Improve sanitizer support #6513
Comments
But yeah, PRs for any and all of this very welcome, sanitizers are great tools and we'd love more support. See also #6436 |
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 25, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 25, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
LebedevRI
added a commit
to LebedevRI/Halide
that referenced
this issue
Dec 30, 2021
Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one.
steven-johnson
added a commit
that referenced
this issue
Jan 4, 2022
* Implement SanitizerCoverage support (Refs. #6513) Please refer to https://clang.llvm.org/docs/SanitizerCoverage.html TLDR: `ModuleSanitizerCoveragePass` instruments the IR by inserting calls to callbacks at certain constructs. What the callbacks should do is up to the implementation. They are effectively required for fuzzing to be effective, and are provided by e.g. libfuzzer. One huge caveat is `SanitizerCoverageOptions` which controls which which callbacks should actually be inserted. I just don't know what to do about it. Right now i have hardcoded the set that would have been enabled by `-fsanitize=fuzzer-no-link`, because the alternative, due to halide unflexibility, would be to introduce ~16 suboptions to control each one. * Simplify test * sancov test: avoid potential signedness warnings. * Rename all instances of sancov to sanitizecoverage * Adjust spelling of "SanitizerCoverage" in some places * Actually adjust the feature name in build system for the test * Hopefully fix Makefile build Co-authored-by: Steven Johnson <[email protected]>
|
Ok, sanitizer-wise i think things are actually good now. Thanks! More generally, i think there are some more things potentially missing,
|
|
Per undefined behavior, the general approach in Halide is to not have it. At least not in the default compilation settings. There are a few cases such as aliasing of input and output buffers. We do have the option to compile with no asserts and to allow race conditions, which can result in UB like phenomena, but generally the goal is to define the results, or at least bound them to a reasonable range. (This is somewhat required due to bounds inference for example.) |
13 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi! I'd like to make use of halide in RawSpeed library (darktable-org/rawspeed#325).
Now that the halide is packaged in debian, it's mostly a no-brainer,
but unfortunately for me RawSpeed is an avid user of oss-fuzz,
and unfortunately i think not loosing that coverage is more important than making use of Halide.
As far as i can tell, there's some support for ASAN and TSAN instrumentation,
which means there are some missing things still: (list)
-fsanitize=flags?Thoughts?
Blocks darktable-org/rawspeed#325.
The text was updated successfully, but these errors were encountered: