[llvm-dev] Fuzzing complex programs
mats petersson via llvm-dev
llvm-dev at lists.llvm.org
Thu Sep 3 06:55:45 PDT 2015
I'm fairly sure your compiler (or rather linker) errors are coming from the
fact that you are not linking to the C++ runtime library. Use `clang++
-std=c++11 *.o`, and I'm reasonably sure it will do what you want.
--
Mats
On 3 September 2015 at 12:26, Greg Stark via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
> On Sun, Aug 30, 2015 at 3:30 PM, Greg Stark <stark at mit.edu> wrote:
> > To do this effectively I think it would be best to invoke the fuzzer
> > from inside Postgres. Essentially provide bindings for Libfuzzer so
> > you can I can have Libfuzzer provide all the test cases to repeatedly
> > call the internal functions on.
> >
> > Is there any example of doing something like this already? Am I taking
> > a crazy approach?
>
>
> So on further inspection it seems the API I want, at least for the
> in-process plan is mostly there in LLVMFuzzerNoMain. It would be nice
> if I could call the driver with a function pointer and void* and it
> would call my callback passing that closure along with the fuzzed
> input. But I can probably work around that with a global variable.
>
> I'm actually kind of frustrated by a more basic problem. The build
> system. It seems LibFuzzer is meant to be compiled as part of LLVM but
> it didn't get compiled when I built LLVM because I didn't build it
> with sanitize-coverage enabled. Now I can't get it to build because I
> get errors like:
>
> $ for i in *.cpp ; do clang -c -std=c++11 $i ; done
> $ clang -std=c++11 *.o
> FuzzerDriver.o: In function `fuzzer::ReadTokensFile(char const*)':
> FuzzerDriver.cpp:(.text+0x56): undefined reference to
> `std::allocator<char>::allocator()'
> FuzzerDriver.cpp:(.text+0x6d): undefined reference to
> `std::__cxx11::basic_string<char, std::char_traits<char>,
> std::allocator<char> >::basic_string(char const*, std::allocator<char>
> const&)'
> FuzzerDriver.cpp:(.text+0x8d): undefined reference to
> `std::__cxx11::basic_string<char, std::char_traits<char>,
> std::allocator<char> >::~basic_string()'
> FuzzerDriver.cpp:(.text+0x96): undefined reference to
> `std::allocator<char>::~allocator()'
> FuzzerDriver.cpp:(.text+0xab): undefined reference to
> `std::__cxx11::basic_istringstream<char, std::char_traits<char>,
> std::allocator<char>
> >::basic_istringstream(std::__cxx11::basic_string<char,
> std::char_traits<char>, std::allocator<char> > const&,
> std::_Ios_Openmode)'
> FuzzerDriver.cpp:(.text+0x14c): undefined reference to
> `std::allocator<char>::allocator()'
> FuzzerDriver.cpp:(.text+0x166): undefined reference to
> `std::__cxx11::basic_string<char, std::char_traits<char>,
> std::allocator<char> >::basic_string(char const*, std::allocator<char>
> const&)'
> FuzzerDriver.cpp:(.text+0x18f): undefined reference to
> `std::__cxx11::basic_string<char, std::char_traits<char>,
> std::allocator<char> >::~basic_string()'
>
> And I get similar errors if I try to build it using the LLVM CMake
> generated makefiles (after running "cmake
> -DLLVM_USE_SANITIZE_COVERAGE=1" in the LibFuzzer directory), in fact I
> get errors that I need -std=c++11. Do I need to recompile *all* of
> llvm as if I was going to fuzz LLVM just to get libfuzzer built?
>
> --
> greg
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20150903/a35265f7/attachment.html>
More information about the llvm-dev
mailing list