kcc (Kostya Serebryany)
User

Projects

User does not belong to any projects.

User Details

User Since
Oct 3 2012, 4:55 AM (276 w, 3 d)

Recent Activity

Tue, Jan 16

kcc accepted D42141: [hwasan] LLVM-level flags for linux kernel-compatible hwasan instrumentation..

LGTM

Tue, Jan 16, 4:42 PM
kcc added a comment to D41664: Remove test which assumed array cookies can't be poisoned when using an operator new defined in a class.

How about this:
A -fsanitize-address-poison-all-array-new or similar (it would be all *except* placement new... Haven't got a better name, though).
That way, a user would be able to poison more array-new operators than the current solution. But we wouldn't break any legal C++ code.

Tue, Jan 16, 3:19 PM
kcc accepted D42138: [hwasan] Rename sized load/store callbacks to be consistent with ASan..

LGTM

Tue, Jan 16, 3:15 PM
kcc accepted D42121: [hwasan] Build runtime library with -fPIC, not -fPIE..

LGTM

Tue, Jan 16, 11:14 AM

Fri, Jan 12

kcc added a comment to D41664: Remove test which assumed array cookies can't be poisoned when using an operator new defined in a class.

Technically it is. Just like overriding malloc,

Fri, Jan 12, 12:41 PM

Thu, Jan 11

kcc added inline comments to D41602: [hwasan] Stack instrumentation..
Thu, Jan 11, 2:42 PM
kcc added a comment to D41664: Remove test which assumed array cookies can't be poisoned when using an operator new defined in a class.

Let me rephrase the question.
Is the code in new_array_cookie_with_new_from_class.cc a valid C++?
I.e. is the code allowed to access *reinterpret_cast<uintptr_t*>(Foo::allocated) at line 38?

Thu, Jan 11, 12:59 PM
kcc added inline comments to D41602: [hwasan] Stack instrumentation..
Thu, Jan 11, 12:29 PM
kcc accepted D41602: [hwasan] Stack instrumentation..

LGTM with two nits, feel free to address them separately.

Thu, Jan 11, 12:28 PM

Wed, Jan 10

kcc added a reviewer for D41642: lib Fuzzer FreeBSD support: morehouse.
Wed, Jan 10, 12:58 PM
kcc added a comment to D41664: Remove test which assumed array cookies can't be poisoned when using an operator new defined in a class.

The original commit doesn't provide any rationale for this test,

Wed, Jan 10, 11:37 AM
kcc accepted D41882: [hwasan] An option to disable tag randomization..

LGTM

Wed, Jan 10, 11:18 AM

Dec 21 2017

kcc added a reviewer for D41479: Make detect_invalid_pointer_pairs option to be tristate.: alekseyshl.
Dec 21 2017, 9:00 AM
kcc added a reviewer for D41481: Small fixes for detect_invalid_pointer_pairs.: alekseyshl.
Dec 21 2017, 8:58 AM

Dec 20 2017

kcc accepted D41457: [libfuzzer] Fix UB when calculating Log(0) in StackDepthStepFunction()..

LGTM

Dec 20 2017, 11:10 AM

Dec 19 2017

kcc accepted D41417: [hwasan] Implement -fsanitize-recover=hwaddress..

LGTM with a nit

Dec 19 2017, 4:10 PM
kcc added a comment to D41243: [ASan] Add interceptros for fortified strcat, strncat, strcpy, strncpy..

I suggest to restart the discussion of this topic with the owners of fortify.
So far I am not convinced that we need/want this code in asan.

Dec 19 2017, 11:15 AM · Restricted Project
kcc added a comment to D41243: [ASan] Add interceptros for fortified strcat, strncat, strcpy, strncpy..

The discussion about asan+fortify has been going on for ages and I don't think we ever reached an agreement on how to proceed. Did we?

Dec 19 2017, 10:52 AM · Restricted Project

Dec 18 2017

kcc committed rC321027: [hwasan] update the design doc.
[hwasan] update the design doc
Dec 18 2017, 1:41 PM
kcc committed rL321027: [hwasan] update the design doc.
[hwasan] update the design doc
Dec 18 2017, 1:40 PM

Dec 14 2017

kcc committed rCRT320787: [libFuzzer] make the tests depend on ubsan.
[libFuzzer] make the tests depend on ubsan
Dec 14 2017, 5:40 PM
kcc committed rL320787: [libFuzzer] make the tests depend on ubsan.
[libFuzzer] make the tests depend on ubsan
Dec 14 2017, 5:40 PM

Dec 13 2017

kcc added a comment to D37631: [libFuzzer] Support using libc++.

So I finally ended up with something that works reliably with both libstdc++ and libc++. I plan on doing a bit more cleanup, but a question is what to do on Darwin and Windows. I'm relying on partial linking. That appears to be supported by ld64, but there doesn't seem be the --whole-archive option that we need as well (unless we upgrade CMake to 3.9). On Windows, I don't know if partial linking is supported at all. However, I also don't know if we even need this on Darwin and Windows rather than simply relying on the host C++ library?

Dec 13 2017, 3:43 PM
kcc accepted D41193: [libFuzzer] Add dummy call of LLVMFuzzerTestOneInput to afl_driver..

LGTM
Matt, please land

Dec 13 2017, 1:44 PM
kcc added a comment to D41164: Added a separate install target for compilert-rt-headers.

Aleksey, please review.
Please also remove samsonov@ from owners (he is not active in LLVM any more, AFAICT) and replace with yourself.

Dec 13 2017, 9:45 AM

Dec 12 2017

kcc committed rCRT320531: [libFuzzer] change the strategy for -experimental_len_control to grow max_len….
[libFuzzer] change the strategy for -experimental_len_control to grow max_len…
Dec 12 2017, 3:12 PM
kcc committed rL320531: [libFuzzer] change the strategy for -experimental_len_control to grow max_len….
[libFuzzer] change the strategy for -experimental_len_control to grow max_len…
Dec 12 2017, 3:12 PM
kcc accepted D41137: [hwasan] Inline instrumentation & fixed shadow..

LGTM with one optional question.

Dec 12 2017, 2:58 PM

Dec 9 2017

kcc committed rCRT320259: [libFuzzer] even less aggressive step function for stack depth. Also don't use….
[libFuzzer] even less aggressive step function for stack depth. Also don't use…
Dec 9 2017, 11:18 AM
kcc committed rL320259: [libFuzzer] even less aggressive step function for stack depth. Also don't use….
[libFuzzer] even less aggressive step function for stack depth. Also don't use…
Dec 9 2017, 11:18 AM

Dec 8 2017

kcc committed rCRT320237: [libFuzzer] make the stack depth signal less agressive, otherwise we are….
[libFuzzer] make the stack depth signal less agressive, otherwise we are…
Dec 8 2017, 6:46 PM
kcc committed rL320237: [libFuzzer] make the stack depth signal less agressive, otherwise we are….
[libFuzzer] make the stack depth signal less agressive, otherwise we are…
Dec 8 2017, 6:46 PM
kcc accepted D40935: Hardware-assisted AddressSanitizer (compiler-rt).

LGTM, let's iterate from here.

Dec 8 2017, 3:58 PM
kcc committed rCRT320205: [libFuzzer] honor -use_counters, sligntly change the meaning of….
[libFuzzer] honor -use_counters, sligntly change the meaning of…
Dec 8 2017, 2:22 PM
kcc committed rL320205: [libFuzzer] honor -use_counters, sligntly change the meaning of….
[libFuzzer] honor -use_counters, sligntly change the meaning of…
Dec 8 2017, 2:22 PM
kcc accepted D40974: [libFuzzer] Add support for Fuchsia OS.

Matt, please land.

Dec 8 2017, 1:46 PM
kcc added a comment to D40935: Hardware-assisted AddressSanitizer (compiler-rt).

My top level comment: can we delete all non-aarch64 code?
The arch owners can reinstate it if needed, but they will only need it if/when they have the TBI feature in HW.

Dec 8 2017, 10:37 AM
kcc committed rL320168: [hwasan] typo in docs.
[hwasan] typo in docs
Dec 8 2017, 10:14 AM
kcc committed rC320168: [hwasan] typo in docs.
[hwasan] typo in docs
Dec 8 2017, 10:14 AM

Dec 7 2017

kcc committed rL320075: update hwasan docs.
update hwasan docs
Dec 7 2017, 11:22 AM
kcc committed rC320075: update hwasan docs.
update hwasan docs
Dec 7 2017, 11:22 AM
kcc closed D40938: update hwasan docs by committing rC320075: update hwasan docs.
Dec 7 2017, 11:22 AM
kcc added a comment to D40932: Hardware-assisted AddressSanitizer (llvm part)..

LGTM, please wait for (at least) Aleksey's review.

Dec 7 2017, 11:21 AM
kcc added a comment to D40974: [libFuzzer] Add support for Fuchsia OS.

Common code LGTM

Dec 7 2017, 11:15 AM
kcc updated the diff for D40938: update hwasan docs.

mention https://www.kernel.org/doc/Documentation/arm64/tagged-pointers.txt

Dec 7 2017, 11:04 AM

Dec 6 2017

kcc added inline comments to D40935: Hardware-assisted AddressSanitizer (compiler-rt).
Dec 6 2017, 7:24 PM
kcc accepted D40936: Hardware-assisted AddressSanitizer (clang part)..

LGTM
please give at least Aleksey a chance to review as well.

Dec 6 2017, 7:20 PM
kcc created D40938: update hwasan docs.
Dec 6 2017, 6:28 PM
kcc added inline comments to D40932: Hardware-assisted AddressSanitizer (llvm part)..
Dec 6 2017, 6:11 PM
kcc added a comment to D40932: Hardware-assisted AddressSanitizer (llvm part)..

Please document the new attribute and explain why the old attribute doesn't work for us (there are cases when we need one, but not the other, in both directions)

Dec 6 2017, 5:06 PM
kcc committed rL319988: [libFuzzer] Decrease stack usage in unit tests.
[libFuzzer] Decrease stack usage in unit tests
Dec 6 2017, 3:35 PM
kcc committed rCRT319988: [libFuzzer] Decrease stack usage in unit tests.
[libFuzzer] Decrease stack usage in unit tests
Dec 6 2017, 3:35 PM
kcc closed D40926: [libFuzzer] Decrease stack usage in unit tests.
Dec 6 2017, 3:35 PM
kcc accepted D40926: [libFuzzer] Decrease stack usage in unit tests.

LGTM,
I'll land

Dec 6 2017, 3:33 PM
kcc committed rCRT319975: [libFuzzer] fix a minor regression in printing.
[libFuzzer] fix a minor regression in printing
Dec 6 2017, 2:13 PM
kcc committed rL319975: [libFuzzer] fix a minor regression in printing.
[libFuzzer] fix a minor regression in printing
Dec 6 2017, 2:13 PM
kcc accepted D40921: [libFuzzer] standalone fuzzer: close file after reading.

LGTM, thanks!

Dec 6 2017, 1:54 PM
kcc edited reviewers for D40900: [Sanitizers, test] Fix sanitizer tests on Solaris (PR 33274), added: alekseyshl; removed: samsonov.
Dec 6 2017, 9:59 AM · Restricted Project
kcc added a reviewer for D40898: [Sanitizers] Basic sanitizer Solaris support (PR 33274): alekseyshl.

Too many #ifdefs in the code -- we can not let this in.
Please find a way to reduce (to ~ zero) the number of #ifdefs inside the code.
Prefer to have solaris-specific functionality in separate files.

Dec 6 2017, 9:57 AM · Restricted Project
kcc added a reviewer for D40903: [Sanitizers] Basic Solaris sanitizer support (PR 33274): alekseyshl.
Dec 6 2017, 9:52 AM · Restricted Project
kcc added inline comments to D40899: [Sanitizers, CMake] Basic sanitizer Solaris support (PR 33274).
Dec 6 2017, 9:51 AM · Restricted Project
kcc edited reviewers for D40899: [Sanitizers, CMake] Basic sanitizer Solaris support (PR 33274), added: alekseyshl; removed: samsonov.
Dec 6 2017, 9:49 AM · Restricted Project

Dec 5 2017

kcc added a comment to D40590: [LibFuzzer] Allow fuzzer to be built standalone.

Will https://reviews.llvm.org/D37631 help?

Dec 5 2017, 10:19 AM

Dec 4 2017

kcc committed rL319684: design document for a hardware-assisted memory safety (HWAMS) tool, similar to….
design document for a hardware-assisted memory safety (HWAMS) tool, similar to…
Dec 4 2017, 12:02 PM
kcc committed rC319684: design document for a hardware-assisted memory safety (HWAMS) tool, similar to….
design document for a hardware-assisted memory safety (HWAMS) tool, similar to…
Dec 4 2017, 12:02 PM
kcc closed D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer by committing rC319684: design document for a hardware-assisted memory safety (HWAMS) tool, similar to….
Dec 4 2017, 12:02 PM

Dec 1 2017

kcc added a comment to D40385: [mips][compiler-rt] Provide 64bit atomic add and sub.

This change introduces more ifdefs to this file, which is bad.
It already has one ifdef -- and that one is already for "defined(_MIPS_SIM)"
Please don't introduce any more ifdefs, instead please add a new file (something_something_mips.h) and remove the only ifdef from here.

Dec 1 2017, 3:40 PM
kcc committed rCRT319590: [libFuzzer] add a flag -malloc_limit_mb.
[libFuzzer] add a flag -malloc_limit_mb
Dec 1 2017, 2:12 PM
kcc committed rL319590: [libFuzzer] add a flag -malloc_limit_mb.
[libFuzzer] add a flag -malloc_limit_mb
Dec 1 2017, 2:12 PM
kcc committed rCRT319572: [libFuzzer] remove stale flags; NFC.
[libFuzzer] remove stale flags; NFC
Dec 1 2017, 11:24 AM
kcc committed rL319572: [libFuzzer] remove stale flags; NFC.
[libFuzzer] remove stale flags; NFC
Dec 1 2017, 11:24 AM
kcc committed rCRT319571: [libFuzzer] add an experimental search heuristic flag -reduce_depth.
[libFuzzer] add an experimental search heuristic flag -reduce_depth
Dec 1 2017, 11:19 AM
kcc committed rL319571: [libFuzzer] add an experimental search heuristic flag -reduce_depth.
[libFuzzer] add an experimental search heuristic flag -reduce_depth
Dec 1 2017, 11:19 AM

Nov 30 2017

kcc updated the diff for D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.

Rename the new tool to HWASAN

Nov 30 2017, 3:34 PM
kcc accepted D40666: [sanitizer] Use MADV_FREE on Darwin/BSD to release pages to the OS.

LGTM.

Nov 30 2017, 2:56 PM · Restricted Project
kcc added a comment to D40666: [sanitizer] Use MADV_FREE on Darwin/BSD to release pages to the OS.

Will this even build on Linux?
I don't see MADV_FREE in /usr/include

Nov 30 2017, 1:43 PM · Restricted Project

Nov 29 2017

kcc committed rL319397: [libFuzzer] mention one more trophie in the Linux Kernel.
[libFuzzer] mention one more trophie in the Linux Kernel
Nov 29 2017, 6:27 PM
kcc added a comment to D37631: [libFuzzer] Support using libc++.

could you please also add a lit test that uses -stdlib=libc++?

Nov 29 2017, 4:56 PM
kcc added a reviewer for D37631: [libFuzzer] Support using libc++: morehouse.

Matt, please also take a look.

Nov 29 2017, 4:28 PM
kcc updated the diff for D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.

rephrase the sources of asan overhead

Nov 29 2017, 11:49 AM

Nov 28 2017

kcc updated the diff for D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.

mention alternatives for memory access instrumentation

Nov 28 2017, 8:17 PM
kcc accepted D40592: [LibFuzzer] Add Android to LibFuzzer's supported OSes.

LGTM

Nov 28 2017, 5:40 PM
kcc added a comment to D40590: [LibFuzzer] Allow fuzzer to be built standalone.

Do you need an LLVM cmake rule for that?

Nov 28 2017, 5:38 PM
kcc added inline comments to D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.
Nov 28 2017, 5:36 PM
kcc added a comment to D40590: [LibFuzzer] Allow fuzzer to be built standalone.

kongyi , what exactly are you trying to achieve?

Nov 28 2017, 5:29 PM
kcc added inline comments to D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.
Nov 28 2017, 1:50 PM
kcc updated the diff for D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.

addressed comments

Nov 28 2017, 1:48 PM
kcc updated the diff for D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.

minor edit (explained shadow)

Nov 28 2017, 10:22 AM
kcc created D40568: design document for a hardware-assisted memory safety (HWAMS) tool, similar to AddressSanitizer.
Nov 28 2017, 10:15 AM
kcc accepted D40565: [LibFuzzer] Improve comments on `CounterToFeature()` function..

LGTM, thanks!
Do you need us to land it?
If so, Matt will do it.

Nov 28 2017, 9:31 AM

Nov 27 2017

kcc added a comment to D15154: [sanitizer_common] Suspend output to stdout/file if callback is set.
  • I see two independent changes here. If so, please split them into two patches
  • most changes need tests.
  • Maybe instead of doing this, introduce some logic to treat log_path=/dev/null as a special supported case?
Nov 27 2017, 4:55 PM
kcc added a comment to D40376: [LibFuzzer] Fix `CounterToFeature()` so that it doesn't ignore the 6th bit..
In D40376#935496, @kcc wrote:

Why do you think this is a bug?
The user-provided counter is a counter, not a bit set.

I thought this was a bug because initially I thought the counters were supposed to be bit set. I realised much later when I ran into the TableLookupTest.cpp test that it was not your intention was for "__libfuzzer_extra_counters to be a bit set.
However questions still remain and I thought illustrating my thoughts with a patch might be easier to understand.

  • Why is CounterToFeature() implemented the way it currently is? The obvious implementation is the one I sketch in the patch that treats each bit in the 8-bit counter as a "new feature". With that implementation we would record new features when the counter hits values [1, 2, 4, 8, 16, 32, 64, 128] (i.e. a bit set). In the current implementation we record new features when the counter hits values [1, 2, 3, 4, 8, 16, 32, 128]. It is not obvious why you've done this so I think it would be good to provide an explanation and put that in comments for the CounterToFeature() function. My guess is that you wanted events occurring a very small number (<=4) of times to be treated as features, hence the initially linear behaviour of CounterToFeature() that then becomes (sort of) exponential after 4 events have occurred.
Nov 27 2017, 12:53 PM

Nov 26 2017

kcc added a comment to D40376: [LibFuzzer] Fix `CounterToFeature()` so that it doesn't ignore the 6th bit..

Why do you think this is a bug?
The user-provided counter is a counter, not a bit set.

Nov 26 2017, 11:02 PM

Nov 16 2017

kcc committed rL318453: [libFuzzer] add more tests for merge.
[libFuzzer] add more tests for merge
Nov 16 2017, 12:26 PM
kcc committed rL318439: [libFuzzer] add docs for -reduce_inputs.
[libFuzzer] add docs for -reduce_inputs
Nov 16 2017, 10:59 AM
kcc added inline comments to D40103: [libFuzzer] Encapsulate commands in a class.
Nov 16 2017, 10:39 AM
kcc added a reviewer for D40103: [libFuzzer] Encapsulate commands in a class: morehouse.

Nice, thank you!
Do I understand correctly that this is a no-functional-change-intended change?

Nov 16 2017, 10:37 AM

Nov 15 2017

kcc committed rL318376: [libFuzzer] disable test/fuzzer/merge-sigusr.test on Mac while investigating….
[libFuzzer] disable test/fuzzer/merge-sigusr.test on Mac while investigating…
Nov 15 2017, 8:52 PM
kcc added inline comments to D39471: [asan] Fix small X86_64 ShadowOffset for non-default shadow scale.
Nov 15 2017, 2:30 PM
kcc committed rL318303: libfuzzer: Fix file listing on some filesystems.
libfuzzer: Fix file listing on some filesystems
Nov 15 2017, 8:46 AM