Le 03/06/2020 à 02:03, Kamil Rytarowski a écrit :
On 03.06.2020 01:49, Andrew Doran wrote:
On the assembly thing recall that recently you expressed a desire to remove
all of the amd64 assembly string functions from libc because of sanitizers -
I invested my time to do up a little demo to try and show you why that's not
a good idea:
Please note that interceptors for string functions are not just some
extra burden, but also very useful approach to feedback a fuzzer through
At least libFuzzer and honggfuzz wrap many kinds of string functions and
use it for fuzzing. We should add a special mode in KCOV to feedback
userland (syzkaller) with traces from string functions.
Yes, and not just that either.
When you use ASM instead of C, you basically prevent _any kind_ of useful
transformation the compiler could make.
It includes sanitizers, but also coverage as you said; and also retpoline,
PAC, BTI, CET, SafeStack, and in short, a very big bunch of modern
Favoring C rather than ASM in the general sense offers much bigger
benefits than just "it accomodates kMSan".