[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs updated this revision to Diff 280507. dokyungs added a comment. Relanding this reverted commit. (See summary) Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 Files: clang/lib/Driver/SanitizerArgs.cpp compiler-rt/test/fuzzer/noasan-memcmp.test compiler-rt/test/fuzzer/noasan-memcmp64.test compiler-rt/test/fuzzer/noasan-strcmp.test compiler-rt/test/fuzzer/noasan-strncmp.test compiler-rt/test/fuzzer/noasan-strstr.test Index: compiler-rt/test/fuzzer/noasan-strstr.test === --- compiler-rt/test/fuzzer/noasan-strstr.test +++ compiler-rt/test/fuzzer/noasan-strstr.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp -o %t-NoAsanStrstrTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o %t-NoAsanStrstrTest RUN: not %run %t-NoAsanStrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-strstr %S/CustomAllocator.cpp %S/StrstrTest.cpp -o %t-NoAsanCustomAllocatorStrstrTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/StrstrTest.cpp -o %t-NoAsanCustomAllocatorStrstrTest RUN: not %run %t-NoAsanCustomAllocatorStrstrTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-strncmp.test === --- compiler-rt/test/fuzzer/noasan-strncmp.test +++ compiler-rt/test/fuzzer/noasan-strncmp.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest RUN: not %run %t-NoAsanStrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-strncmp %S/CustomAllocator.cpp %S/StrncmpTest.cpp -o %t-NoAsanCustomAllocatorStrncmpTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/StrncmpTest.cpp -o %t-NoAsanCustomAllocatorStrncmpTest RUN: not %run %t-NoAsanCustomAllocatorStrncmpTest -seed=2 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-strcmp.test === --- compiler-rt/test/fuzzer/noasan-strcmp.test +++ compiler-rt/test/fuzzer/noasan-strcmp.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o %t-NoAsanStrcmpTest RUN: not %run %t-NoAsanStrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-strcmp %S/CustomAllocator.cpp %S/StrcmpTest.cpp -o %t-NoAsanCustomAllocatorStrcmpTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/StrcmpTest.cpp -o %t-NoAsanCustomAllocatorStrcmpTest RUN: not %run %t-NoAsanCustomAllocatorStrcmpTest -seed=1 -runs=200 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-memcmp64.test === --- compiler-rt/test/fuzzer/noasan-memcmp64.test +++ compiler-rt/test/fuzzer/noasan-memcmp64.test @@ -1,6 +1,6 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest +RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest RUN: not %run %t-NoAsanMemcmp64BytesTest -seed=1 -runs=100 2>&1 | FileCheck %s CHECK: BINGO Index: compiler-rt/test/fuzzer/noasan-memcmp.test === --- compiler-rt/test/fuzzer/noasan-memcmp.test +++ compiler-rt/test/fuzzer/noasan-memcmp.test @@ -1,9 +1,9 @@ UNSUPPORTED: darwin, freebsd, windows -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o %t-NoAsanMemcmpTest RUN: not %run %t-NoAsanMemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s -RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc -fno-builtin-memcmp %S/CustomAllocator.cpp %S/MemcmpTest.cpp -o %t-NoAsanCustomAllocatorMemcmpTest +RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-calloc %S/CustomAllocator.cpp %S/MemcmpTest.cpp -o %t-NoAsanCustomAllocatorMemcmpTest RUN: not %run %t-NoAsanCustomAllocatorMemcmpTest -seed=1 -runs=1000 2>&1 | FileCheck %s CHECK: BINGO Index: clang/lib/Driver/SanitizerArgs.cpp
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
This revision was automatically updated to reflect the committed changes.
Closed by commit rG12d1124c49be: [libFuzzer] Disable implicit builtin knowledge
about memcmp-like functions when… (authored by dokyungs).
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D83987/new/
https://reviews.llvm.org/D83987
Files:
clang/lib/Driver/SanitizerArgs.cpp
compiler-rt/test/fuzzer/memcmp.test
compiler-rt/test/fuzzer/memcmp64.test
compiler-rt/test/fuzzer/strcmp.test
compiler-rt/test/fuzzer/strncmp.test
compiler-rt/test/fuzzer/strstr.test
Index: compiler-rt/test/fuzzer/strstr.test
===
--- compiler-rt/test/fuzzer/strstr.test
+++ compiler-rt/test/fuzzer/strstr.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp
-o %t-NoAsanStrstrTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o
%t-NoAsanStrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strncmp.test
===
--- compiler-rt/test/fuzzer/strncmp.test
+++ compiler-rt/test/fuzzer/strncmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp
%S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o
%t-NoAsanStrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strcmp.test
===
--- compiler-rt/test/fuzzer/strcmp.test
+++ compiler-rt/test/fuzzer/strcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp
-o %t-NoAsanStrcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o
%t-NoAsanStrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp64.test
===
--- compiler-rt/test/fuzzer/memcmp64.test
+++ compiler-rt/test/fuzzer/memcmp64.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp
%S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest
+RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o
%t-NoAsanMemcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp.test
===
--- compiler-rt/test/fuzzer/memcmp.test
+++ compiler-rt/test/fuzzer/memcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp
-o %t-NoAsanMemcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o
%t-NoAsanMemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: clang/lib/Driver/SanitizerArgs.cpp
===
--- clang/lib/Driver/SanitizerArgs.cpp
+++ clang/lib/Driver/SanitizerArgs.cpp
@@ -1088,6 +1088,22 @@
Sanitizers.has(SanitizerKind::Address))
CmdArgs.push_back("-fno-assume-sane-operator-new");
+ // libFuzzer wants to intercept calls to certain library functions, so the
+ // following -fno-builtin-* flags force the compiler to emit interposable
+ // libcalls to these functions. Other sanitizers effectively do the same
thing
+ // by marking all library call sites with NoBuiltin attribute in their LLVM
+ // pass. (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin)
+ if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) {
+CmdArgs.push_back("-fno-builtin-memcmp");
+CmdArgs.push_back("-fno-builtin-strncmp");
+CmdArgs.push_back("-fno-builtin-strcmp");
+CmdArgs.push_back("-fno-builtin-strncasecmp");
+CmdArgs.push_back("-fno-builtin-strcasecmp");
+CmdArgs.push_back("-fno-builtin-strstr");
+CmdArgs.push_back("-fno-builtin-strcasestr");
+
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
hctim accepted this revision. hctim added a comment. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
morehouse accepted this revision. morehouse added a comment. LGTM Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs updated this revision to Diff 278613.
dokyungs added a comment.
Adjusted the comment as suggested.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D83987/new/
https://reviews.llvm.org/D83987
Files:
clang/lib/Driver/SanitizerArgs.cpp
compiler-rt/test/fuzzer/memcmp.test
compiler-rt/test/fuzzer/memcmp64.test
compiler-rt/test/fuzzer/strcmp.test
compiler-rt/test/fuzzer/strncmp.test
compiler-rt/test/fuzzer/strstr.test
Index: compiler-rt/test/fuzzer/strstr.test
===
--- compiler-rt/test/fuzzer/strstr.test
+++ compiler-rt/test/fuzzer/strstr.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp
-o %t-NoAsanStrstrTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o
%t-NoAsanStrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strncmp.test
===
--- compiler-rt/test/fuzzer/strncmp.test
+++ compiler-rt/test/fuzzer/strncmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp
%S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o
%t-NoAsanStrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strcmp.test
===
--- compiler-rt/test/fuzzer/strcmp.test
+++ compiler-rt/test/fuzzer/strcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp
-o %t-NoAsanStrcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o
%t-NoAsanStrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp64.test
===
--- compiler-rt/test/fuzzer/memcmp64.test
+++ compiler-rt/test/fuzzer/memcmp64.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp
%S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest
+RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o
%t-NoAsanMemcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp.test
===
--- compiler-rt/test/fuzzer/memcmp.test
+++ compiler-rt/test/fuzzer/memcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp
-o %t-NoAsanMemcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o
%t-NoAsanMemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: clang/lib/Driver/SanitizerArgs.cpp
===
--- clang/lib/Driver/SanitizerArgs.cpp
+++ clang/lib/Driver/SanitizerArgs.cpp
@@ -1088,6 +1088,22 @@
Sanitizers.has(SanitizerKind::Address))
CmdArgs.push_back("-fno-assume-sane-operator-new");
+ // libFuzzer wants to intercept calls to certain library functions, so the
+ // following -fno-builtin-* flags force the compiler to emit interposable
+ // libcalls to these functions. Other sanitizers effectively do the same
thing
+ // by marking all library call sites with NoBuiltin attribute in their LLVM
+ // pass. (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin)
+ if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) {
+CmdArgs.push_back("-fno-builtin-memcmp");
+CmdArgs.push_back("-fno-builtin-strncmp");
+CmdArgs.push_back("-fno-builtin-strcmp");
+CmdArgs.push_back("-fno-builtin-strncasecmp");
+CmdArgs.push_back("-fno-builtin-strcasecmp");
+CmdArgs.push_back("-fno-builtin-strstr");
+CmdArgs.push_back("-fno-builtin-strcasestr");
+CmdArgs.push_back("-fno-builtin-memmem");
+ }
+
// Require -fvisibility= flag on non-Windows when compiling if vptr CFI is
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
hctim added inline comments. Comment at: clang/lib/Driver/SanitizerArgs.cpp:1092 + // libFuzzer wants to intercept calls to certain library functions, so the + // following -fno-builtin-* flags disable implicit builtin knowledge about + // those functions. Other sanitizers effectively do the same thing by marking I'd say "the following -fno-builtin-* flags force the compiler to emit interposable libcalls to these functions" Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs marked an inline comment as done. dokyungs added a comment. Thanks Mitch for the comment! Added a comment that explains that. Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D83987/new/ https://reviews.llvm.org/D83987 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs updated this revision to Diff 278610.
dokyungs added a comment.
Addressed comments.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D83987/new/
https://reviews.llvm.org/D83987
Files:
clang/lib/Driver/SanitizerArgs.cpp
compiler-rt/test/fuzzer/memcmp.test
compiler-rt/test/fuzzer/memcmp64.test
compiler-rt/test/fuzzer/strcmp.test
compiler-rt/test/fuzzer/strncmp.test
compiler-rt/test/fuzzer/strstr.test
Index: compiler-rt/test/fuzzer/strstr.test
===
--- compiler-rt/test/fuzzer/strstr.test
+++ compiler-rt/test/fuzzer/strstr.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp
-o %t-NoAsanStrstrTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o
%t-NoAsanStrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strncmp.test
===
--- compiler-rt/test/fuzzer/strncmp.test
+++ compiler-rt/test/fuzzer/strncmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp
%S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o
%t-NoAsanStrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strcmp.test
===
--- compiler-rt/test/fuzzer/strcmp.test
+++ compiler-rt/test/fuzzer/strcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp
-o %t-NoAsanStrcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o
%t-NoAsanStrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp64.test
===
--- compiler-rt/test/fuzzer/memcmp64.test
+++ compiler-rt/test/fuzzer/memcmp64.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp
%S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest
+RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o
%t-NoAsanMemcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp.test
===
--- compiler-rt/test/fuzzer/memcmp.test
+++ compiler-rt/test/fuzzer/memcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp
-o %t-NoAsanMemcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o
%t-NoAsanMemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: clang/lib/Driver/SanitizerArgs.cpp
===
--- clang/lib/Driver/SanitizerArgs.cpp
+++ clang/lib/Driver/SanitizerArgs.cpp
@@ -1088,6 +1088,22 @@
Sanitizers.has(SanitizerKind::Address))
CmdArgs.push_back("-fno-assume-sane-operator-new");
+ // libFuzzer wants to intercept calls to certain library functions, so the
+ // following -fno-builtin-* flags disable implicit builtin knowledge about
+ // those functions. Other sanitizers effectively do the same thing by marking
+ // all library call sites with NoBuiltin attribute in their LLVM pass.
+ // (see llvm::maybeMarkSanitizerLibraryCallNoBuiltin)
+ if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) {
+CmdArgs.push_back("-fno-builtin-memcmp");
+CmdArgs.push_back("-fno-builtin-strncmp");
+CmdArgs.push_back("-fno-builtin-strcmp");
+CmdArgs.push_back("-fno-builtin-strncasecmp");
+CmdArgs.push_back("-fno-builtin-strcasecmp");
+CmdArgs.push_back("-fno-builtin-strstr");
+CmdArgs.push_back("-fno-builtin-strcasestr");
+CmdArgs.push_back("-fno-builtin-memmem");
+ }
+
// Require -fvisibility= flag on non-Windows when compiling if vptr CFI is
// enabled.
if
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
hctim accepted this revision.
hctim added a comment.
This revision is now accepted and ready to land.
LGTM w/ nit
Comment at: clang/lib/Driver/SanitizerArgs.cpp:1091
+ if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) {
+CmdArgs.push_back("-fno-builtin-memcmp");
Nit - add a comment here mentioning the libfuzzer interceptors, and that other
sanitizers normally do this by propagating IR attributes.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D83987/new/
https://reviews.llvm.org/D83987
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D83987: [libFuzzer] Disable implicit builtin knowledge about memcmp-like functions when -fsanitize=fuzzer-no-link is given.
dokyungs created this revision.
dokyungs added reviewers: morehouse, hctim.
Herald added projects: clang, Sanitizers.
Herald added subscribers: Sanitizers, cfe-commits.
This patch disables implicit builtin knowledge about memcmp-like functions when
compiling the program for fuzzing, i.e., when -fsanitize=fuzzer(-no-link) is
given. This allows libFuzzer to always intercept memcmp-like functions as it
effectively disables optimizing calls to such functions into different forms.
This is done by adding a set of flags (-fno-builtin-memcmp and others) in the
clang driver. Individual -fno-builtin-* flags previously used inlibFuzzer tests
are now removed, as it is now done automatically in the clang driver.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D83987
Files:
clang/lib/Driver/SanitizerArgs.cpp
compiler-rt/test/fuzzer/memcmp.test
compiler-rt/test/fuzzer/memcmp64.test
compiler-rt/test/fuzzer/strcmp.test
compiler-rt/test/fuzzer/strncmp.test
compiler-rt/test/fuzzer/strstr.test
Index: compiler-rt/test/fuzzer/strstr.test
===
--- compiler-rt/test/fuzzer/strstr.test
+++ compiler-rt/test/fuzzer/strstr.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrstrTest.cpp -o %t-StrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strstr %S/StrstrTest.cpp
-o %t-NoAsanStrstrTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrstrTest.cpp -o
%t-NoAsanStrstrTest
RUN: not %run %t-StrstrTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strncmp.test
===
--- compiler-rt/test/fuzzer/strncmp.test
+++ compiler-rt/test/fuzzer/strncmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrncmpTest.cpp -o %t-StrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strncmp
%S/StrncmpTest.cpp -o %t-NoAsanStrncmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrncmpTest.cpp -o
%t-NoAsanStrncmpTest
RUN: not %run %t-StrncmpTest -seed=2 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/strcmp.test
===
--- compiler-rt/test/fuzzer/strcmp.test
+++ compiler-rt/test/fuzzer/strcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/StrcmpTest.cpp -o %t-StrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-strcmp %S/StrcmpTest.cpp
-o %t-NoAsanStrcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/StrcmpTest.cpp -o
%t-NoAsanStrcmpTest
RUN: not %run %t-StrcmpTest -seed=1 -runs=200 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp64.test
===
--- compiler-rt/test/fuzzer/memcmp64.test
+++ compiler-rt/test/fuzzer/memcmp64.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/Memcmp64BytesTest.cpp -o %t-Memcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp
%S/Memcmp64BytesTest.cpp -o %t-NoAsanMemcmp64BytesTest
+RUN: %cpp_compiler -fno-sanitize=address %S/Memcmp64BytesTest.cpp -o
%t-NoAsanMemcmp64BytesTest
RUN: not %run %t-Memcmp64BytesTest-seed=1 -runs=100 2>&1 |
FileCheck %s
CHECK: BINGO
Index: compiler-rt/test/fuzzer/memcmp.test
===
--- compiler-rt/test/fuzzer/memcmp.test
+++ compiler-rt/test/fuzzer/memcmp.test
@@ -2,7 +2,7 @@
RUN: %cpp_compiler %S/MemcmpTest.cpp -o %t-MemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
-RUN: %cpp_compiler -fno-sanitize=address -fno-builtin-memcmp %S/MemcmpTest.cpp
-o %t-NoAsanMemcmpTest
+RUN: %cpp_compiler -fno-sanitize=address %S/MemcmpTest.cpp -o
%t-NoAsanMemcmpTest
RUN: not %run %t-MemcmpTest -seed=1 -runs=1000 2>&1 |
FileCheck %s
CHECK: BINGO
Index: clang/lib/Driver/SanitizerArgs.cpp
===
--- clang/lib/Driver/SanitizerArgs.cpp
+++ clang/lib/Driver/SanitizerArgs.cpp
@@ -1088,6 +1088,17 @@
Sanitizers.has(SanitizerKind::Address))
CmdArgs.push_back("-fno-assume-sane-operator-new");
+ if (Sanitizers.has(SanitizerKind::FuzzerNoLink)) {
+CmdArgs.push_back("-fno-builtin-memcmp");
+CmdArgs.push_back("-fno-builtin-strncmp");
+CmdArgs.push_back("-fno-builtin-strcmp");
+CmdArgs.push_back("-fno-builtin-strncasecmp");
+CmdArgs.push_back("-fno-builtin-strcasecmp");
+CmdArgs.push_back("-fno-builtin-strstr");
+
