diff options
author | Mihai Maruseac <mihaimaruseac@google.com> | 2020-06-17 17:10:29 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-17 10:10:29 -0700 |
commit | 8603f6a6cd626a5355c9d6f53914a0bf6bab0377 (patch) | |
tree | 20cc6b0ad194c7b22e6fb10c19df5204933e89eb /projects/tensorflow | |
parent | 094e3fdd681ed9d4368c2b1aac883105898aa97d (diff) | |
download | oss-fuzz-8603f6a6cd626a5355c9d6f53914a0bf6bab0377.tar.gz |
Enable more fuzzing for TensorFlow (#4004)
* Link against `libc++` with proper config in `.bazelrc`
* Add support for `undefined` build, link against proper `clang_rt` library
* Don't rsync in verbose mode.
* Support `undefined` and `memory` sanitizers
* Support more fuzzers than just `libfuzzer`.
Diffstat (limited to 'projects/tensorflow')
-rwxr-xr-x | projects/tensorflow/build.sh | 16 | ||||
-rw-r--r-- | projects/tensorflow/project.yaml | 4 |
2 files changed, 13 insertions, 7 deletions
diff --git a/projects/tensorflow/build.sh b/projects/tensorflow/build.sh index 478b0fbb9..641ce9c08 100755 --- a/projects/tensorflow/build.sh +++ b/projects/tensorflow/build.sh @@ -27,18 +27,22 @@ yes "" | ${PYTHON} configure.py # Note: Make sure that by this line `$CFLAGS` and `$CXXFLAGS` are properly set # up as further changes to them won't be visible to Bazel. # -# Note: We remove the `-stdlib=libc++` flag as Bazel produces linker errors if -# it is present. +# Note: for builds using the undefined behavior sanitizer we need to link +# `clang_rt` ubsan library. Since Bazel uses `clang` for linking instead of +# `clang++`, we need to add the additional `--linkopt` flag. +# See issue: https://github.com/bazelbuild/bazel/issues/8777 declare -r EXTRA_FLAGS="\ $( for f in ${CFLAGS}; do echo "--conlyopt=${f}" "--linkopt=${f}" done for f in ${CXXFLAGS}; do - if [[ "$f" != "-stdlib=libc++" ]]; then echo "--cxxopt=${f}" "--linkopt=${f}" - fi done +if [ "$SANITIZER" = "undefined" ] +then + echo "--linkopt=$(find $(llvm-config --libdir) -name libclang_rt.ubsan_standalone_cxx-x86_64.a | head -1)" +fi )" # Determine all fuzz targets. To control what gets fuzzed with OSSFuzz, all @@ -46,12 +50,14 @@ done declare -r FUZZERS=$(bazel query 'tests(//tensorflow/security/fuzzing/...)' | grep -v identity) # Build the fuzzer targets. +# Pass in `--config=libc++` to link against libc++. # Pass in `--verbose_failures` so it is easy to debug compile crashes. # Pass in `--strip=never` to ensure coverage support. # Pass in `$LIB_FUZZING_ENGINE` to `--copt` and `--linkopt` to ensure we have a # `main` symbol defined (all these fuzzers build without a `main` and by default # `$CFLAGS` and `CXXFLAGS` compile with `-fsanitize=fuzzer-no-link`). bazel build \ + --config=libc++ \ ${EXTRA_FLAGS} \ --verbose_failures \ --strip=never \ @@ -72,7 +78,7 @@ done # paths. We also need to resolve all symlinks that Bazel creates. if [ "$SANITIZER" = "coverage" ] then - declare -r RSYNC_CMD="rsync -avLkR" + declare -r RSYNC_CMD="rsync -aLkR" declare -r REMAP_PATH=${OUT}/proc/self/cwd/ mkdir -p ${REMAP_PATH} diff --git a/projects/tensorflow/project.yaml b/projects/tensorflow/project.yaml index 57ff1aeaf..bc4f4c422 100644 --- a/projects/tensorflow/project.yaml +++ b/projects/tensorflow/project.yaml @@ -3,7 +3,7 @@ language: c++ primary_contact: "mihaimaruseac@google.com" auto_ccs: - "frankchn@google.com" -fuzzing_engines: - - libfuzzer sanitizers: - address + - undefined + - memory |