Invalid section names in Mach-O file on OS X w/ custom target spec #22915
Comments
|
So, to be clear, the problem here is specifically that rustc generates invalid data for creating mach-o object files? |
|
Interesting. This call to get_metadata_section is the relevant code. |
|
@huonw I think so, but I'm not sure where the section names (and segment names in Mach-O) get emitted. I intended |
kmcallister
added
the
A-linkage
kmcallister
changed the title
|
Triage: no changes I'm aware of |
|
Presently, the compiler dies with the error when given a json for Leaving the field out altogether triggers this error: So it's unknown whether ELF sections are still produced, since those would be linker errors. |
frewsxcv
added a commit
to rust-fuzz/afl.rs
that referenced
this issue
Nov 12, 2017
Before ====== AFL is a coverage guided fuzzer. Prior to these changes, afl.rs would rely on [an LLVM pass] to instrument the fuzz target and get insight into the code branches hit by the fuzzer. Depending on the user's system, sometimes the ABI stars would align and this would work. But [seemingly most of the time][problems], it was a headache for many users. [an LLVM pass]: https://github.com/rust-fuzz/afl.rs/tree/6d5b5256d7a9a4909a00ba86501be7c9687cd56e/afl-plugin [problems]: #57 After ==== With these changes, the LLVM pass is no longer necessary. Instead of using AFL's own LLVM pass for instrumentation, this pull request migrates to LLVM's built-in execution tracing feature `trace-pc-guard` which [AFL supports]. Effectively, these changes makes fuzzing Rust code with AFL _much_ easier than before. In particular: - No longer requires unstable Rust features - Works on all Rust channels (stable, beta, nightly) - No longer need to modify the Rust crate being fuzzed, just write the fuzz target - Linux-only for now, but if [this Rust bug] gets fixed, it'll work on macOS [AFL supports]: https://github.com/mirrorer/afl/blob/2fb5a3482ec27b593c57258baae7089ebdc89043/llvm_mode/README.llvm#L169-L188 [this Rust bug]: rust-lang/rust#22915
frewsxcv
added a commit
to rust-fuzz/afl.rs
that referenced
this issue
Nov 12, 2017
Before ====== AFL is a coverage guided fuzzer. Prior to these changes, afl.rs would rely on [an LLVM pass] to instrument the fuzz target and get insight into the code branches hit by the fuzzer. Depending on the user's system, sometimes the ABI stars would align and this would work. But [seemingly most of the time][problems], it was a headache for many users. [an LLVM pass]: https://github.com/rust-fuzz/afl.rs/tree/6d5b5256d7a9a4909a00ba86501be7c9687cd56e/afl-plugin [problems]: #57 After ==== With these changes, the LLVM pass is no longer necessary. Instead of using AFL's own LLVM pass for instrumentation, this pull request migrates to LLVM's built-in execution tracing feature `trace-pc-guard` which [AFL supports]. Effectively, these changes makes fuzzing Rust code with AFL _much_ easier than before. In particular: - No longer requires unstable Rust features - Works on all Rust channels (stable, beta, nightly) - No longer need to modify the Rust crate being fuzzed, just write the fuzz target - Linux-only for now, but if [this Rust bug] gets fixed, it'll work on macOS [AFL supports]: https://github.com/mirrorer/afl/blob/2fb5a3482ec27b593c57258baae7089ebdc89043/llvm_mode/README.llvm#L169-L188 [this Rust bug]: rust-lang/rust#22915
frewsxcv
added a commit
to rust-fuzz/afl.rs
that referenced
this issue
Nov 12, 2017
Before ====== AFL is a coverage guided fuzzer. Prior to these changes, afl.rs would rely on [an LLVM pass] to instrument the fuzz target and get insight into the code branches hit by the fuzzer. Depending on the user's system, sometimes the ABI stars would align and this would work. But [seemingly most of the time][problems], it was a headache for many users. [an LLVM pass]: https://github.com/rust-fuzz/afl.rs/tree/6d5b5256d7a9a4909a00ba86501be7c9687cd56e/afl-plugin [problems]: #57 After ==== With these changes, the LLVM pass is no longer necessary. Instead of using AFL's own LLVM pass for instrumentation, this pull request migrates to LLVM's built-in execution tracing feature `trace-pc-guard` which [AFL supports]. Effectively, these changes makes fuzzing Rust code with AFL _much_ easier than before. In particular: - No longer requires unstable Rust features - Works on all Rust channels (stable, beta, nightly) - No longer need to modify the Rust crate being fuzzed, just write the fuzz target - Linux-only for now, but if [this Rust bug] gets fixed, it'll work on macOS [AFL supports]: https://github.com/mirrorer/afl/blob/2fb5a3482ec27b593c57258baae7089ebdc89043/llvm_mode/README.llvm#L169-L188 [this Rust bug]: rust-lang/rust#22915
frewsxcv
added a commit
to rust-fuzz/afl.rs
that referenced
this issue
Nov 18, 2017
* Rewerite of afl.rs; introduction of cargo-afl. Before ====== AFL is a coverage guided fuzzer. Prior to these changes, afl.rs would rely on [an LLVM pass] to instrument the fuzz target and get insight into the code branches hit by the fuzzer. Depending on the user's system, sometimes the ABI stars would align and this would work. But [seemingly most of the time][problems], it was a headache for many users. [an LLVM pass]: https://github.com/rust-fuzz/afl.rs/tree/6d5b5256d7a9a4909a00ba86501be7c9687cd56e/afl-plugin [problems]: #57 After ==== With these changes, the LLVM pass is no longer necessary. Instead of using AFL's own LLVM pass for instrumentation, this pull request migrates to LLVM's built-in execution tracing feature `trace-pc-guard` which [AFL supports]. Effectively, these changes makes fuzzing Rust code with AFL _much_ easier than before. In particular: - No longer requires unstable Rust features - Works on all Rust channels (stable, beta, nightly) - No longer need to modify the Rust crate being fuzzed, just write the fuzz target - Linux-only for now, but if [this Rust bug] gets fixed, it'll work on macOS [AFL supports]: https://github.com/mirrorer/afl/blob/2fb5a3482ec27b593c57258baae7089ebdc89043/llvm_mode/README.llvm#L169-L188 [this Rust bug]: rust-lang/rust#22915 * progress * progress * progress * progress * progress * reapi a thing * remove a bunch of unnecessarily committed files * ignore basically everything in the afl dir * make tests pass
|
Hi, I just want to point out that it seems to me that this bug is fixed in rust beta and nightly. |
PaulGrandperrin
added a commit
to rust-fuzz/honggfuzz-rs
that referenced
this issue
Feb 21, 2018
|
just confirmed this is fixed for me too! afl.rs now works on mac |
|
Gonna close this. If anyone else encounters this, let me know and I'll reopen |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Despite a valid target specification for
i686-unknown-plan9, which is intended to produce a statically linked Mach-O,{ "pre-link-args": ["-static"], "data-layout": "e-p:32:32:32-i1:8:8-i8:8:8-i16:16:16-i32:32:32-i64:64:64-f32:32:32-f64:64:64-v64:64:64-v128:128:128-a0:0:8-s0:32:32-f80:128:128-n8:16:32:64-S0", "llvm-target": "i686-apple-darwin", "target-endian": "little", "target-pointer-width": "32", "arch": "x86", "os": "plan9", "morestack": false, "dynamic_linking": false, "executables": true, "is_like_osx": true }I cannot even build libcore because rustc still tries to produce a Mach-O with invalid, ELF-like section names:
The text was updated successfully, but these errors were encountered: