search for: mitchp

Thanks for the update, Phillips. Yes, please add me, Stephen and Ana (CCed) to Phabricator reviews. Zhaoshi From: Mitch Phillips <mitchp at google.com> Sent: Tuesday, July 14, 2020 19:10 To: Zhaoshi Zheng <zhaoshiz at quicinc.com> Cc: llvm-dev at lists.llvm.org; Stephen Long <steplong at quicinc.com> Subject: [EXT] Re: [llvm-dev] [MTE] Tagging Globals Hi Zhaoshi, Currently there's no global tagging instrumentati...

...e any timeline on sharing it through > Phabricator? > > > > Thanks, > > Zhaoshi > > > > *From:* llvm-dev <llvm-dev-bounces at lists.llvm.org> *On Behalf Of *Zhaoshi > Zheng via llvm-dev > *Sent:* Tuesday, July 14, 2020 21:34 > *To:* Mitch Phillips <mitchp at google.com> > *Cc:* llvm-dev at lists.llvm.org; Stephen Long <steplong at quicinc.com> > *Subject:* [EXT] Re: [llvm-dev] [MTE] Tagging Globals > > > > Thanks for the update, Phillips. > > > > Yes, please add me, Stephen and Ana (CCed) to Phabricator reviews...

...he fuzz target and link it with the library. *clang++ -g -O1 -fsanitize=fuzzer,address -Iinclude -Ibuild/include ..... fuzztarget.c -Lbuild/lib -llib1 -llib2* and then finally *./a.out -detect_leaks=0 corpus/* I appreciate your help with this. On Tue, Nov 12, 2019 at 11:38 AM Mitch Phillips <mitchp at google.com> wrote: > Hi Shikhar, > > You don't need to build the library with `-fsanitize-coverage=...`, using > `-fsanitize=fuzzer-no-link,address` should be sufficient. Without being > able to inspect, it seems like you're building the library/fuzz target in a > s...

Hi, I've seen this issue pop up on the mailing list a couple of times before with no resolution [1][2][3]. It has been getting really bad for our AArch64 buildbots lately. You can see a few examples at the end of my email [4], but we have the same failures on a couple of other bots as well. Does anyone have any idea how to reproduce / investigate these issues? If not, is it reasonable to

...gram, and then run my program, what difference does it make for the execution of my program whether the compiler itself was instrumented or not? Do you mean that ASAN runtime itself should be instrumented, since your program loads that at runtime? On Tue, Jul 7, 2020 at 2:04 PM Mitch Phillips <mitchp at google.com> wrote: > Bearing in mind that the ASan allocator isn't particularly suited to > detecting memory corruption unless you compile LLVM/Clang with ASan > instrumentation as well. I don't imagine anybody would be proposing making > the debug build for Windows be AS...

* Mitch Phillips <mitchp at google.com> [2020-10-09 13:17:06 -0700]: > > > static int a[8]; > > static int *p = a - 5; > > ... > > p[10] = 1; > > should work (even if it's not valid in c it can be valid as > > a c extension or written in asm, so ELF should support it). &...

Hello, We're evaluating memory tagging (MTE) on some internal workloads. We noticed that stack variables are tagged by an instrumentation pass and heap objects are handled by the allocator (Scudo). How about global variables? We tried a simple case using -march=armv8a+memtag -fsanitize=memtag, but found no tagging: Are we missing anything or tagging globals is still in progress? int

> > note: these bits are not really reserved for os or processor > specific use in ELF. in practice they are processor specific > so it will be STO_AARCH64_TAGGED. > Correct. note2: undefined symbol references will need correct marking > too if objects may get copy relocated into the main exe and > linkers should check if definitions match references. Yep - at this point I

Asan and the Debug CRT take different approaches, but the problems they cover largely overlap. Both help with detection of errors like buffer overrun, double free, use after free, etc. Asan generally gives you more immediate feedback on those, but you pay a higher price in performance. Debug CRT lets you do some trade off between the performance hit and how soon it detects problems. Asan

I am working of using libfuzzer and asan to test out a third-party library. As demonstrated in the tutorial, I wrote a fuzz target to fuzz a specific function in the library. The fuzz target is then linked to the library and compiles clean and I do see some tests generated by the fuzzer. However, I have some questions regarding the "right" way to go about doing this. I have doubts that

Hi, I am trying to execute a simple hello world program compiled like so: path/to/compiled/clang -o test --target=aarch64-linux-gnu -march=armv8.5-a -fsanitize=hwaddress --sysroot=/usr/aarch64-linux-gnu/ -L/usr/lib/gcc/aarch64-linux-gnu/10.1.0/ -g test.c However, when I look at the disassembly, there is an unknown instruction listed at 0x2d51c: 000000000002d4c0 main: 2d4c0: ff c3 00 d1