[PATCH] D21049: [LibFuzzer] Fix some unit test crashes on OSX.

[Anna Zaks via llvm-commits]

zaks.anna added a comment.

> The problem with linking asan + no-asan is this: 

>  https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow#false-positives

>  I am not aware of any other issue caused by linking asan and no-asan together. 

>  Before fixing this problem I will need to understand it more.


This problem is cased by container overflow. However, it does not always result in false positives as the page implies. We've seen several wired crashes due to this problem. These are much more rare and are very hard to reduce but they do exist. The only solution is not to build with container overflow instrumentation (the run time option does not hep). Here is an explanation of why they happen when we mix ASanified and non-ASanified code.

The container overflow instrumentation is all in the headers, guarded by the _LIBCPP_HAS_NO_ASAN macro. It's possible that the instrumented functions do not get fully inlined in both instrumented code and non-instrumented code. This means that the linker will see 2 copies of the vector functions - one is ASan version and one a vanilla version. It will pick one of them (the first one it sees on OS X) and use that one in both instrumented and non-instrumented code. If the one it picks comes from the ASan version of the header and is called from the non-instrumented code, wired things happen. This is what we see here. The only workaround is to set _LIBCPP_HAS_NO_ASAN when building.

I do not know why we saw it more than you, maybe it happens more often on the Mac for some reason. We have a plan for a complex solution that would involve linker changes to better diagnose this issue at build time. However, it's not going to land soon. Another option is to just disable container overflow by default either on the Mac or everywhere.


http://reviews.llvm.org/D21049