-
Notifications
You must be signed in to change notification settings - Fork 277
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update libfuzzer to LLVM 18 #2035
base: master
Are you sure you want to change the base?
Conversation
Hm, it also seems that no default timeout is set. By default, libfuzzer uses a 20 minute timeout, so this should likely be set to something more reasonable (10 seconds?). |
apt-get install -y \ | ||
build-essential \ | ||
lsb-release wget software-properties-common gnupg && \ | ||
wget https://apt.llvm.org/llvm.sh && chmod +x llvm.sh && ./llvm.sh 18 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will install binaries into /usr/bin but won't make /usr/bin/clang point to /usr/bin/clang-18
so if you run clang after the install, then the older one, if it exists, will still be used
to fix this you need something like this https://gist.github.com/tokatoka/26f4ba95991c6e33139999976332aa8e or use update-alternative (since this is ubuntu
this is what the log from CI says.
so it's 15.0.0. that is used. maybe you should |
Ah, good catch. Probably why ASAN is mad. I'll copy/paste some more code from the libafl dockerfile. |
maybe you should use update-alternative though instead of my snippet. because this is not libafl |
I actually worked out that this is not relevant for us; we just have to build the fuzzer with a c++17 compatible version and disable container overflow. There's some weird interaction between fork mode and the old bug benchmark that's too difficult to reasonably debug 😅 |
The libfuzzer commit used was an older version which did not seem to be up-to-date with documentation and harness behaviour. This led to assertion failures in the main fuzzer loop in new benchmarks due to not recognising the documented
-1
return value.This updates the libfuzzer version to the latest LLVM release.