Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update libfuzzer to LLVM 18 #2035

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

addisoncrump
Copy link
Contributor

@addisoncrump addisoncrump commented Aug 19, 2024

The libfuzzer commit used was an older version which did not seem to be up-to-date with documentation and harness behaviour. This led to assertion failures in the main fuzzer loop in new benchmarks due to not recognising the documented -1 return value.

This updates the libfuzzer version to the latest LLVM release.

@addisoncrump
Copy link
Contributor Author

addisoncrump commented Aug 19, 2024

Hm, it also seems that no default timeout is set. By default, libfuzzer uses a 20 minute timeout, so this should likely be set to something more reasonable (10 seconds?).

@addisoncrump addisoncrump marked this pull request as ready for review August 19, 2024 05:13
apt-get install -y \
build-essential \
lsb-release wget software-properties-common gnupg && \
wget https://apt.llvm.org/llvm.sh && chmod +x llvm.sh && ./llvm.sh 18
Copy link
Contributor

@tokatoka tokatoka Aug 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this will install binaries into /usr/bin but won't make /usr/bin/clang point to /usr/bin/clang-18

so if you run clang after the install, then the older one, if it exists, will still be used
to fix this you need something like this https://gist.github.com/tokatoka/26f4ba95991c6e33139999976332aa8e or use update-alternative (since this is ubuntu

@tokatoka
Copy link
Contributor

tokatoka commented Aug 19, 2024

this is what the log from CI says.

2024-08-19T05:08:11.5387571Z #22 0.298 CFLAGS = -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -pthread -Wl,--no-as-needed -Wl,-ldl -Wl,-lm -Wno-unused-command-line-argument -O3
2024-08-19T05:08:11.5389357Z #22 0.298 CXXFLAGS = -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -pthread -Wl,--no-as-needed -Wl,-ldl -Wl,-lm -Wno-unused-command-line-argument -stdlib=libc++ -O3
2024-08-19T05:08:11.5390564Z #22 0.304 Building benchmark bloaty_fuzz_target with fuzzer libfuzzer
2024-08-19T05:08:11.5391129Z #22 0.306 + cd /work
2024-08-19T05:08:11.5391602Z #22 0.306 + cmake -G Ninja -DBUILD_TESTING=false /src/bloaty
2024-08-19T05:08:11.5679392Z #22 0.486 -- The C compiler identification is Clang 15.0.0
2024-08-19T05:08:11.7214436Z #22 0.639 -- The CXX compiler identification is Clang 15.0.0

so it's 15.0.0. that is used. maybe you should apt purge clang-* llvm-* to delete everything first so that /usr/bin/clang wont point to the wrong one

@addisoncrump
Copy link
Contributor Author

Ah, good catch. Probably why ASAN is mad. I'll copy/paste some more code from the libafl dockerfile.

@tokatoka
Copy link
Contributor

maybe you should use update-alternative though instead of my snippet. because this is not libafl

@addisoncrump
Copy link
Contributor Author

so it's 15.0.0. that is used.

I actually worked out that this is not relevant for us; we just have to build the fuzzer with a c++17 compatible version and disable container overflow. There's some weird interaction between fork mode and the old bug benchmark that's too difficult to reasonably debug 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants