<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, May 19, 2016 at 3:00 PM, Dan Liew via llvm-commits <span dir="ltr"><<a href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: delcypher<br>
Date: Thu May 19 17:00:33 2016<br>
New Revision: 270145<br>
<br>
URL: <a href="http://llvm.org/viewvc/llvm-project?rev=270145&view=rev" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project?rev=270145&view=rev</a><br>
Log:<br>
[LibFuzzer]<br>
Work around crashes in ``__sanitizer_malloc_hook()`` under Mac OSX.<br></blockquote><div><br></div><div>It works best if the first line of your commit message provides a summary of the change - as this line becomes the subject of the email (& is used in version control summary logs, etc). In this case the subject was only "[LibFuzzer]" (personally - I err on the side of violating the 80 column or whatever limit my editor imposes on the commit message if it means making that first line more fully descriptive)</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Under Mac OSX we intercept calls to malloc before thread local<br>
storage is initialised leading to a crash when accessing<br>
``AllocTracer``. To workaround this ``AllocTracer`` is only accessed<br>
in the hook under Linux. For symmetry ``__sanitizer_free_hook()``<br>
is also modified in the same way.<br>
<br>
To support this change a set of new macros<br>
LIBFUZZER_LINUX and LIBFUZZER_APPLE has been defined which can be<br>
used to check the target being compiled for.<br>
<br>
Differential Revision: <a href="http://reviews.llvm.org/D20402" rel="noreferrer" target="_blank">http://reviews.llvm.org/D20402</a><br>
<br>
Modified:<br>
    llvm/trunk/lib/Fuzzer/FuzzerInternal.h<br>
    llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp<br>
<br>
Modified: llvm/trunk/lib/Fuzzer/FuzzerInternal.h<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=270145&r1=270144&r2=270145&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerInternal.h?rev=270145&r1=270144&r2=270145&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Fuzzer/FuzzerInternal.h (original)<br>
+++ llvm/trunk/lib/Fuzzer/FuzzerInternal.h Thu May 19 17:00:33 2016<br>
@@ -27,6 +27,17 @@<br>
 #include "FuzzerInterface.h"<br>
 #include "FuzzerTracePC.h"<br>
<br>
+// Platform detection.<br>
+#ifdef __linux__<br>
+#define LIBFUZZER_LINUX 1<br>
+#define LIBFUZZER_APPLE 0<br>
+#elif __APPLE__<br>
+#define LIBFUZZER_LINUX 0<br>
+#define LIBFUZZER_APPLE 1<br>
+#else<br>
+#error "Support for your platform has not been implemented"<br>
+#endif<br>
+<br>
 namespace fuzzer {<br>
<br>
 typedef int (*UserCallback)(const uint8_t *Data, size_t Size);<br>
<br>
Modified: llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=270145&r1=270144&r2=270145&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp?rev=270145&r1=270144&r2=270145&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp (original)<br>
+++ llvm/trunk/lib/Fuzzer/FuzzerLoop.cpp Thu May 19 17:00:33 2016<br>
@@ -437,9 +437,19 @@ struct MallocFreeTracer {<br>
<br>
 static thread_local MallocFreeTracer AllocTracer;<br>
<br>
+// FIXME: The hooks only count on Linux because<br>
+// on Mac OSX calls to malloc are intercepted before<br>
+// thread local storage is initialised leading to<br>
+// crashes when accessing ``AllocTracer``.<br>
 extern "C" {<br>
-void __sanitizer_malloc_hook(void *ptr, size_t size) { AllocTracer.Mallocs++; }<br>
-void __sanitizer_free_hook(void *ptr) { AllocTracer.Frees++; }<br>
+void __sanitizer_malloc_hook(void *ptr, size_t size) {<br>
+  if (!LIBFUZZER_APPLE)<br>
+    AllocTracer.Mallocs++;<br>
+}<br>
+void __sanitizer_free_hook(void *ptr) {<br>
+  if (!LIBFUZZER_APPLE)<br>
+    AllocTracer.Frees++;<br>
+}<br>
 }  // extern "C"<br>
<br>
 void Fuzzer::ExecuteCallback(const uint8_t *Data, size_t Size) {<br>
<br>
<br>
_______________________________________________<br>
llvm-commits mailing list<br>
<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a><br>
<a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer" target="_blank">http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a><br>
</blockquote></div><br></div></div>