[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.
Matt Morehouse via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Jul 13 12:12:29 PDT 2020
morehouse added a comment.
In D83494#2148164 <https://reviews.llvm.org/D83494#2148164>, @dokyungs wrote:
> In D83494#2148043 <https://reviews.llvm.org/D83494#2148043>, @hctim wrote:
>
> > In D83494#2147608 <https://reviews.llvm.org/D83494#2147608>, @dokyungs wrote:
> >
> > > Builtin libfunc optimizations may transform memcmp and strcmp-like functions. To disable such optimizations, -fno-builtin= flag was additionally added in compiling new test cases. FWIW, the original test cases didn't require such flags since other sanitizers including ASan disables those optimizations in their LLVM pass by dropping libfunc attribute in the call instructions.
> >
> >
> > It sounds like we need to add `-fno-builtin` in the clang driver when building with sancov as well. Otherwise, users won't get any benefit of this patch without doing `clang++ -fsanitize=fuzzer my_fuzz_target.cpp -fno-builtin-strstr -fno-builtin-strncmp -fno-builtin-strcmp -fno-builtin-memcmp`?
>
>
> Right. Apparently with `-O2` many calls to `memcmp`-like functions are removed. I just wondered, though, what makes more sense: disabling such optimization when building (i) with sancov, or (ii) with `-fsanitize=fuzzer`? If we go for (i), would it make sense to do it in the SanitizerCoverage module pass like other sanitizers do? What do you think? Also, can it be addressed in a follow-up patch?
My opinion is to make it part of `-fsanitize=fuzzer`, or maybe disable parts of the builtin optimization pass for functions with the `OptForFuzzing` attribute.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D83494/new/
https://reviews.llvm.org/D83494
More information about the cfe-commits
mailing list