This is an archive of the discontinued LLVM Phabricator instance.

Differential D37304

Add preliminary NetBSD support in libfuzzer
ClosedPublic

Authored by krytarowski on Aug 30 2017, 11:58 AM.

Details

Reviewers
joerg
kcc
vitalybuka
george.karpenkov
Commits
rG8da2722a9f51: Add preliminary NetBSD support in libfuzzer
rCRT312183: Add preliminary NetBSD support in libfuzzer
rL312183: Add preliminary NetBSD support in libfuzzer
Summary

This code already works and passes some number of tests.

There is need to finish remaining sanitizers to get better coverage.

Many tests fail due to overly long file names of executables (>31).
This is a current shortcoming of the NetBSD 8(beta) kernel, as
certain functions can fail (like retrieving file name of executable).

Sponsored by <The NetBSD Foundation>

Diff Detail

Repository
rL LLVM

Event Timeline

krytarowski created this revision.Aug 30 2017, 11:58 AM
Herald added a subscriber: mgorny. · View Herald TranscriptAug 30 2017, 11:58 AM
krytarowski added a comment.Aug 30 2017, 12:09 PM

I'm on vacation during September, I will keep pinging for this patch but not writing new code. I will be back to development in October.

kcc edited edge metadata.Aug 30 2017, 2:56 PM

Mostly LG

lib/fuzzer/tests/CMakeLists.txt
13

I think this should be fixed on the driver side, i.e. -fsanitize=address (and similar) should add -lrt, as they do on Linux.

krytarowski added inline comments.Aug 30 2017, 3:06 PM
lib/fuzzer/tests/CMakeLists.txt
13

It might be overlinking.. but for now I will drop this part from the commit.

krytarowski updated this revision to Diff 113326.Aug 30 2017, 3:22 PM
  • drop -lrt patch from tests
kcc accepted this revision.Aug 30 2017, 3:25 PM

LGTM, thanks!

This revision is now accepted and ready to land.Aug 30 2017, 3:25 PM
krytarowski added a comment.Aug 30 2017, 3:38 PM

Thank you for the reviews!

In general I'm heading for tsan+msan. I need to finish proper process memory mapping.

After finishing them I will switch back to LLDB and kernel ptrace(2).

In future for lsan I need to research and add a new kernel API for StopTheWorld().

krytarowski closed this revision.Aug 30 2017, 3:45 PM

Revision Contents

PathSize
cmake/
2 lines
lib/
fuzzer/
10 lines
4 lines
2 lines
4 lines
afl/
8 lines
tests/
3 lines

Diff 113293

cmake/config-ix.cmake

Show First 20 LinesShow All 582 Lines▼ Show 20 Lines
if (COMPILER_RT_HAS_SANITIZER_COMMON AND XRAY_SUPPORTED_ARCH AND if (COMPILER_RT_HAS_SANITIZER_COMMON AND XRAY_SUPPORTED_ARCH AND
OS_NAME MATCHES "Linux") OS_NAME MATCHES "Linux")
set(COMPILER_RT_HAS_XRAY TRUE) set(COMPILER_RT_HAS_XRAY TRUE)
else() else()
set(COMPILER_RT_HAS_XRAY FALSE) set(COMPILER_RT_HAS_XRAY FALSE)
endif() endif()
if (COMPILER_RT_HAS_SANITIZER_COMMON AND FUZZER_SUPPORTED_ARCH AND if (COMPILER_RT_HAS_SANITIZER_COMMON AND FUZZER_SUPPORTED_ARCH AND
OS_NAME MATCHES "Darwin|Linux") OS_NAME MATCHES "Darwin|Linux|NetBSD")
set(COMPILER_RT_HAS_FUZZER TRUE) set(COMPILER_RT_HAS_FUZZER TRUE)
else() else()
set(COMPILER_RT_HAS_FUZZER FALSE) set(COMPILER_RT_HAS_FUZZER FALSE)
endif() endif()

lib/fuzzer/FuzzerDefs.h

Show All 19 Lines
#include <vector> #include <vector>
#include <set> #include <set>
#include <memory> #include <memory>
// Platform detection. // Platform detection.
#ifdef __linux__ #ifdef __linux__
#define LIBFUZZER_APPLE 0 #define LIBFUZZER_APPLE 0
#define LIBFUZZER_LINUX 1 #define LIBFUZZER_LINUX 1
#define LIBFUZZER_NETBSD 0
#define LIBFUZZER_WINDOWS 0 #define LIBFUZZER_WINDOWS 0
#elif __APPLE__ #elif __APPLE__
#define LIBFUZZER_APPLE 1 #define LIBFUZZER_APPLE 1
#define LIBFUZZER_LINUX 0 #define LIBFUZZER_LINUX 0
#define LIBFUZZER_NETBSD 0
#define LIBFUZZER_WINDOWS 0
#elif __NetBSD__
#define LIBFUZZER_APPLE 0
#define LIBFUZZER_LINUX 0
#define LIBFUZZER_NETBSD 1
#define LIBFUZZER_WINDOWS 0 #define LIBFUZZER_WINDOWS 0
#elif _WIN32 #elif _WIN32
#define LIBFUZZER_APPLE 0 #define LIBFUZZER_APPLE 0
#define LIBFUZZER_LINUX 0 #define LIBFUZZER_LINUX 0
#define LIBFUZZER_NETBSD 0
#define LIBFUZZER_WINDOWS 1 #define LIBFUZZER_WINDOWS 1
#else #else
#error "Support for your platform has not been implemented" #error "Support for your platform has not been implemented"
#endif #endif
#ifndef __has_attribute #ifndef __has_attribute
# define __has_attribute(x) 0 # define __has_attribute(x) 0
#endif #endif
#define LIBFUZZER_POSIX LIBFUZZER_APPLE || LIBFUZZER_LINUX #define LIBFUZZER_POSIX (LIBFUZZER_APPLE || LIBFUZZER_LINUX || LIBFUZZER_NETBSD)
#ifdef __x86_64 #ifdef __x86_64
# if __has_attribute(target) # if __has_attribute(target)
# define ATTRIBUTE_TARGET_POPCNT __attribute__((target("popcnt"))) # define ATTRIBUTE_TARGET_POPCNT __attribute__((target("popcnt")))
# else # else
# define ATTRIBUTE_TARGET_POPCNT # define ATTRIBUTE_TARGET_POPCNT
# endif # endif
#else #else
▲ Show 20 LinesShow All 96 LinesShow Last 20 Lines

lib/fuzzer/FuzzerExtFunctionsWeak.cpp

//===- FuzzerExtFunctionsWeak.cpp - Interface to external functions -------===// //===- FuzzerExtFunctionsWeak.cpp - Interface to external functions -------===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// Implementation for Linux. This relies on the linker's support for weak // Implementation for Linux. This relies on the linker's support for weak
// symbols. We don't use this approach on Apple platforms because it requires // symbols. We don't use this approach on Apple platforms because it requires
// clients of LibFuzzer to pass ``-U _<symbol_name>`` to the linker to allow // clients of LibFuzzer to pass ``-U _<symbol_name>`` to the linker to allow
// weak symbols to be undefined. That is a complication we don't want to expose // weak symbols to be undefined. That is a complication we don't want to expose
// to clients right now. // to clients right now.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "FuzzerDefs.h" #include "FuzzerDefs.h"
#if LIBFUZZER_LINUX #if LIBFUZZER_LINUX || LIBFUZZER_NETBSD
#include "FuzzerExtFunctions.h" #include "FuzzerExtFunctions.h"
#include "FuzzerIO.h" #include "FuzzerIO.h"
extern "C" { extern "C" {
// Declare these symbols as weak to allow them to be optionally defined. // Declare these symbols as weak to allow them to be optionally defined.
#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \ #define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
__attribute__((weak)) RETURN_TYPE NAME FUNC_SIG __attribute__((weak)) RETURN_TYPE NAME FUNC_SIG
Show All 21 Lines
#include "FuzzerExtFunctions.def" #include "FuzzerExtFunctions.def"
#undef EXT_FUNC #undef EXT_FUNC
} }
} // namespace fuzzer } // namespace fuzzer
#endif // LIBFUZZER_LINUX #endif // LIBFUZZER_LINUX || LIBFUZZER_NETBSD

lib/fuzzer/FuzzerExtraCounters.cpp

//===- FuzzerExtraCounters.cpp - Extra coverage counters ------------------===// //===- FuzzerExtraCounters.cpp - Extra coverage counters ------------------===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// Extra coverage counters defined by user code. // Extra coverage counters defined by user code.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "FuzzerDefs.h" #include "FuzzerDefs.h"
#if LIBFUZZER_LINUX #if LIBFUZZER_LINUX || LIBFUZZER_NETBSD
__attribute__((weak)) extern uint8_t __start___libfuzzer_extra_counters; __attribute__((weak)) extern uint8_t __start___libfuzzer_extra_counters;
__attribute__((weak)) extern uint8_t __stop___libfuzzer_extra_counters; __attribute__((weak)) extern uint8_t __stop___libfuzzer_extra_counters;
namespace fuzzer { namespace fuzzer {
uint8_t *ExtraCountersBegin() { return &__start___libfuzzer_extra_counters; } uint8_t *ExtraCountersBegin() { return &__start___libfuzzer_extra_counters; }
uint8_t *ExtraCountersEnd() { return &__stop___libfuzzer_extra_counters; } uint8_t *ExtraCountersEnd() { return &__stop___libfuzzer_extra_counters; }
ATTRIBUTE_NO_SANITIZE_ALL ATTRIBUTE_NO_SANITIZE_ALL
void ClearExtraCounters() { // hand-written memset, don't asan-ify. void ClearExtraCounters() { // hand-written memset, don't asan-ify.
Show All 19 Lines

lib/fuzzer/FuzzerUtilLinux.cpp

//===- FuzzerUtilLinux.cpp - Misc utils for Linux. ------------------------===// //===- FuzzerUtilLinux.cpp - Misc utils for Linux. ------------------------===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// Misc utils for Linux. // Misc utils for Linux.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "FuzzerDefs.h" #include "FuzzerDefs.h"
#if LIBFUZZER_LINUX #if LIBFUZZER_LINUX || LIBFUZZER_NETBSD
#include <stdlib.h> #include <stdlib.h>
namespace fuzzer { namespace fuzzer {
int ExecuteCommand(const std::string &Command) { int ExecuteCommand(const std::string &Command) {
return system(Command.c_str()); return system(Command.c_str());
} }
} // namespace fuzzer } // namespace fuzzer
#endif // LIBFUZZER_LINUX #endif // LIBFUZZER_LINUX || LIBFUZZER_NETBSD

lib/fuzzer/afl/afl_driver.cpp

Show First 20 LinesShow All 62 Lines▼ Show 20 Lines
#include <fstream> #include <fstream>
#include <iostream> #include <iostream>
#include <vector> #include <vector>
// Platform detection. Copied from FuzzerInternal.h // Platform detection. Copied from FuzzerInternal.h
#ifdef __linux__ #ifdef __linux__
#define LIBFUZZER_LINUX 1 #define LIBFUZZER_LINUX 1
#define LIBFUZZER_APPLE 0 #define LIBFUZZER_APPLE 0
#define LIBFUZZER_NETBSD 0
#elif __APPLE__ #elif __APPLE__
#define LIBFUZZER_LINUX 0 #define LIBFUZZER_LINUX 0
#define LIBFUZZER_APPLE 1 #define LIBFUZZER_APPLE 1
#define LIBFUZZER_NETBSD 0
#elif __NetBSD__
#define LIBFUZZER_LINUX 0
#define LIBFUZZER_APPLE 0
#define LIBFUZZER_NETBSD 1
#else #else
#error "Support for your platform has not been implemented" #error "Support for your platform has not been implemented"
#endif #endif
// Used to avoid repeating error checking boilerplate. If cond is false, a // Used to avoid repeating error checking boilerplate. If cond is false, a
// fatal error has occured in the program. In this event print error_message // fatal error has occured in the program. In this event print error_message
// to stderr and abort(). Otherwise do nothing. Note that setting // to stderr and abort(). Otherwise do nothing. Note that setting
// AFL_DRIVER_STDERR_DUPLICATE_FILENAME may cause error_message to be appended // AFL_DRIVER_STDERR_DUPLICATE_FILENAME may cause error_message to be appended
Show All 32 Lines
static const char *kExtraStatsFormatString = "peak_rss_mb : %u\n" static const char *kExtraStatsFormatString = "peak_rss_mb : %u\n"
"slowest_unit_time_sec : %u\n"; "slowest_unit_time_sec : %u\n";
// Copied from FuzzerUtil.cpp. // Copied from FuzzerUtil.cpp.
size_t GetPeakRSSMb() { size_t GetPeakRSSMb() {
struct rusage usage; struct rusage usage;
if (getrusage(RUSAGE_SELF, &usage)) if (getrusage(RUSAGE_SELF, &usage))
return 0; return 0;
if (LIBFUZZER_LINUX) { if (LIBFUZZER_LINUX || LIBFUZZER_NETBSD) {
// ru_maxrss is in KiB // ru_maxrss is in KiB
return usage.ru_maxrss >> 10; return usage.ru_maxrss >> 10;
} else if (LIBFUZZER_APPLE) { } else if (LIBFUZZER_APPLE) {
// ru_maxrss is in bytes // ru_maxrss is in bytes
return usage.ru_maxrss >> 20; return usage.ru_maxrss >> 20;
} }
assert(0 && "GetPeakRSSMb() is not implemented for your platform"); assert(0 && "GetPeakRSSMb() is not implemented for your platform");
return 0; return 0;
▲ Show 20 LinesShow All 205 LinesShow Last 20 Lines

lib/fuzzer/tests/CMakeLists.txt

set(LIBFUZZER_UNITTEST_CFLAGS set(LIBFUZZER_UNITTEST_CFLAGS
${COMPILER_RT_UNITTEST_CFLAGS} ${COMPILER_RT_UNITTEST_CFLAGS}
${COMPILER_RT_GTEST_CFLAGS} ${COMPILER_RT_GTEST_CFLAGS}
-I${COMPILER_RT_SOURCE_DIR}/lib/fuzzer -I${COMPILER_RT_SOURCE_DIR}/lib/fuzzer
-fno-rtti -fno-rtti
-Werror -Werror
-O2) -O2)
add_custom_target(FuzzerUnitTests) add_custom_target(FuzzerUnitTests)
set_target_properties(FuzzerUnitTests PROPERTIES FOLDER "Compiler-RT Tests") set_target_properties(FuzzerUnitTests PROPERTIES FOLDER "Compiler-RT Tests")
set(LIBFUZZER_UNITTEST_LINK_FLAGS ${COMPILER_RT_UNITTEST_LINK_FLAGS}) set(LIBFUZZER_UNITTEST_LINK_FLAGS ${COMPILER_RT_UNITTEST_LINK_FLAGS})
if (OS_NAME MATCHES "NetBSD")
kccUnsubmitted
Not Done
ReplyInline Actions

I think this should be fixed on the driver side, i.e. -fsanitize=address (and similar) should add -lrt, as they do on Linux.

kcc: I think this should be fixed on the driver side, i.e. -fsanitize=address (and similar) should…
krytarowskiAuthorUnsubmitted
Not Done
ReplyInline Actions

It might be overlinking.. but for now I will drop this part from the commit.

krytarowski: It might be overlinking.. but for now I will drop this part from the commit.
list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS -lrt)
endif()
list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS --driver-mode=g++) list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS --driver-mode=g++)
if(APPLE) if(APPLE)
list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS -lc++) list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS -lc++)
else() else()
list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS -lstdc++ -lpthread) list(APPEND LIBFUZZER_UNITTEST_LINK_FLAGS -lstdc++ -lpthread)
endif() endif()
Show All 26 Lines