configure | 1 + 1 file changed, 1 insertion(+)
With --enable-fuzzing, QEMU_CFLAGS include -fsanitize=fuzzer-no-link.
This should allow us to build non-fuzzer binaries using objects
instrumented for fuzzing. However, to do that, we also need to link with
-fsanitize=fuzzer-no-link. We were not doing that.
Reported-by: Li Qiang <liq3ea@163.com>
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
---
configure | 1 +
1 file changed, 1 insertion(+)
diff --git a/configure b/configure
index a79b3746d4..02aaea31c8 100755
--- a/configure
+++ b/configure
@@ -6097,6 +6097,7 @@ if test "$fuzzing" = "yes" ; then
# needed CFLAGS have already been provided
if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then
QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
+ QEMU_LDFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link"
FUZZ_EXE_LDFLAGS="-fsanitize=fuzzer"
else
FUZZ_EXE_LDFLAGS="$LIB_FUZZING_ENGINE"
--
2.27.0
On Sun, 21 Feb 2021 at 16:03, Alexander Bulekov <alxndr@bu.edu> wrote: > > With --enable-fuzzing, QEMU_CFLAGS include -fsanitize=fuzzer-no-link. > This should allow us to build non-fuzzer binaries using objects > instrumented for fuzzing. However, to do that, we also need to link with > -fsanitize=fuzzer-no-link. We were not doing that. > > Reported-by: Li Qiang <liq3ea@163.com> > Signed-off-by: Alexander Bulekov <alxndr@bu.edu> > --- > configure | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/configure b/configure > index a79b3746d4..02aaea31c8 100755 > --- a/configure > +++ b/configure > @@ -6097,6 +6097,7 @@ if test "$fuzzing" = "yes" ; then > # needed CFLAGS have already been provided > if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then > QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link" > + QEMU_LDFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link" Did you mean ="$QEMU_LDFLAGS ... ? > FUZZ_EXE_LDFLAGS="-fsanitize=fuzzer" -- PMM
On 210221 1622, Peter Maydell wrote: > On Sun, 21 Feb 2021 at 16:03, Alexander Bulekov <alxndr@bu.edu> wrote: > > > > With --enable-fuzzing, QEMU_CFLAGS include -fsanitize=fuzzer-no-link. > > This should allow us to build non-fuzzer binaries using objects > > instrumented for fuzzing. However, to do that, we also need to link with > > -fsanitize=fuzzer-no-link. We were not doing that. > > > > Reported-by: Li Qiang <liq3ea@163.com> > > Signed-off-by: Alexander Bulekov <alxndr@bu.edu> > > --- > > configure | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/configure b/configure > > index a79b3746d4..02aaea31c8 100755 > > --- a/configure > > +++ b/configure > > @@ -6097,6 +6097,7 @@ if test "$fuzzing" = "yes" ; then > > # needed CFLAGS have already been provided > > if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then > > QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link" > > + QEMU_LDFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link" > > Did you mean ="$QEMU_LDFLAGS ... ? Yes... It somehow passed my build-test. Should I send a v2? > > > FUZZ_EXE_LDFLAGS="-fsanitize=fuzzer" > > -- PMM
On Sun, 21 Feb 2021 at 16:28, Alexander Bulekov <alxndr@bu.edu> wrote: > > On 210221 1622, Peter Maydell wrote: > > On Sun, 21 Feb 2021 at 16:03, Alexander Bulekov <alxndr@bu.edu> wrote: > > > > > > With --enable-fuzzing, QEMU_CFLAGS include -fsanitize=fuzzer-no-link. > > > This should allow us to build non-fuzzer binaries using objects > > > instrumented for fuzzing. However, to do that, we also need to link with > > > -fsanitize=fuzzer-no-link. We were not doing that. > > > > > > Reported-by: Li Qiang <liq3ea@163.com> > > > Signed-off-by: Alexander Bulekov <alxndr@bu.edu> > > > --- > > > configure | 1 + > > > 1 file changed, 1 insertion(+) > > > > > > diff --git a/configure b/configure > > > index a79b3746d4..02aaea31c8 100755 > > > --- a/configure > > > +++ b/configure > > > @@ -6097,6 +6097,7 @@ if test "$fuzzing" = "yes" ; then > > > # needed CFLAGS have already been provided > > > if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then > > > QEMU_CFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link" > > > + QEMU_LDFLAGS="$QEMU_CFLAGS -fsanitize=fuzzer-no-link" > > > > Did you mean ="$QEMU_LDFLAGS ... ? > > Yes... It somehow passed my build-test. Should I send a v2? Yes, please. > > > FUZZ_EXE_LDFLAGS="-fsanitize=fuzzer" It might also be helpful to have a brief comment explaining why we need to set fuzzing related options in all three of QEMU_CFLAGS, QEMU_LDFLAGS and FUZZ_EXE_LDFLAGS (ie what the difference between them is). -- PMM
© 2016 - 2024 Red Hat, Inc.