[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs updated this revision to Diff 280507. dokyungs added a comment. Relanding this reverted commit. (See summary) Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 Files: clang/lib/Driver/SanitizerArgs.cpp compiler-rt/test/fuzzer/noasan-memcmp.test compiler-rt/test/fuzzer/noasan-memcmp64.test compiler-rt/test/fuzzer/noasan-strcmp.test compiler-rt/test/fuzzer/noasan-strncmp.test compiler-rt/test/fuzzer/noasan-strstr.test Index: compiler-rt/test/fuzzer/noasan-strstr.test === --- compiler-rt/test/fuzzer/noasan-strstr.test +++ compiler-rt/test/fuzzer/noasan-strstr.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp -o %t-NoAsanStrstrTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o %t-NoAsanStrstrTest RUN: not %run %t-NoAsanStrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-strstr %S/CustomAllocator.cpp %S/StrstrTest.cpp -o %t-NoAsanCustomAllocatorStrstrTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/StrstrTest.cpp -o %t-NoAsanCustomAllocatorStrstrTest RUN: not %run %t-NoAsanCustomAllocatorStrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-strncmp.test === --- compiler-rt/test/fuzzer/noasan-strncmp.test +++ compiler-rt/test/fuzzer/noasan-strncmp.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest RUN: not %run %t-NoAsanStrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-strncmp %S/CustomAllocator.cpp %S/StrncmpTest.cpp -o %t-NoAsanCustomAllocatorStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/StrncmpTest.cpp -o %t-NoAsanCustomAllocatorStrncmpTest RUN: not %run %t-NoAsanCustomAllocatorStrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-strcmp.test === --- compiler-rt/test/fuzzer/noasan-strcmp.test +++ compiler-rt/test/fuzzer/noasan-strcmp.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest RUN: not %run %t-NoAsanStrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-strcmp %S/CustomAllocator.cpp %S/StrcmpTest.cpp -o %t-NoAsanCustomAllocatorStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/StrcmpTest.cpp -o %t-NoAsanCustomAllocatorStrcmpTest RUN: not %run %t-NoAsanCustomAllocatorStrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-memcmp64.test === --- compiler-rt/test/fuzzer/noasan-memcmp64.test +++ compiler-rt/test/fuzzer/noasan-memcmp64.test @@ -1,6 +1,6 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest +RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest RUN: not %run %t-NoAsanMemcmp64BytesTest -seed=1 -runs=100 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-memcmp.test === --- compiler-rt/test/fuzzer/noasan-memcmp.test +++ compiler-rt/test/fuzzer/noasan-memcmp.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest RUN: not %run %t-NoAsanMemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-memcmp %S/CustomAllocator.cpp %S/MemcmpTest.cpp -o %t-NoAsanCustomAllocatorMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/MemcmpTest.cpp -o %t-NoAsanCustomAllocatorMemcmpTest RUN: not %run %t-NoAsanCustomAllocatorMemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: clang/lib/Driver/SanitizerArgs.cpp
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
This revision was automatically updated to reflect the committed changes. Closed by commit rG12d1124c49be: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when… (authored by dokyungs). Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 Files: clang/lib/Driver/SanitizerArgs.cpp compiler-rt/test/fuzzer/memcmp.test compiler-rt/test/fuzzer/memcmp64.test compiler-rt/test/fuzzer/strcmp.test compiler-rt/test/fuzzer/strncmp.test compiler-rt/test/fuzzer/strstr.test Index: compiler-rt/test/fuzzer/strstr.test === --- compiler-rt/test/fuzzer/strstr.test +++ compiler-rt/test/fuzzer/strstr.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp -o %t-NoAsanStrstrTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o %t-NoAsanStrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strncmp.test === --- compiler-rt/test/fuzzer/strncmp.test +++ compiler-rt/test/fuzzer/strncmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strcmp.test === --- compiler-rt/test/fuzzer/strcmp.test +++ compiler-rt/test/fuzzer/strcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp64.test === --- compiler-rt/test/fuzzer/memcmp64.test +++ compiler-rt/test/fuzzer/memcmp64.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest +RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp.test === --- compiler-rt/test/fuzzer/memcmp.test +++ compiler-rt/test/fuzzer/memcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: clang/lib/Driver/SanitizerArgs.cpp === --- clang/lib/Driver/SanitizerArgs.cpp +++ clang/lib/Driver/SanitizerArgs.cpp @@ -1088,6 +1088,22 @@ Sanitizers.has(SanitizerKind::Address)) CmdArgs.push_back("-fno-assume-sane-operator-new"); + // libFuzzer wants to intercept calls to certain library functions, so the + // following -fno-builtin-* flags force the compiler to emit interposable + // libcalls to these functions. Other sanitizers effectively do the same thing + // by marking all library call sites with NoBuiltin attribute in their LLVM + // pass. (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin) + if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) { +CmdArgs.push_back("-fno-builtin-memcmp"); +CmdArgs.push_back("-fno-builtin-strncmp"); +CmdArgs.push_back("-fno-builtin-strcmp"); +CmdArgs.push_back("-fno-builtin-strncasecmp"); +CmdArgs.push_back("-fno-builtin-strcasecmp"); +CmdArgs.push_back("-fno-builtin-strstr"); +CmdArgs.push_back("-fno-builtin-strcasestr"); +
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
hctim accepted this revision. hctim added a comment. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
morehouse accepted this revision. morehouse added a comment. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs updated this revision to Diff 278613. dokyungs added a comment. Adjusted the comment as suggested. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 Files: clang/lib/Driver/SanitizerArgs.cpp compiler-rt/test/fuzzer/memcmp.test compiler-rt/test/fuzzer/memcmp64.test compiler-rt/test/fuzzer/strcmp.test compiler-rt/test/fuzzer/strncmp.test compiler-rt/test/fuzzer/strstr.test Index: compiler-rt/test/fuzzer/strstr.test === --- compiler-rt/test/fuzzer/strstr.test +++ compiler-rt/test/fuzzer/strstr.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp -o %t-NoAsanStrstrTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o %t-NoAsanStrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strncmp.test === --- compiler-rt/test/fuzzer/strncmp.test +++ compiler-rt/test/fuzzer/strncmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strcmp.test === --- compiler-rt/test/fuzzer/strcmp.test +++ compiler-rt/test/fuzzer/strcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp64.test === --- compiler-rt/test/fuzzer/memcmp64.test +++ compiler-rt/test/fuzzer/memcmp64.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest +RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp.test === --- compiler-rt/test/fuzzer/memcmp.test +++ compiler-rt/test/fuzzer/memcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: clang/lib/Driver/SanitizerArgs.cpp === --- clang/lib/Driver/SanitizerArgs.cpp +++ clang/lib/Driver/SanitizerArgs.cpp @@ -1088,6 +1088,22 @@ Sanitizers.has(SanitizerKind::Address)) CmdArgs.push_back("-fno-assume-sane-operator-new"); + // libFuzzer wants to intercept calls to certain library functions, so the + // following -fno-builtin-* flags force the compiler to emit interposable + // libcalls to these functions. Other sanitizers effectively do the same thing + // by marking all library call sites with NoBuiltin attribute in their LLVM + // pass. (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin) + if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) { +CmdArgs.push_back("-fno-builtin-memcmp"); +CmdArgs.push_back("-fno-builtin-strncmp"); +CmdArgs.push_back("-fno-builtin-strcmp"); +CmdArgs.push_back("-fno-builtin-strncasecmp"); +CmdArgs.push_back("-fno-builtin-strcasecmp"); +CmdArgs.push_back("-fno-builtin-strstr"); +CmdArgs.push_back("-fno-builtin-strcasestr"); +CmdArgs.push_back("-fno-builtin-memmem"); + } + // Require -fvisibility= flag on non-Windows when compiling if vptr CFI is
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
hctim added inline comments. Comment at: clang/lib/Driver/SanitizerArgs.cpp:1092 + // libFuzzer wants to intercept calls to certain library functions, so the + // following -fno-builtin-* flags disable implicit builtin knowledge about + // those functions. Other sanitizers effectively do the same thing by marking I'd say "the following -fno-builtin-* flags force the compiler to emit interposable libcalls to these functions" Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs marked an inline comment as done. dokyungs added a comment. Thanks Mitch for the comment! Added a comment that explains that. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs updated this revision to Diff 278610. dokyungs added a comment. Addressed comments. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 Files: clang/lib/Driver/SanitizerArgs.cpp compiler-rt/test/fuzzer/memcmp.test compiler-rt/test/fuzzer/memcmp64.test compiler-rt/test/fuzzer/strcmp.test compiler-rt/test/fuzzer/strncmp.test compiler-rt/test/fuzzer/strstr.test Index: compiler-rt/test/fuzzer/strstr.test === --- compiler-rt/test/fuzzer/strstr.test +++ compiler-rt/test/fuzzer/strstr.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp -o %t-NoAsanStrstrTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o %t-NoAsanStrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strncmp.test === --- compiler-rt/test/fuzzer/strncmp.test +++ compiler-rt/test/fuzzer/strncmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strcmp.test === --- compiler-rt/test/fuzzer/strcmp.test +++ compiler-rt/test/fuzzer/strcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp64.test === --- compiler-rt/test/fuzzer/memcmp64.test +++ compiler-rt/test/fuzzer/memcmp64.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest +RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp.test === --- compiler-rt/test/fuzzer/memcmp.test +++ compiler-rt/test/fuzzer/memcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: clang/lib/Driver/SanitizerArgs.cpp === --- clang/lib/Driver/SanitizerArgs.cpp +++ clang/lib/Driver/SanitizerArgs.cpp @@ -1088,6 +1088,22 @@ Sanitizers.has(SanitizerKind::Address)) CmdArgs.push_back("-fno-assume-sane-operator-new"); + // libFuzzer wants to intercept calls to certain library functions, so the + // following -fno-builtin-* flags disable implicit builtin knowledge about + // those functions. Other sanitizers effectively do the same thing by marking + // all library call sites with NoBuiltin attribute in their LLVM pass. + // (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin) + if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) { +CmdArgs.push_back("-fno-builtin-memcmp"); +CmdArgs.push_back("-fno-builtin-strncmp"); +CmdArgs.push_back("-fno-builtin-strcmp"); +CmdArgs.push_back("-fno-builtin-strncasecmp"); +CmdArgs.push_back("-fno-builtin-strcasecmp"); +CmdArgs.push_back("-fno-builtin-strstr"); +CmdArgs.push_back("-fno-builtin-strcasestr"); +CmdArgs.push_back("-fno-builtin-memmem"); + } + // Require -fvisibility= flag on non-Windows when compiling if vptr CFI is // enabled. if
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
hctim accepted this revision. hctim added a comment. This revision is now accepted and ready to land. LGTM w/ nit Comment at: clang/lib/Driver/SanitizerArgs.cpp:1091 + if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) { +CmdArgs.push_back("-fno-builtin-memcmp"); Nit - add a comment here mentioning the libfuzzer interceptors, and that other sanitizers normally do this by propagating IR attributes. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs created this revision. dokyungs added reviewers: morehouse, hctim. Herald added projects: clang, Sanitizers. Herald added subscribers: Sanitizers, cfe-commits. This patch disables implicit builtin knowledge about memcmp-like functions when compiling the program for fuzzing, i.e., when -fsanitize=fuzzer(-no-link) is given. This allows libFuzzer to always intercept memcmp-like functions as it effectively disables optimizing calls to such functions into different forms. This is done by adding a set of flags (-fno-builtin-memcmp and others) in the clang driver. Individual -fno-builtin-* flags previously used inlibFuzzer tests are now removed, as it is now done automatically in the clang driver. Repository: rG LLVM Github Monorepo https://reviews.llvm.org/D83987 Files: clang/lib/Driver/SanitizerArgs.cpp compiler-rt/test/fuzzer/memcmp.test compiler-rt/test/fuzzer/memcmp64.test compiler-rt/test/fuzzer/strcmp.test compiler-rt/test/fuzzer/strncmp.test compiler-rt/test/fuzzer/strstr.test Index: compiler-rt/test/fuzzer/strstr.test === --- compiler-rt/test/fuzzer/strstr.test +++ compiler-rt/test/fuzzer/strstr.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp -o %t-NoAsanStrstrTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o %t-NoAsanStrstrTest RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strncmp.test === --- compiler-rt/test/fuzzer/strncmp.test +++ compiler-rt/test/fuzzer/strncmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/strcmp.test === --- compiler-rt/test/fuzzer/strcmp.test +++ compiler-rt/test/fuzzer/strcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp64.test === --- compiler-rt/test/fuzzer/memcmp64.test +++ compiler-rt/test/fuzzer/memcmp64.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest +RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/memcmp.test === --- compiler-rt/test/fuzzer/memcmp.test +++ compiler-rt/test/fuzzer/memcmp.test @@ -2,7 +2,7 @@ RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: clang/lib/Driver/SanitizerArgs.cpp === --- clang/lib/Driver/SanitizerArgs.cpp +++ clang/lib/Driver/SanitizerArgs.cpp @@ -1088,6 +1088,17 @@ Sanitizers.has(SanitizerKind::Address)) CmdArgs.push_back("-fno-assume-sane-operator-new"); + if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) { +CmdArgs.push_back("-fno-builtin-memcmp"); +CmdArgs.push_back("-fno-builtin-strncmp"); +CmdArgs.push_back("-fno-builtin-strcmp"); +CmdArgs.push_back("-fno-builtin-strncasecmp"); +CmdArgs.push_back("-fno-builtin-strcasecmp"); +CmdArgs.push_back("-fno-builtin-strstr"); +