[llvm-dev] Building LLVM's fuzzers

Kostya Serebryany via llvm-dev llvm-dev at lists.llvm.org
Thu Aug 24 11:55:40 PDT 2017 

+mascasa@ FYI

Also, I am going to file a bug to implement some improvements in the way we
build and use fuzz targets in LLVM.

And, take a look at the last night's trophies:
https://bugs.chromium.org/p/oss-fuzz/issues/list?q=label:Proj-llvm

On Thu, Aug 24, 2017 at 11:47 AM, George Karpenkov <ekarpenkov at apple.com>
wrote:

> Indeed, I can reproduce in release build. Looking into it.
> As a workaround, for now you could try to use debug build of fuzzers.
> > On Aug 24, 2017, at 11:39 AM, Justin Bogner <mail at justinbogner.com>
> wrote:
> >
> > George Karpenkov <ekarpenkov at apple.com> writes:
> >> Should -DCMAKE_CXX_COMPILER be also specified?
> >
> > CMake is smart enough to infer that from C_COMPILER:
> >
> >  % grep CMAKE_CXX_COMPILER CMakeCache.txt
> >  CMAKE_CXX_COMPILER:FILEPATH=/Users/bogner/llvm-lkgc/bin/clang++
> >
> >>> On Aug 24, 2017, at 11:29 AM, Justin Bogner <mail at justinbogner.com>
> wrote:
> >>>
> >>> (kcc, george: sorry for the re-send, the first was from a non-list
> email
> >>> address)
> >>>
> >>> My configuration for building the fuzzers in the LLVM tree doesn't
> seem to
> >>> work any more (possibly as of moving libFuzzer to compiler-rt, but
> there
> >>> have been a few other changes in the last week or so that may be
> related).
> >>>
> >>> I'm building with a fresh top-of-tree clang and setting
> >>> -DLLVM_USE_SANITIZER=Address and -DLLVM_USE_SANITIZE_COVERAGE=On,
> which
> >>> was working before:
> >>>
> >>> % cmake -GNinja \
> >>>         -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_ASSERTIONS=On \
> >>>         -DLLVM_ENABLE_WERROR=On \
> >>>         -DLLVM_USE_SANITIZER=Address -DLLVM_USE_SANITIZE_COVERAGE=On \
> >>>         -DCMAKE_C_COMPILER=$HOME/llvm-lkgc/bin/clang \
> >>>         $HOME/code/llvm-src
> >>>
> >>> But when I run any of the fuzzers, it looks like the sanitizer coverage
> >>> hasn't been set up correctly:
> >>>
> >>> % ./bin/llvm-as-fuzzer
>                                    2017-08-24 11:14:33
> >>> INFO: Seed: 4089166883
> >>> INFO: Loaded 1 modules   (50607 guards): 50607 [0x10e14ef80,
> 0x10e18063c),
> >>> INFO: Loaded 1 PC tables (0 PCs): 0 [0x10e2870a8,0x10e2870a8),
> >>> ERROR: The size of coverage PC tables does not match the number of
> instrumented PCs. This might be a bug in the compiler, please contact the
> libFuzzer developers.
> >>>
> >>> From the build logs, it looks like we're now building objects with
> these
> >>> sanitizer flags:
> >>>
> >>> -fsanitize=address
> >>> -fsanitize-address-use-after-scope
> >>> -fsanitize=fuzzer-no-link
> >>>
> >>> We're then linking the fuzzer binaries with these:
> >>>
> >>> -fsanitize=address
> >>> -fsanitize-address-use-after-scope
> >>> -fsanitize=fuzzer-no-link
> >>> -fsanitize=fuzzer
> >>>
> >>> Any idea what's wrong or where to start looking?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170824/60cd723f/attachment-0001.html>

More information about the llvm-dev mailing list