Can't wait to try this out! On 200702 1459, Paolo Bonzini wrote: > On 02/07/20 14:50, Daniele Buono wrote: > > I also wonder if this is something that could be put in the fuzzing > > environment. It would probably also help in finding coding error in > > corner cases quicker. > > Yes, fuzzing and tests/docker/test-debug should enable CFI. Also, > tests/docker/test-clang should enable LTO. > > Paolo
I believe CFI is most-useful as an active defensive measure. I can't think of many cases where a fuzzer/test could raise a CFI alert that wouldn't also be caught by something like canaries, ASan or UBsan, though maybe I'm missing something. Maybe testing/fuzzing with CFI could be useful to weed out any errors due to e.g. an incomplete cfi-blacklist.txt -Alex
