[PATCH] D20402: Try to fix libFuzzer running on Mac OSX
Kostya Serebryany via llvm-commits
llvm-commits at lists.llvm.org
Wed May 18 22:31:48 PDT 2016
kcc added a comment.
> Is the reason you only want to collect counts from the main thread for the reason I gave in my earlier comment? Or is there another reason?
Mostly performance. Note that this is not necessary a good heuristic -- in case we malloc in one thread and free() in another thread
we will get the counts wrong and call lsan too often (and then stop calling it at all).
But, 99% of targets we've tested with libFuzzer are single-threaded, so we simply don't have enough experience with multi-threaded targets.
>
>
> > Need to find another solution, e.g. to not touch AllocTracer before we called Start() on it.
>
>
> Well there's a really hacky way to do that. There could be a global bool guarding access to `AllocTracer` that we set to true once we call ``Start()``. Not sure if that's ideal though as technically would could race on the global bool if there are multiple threads.
Or we can have a global that we set just once at init time and never unset.
This will solve the problem, right? Then there will be no race.
> Just a side though. The LeakSanitizer currently doesn't work on Mac OSX.
AFIACT -- yes.
> AFAICT it only works right now on Linux that is not Android on x86_64, aarch64 or MIPS (based on reading `compiler-rt/lib/lsan/lsan_common.h` where CAN_SANITIZE_LEAKS is set). Whether or not the CAN_SANITIZE_LEAKS macro was enabled (and consequently if leak sanitization can be performed) does not seem to be exposed in the Leak Sanitizer's interface.
True.
> > There is the `__lsan_is_turned_off()` function but that is not affected by the value of the CAN_SANITIZE_LEAKS macro. Ideally LibFuzzer shouldn't try to do anything related to leak checking if the leak sanitizer is not actually functional. If `__lsan_is_turned_off()`` was fixed to respect CAN_SANITIZE_LEAKS we could guard some of the code in LibFuzzer that supports running the LeakSanitizer.
>
__lsan_is_turned_off is a different thing:
// The user may optionally provide this function to disallow leak checking
// for the program it is linked into (if the return value is non-zero). This
// function must be defined as returning a constant value; any behavior beyond
// that is unsupported.
Maybe for now just guard the code in sanitizer_malloc_hook with if (LIBFUZZER_LINUX)?
http://reviews.llvm.org/D20402
More information about the llvm-commits
mailing list