Closed frewsxcv closed 7 years ago
frewsxcv
commented
7 years ago I looked into this tonight briefly. For reference:
I understand how to do all these steps except for the first one. If anyone knows how to compile the fuzz target with sanitization into an object file, please share
Manishearth
commented
7 years ago I assume it's just a matter of passing the -fsanitize argument via -Cllvm-args and then using the regular rust commands for making object files?
Manishearth
commented
7 years ago Oh, wait, this is libfuzzer. Unsure why libfuzzer-sys needs support for this, I'd assume cargo fuzz is what would drive this.
nagisa
commented
7 years ago Fuzzing with libfuzzer already builds stuff with sancov enabled.
On Feb 22, 2017 7:52 AM, "Manish Goregaokar" notifications@github.com wrote:
Oh, wait, this is libfuzzer. Unsure why libfuzzer-sys needs support for this, I'd assume cargo fuzz is what would drive this.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/rust-fuzz/libfuzzer-sys/issues/5#issuecomment-281576583, or mute the thread https://github.com/notifications/unsubscribe-auth/AApc0lRfKHAsNtN0IVO41N-JcI_7OxLtks5re80SgaJpZM4MGgHa .
frewsxcv
commented
7 years ago Unsure why libfuzzer-sys needs support for this, I'd assume cargo fuzz is what would drive this.
Yeah, this is right. Most of the changes will probably happen in cargo-fuzz. Though, these instructions indicate that we need to build an object file of the fuzz target, which might involve changes to this crate?
Manishearth
commented
7 years ago I don't see how this crate should be affected. libFuzzer is an alternate to AFL, it doesn't "work with AFL", to the best of my knowledge. You'd need to perhaps write similar bindings, or have cargo-fuzz pass down similar flags, but it's still different.
frewsxcv
commented
7 years ago
http://llvm.org/docs/LibFuzzer.html#afl-compatibility
Not sure how easy this is, but it would be nice. Then afl.rs could use this.