-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing support for CFLAGS="-fsanitize=fuzzer"? #7761
Comments
The meson.build file you linked manually links libfuzzer into the final executable, so CFLAGS="-fsanitize=fuzzer-no-link" may solve the issue: |
Now it builds, just as it does when I don't use the flag at all. But this doesn't bring me further unfortunately: CFLAGS="-fsanitize=fuzzer-no-link" CC=clang CXX=clang++ meson build-clang -Db_lundef=false [jmaloy@f31 libslirp]$ cd build-clang/ [1/36] Compiling C object libslirp.so.0.0.0.p/src_ip6_output.c.o [jmaloy@f31 build-clang]$ ./fuzzing/fuzz-input ../fuzzing/IN/* ///jon |
Based on the meson.build file in the commit you linked, you could try: That will link libfuzzer into the fuzz-input binary. |
Better, but: In my Makefile version I built libFuzzer myself and linked to it, but that cannot possibly be the intention. |
Maybe those meson.build files were written with a manually compiled libFuzzer in mind. It may be easier to modify them to add "-fsanitize=fuzzer" on the fuzz-input executable() in meson.build. Then you don't need to use llvm-fuzz=true and it will use clang's version of libfuzzer. Something like this: executable(
'fuzz-input', [extra_sources, 'fuzz-input.c'],
dependencies : deps,
c_args : '-fsanitize=fuzzer',
link_args : '-fsanitize=fuzzer',
) But I don't know the intention of the original meson.build files, they seem to have Google OSS-Fuzz support so maybe they expect an environment where libfuzzer has been provided... |
Yes, that, plus that I commented out main() in fuzz_main.c, solved it. |
It seems to me meson recently (<1y) changed the way CFLAGS are checked. Now with CFLAGS="-fsanitize=fuzzer" it will fail to link during configure step. So CFLAGS="-fsanitize=fuzzer-no-link" seems necessary. And in theory, LDFLAGS="-fsanitize=fuzzer" should help too, but LDFLAGS seems not working (anymore?). So Stefan solution is good to me. In general, I think we should avoid using environment variables anyway, and instead have meson.build handle adding/removing the flags (this may be annoying for things like OSSFuzz though) . And it would be nice if meson gained b_sanitize=fuzzer. (sadly, the combination of ASAN options there isn't very good either) |
Really we should just extend the b_sanitize option to handle fuzzer correctly. Hand rolling this stuff is hard and easy to break, which is why we have the built-in option |
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. A list makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the list we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a list if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. A list makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the list we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a list if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. A list makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the list we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a list if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. A list makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the list we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a list if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. A list makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the list we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a list if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a string if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a string if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a string if the compatibility is < 0.62, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a string if the compatibility is < 0.63, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitize') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, a special check has been added to the get_option() call for `b_sanitize`, which converts it to a string if the compatibility is < 0.63, with a warning that the behavior will change in the future. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
There are a lot of sanitizers these days, and trying to keep up with them would be entirely too much work. Instead we'll do a compile check to see if the option is valid. An array makes more sense than a string, since users could just write `address,undefined` or they could write `undefined,address`. With the array we get to handle that ourselves and users writing code know that it's not safe to simply do a check like ```meson if get_option('b_sanitize') == 'address,undefined' ... endif ``` instead they need to do something like ```meson opt = get_option('b_sanitizers') if opt.contains('address') and opt.contains('undefined') ... endif ``` To ensure backwards compatibility, `get_option('b_sanitize')` is guaranteed to return a string with the values in the same order, unless a new value is added. Fixes mesonbuild#8283 Fixes mesonbuild#7761 Fixes mesonbuild#5154 Fixes mesonbuild#1582
I am trying to build a system with meson where fuzzing is activated.
The code I am trying to build is here:
https://gitlab.freedesktop.org/elmarco/libslirp/-/commit/9fba8af484ec6bc10b22e3f49d9e34d95c28b086
However, when I try to build it according to the second method in the commit log I get the following:
FLAGS="-fsanitize=fuzzer" CC=clang CXX=clang++ meson build-clang -Db_lundef=false
The Meson build system
Version: 0.55.3
Source dir: /home/jmaloy/fuzzing/lureau/libslirp
Build dir: /home/jmaloy/fuzzing/lureau/libslirp/build-clang
Build type: native build
Project name: slirp
Project version: 4.0.0
Using 'CC' from environment with value: 'clang'
Using 'CFLAGS' from environment with value: '-fsanitize=fuzzer'
meson.build:1:0: ERROR: Compiler clang can not compile programs.
A full log file can be found at /home/jmaloy/fuzzing/lureau/libslirp/build-clang/meson-logs/meson-log.txt
[jmaloy@f31 libslirp]$
The log referred to above looks as follows:
Build started at 2020-09-19T15:11:11.217041
Main binary: /usr/bin/python3
Build Options: -Db_lundef=false
Python system: Linux
The Meson build system
Version: 0.55.3
Source dir: /home/jmaloy/fuzzing/lureau/libslirp
Build dir: /home/jmaloy/fuzzing/lureau/libslirp/build-clang
Build type: native build
None of 'PKG_CONFIG_PATH' are defined in the environment, not changing global flags.
None of 'PKG_CONFIG_PATH' are defined in the environment, not changing global flags.
Project name: slirp
Project version: 4.0.0
Using 'CC' from environment with value: 'clang'
Using 'CFLAGS' from environment with value: '-fsanitize=fuzzer'
None of 'LDFLAGS' are defined in the environment, not changing global flags.
None of 'CPPFLAGS' are defined in the environment, not changing global flags.
None of 'CC_LD' are defined in the environment, not changing global flags.
Sanity testing C compiler: clang
Is cross compiler: False.
None of 'CC_LD' are defined in the environment, not changing global flags.
Sanity check compiler command line: clang /home/jmaloy/fuzzing/lureau/libslirp/build-clang/meson-private/sanitycheckc.c -o /home/jmaloy/fuzzing/lureau/libslirp/build-clang/meson-private/sanitycheckc.exe -fsanitize=fuzzer -pipe -D_FILE_OFFSET_BITS=64
Sanity check compile stdout:
Sanity check compile stderr:
/usr/bin/ld: /tmp/sanitycheckc-2fd9d1.o: in function
main': sanitycheckc.c:(.text.main[main]+0x0): multiple definition of
main'; /usr/lib64/clang/9.0.1/lib/linux/libclang_rt.fuzzer-x86_64.a(FuzzerMain.cpp.o):(.text.startup[.text.startup.group]+0x0): first defined here/usr/bin/ld: /usr/lib64/clang/9.0.1/lib/linux/libclang_rt.fuzzer-x86_64.a(FuzzerMain.cpp.o): in function
main': (.text.startup[.text.startup.group]+0xf): undefined reference to
LLVMFuzzerTestOneInput'clang-9: error: linker command failed with exit code 1 (use -v to see invocation)
meson.build:1:0: ERROR: Compiler clang can not compile programs.
My environment looks as follows:
$ uname -a
Linux f31 5.7.15-100.fc31.x86_64 #1 SMP Tue Aug 11 17:18:01 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
(I.e., Fedora31)
[jmaloy@f31 libslirp]$ clang --version
clang version 9.0.1 (Fedora 9.0.1-2.fc31)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
[jmaloy@f31 libslirp]$ meson --version
0.55.3
[jmaloy@f31 libslirp]$ python --version
Python 3.7.8
[jmaloy@f31 libslirp]$ ninja --version
1.9.0
I contacted the author of the program, but despite the commit log message he cannot remember he even tried this option, so I suspect this never worked for him either.
BR
Jon Maloy jmaloy@redhat.com
The text was updated successfully, but these errors were encountered: