llvm-project.git/compiler-rt/test/fuzzer/StackOverflowTest.cpp, branch main Unnamed repository; edit this file 'description' to name the repository. [libFuzzer] Fix stack-overflow-with-asan.test. 2021-05-07T16:18:21+00:00 Matt Morehouse mascasa@google.com 2021-05-07T16:11:45+00:00 f09414499c4717b66baa9581c641e8a636e5dcc1 Fix function return type and remove check for SUMMARY, since it doesn't seem to be output in Windows. 
Fix function return type and remove check for SUMMARY, since it doesn't
seem to be output in Windows.
[libFuzzer] Fix stack overflow detection 2021-05-07T15:18:28+00:00 Sebastian Poeplau poeplau@code-intelligence.com 2021-05-07T15:00:33+00:00 70cbc6dbef7048d3b1aa89a676d96c6ba075b41b Address sanitizer can detect stack exhaustion via its SEGV handler, which is executed on a separate stack using the sigaltstack mechanism. When libFuzzer is used with address sanitizer, it installs its own signal handlers which defer to those put in place by the sanitizer before performing additional actions. In the particular case of a stack overflow, the current setup fails because libFuzzer doesn't preserve the flag for executing the signal handler on a separate stack: when we run out of stack space, the operating system can't run the SEGV handler, so address sanitizer never reports the issue. See the included test for an example. This commit fixes the issue by making libFuzzer preserve the SA_ONSTACK flag when installing its signal handlers; the dedicated signal-handler stack set up by the sanitizer runtime appears to be large enough to support the additional frames from the fuzzer. Reviewed By: morehouse Differential Revision: https://reviews.llvm.org/D101824 
Address sanitizer can detect stack exhaustion via its SEGV handler, which is
executed on a separate stack using the sigaltstack mechanism. When libFuzzer is
used with address sanitizer, it installs its own signal handlers which defer to
those put in place by the sanitizer before performing additional actions. In the
particular case of a stack overflow, the current setup fails because libFuzzer
doesn't preserve the flag for executing the signal handler on a separate stack:
when we run out of stack space, the operating system can't run the SEGV handler,
so address sanitizer never reports the issue. See the included test for an
example.

This commit fixes the issue by making libFuzzer preserve the SA_ONSTACK flag
when installing its signal handlers; the dedicated signal-handler stack set up
by the sanitizer runtime appears to be large enough to support the additional
frames from the fuzzer.

Reviewed By: morehouse

Differential Revision: https://reviews.llvm.org/D101824