On Thu, Jul 21, 2016 at 9:04 AM, enh <[email protected]> wrote: > On Wed, Jul 20, 2016 at 9:20 PM, Andy Chu <[email protected]> wrote: >>> yeah, i'd like to see asan support in toybox's makefile; i'm starting >>> to get a small pile of bug reports from the folks running asan Android >>> system images, but it's going to be inconvenient to have to deal with >>> them on the device rather than just on the host. >> >> How are they generating test input? > > this isn't from fuzzing. > >> When you say "folks running", is >> that an automated or manual process? > > for toybox, afaik, it's just people noticing toybox problems while > investigating other things.
OK, so basically there are humans walking around with Android phones where every system binary is instrumented with ASAN? It's cool that it's fast enough for that. As I recall the ASAN slowdown is supposed to be within 2x, so I can see that. That said, I agree there's a big advantage to doing it on the host, because you can actually drive the binaries with a test suite rather than whatever people happen to be doing. People tend to explore the same code paths over and over again, while tests can get into the corner cases. (Not to mention fuzzing, which isn't really possible with toybox now.) >> In case it got lost, these patches I sent out in March added ASAN >> support to Toybox's Makefile, as well as scripts for running tests >> under the ASAN-instrumented binaries (and other LLVM sanitizers) >> >> http://lists.landley.net/pipermail/toybox-landley.net/2016-March/008147.html > > no, i remember that and my plan is to give it a try as soon as i have > time. which is why the longer version of my plan is "mention it on the > list knowing i won't get round to it for a while, and maybe it'll be > easier by the time i get there anyway" :-) OK, the patches no longer apply since Rob started rewriting parts of the related build stuff, but didn't anywhere close to ASAN afaik. But it shouldn't be too hard to checkout a commit as of March and apply them. There are some more instructions here when I reproduce the expr bug that was introduced: http://lists.landley.net/pipermail/toybox-landley.net/2016-April/008214.html And Rob you clearly never ran that, because the ONLY bug it flagged was YOUR bug. You're simply being ignorant by writing that it's a false positive generator. Please try things before writing long messages full of nonsense. And you're the one who asked for the bwk repo with tests, so I published it, so you should actually run it. I'm not promising to make the patches apply again, but given that I showed examples of adding it to toybox, and adding it to bwk, it should be straightforward to follow that model. Andy _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
