xst: disable lsan when xs exit imminent #1067
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mkellner
pushed a commit
that referenced
this pull request
Mar 21, 2023
|
Closing as this got merged outside PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR affects only oss-fuzz build target for xst.
When ASAN is enabled, by default it reports all allocated memory at exit as memory leaks. However, this interferes with patterns that do not free memory when program exit is imminent as the allocated memory will be reclaimed at exit anyway. In XS, generally this is the case when fatal errors occur; those reports are not true memory leaks.
Libfuzzer, as an in-process fuzzer, additionally tracks the ratio of
malloctofreecalls during each test case to determine if it should call LeakSanitizer's interface for on-demand leak detection. It uses the on-demand check to find leaks during test cases instead of ASAN's default at exit detection.Ideally, we want leak detection to work, while not reporting leaks that would have been immediately freed at program exit.
To do this, we implement
__lsan_is_turned_offto disallow leak checking at certain parts of the program, independent of whether libfuzzer enables or disables lsan internally. The documentation states that it must return a constant value, but for our case it works as expected (lsan check impl for reference). With this change, we no longer need to suppress callsites where allocations may not be freed on fatal errors.Tested against all current variants of false-positive memory leaks, and they no longer reproduce.
A tradeoff may be more out-of-memory issues reported, since libfuzzer is in-process and does not exit when XS would exit.