1. Patchew
  2. QEMU
  3. [PULL 00/10] qtest / fuzzer patches
  4. View patch

[PULL 05/10] docs/fuzz: describe building fuzzers with enable-sanitizers

Thomas Huth posted 10 patches 5 years, 3 months ago
Maintainers: Sagar Karandikar <sagark@eecs.berkeley.edu>, Stefan Hajnoczi <stefanha@redhat.com>, Wainer dos Santos Moschetta <wainersm@redhat.com>, "Alex Bennée" <alex.bennee@linaro.org>, Peter Maydell <peter.maydell@linaro.org>, Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>, Alexander Bulekov <alxndr@bu.edu>, Bastian Koppelmann <kbastian@mail.uni-paderborn.de>, Palmer Dabbelt <palmer@dabbelt.com>, "Philippe Mathieu-Daudé" <philmd@redhat.com>, Subbaraya Sundeep <sundeep.lkml@gmail.com>, Alistair Francis <alistair@alistair23.me>, Laurent Vivier <lvivier@redhat.com>, Niek Linnenbank <nieklinnenbank@gmail.com>, "Edgar E. Iglesias" <edgar.iglesias@gmail.com>, Paolo Bonzini <pbonzini@redhat.com>, Beniamino Galvani <b.galvani@gmail.com>, Thomas Huth <thuth@redhat.com>, Bandan Das <bsd@redhat.com>
[PULL 05/10] docs/fuzz: describe building fuzzers with enable-sanitizers
Posted by Thomas Huth 5 years, 3 months ago 
From: Alexander Bulekov <alxndr@bu.edu>

Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20200706195534.14962-3-alxndr@bu.edu>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
 docs/devel/fuzzing.txt | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt
index db5641de74..12bf6aa0ca 100644
--- a/docs/devel/fuzzing.txt
+++ b/docs/devel/fuzzing.txt
@@ -23,9 +23,12 @@ AddressSanitizer mmaps ~20TB of memory, as part of its detection. This results
 in a large page-map, and a much slower fork().
 
 To build the fuzzers, install a recent version of clang:
-Configure with (substitute the clang binaries with the version you installed):
+Configure with (substitute the clang binaries with the version you installed).
+Here, enable-sanitizers, is optional but it allows us to reliably detect bugs
+such as out-of-bounds accesses, use-after-frees, double-frees etc.
 
-    CC=clang-8 CXX=clang++-8 /path/to/configure --enable-fuzzing
+    CC=clang-8 CXX=clang++-8 /path/to/configure --enable-fuzzing \
+                                                --enable-sanitizers
 
 Fuzz targets are built similarly to system/softmmu:
 
-- 
2.18.1

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.