a sanitizer? If we had a hypothetical
> -fsanitize=dereference which tried to catch dereferenced pointers
> derived from null, wouldn't that handle the case at hand?
It's called "-fsanitize=null": it catches stuff like "x[3]" where x is
null. It's not quite complete; we don't check for arithmetic on a nu...
2017 Apr 28
2
LibFuzzer syntax sugar flag
...g technology while sanitizers are associated with inserting additional checks into the program. The different linking behavior is another major difference.
Anna.
> On Apr 27, 2017, at 4:08 PM, Kostya Serebryany via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>
> on the one hand, -fsanitize=fuzzer might indeed be confusing as it behaves in somewhat different way compared to other sanitizers
> Major difference: links in a library with main()
> On the other hand, I like "-fsanitize=fuzzer,address" more than "-fsanitize=address -ffuzzer"
>
> --kcc
&g...
2017 Apr 26
2
LibFuzzer syntax sugar flag
Hi All,
Recently we have introduced a short syntactic sugar flag for compiling a file with libfuzzer:
one just needs to add “-fsanitize=fuzzer” to the command line, and the driver would specify
coverage flags and link with libfuzzer automatically.
I wanted to ask whether it would make more sense to rename the flag to “-ffuzzer”,
as it’s not a sanitizer, and it has a much heavier effect.
Thanks,
George