no coverage info on Android(build target with -fsanitize=address)

Question

no coverage info on Android(build target with -fsanitize=address)

Jack7ove opened this issue 3 years ago · comments

I got same situation as #342

I try to add -fsanitize-coverage=trace-pc-guard,trace-cmp,trace-div,indirect-calls, but I got many warnings:

WARNING: found 1 unrecognized flag(s):
    detect_odr_violation

I checked google's doc :
in Application.mk :

APP_STL := c++_shared # Or system, or none.
APP_CFLAGS := -fsanitize=address -fno-omit-frame-pointer
APP_LDFLAGS := -fsanitize=address

For each module in your Android.mk:

LOCAL_ARM_MODE := arm

so I modified my demo as follow:

LOCAL_PATH:= $(call my-dir)


include $(CLEAR_VARS)
LOCAL_PATH = .
LOCAL_MODULE := hfuzz
LOCAL_EXPORT_C_INCLUDES := $HOME/honggfuzz/includes
LOCAL_SRC_FILES := /home/user/honggfuzz/libs/arm64-v8a/libhfuzz.a
LOCAL_ARM_MODE := arm
include $(PREBUILT_STATIC_LIBRARY)

include $(CLEAR_VARS)
LOCAL_PATH = .
LOCAL_MODULE := hfuzzcommon
LOCAL_EXPORT_C_INCLUDES := $HOME/honggfuzz/includes
LOCAL_SRC_FILES := /home/user/honggfuzz/obj/local/arm64-v8a/libcommon.a
LOCAL_ARM_MODE := arm
include $(PREBUILT_STATIC_LIBRARY)


include $(CLEAR_VARS)
LOCAL_STATIC_LIBRARIES := hfuzz hfuzzcommon
LOCAL_SRC_FILES := fuzz_test.c
LOCAL_MODULE := fuzz_test
LOCAL_ARM_MODE := arm

include $(BUILD_EXECUTABLE)

cat Application.mk 
APP_BUILD_SCRIPT := ./Android.mk
APP_STL := c++_shared # Or system, or none.
APP_CFLAGS := -fsanitize=address  -fno-omit-frame-pointer
APP_LDFLAGS := -fsanitize=address

After ndk-build， I test it on my pixel2 :

It seems ASAN works fine.

But when I try to fuzzing fuzz_test with honggfuzz, I find I cannot get any coverage infomation :

./honggfuzz -i in -o out -z -- fuzz_test ___FILE___

What I did wrong? Could you suggest something, please?

robertswiecki · Answer 1 · Tue Apr 13 2021 20:16:22 GMT+0800 (China Standard Time)

First of all, I never fuzzed on Android - the Android port is work of other people (both inside and inside my company) and I have little knowledge on how it works (should work).

You said that you get warnings about detect_odr_violation if you add . Is this the only problem? Because if so, you can simply remove it from sanitizers.c

jackey · Answer 2 · Thu Apr 15 2021 15:08:19 GMT+0800 (China Standard Time)

First of all, I never fuzzed on Android - the Android port is work of other people (both inside and inside my company) and I have little knowledge on how it works (should work).

You said that you get warnings about detect_odr_violation if you add . Is this the only problem? Because if so, you can simply remove it from sanitizers.c

Thanks for your reply, fix detect_odr_violation is easy. But I still cannot get any coverage info :(
Is there any doc about building harness on Android?

vivi50 · Answer 3 · Thu May 11 2023 11:17:05 GMT+0800 (China Standard Time)

First of all, I never fuzzed on Android - the Android port is work of other people (both inside and inside my company) and I have little knowledge on how it works (should work).
You said that you get warnings about detect_odr_violation if you add . Is this the only problem? Because if so, you can simply remove it from sanitizers.c

Thanks for your reply, fix detect_odr_violation is easy. But I still cannot get any coverage info :( Is there any doc about building harness on Android?

Hi, I have the same problem, did you solve it ?