diff options
| author | robot-piglet <[email protected]> | 2025-03-19 13:47:45 +0300 |
|---|---|---|
| committer | robot-piglet <[email protected]> | 2025-03-19 14:01:35 +0300 |
| commit | 61b92aeb846ebc6180fb4c18c85ff10c58093610 (patch) | |
| tree | 12548033bf36969184a00836dcbbdc8b14a7da2c | |
| parent | 28b29535ce7b21a3dde60b485c98f66f8c08f882 (diff) | |
Intermediate changes
commit_hash:ebf6fb6dff099bd6bcfbf201e52dda1751dd76fd
10 files changed, 35 insertions, 102 deletions
diff --git a/contrib/libs/libfuzzer/.yandex_meta/override.nix b/contrib/libs/libfuzzer/.yandex_meta/override.nix index 8455ed91326..7415420b65b 100644 --- a/contrib/libs/libfuzzer/.yandex_meta/override.nix +++ b/contrib/libs/libfuzzer/.yandex_meta/override.nix @@ -1,11 +1,11 @@ pkgs: attrs: with pkgs; with attrs; rec { - version = "19.1.7"; + version = "20.1.0"; src = fetchFromGitHub { owner = "llvm"; repo = "llvm-project"; rev = "llvmorg-${version}"; - hash = "sha256-cZAB5vZjeTsXt9QHbP5xluWNQnAHByHtHnAhVDV0E6I="; + hash = "sha256-86Z8e4ubnHJc1cYHjYPLeQC9eoPF417HYtqg8NAzxts="; }; sourceRoot = "source/compiler-rt"; diff --git a/contrib/libs/libfuzzer/CODE_OWNERS.TXT b/contrib/libs/libfuzzer/CODE_OWNERS.TXT deleted file mode 100644 index bd51a1073cc..00000000000 --- a/contrib/libs/libfuzzer/CODE_OWNERS.TXT +++ /dev/null @@ -1,77 +0,0 @@ -This file is a list of the people responsible for ensuring that patches for a -particular part of compiler-rt are reviewed, either by themself or by -someone else. They are also the gatekeepers for their part of compiler-rt, with -the final word on what goes in or not. - -The list is sorted by surname and formatted to allow easy grepping and -beautification by scripts. The fields are: name (N), email (E), web-address -(W), PGP key ID and fingerprint (P), description (D), and snail-mail address -(S). - -N: Saleem Abdulrasool -D: builtins library - -N: Andrew Browne -D: DataFlowSanitizer - -N: Vitaly Buka -D: Sanitizers - -N: Peter Collingbourne -D: CFI, SafeStack - -N: Lang Hames -D: ORC - -N: Petr Hosek -D: CRT, CMake build - -N: Teresa Johnson -D: MemProf - -N: Kostya Kortchinsky -D: SCUDO - -N: Mitch Phillips -D: GWP ASAN - -N: Alexander Potapenko -D: Sanitizers - -N: Kostya Serebryany -D: AddressSanitizer, sanitizer_common, LeakSanitizer, LibFuzzer - -N: Richard Smith -D: UndefinedBehaviorSanitizer - -N: Evgeniy Stepanov -D: MemorySanitizer, Android port of sanitizers - -N: Dmitry Vyukov -D: ThreadSanitizer - -N: Bill Wendling -D: Profile runtime library - -N: Christopher Apple, David Trevelyan -D: Realtime Sanitizer (RTSan) - -N: Alexander Shaposhnikov -D: Numerical Sanitizer (NSAN) diff --git a/contrib/libs/libfuzzer/include/fuzzer/FuzzedDataProvider.h b/contrib/libs/libfuzzer/include/fuzzer/FuzzedDataProvider.h index 5903ed83791..e57b95b6304 100644 --- a/contrib/libs/libfuzzer/include/fuzzer/FuzzedDataProvider.h +++ b/contrib/libs/libfuzzer/include/fuzzer/FuzzedDataProvider.h @@ -18,6 +18,7 @@ #include <climits> #include <cstddef> #include <cstdint> +#include <cstdlib> #include <cstring> #include <initializer_list> #include <limits> diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h index 48f063c7ee4..64eb35c57a5 100644 --- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h +++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerDictionary.h @@ -29,7 +29,9 @@ public: static_assert(kMaxSizeT <= std::numeric_limits<uint8_t>::max(), "FixedWord::kMaxSizeT cannot fit in a uint8_t."); assert(S <= kMaxSize); - memcpy(Data, B, S); + // memcpy cannot take null pointer arguments even if Size is 0. + if (S) + memcpy(Data, B, S); Size = static_cast<uint8_t>(S); } diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp index 688bad1d51c..566820ae6d1 100644 --- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp +++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerExtFunctionsWindows.cpp @@ -14,6 +14,7 @@ #include "FuzzerExtFunctions.h" #include "FuzzerIO.h" +#include <stdlib.h> using namespace fuzzer; @@ -22,6 +23,11 @@ using namespace fuzzer; #define STRINGIFY(A) STRINGIFY_(A) #if LIBFUZZER_MSVC +#define GET_FUNCTION_ADDRESS(fn) &fn +#else +#define GET_FUNCTION_ADDRESS(fn) __builtin_function_start(fn) +#endif // LIBFUZER_MSVC + // Copied from compiler-rt/lib/sanitizer_common/sanitizer_win_defs.h #if defined(_M_IX86) || defined(__i386__) #define WIN_SYM_PREFIX "_" @@ -31,17 +37,9 @@ using namespace fuzzer; // Declare external functions as having alternativenames, so that we can // determine if they are not defined. -#define EXTERNAL_FUNC(Name, Default) \ - __pragma(comment(linker, "/alternatename:" WIN_SYM_PREFIX STRINGIFY( \ +#define EXTERNAL_FUNC(Name, Default) \ + __pragma(comment(linker, "/alternatename:" WIN_SYM_PREFIX STRINGIFY( \ Name) "=" WIN_SYM_PREFIX STRINGIFY(Default))) -#else -// Declare external functions as weak to allow them to default to a specified -// function if not defined explicitly. We must use weak symbols because clang's -// support for alternatename is not 100%, see -// https://bugs.llvm.org/show_bug.cgi?id=40218 for more details. -#define EXTERNAL_FUNC(Name, Default) \ - __attribute__((weak, alias(STRINGIFY(Default)))) -#endif // LIBFUZZER_MSVC extern "C" { #define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \ @@ -57,20 +55,23 @@ extern "C" { } template <typename T> -static T *GetFnPtr(T *Fun, T *FunDef, const char *FnName, bool WarnIfMissing) { +static T *GetFnPtr(void *Fun, void *FunDef, const char *FnName, + bool WarnIfMissing) { if (Fun == FunDef) { if (WarnIfMissing) Printf("WARNING: Failed to find function \"%s\".\n", FnName); return nullptr; } - return Fun; + return (T *)Fun; } namespace fuzzer { ExternalFunctions::ExternalFunctions() { -#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \ - this->NAME = GetFnPtr<decltype(::NAME)>(::NAME, ::NAME##Def, #NAME, WARN); +#define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \ + this->NAME = GetFnPtr<decltype(::NAME)>(GET_FUNCTION_ADDRESS(::NAME), \ + GET_FUNCTION_ADDRESS(::NAME##Def), \ + #NAME, WARN); #include "FuzzerExtFunctions.def" diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def index 0c6a7e611f6..2d02938f5b6 100644 --- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def +++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerFlags.def @@ -14,8 +14,9 @@ FUZZER_FLAG_UNSIGNED(seed, 0, "Random seed. If 0, seed is generated.") FUZZER_FLAG_INT(runs, -1, "Number of individual test runs (-1 for infinite runs).") FUZZER_FLAG_INT(max_len, 0, "Maximum length of the test input. " - "If 0, libFuzzer tries to guess a good value based on the corpus " - "and reports it. ") + "Contents of corpus files are going to be truncated to this value. " + "If 0, libFuzzer tries to guess a good value based on the corpus " + "and reports it.") FUZZER_FLAG_INT(len_control, 100, "Try generating small inputs first, " "then try larger inputs over time. Specifies the rate at which the length " "limit is increased (smaller == faster). If 0, immediately try inputs with " diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp index bab76b28023..869326d4f9b 100644 --- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp +++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerLoop.cpp @@ -581,6 +581,9 @@ void Fuzzer::CrashOnOverwrittenData() { // Compare two arrays, but not all bytes if the arrays are large. static bool LooseMemeq(const uint8_t *A, const uint8_t *B, size_t Size) { const size_t Limit = 64; + // memcmp cannot take null pointer arguments even if Size is 0. + if (!Size) + return true; if (Size <= 64) return !memcmp(A, B, Size); // Compare first and last Limit/2 bytes. @@ -598,7 +601,9 @@ ATTRIBUTE_NOINLINE bool Fuzzer::ExecuteCallback(const uint8_t *Data, // We copy the contents of Unit into a separate heap buffer // so that we reliably find buffer overflows in it. uint8_t *DataCopy = new uint8_t[Size]; - memcpy(DataCopy, Data, Size); + // memcpy cannot take null pointer arguments even if Size is 0. + if (Size) + memcpy(DataCopy, Data, Size); if (EF->__msan_unpoison) EF->__msan_unpoison(DataCopy, Size); if (EF->__msan_unpoison_param) diff --git a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp index da3eb3cfb34..2db2ea98d5c 100644 --- a/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp +++ b/contrib/libs/libfuzzer/lib/fuzzer/FuzzerUtilWindows.cpp @@ -246,8 +246,8 @@ void SetThreadName(std::thread &thread, const std::string &name) { // from thread.native_handle() here. typedef HRESULT(WINAPI * proc)(HANDLE, PCWSTR); HMODULE kbase = GetModuleHandleA("KernelBase.dll"); - proc ThreadNameProc = - reinterpret_cast<proc>(GetProcAddress(kbase, "SetThreadDescription")); + proc ThreadNameProc = reinterpret_cast<proc>( + (void *)GetProcAddress(kbase, "SetThreadDescription")); if (ThreadNameProc) { std::wstring buf; auto sz = MultiByteToWideChar(CP_UTF8, 0, name.data(), -1, nullptr, 0); diff --git a/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make b/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make index 244f7a51fdc..0315d60cc68 100644 --- a/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make +++ b/contrib/libs/libfuzzer/lib/fuzzer/afl/ya.make @@ -8,7 +8,7 @@ LICENSE_TEXTS(.yandex_meta/licenses.list.txt) SUBSCRIBER(g:cpp-contrib) -VERSION(19.1.7) +VERSION(20.1.0) PEERDIR( contrib/libs/afl/llvm_mode diff --git a/contrib/libs/libfuzzer/ya.make b/contrib/libs/libfuzzer/ya.make index 716902a6721..938438e570f 100644 --- a/contrib/libs/libfuzzer/ya.make +++ b/contrib/libs/libfuzzer/ya.make @@ -12,9 +12,9 @@ LICENSE( LICENSE_TEXTS(.yandex_meta/licenses.list.txt) -VERSION(19.1.7) +VERSION(20.1.0) -ORIGINAL_SOURCE(https://github.com/llvm/llvm-project/archive/llvmorg-19.1.7.tar.gz) +ORIGINAL_SOURCE(https://github.com/llvm/llvm-project/archive/llvmorg-20.1.0.tar.gz) SET(SANITIZER_CFLAGS) |