search for: libfuzz

Hi All, Currently libfuzzer depends on (often freshly built) clang, yet the dependency is not explicitly specified in cmake. That leads to various issues: for instance, it’s not possible to check out LLVM repo and run libfuzzer tests: one would often need to compile fresh clang first, and then create a separate build direct...

> Does anyone see good reasons why libFuzzer should remain in llvm repo (as > opposed to moving it to compiler-rt)? Does moving LibFuzzer to compiler-rt imply that it is compiled as part of compiler-rt and shipped with it? How does that fit with LibFuzzer's model of allowing the user to provide their own `main()`. Would you just bu...

r247321 refactors the code so that it should build on Mac. I haven't actually tested it on Mac -- so please help me and send follow up patches if needed. check-fuzzer will still fail because some of the libFuzzer tests require dfsan. I'd use some help from someone with a Mac to modify lib/Fuzzer/test/CMakeLists.txt so that it does not run dfsan-dependent tests on Mac. Thanks, --kcc On Wed, Sep 9, 2015 at 9:41 AM, Kostya Serebryany <kcc at google.com> wrote: > > > On Wed, Sep 9, 2015...

On 9 May 2017 at 18:55, Kostya Serebryany <kcc at google.com> wrote: > > > On Tue, May 9, 2017 at 10:23 AM, Dan Liew <dan at su-root.co.uk> wrote: >> >> > Does anyone see good reasons why libFuzzer should remain in llvm repo >> > (as >> > opposed to moving it to compiler-rt)? >> >> Does moving LibFuzzer to compiler-rt imply that it is compiled as part >> of compiler-rt and shipped with it? >> >> How does that fit with LibFuzzer's model of...

...ay 2, 2017 at 4:28 PM, Kostya Serebryany via llvm-dev < llvm-dev at lists.llvm.org> wrote: > On Tue, May 2, 2017 at 12:26 PM, George Karpenkov <ekarpenkov at apple.com> > wrote: > >> From my understanding, all these problems can be solved entirely >> > by moving libfuzzer to compiler-rt, where (other) sanitizers already >> reside. >> > > Yes, that might be a reasonable thing to do. > I am trying to remember the reasons why we've put libFuzzer into llvm and > not into compiler-rt in the first place, and failing to do so. > IIRC you t...

Hi there. I’m trying to use LibFuzzer on OSX and face some issues: I checked out LibFuzzer documentation[1] and managed to proceed until the final step of the first example. Now I see linker errors related to dfsan, dfsan’s documentation[2] states explicitly “DataFlowSanitizer is a work in progress, currently under development for x8...

...t lists.llvm.org> wrote: > > > >> On Tue, May 2, 2017 at 12:26 PM, George Karpenkov <ekarpenkov at apple.com > > > >> wrote: > >> > >>> From my understanding, all these problems can be solved entirely > >>> > >> by moving libfuzzer to compiler-rt, where (other) sanitizers already > >>> reside. > >>> > >> > >> Yes, that might be a reasonable thing to do. > >> I am trying to remember the reasons why we've put libFuzzer into llvm > and > >> not into compiler-rt...

...would be too complicated due to change in licenses > - it would make much more sense to move to “tools” folder instead, for > the following reasons: > * conceptually, it’s a tool, not a library > * all other projects in “lib” depend on LLVM and can not build without > LLVM, libFuzzer does not > * practically speaking, CMake has no way of knowing whether Clang is > being built when > “lib” is compiled, yet it does know for projects in tools. > > Using a freshly built clang for projects in “tools” is embarrassingly easy > and only requires a couple o...

I am working of using libfuzzer and asan to test out a third-party library. As demonstrated in the tutorial, I wrote a fuzz target to fuzz a specific function in the library. The fuzz target is then linked to the library and compiles clean and I do see some tests generated by the fuzzer. However, I have some questions regarding...

...e have missed: libraries under `build/lib` are not installed into toolchain > on mac os (and neither on linux, I would suppose). Actually that isn't accurate. By default we don't install the LLVM libraries, but that is completely configurable in the build system. It doesn't work for libFuzzer because the CMake build for libFuzzer is not built using any of the LLVM CMake modules or following any of LLVM's conventions. > Thus installations of Clang would not contain libLLVMFuzzer, but we would like them to, so that users would not have > to compile anything, and could just ca...

...ould be too complicated due to change in licenses >> - it would make much more sense to move to “tools” folder instead, for the following reasons: >> * conceptually, it’s a tool, not a library >> * all other projects in “lib” depend on LLVM and can not build without LLVM, libFuzzer does not >> * practically speaking, CMake has no way of knowing whether Clang is being built when >> “lib” is compiled, yet it does know for projects in tools. >> >> Using a freshly built clang for projects in “tools” is embarrassingly easy and only requires a c...

It might be a wider problem than libfuzzer. I did want to raise the problem asap and libfuzzer is something we know has the problem. If it came across as "libfuzzer is evil" that was not my intent, sorry! --paulr From: Kostya Serebryany [mailto:kcc at google.com] Sent: Thursday, December 01, 2016 2:53 PM To: Robinson, Paul Cc:...

> I really like the property of libFuzzer living in its own place so that > it's easy to use without building the world But it’s not: the implementation of the coverage instrumentation is done in one of the sanitizers, so it’s impossible to just use libFuzzer without them. Furthermore, I would think that almost all libFuzzer user...

> On May 9, 2017, at 3:00 PM, Kostya Serebryany <kcc at google.com> wrote: > > Thanks for the explanations! (it was worth asking) > > I do want to build libFuzzer itself (and its tests) using the just-built clang. So, llvm/runtimes then. > I'd name the directory llvm/runtimes/libFuzzer, if possible (the old path was lib/Fuzzer which is how the tool got it's name, actually) > George, would you like to send the change for review? OK > &gt...

Hi Mitch, Thank you for the response. 1. You don't need to build the library with `-fsanitize-coverage=...`, using `-fsanitize=fuzzer-no-link,address` should be sufficient. - Acknowledged 2. (although you can actually build object files/shared libraries with -fsanitize=fuzzer, and the libFuzzer main won't be linked, if this makes your build process easier). - with just the *fuzzer *flag, it looks for the LLVMFuzzerTestOneInput. 3. I've run a quick grep and can't find anything that would match "apifunc() resp=0x7ff38f83ac20 uninitialized, fixing it." in libFuzzer (...

Greg, This is lots of useful feedback! I'll reply to individual bullets when time permits (mostly after the holidays). If you find a bug in Postgres with libFuzzer, please let us know so that we can add it to http://llvm.org/docs/LibFuzzer.html#trophies On Sat, Sep 5, 2015 at 8:40 AM, Greg Stark via llvm-dev < llvm-dev at lists.llvm.org> wrote: > On Sat, Sep 5, 2015 at 1:50 PM, Greg Stark <stark at mit.edu> wrote: > > 2) I've caug...

...#39;move'. > > There remains a number of unsolved issues: > > 1) Naming: “runtimes” enforces LLVM naming convention. > The project name is formed by removing the “lib” prefix, and then that is > the main ninja target, > and check-PROJ_NAME is used for tests. > Thus for libfuzzer the choices for folder/target name/tests target name > become > `libfuzzer`/`fuzzer`/`check-fuzzer`. > > That is not optimal, but the situation is even worse if the folder is > called `libFuzzer`, > as targets rarely start with capital letters. > > 2) Dependencies: libFuzz...

There is already –mllvm –use-unknown-locations which ought to trigger this. Don't need my patch. --paulr From: Kostya Serebryany [mailto:kcc at google.com] Sent: Thursday, December 01, 2016 4:08 PM To: Robinson, Paul Cc: llvm-dev at lists.llvm.org Subject: Re: [llvm-dev] Libfuzzer depending on uninitialized debug info On Thu, Dec 1, 2016 at 3:37 PM, Robinson, Paul <paul.robinson at sony.com<mailto:paul.robinson at sony.com>> wrote: It might be a wider problem than libfuzzer. I did want to raise the problem asap and libfuzzer is something we know has the pro...

...he code to compiler-rt. > > This would solve at least this problem. > Since we now have -fsanitize=fuzzer it will actually be pretty natural. > > > Licensing concerns, compiler-rt has a different license. > @%##%)*% But wait a sec, the sanitizers are ok with this license, why libFuzzer isn't? (Sorry, my memory has been flushed over the last month) > > BTW libFuzzer CMake has a crazy amount of hacks to work under Windows, > where logic in many parts > is entirely different, so any help on testing and fixing arising issues > would be much appreciated. > I...

...: https://reviews.llvm.org/D37526 For the context, there is a comment in compiler-rt/lib/fuzzer/FuzzerExtFunctionsWeak.cpp: // Implementation for Linux. This relies on the linker's support for weak // symbols. We don't use this approach on Apple platforms because it requires // clients of LibFuzzer to pass ``-U _<symbol_name>`` to the linker to allow // weak symbols to be undefined. That is a complication we don't want to expose // to clients right now. That makes sense, but with current implementation, you cannot use libFuzzer's interface functions other than LLVMFuzzerTestO...