[PATCH] D61163: [libFuzzer] Disable MSan interceptors in SIGINT handler.

Matt Morehouse via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Apr 25 16:43:36 PDT 2019 

morehouse created this revision.
morehouse added a reviewer: kcc.
Herald added a project: LLVM.

Avoids an MSan false positive if the SIGINT comes while the user
callback is running.  The false positive happens when the interrupt
handler calls opendir() to remove some temporary files, which is
intercepted by MSan.

Fixes https://github.com/google/oss-fuzz/issues/2332.


https://reviews.llvm.org/D61163

Files:
  compiler-rt/lib/fuzzer/FuzzerLoop.cpp
  compiler-rt/test/fuzzer/sigint.test


Index: compiler-rt/test/fuzzer/sigint.test
===================================================================
--- /dev/null
+++ compiler-rt/test/fuzzer/sigint.test
@@ -0,0 +1,17 @@
+# FIXME: Disabled on Windows for now because of reliance on posix only features
+# (eg: export, "&", pkill).
+UNSUPPORTED: darwin, windows
+
+# Check that libFuzzer exits gracefully under SIGINT with MSan.
+RUN: rm -rf %t
+RUN: mkdir -p %t
+RUN: %msan_compiler %S/SleepOneSecondTest.cpp -o %t/LFSIGINT
+
+RUN: %run %t/LFSIGINT 2> %t/log & export PID=$!
+RUN: sleep 2
+RUN: kill -SIGINT $PID
+RUN: sleep 3
+RUN: cat %t/log | FileCheck %s
+
+CHECK: libFuzzer: run interrupted; exiting
+CHECK-NOT: WARNING: MemorySanitizer
Index: compiler-rt/lib/fuzzer/FuzzerLoop.cpp
===================================================================
--- compiler-rt/lib/fuzzer/FuzzerLoop.cpp
+++ compiler-rt/lib/fuzzer/FuzzerLoop.cpp
@@ -266,6 +266,7 @@
 void Fuzzer::InterruptCallback() {
   Printf("==%lu== libFuzzer: run interrupted; exiting\n", GetPid());
   PrintFinalStats();
+  ScopedDisableMsanInterceptorChecks S; // RmDirRecursive may call opendir().
   RmDirRecursive(TempPath(".dir"));
   // Stop right now, don't perform any at-exit actions.
   _Exit(Options.InterruptExitCode);
@@ -681,7 +682,7 @@
         Size <= CurrentMaxMutationLen)
       NewSize = MD.MutateWithMask(CurrentUnitData, Size, Size,
                                   II.DataFlowTraceForFocusFunction);
-    
+
     // If MutateWithMask either failed or wasn't called, call default Mutate.
     if (!NewSize)
       NewSize = MD.Mutate(CurrentUnitData, Size, CurrentMaxMutationLen);


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D61163.196759.patch
Type: text/x-patch
Size: 1632 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20190425/2a8008c7/attachment.bin>

More information about the llvm-commits mailing list