[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs added a comment. In D83494#2170838 , @dmajor wrote: > After this commit, several of our builds are failing with > `FuzzerInterceptors.cpp:30:10: fatal error: > 'sanitizer/common_interface_defs.h' file not found`. This is odd because the > file

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dmajor added a comment. After this commit, several of our builds are failing with `FuzzerInterceptors.cpp:30:10: fatal error: 'sanitizer/common_interface_defs.h' file not found`. This is odd because the file certainly seems like it exists. Is there a missing include path somewhere, perhaps?

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

This revision was automatically updated to reflect the committed changes. dokyungs marked an inline comment as done. Closed by commit rG831ae45e3dc6: Recommit [libFuzzer] Link libFuzzers own interceptors when other compiler… (authored by dokyungs). Repository: rG LLVM Github Monorepo CHANGES

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs marked 2 inline comments as done. dokyungs added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:86 +s2++; + } + return 0; morehouse wrote: > Lot's of common code with `internal_strncmp`. Let's factor it out into a >

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse accepted this revision. morehouse added a comment. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 ___ cfe-commits mailing list

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 279982. dokyungs added a comment. Introduced a helper function to reduce duplicated code. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files:

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:86 +s2++; + } + return 0; Lot's of common code with `internal_strncmp`. Let's factor it out into a helper function. Repository: rG LLVM Github Monorepo

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs marked 4 inline comments as done. dokyungs added inline comments. Comment at: compiler-rt/test/fuzzer/custom-allocator.test:2 +UNSUPPORTED: freebsd +RUN: %cpp_compiler -fno-sanitize=all -fno-builtin %S/CustomAllocator.cpp -fPIC %ld_flags_rpath_so1 -O0 -shared -o

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 279946. dokyungs marked an inline comment as done. dokyungs added a comment. Introduce internal_strcmp and update tests accordingly. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/test/fuzzer/custom-allocator.test:2 +UNSUPPORTED: freebsd +RUN: %cpp_compiler -fno-sanitize=all -fno-builtin %S/CustomAllocator.cpp -fPIC %ld_flags_rpath_so1 -O0 -shared -o %dynamiclib1 +RUN: %cpp_compiler

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs marked 4 inline comments as done. dokyungs added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:119 +return internal_memcmp(s1, s2, n); + ensureFuzzerInited(); + int result = REAL(memcmp)(s1, s2, n); morehouse wrote: >

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 278924. dokyungs marked 2 inline comments as done. dokyungs added a comment. Removed CustomAllocatorTest.cpp. Instead, use EmptyTest.cpp. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 278923. dokyungs added a comment. Addressed comments. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files: clang/include/clang/Driver/SanitizerArgs.h

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:62 + +static int internal_strncmp(const char *s1, const char *s2, uintptr_t n) { + for (uintptr_t i = 0; i < n; i++) { Can we use `size_t` instead of `uintptr_t`?

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 278892. dokyungs added a comment. Introduce internal_(memcmp|strncmp|strstr) and use them before interceptors are fully initialized. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

This revision was automatically updated to reflect the committed changes. Closed by commit rGf78d9fceea73: [libFuzzer] Link libFuzzers own interceptors when other compiler runtimes are… (authored by dokyungs, committed by morehouse). Repository: rG LLVM Github Monorepo CHANGES SINCE LAST

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 278589. dokyungs added a comment. Addressed comments. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files: clang/include/clang/Driver/SanitizerArgs.h

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:51 +static int fuzzerInited = 0; +static bool fuzzerInitIsRunning; + Sorry, one last nit: If we're preferring LLVM style, let's

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 278565. dokyungs added a comment. Addressed comments. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files: clang/include/clang/Driver/SanitizerArgs.h

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:17 + +#define GET_CALLER_PC() __builtin_return_address(0) + Nit: Let's move this down with the other defines. Comment at:

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:53 +int fuzzer_inited = 0; +bool fuzzer_init_is_running; + These are in the global namespace, and have C mangling, which is unnecessary. Please either put them in a

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 278341. dokyungs added a comment. Ensure the fuzzer RT module is initialized at the beginning of the interceptors. Interceptors can be called before __fuzzer_init is called. So I added a check at the beginning of the interceptors, which ensures that

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added a comment. I applied this patch locally and ran the fuzzer tests. I get a segfault: $ clang++ -fsanitize=fuzzer -g -m32 SimpleHashTest.cpp $ gdb --args ./a.out -seed=1 ... (gdb) run ... Program received signal SIGSEGV, Segmentation fault. 0x in ?? ()

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

hctim accepted this revision. hctim marked an inline comment as done. hctim added a comment. LGTM Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:52 +// NOLINTNEXTLINE +void __sanitizer_weak_hook_memcmp(void *, const void *, const void *, size_t, +

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse accepted this revision. morehouse added a comment. This revision is now accepted and ready to land. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277996. dokyungs added a comment. Addressed comments. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files: clang/include/clang/Driver/SanitizerArgs.h

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277904. dokyungs marked 5 inline comments as done. dokyungs added a comment. Use one CHECK for two subtests Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files:

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added a comment. In D83494#2150946 , @dokyungs wrote: > I was misled; the error is actually ambiguating new "declarations", not > definitions. The exact error message goes like: > > error: ambiguating new declaration of ‘char*

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277901. dokyungs added a comment. Addressed comments. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files: clang/include/clang/Driver/SanitizerArgs.h

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs added a comment. In D83494#2150643 , @morehouse wrote: > In D83494#2148868 , @dokyungs wrote: > > > Addressed Matt's comments. > > > > A major change in this round that needs explanation is introduction of

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

hctim added inline comments. Comment at: clang/lib/Driver/SanitizerArgs.cpp:242 +bool SanitizerArgs::needsFuzzerInterceptors() const { + return needsFuzzer() && !needsAsanRt() && !needsHwasanRt() && + !needsTsanRt() && !needsMsanRt(); HWASan doesn't

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added a comment. In D83494#2148868 , @dokyungs wrote: > Addressed Matt's comments. > > A major change in this round that needs explanation is introduction of > FuzzerPlatform.h. Previously I defined `strstr` and `strcasestr` with `extern >

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277625. dokyungs added a comment. Use unique output file name for each subtest, and add no-asan subtest in memcmp64.test Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277624. dokyungs added a comment. strncmp test should include -fno-builtin-strncmp, not -fno-builtin-strcmp Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/ https://reviews.llvm.org/D83494 Files:

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs marked 9 inline comments as done. dokyungs added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:116 + +extern "C++" ATTRIBUTE_INTERFACE char *strstr(char *s1, const char *s2) { + char *result = REAL(strstr)(s1, s2);

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277620. dokyungs added a comment. Herald added a subscriber: krytarowski. Addressed Matt's comments. A major change in this round that needs explanation is introduction of FuzzerPlatform.h. Previously I defined `strstr` and `strcasestr` with `extern

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added inline comments. Comment at: compiler-rt/lib/fuzzer/FuzzerInterceptors.cpp:14 + +#if LIBFUZZER_LINUX + We should include FuzzerDefs.h to use this, not FuzzerBuiltins.h. Comment at:

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

hctim added a comment. In D83494#2148180 , @morehouse wrote: > In D83494#2148164 , @dokyungs wrote: > > > Right. Apparently with `-O2` many calls to `memcmp`-like functions are > > removed. I just wondered,

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277530. dokyungs added a comment. Fixed a few LINT warnings by defining some macros that resemble the ones used in other sanitizer interception code. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83494/new/

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added a comment. In D83494#2148164 , @dokyungs wrote: > In D83494#2148043 , @hctim wrote: > > > In D83494#2147608 , @dokyungs > > wrote: > > > > > Builtin libfunc

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs added a comment. In D83494#2148043 , @hctim wrote: > In D83494#2147608 , @dokyungs wrote: > > > Builtin libfunc optimizations may transform memcmp and strcmp-like > > functions. To disable such

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

hctim added a comment. In D83494#2147608 , @dokyungs wrote: > Builtin libfunc optimizations may transform memcmp and strcmp-like functions. > To disable such optimizations, -fno-builtin= flag was additionally added in > compiling new test cases. FWIW,

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs updated this revision to Diff 277462. dokyungs added a comment. Add interceptors for all the functions libFuzzer has a weak interceptor for, and duplicate existing interceptor test cases with new compiler flags (-fno-sanitize=address). Builtin libfunc optimizations may transform

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

morehouse added a comment. Seems like the general approach we want. Could you: - Fix the lint warnings - Find out why the unit tests failed - Add strcmp - Modify the memcmp/strcmp unit tests to show that we can solve them with/without ASan After that I'll take a closer look. Repository:

[PATCH] D83494: [libFuzzer] Link libFuzzer's own interceptors when other compiler runtimes are not linked.

dokyungs created this revision. Herald added subscribers: Sanitizers, cfe-commits, mgorny. Herald added projects: clang, Sanitizers. libFuzzer intercepts certain library functions such as memcmp/strcmp by defining weak hooks. Weak hooks, however, are called only when other runtimes such as ASan