-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ports over dfsan from polytracker-llvm
#6517
Conversation
25cc456
to
dc028ad
Compare
* builds only `dfsan` sanitizer runtime and its dependencies
0e4a613
to
e196a03
Compare
Dockerfile
Outdated
WORKDIR /blight | ||
RUN git clone https://github.com/trailofbits/blight.git . | ||
RUN pip3 install . | ||
RUN GO111MODULE=off go get github.com/SRI-CSL/gllvm/cmd/... |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for updating the gllvm! I may have missed it, but what golang version is supported in this new Dockerfile version? I think the current master
Polytracker base Dockerfile is pinned to an old Golang, so am curious whether we are using Jammy's default golang or otherwise replace/configure it in some way I haven't noticed yet here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
root@dea90b62fec0:/workdir# go version
go version go1.18.1 linux/amd64
I think we're using the Jammy default. Which is also the same we've used in polytracker-llvm
unless I'm missing something.
* with `update-alternatives` invocation
* -DLIBCXX_CXX_ABI="libcxxabi"
I'll make an issue to add a note in a new
Yes. That is correct. |
The ports over the
DataflowSanitizer
pass and related parts ofcompiler-rt
from our modified fork of the LLVM repository. By doing this we are no longer dependent on that fork and can eventually move to more recent versions of LLVM. For this to happen, parts of polytracker's CMake build system had to be modified and the Dockerfile had to be rewritten. Users should also expect increased docker image build times as we now buildlibc++
, which was part of thepolytracker-llvm
docker dependency build. The sum duration ofpolytracker-llvm
andpolytracker
docker image build has however been drastically lowered. Future hope is to optimize the docker image build further.