diff options
| author | Dan Liew <dan@su-root.co.uk> | 2016-05-19 22:00:33 +0000 |
|---|---|---|
| committer | Dan Liew <dan@su-root.co.uk> | 2016-05-19 22:00:33 +0000 |
| commit | 3868e468fea62a245b12f9debec242f6d2a62e23 (patch) | |
| tree | d0ba0c034ed1e7497e638d3b576c7738a730121c /llvm/lib | |
| parent | 97d7a66299278911c3ca5b828d29d34f0cd942f0 (diff) | |
| download | llvm-3868e468fea62a245b12f9debec242f6d2a62e23.zip llvm-3868e468fea62a245b12f9debec242f6d2a62e23.tar.gz llvm-3868e468fea62a245b12f9debec242f6d2a62e23.tar.bz2 | |
[LibFuzzer]
Work around crashes in ``__sanitizer_malloc_hook()`` under Mac OSX.
Under Mac OSX we intercept calls to malloc before thread local
storage is initialised leading to a crash when accessing
``AllocTracer``. To workaround this ``AllocTracer`` is only accessed
in the hook under Linux. For symmetry ``__sanitizer_free_hook()``
is also modified in the same way.
To support this change a set of new macros
LIBFUZZER_LINUX and LIBFUZZER_APPLE has been defined which can be
used to check the target being compiled for.
Differential Revision: http://reviews.llvm.org/D20402
llvm-svn: 270145
Diffstat (limited to 'llvm/lib')
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerInternal.h | 11 | ||||
| -rw-r--r-- | llvm/lib/Fuzzer/FuzzerLoop.cpp | 14 |
2 files changed, 23 insertions, 2 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerInternal.h b/llvm/lib/Fuzzer/FuzzerInternal.h index f43f99f..c3d3f9e 100644 --- a/llvm/lib/Fuzzer/FuzzerInternal.h +++ b/llvm/lib/Fuzzer/FuzzerInternal.h @@ -27,6 +27,17 @@ #include "FuzzerInterface.h" #include "FuzzerTracePC.h" +// Platform detection. +#ifdef __linux__ +#define LIBFUZZER_LINUX 1 +#define LIBFUZZER_APPLE 0 +#elif __APPLE__ +#define LIBFUZZER_LINUX 0 +#define LIBFUZZER_APPLE 1 +#else +#error "Support for your platform has not been implemented" +#endif + namespace fuzzer { typedef int (*UserCallback)(const uint8_t *Data, size_t Size); diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp index 6b19a15..0adbc89 100644 --- a/llvm/lib/Fuzzer/FuzzerLoop.cpp +++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp @@ -437,9 +437,19 @@ struct MallocFreeTracer { static thread_local MallocFreeTracer AllocTracer; +// FIXME: The hooks only count on Linux because +// on Mac OSX calls to malloc are intercepted before +// thread local storage is initialised leading to +// crashes when accessing ``AllocTracer``. extern "C" { -void __sanitizer_malloc_hook(void *ptr, size_t size) { AllocTracer.Mallocs++; } -void __sanitizer_free_hook(void *ptr) { AllocTracer.Frees++; } +void __sanitizer_malloc_hook(void *ptr, size_t size) { + if (!LIBFUZZER_APPLE) + AllocTracer.Mallocs++; +} +void __sanitizer_free_hook(void *ptr) { + if (!LIBFUZZER_APPLE) + AllocTracer.Frees++; +} } // extern "C" void Fuzzer::ExecuteCallback(const uint8_t *Data, size_t Size) { |