[PATCH] D49441: [libFuzzer] Update documentation regarding MSan.
Matt Morehouse via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Tue Jul 17 12:16:19 PDT 2018
morehouse created this revision.
morehouse added a reviewer: kcc.
-fsanitize=fuzzer,memory now works out-of-the-box.
https://reviews.llvm.org/D49441
Files:
llvm/docs/LibFuzzer.rst
Index: llvm/docs/LibFuzzer.rst
===================================================================
--- llvm/docs/LibFuzzer.rst
+++ llvm/docs/LibFuzzer.rst
@@ -75,11 +75,13 @@
In order to build your fuzzer binary, use the `-fsanitize=fuzzer` flag during the
compilation and linking. In most cases you may want to combine libFuzzer with
-AddressSanitizer_ (ASAN), UndefinedBehaviorSanitizer_ (UBSAN), or both::
+AddressSanitizer_ (ASAN), UndefinedBehaviorSanitizer_ (UBSAN), MemorySanitizer_
+(MSAN), or both ASAN and UBSAN::
clang -g -O1 -fsanitize=fuzzer mytarget.c # Builds the fuzz target w/o sanitizers
clang -g -O1 -fsanitize=fuzzer,address mytarget.c # Builds the fuzz target with ASAN
clang -g -O1 -fsanitize=fuzzer,signed-integer-overflow mytarget.c # Builds the fuzz target with a part of UBSAN
+ clang -g -O1 -fsanitize=fuzzer,memory mytarget.c # Builds the fuzz target with MSAN
This will perform the necessary instrumentation, as well as linking with the libFuzzer library.
Note that ``-fsanitize=fuzzer`` links in the libFuzzer's ``main()`` symbol.
@@ -93,10 +95,6 @@
Then libFuzzer can be linked to the desired driver by passing in
``-fsanitize=fuzzer`` during the linking stage.
-Using MemorySanitizer_ (MSAN) with libFuzzer is possible too, but tricky.
-The exact details are out of scope, we expect to simplify this in future
-versions.
-
.. _libfuzzer-corpus:
Corpus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D49441.155937.patch
Type: text/x-patch
Size: 1473 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180717/5a10dbc7/attachment.bin>
More information about the llvm-commits
mailing list