This is an archive of the discontinued LLVM Phabricator instance.

Differential D75633

[hwasan_symbolize] Make hwasan_symbolize compatible with Android fuzzing out-of-box.
AbandonedPublic

Authored by hctim on Mar 4 2020, 11:43 AM.

Details

Reviewers
eugenis
Summary

hwasan_symbolize assumes that all the symoblized binaries and DSO's are under $ANDROID_PRODUCT_OUT/symbols. This is not the case
with cc_fuzz targets on Android, as they have fully symbolized binaries and DSO/s under $ANDROID_PRODUCT_OUT/data/fuzz, with
no corresponding entry under /symbols.

Add just the raw $ANDROID_PRODUCT_OUT as a symbol search path.

Diff Detail

Event Timeline

hctim created this revision.Mar 4 2020, 11:43 AM
Herald added projects: Restricted Project, Restricted Project. · View Herald TranscriptMar 4 2020, 11:43 AM
Herald added subscribers: llvm-commits, Restricted Project. · View Herald Transcript
eugenis added inline comments.Mar 5 2020, 4:43 PM
compiler-rt/lib/hwasan/scripts/hwasan_symbolize
204

It's not about /data/fuzz specifically. Maybe say that we fallback to $ANDROID_PRODUCT_OUT if the binary can not be found under "symbols" because some targets (ex. fuzzers) install unstripped binaries to the device.

Is this something that should be (could be?) fixed on the Android side? It's the common convention to put unstripped binaries under symbols. Ex. apex generation goes to great lengths to set up paths under symbols/ to match runtime mount path of the apex on device.

hctim abandoned this revision.Mar 6 2020, 9:40 AM
hctim marked an inline comment as done.
hctim added inline comments.
compiler-rt/lib/hwasan/scripts/hwasan_symbolize
204

Yeah, agreed. Symbol reexporting available here: https://android-review.googlesource.com/c/platform/build/soong/+/1252144

Revision Contents

PathSize
compiler-rt/
lib/
hwasan/
scripts/
3 lines

Diff 248265

compiler-rt/lib/hwasan/scripts/hwasan_symbolize

Show First 20 LinesShow All 194 Lines▼ Show 20 Lines
args = parser.parse_args() args = parser.parse_args()
# Unstripped binaries location. # Unstripped binaries location.
binary_prefixes = args.symbols or [] binary_prefixes = args.symbols or []
if not binary_prefixes: if not binary_prefixes:
if 'ANDROID_PRODUCT_OUT' in os.environ: if 'ANDROID_PRODUCT_OUT' in os.environ:
product_out = os.path.join(os.environ['ANDROID_PRODUCT_OUT'], 'symbols') product_out = os.path.join(os.environ['ANDROID_PRODUCT_OUT'], 'symbols')
binary_prefixes.append(product_out) binary_prefixes.append(product_out)
# The Android fuzzing `/data/fuzz` out directory contains executables with
# symbols.
eugenisUnsubmitted
Not Done
ReplyInline Actions

It's not about /data/fuzz specifically. Maybe say that we fallback to $ANDROID_PRODUCT_OUT if the binary can not be found under "symbols" because some targets (ex. fuzzers) install unstripped binaries to the device.

Is this something that should be (could be?) fixed on the Android side? It's the common convention to put unstripped binaries under symbols. Ex. apex generation goes to great lengths to set up paths under symbols/ to match runtime mount path of the apex on device.

eugenis: It's not about /data/fuzz specifically. Maybe say that we fallback to $ANDROID_PRODUCT_OUT if…
hctimAuthorUnsubmitted
Done
ReplyInline Actions

Yeah, agreed. Symbol reexporting available here: https://android-review.googlesource.com/c/platform/build/soong/+/1252144

hctim: Yeah, agreed. Symbol reexporting available here: https://android-review.googlesource.
binary_prefixes.append(os.environ['ANDROID_PRODUCT_OUT'])
for p in binary_prefixes: for p in binary_prefixes:
if not os.path.isdir(p): if not os.path.isdir(p):
print >>sys.stderr, "Symbols path does not exist or is not a directory:", p print >>sys.stderr, "Symbols path does not exist or is not a directory:", p
sys.exit(1) sys.exit(1)
# Source location. # Source location.
paths_to_cut = args.source or [] paths_to_cut = args.source or []
▲ Show 20 LinesShow All 75 LinesShow Last 20 Lines