-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[llvm_libc] Add project files for llvm-libc fuzzing. #3418
Conversation
Travis tests have failedHey @PaulkaToast, 2nd Build./infra/travis/travis_build.py
3rd Build./infra/travis/travis_build.py
TravisBuddy Request Identifier: a6e98270-56b2-11ea-8ad8-19cca21d7143 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we approve this project since it's LLVM. But you need to fix the build errors before landing.
When you run the fuzzer what's the number you see next to inline 8-bit counters? Our tests block fuzzers with less than 100 because 1. often this is due to user error when building 2. If not user error, the target is so small that continuous fuzzing isn't so useful.
For the AFL failure, I assume you won't be able to easily get AFL working since AFL needs -fsanitize-trace-pc-guard. I don't know how exactly LLVM's cmake does coverage instrumentation, but it doesn't seem to support this. All other LLVM projects disable LLVM.
Travis tests have failedHey @PaulkaToast, 1st Build./infra/travis/travis_build.py
2nd Build./infra/travis/travis_build.py
TravisBuddy Request Identifier: fde515e0-56c0-11ea-8ad8-19cca21d7143 |
The fuzzer code is really short right now because we are calling into the system memcpy and strlen, this first fuzzer is meant to be a proof of concept to see if the build system and oss-fuzz integration works. It will get more fleshed out later and have more edges to instrument. |
We might have a way of whitelisting this project (@Dor1s WDYT?) but it would be easier for us to not to do this. |
I'm not supportive of whitelisting tiny fuzz targets. Please see #2469 (comment) for the reasoning :) |
Yes as Max said, we would prefer to have a proper fuzz target as otherwise it would fail our instrumentation checks (for minimum number of program edges). |
Travis tests have failedHey @PaulkaToast, 3rd Build./infra/travis/travis_build.py
TravisBuddy Request Identifier: 1bb17450-8151-11ea-b3db-bd01bce4ecd4 |
Travis tests have failedHey @PaulkaToast, 2nd Build./infra/travis/travis_build.py
3rd Build./infra/travis/travis_build.py
TravisBuddy Request Identifier: 4e80f960-8155-11ea-b3db-bd01bce4ecd4 |
Travis tests have failedHey @PaulkaToast, 1st Build./infra/travis/travis_build.py
2nd Build./infra/travis/travis_build.py
TravisBuddy Request Identifier: 7ca65420-8155-11ea-b3db-bd01bce4ecd4 |
Hey @PaulkaToast Are you still interested in landing this PR? |
Sorry for the long silence here. I plan to submit a larger fuzz target later this week. I am not sure at this point if it better to do it with a different pull request or just add to it (if at all possible). |
Thanks! It doesn't really matter to me if you want to add a big fuzzer in this PR or in another. You can do whatever is convenient/works for you. |
I have added few more complex fuzz targets in LLVM libc. However, the maximum I see for the 8-bit counters is 22.
IIUC, this still does not meet the bar, correct? |
Don't think so. I think we probably need at least 100. |
Added project files for llvm_libc to integrate with oss-fuzz.
@sivachandra