Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_build_soong / b8e593d6001f086d6b600c712c911810c6760335^! / . / cc / sanitize.go
commitb8e593d6001f086d6b600c712c911810c6760335[log] [tgz]
authorMitch Phillips <mitchp@google.com>Wed Oct 09 17:18:59 2019 -0700
committerMitch Phillips <mitchp@google.com>Thu Oct 10 10:53:48 2019 -0700
treeee8c0f7afdfee698126456a9000ca3e93d0d8922
parent5ffade1efbff770215d055cc36932f088e0a4d99 [diff] [blame]
Workaround unexported sancov symbols. Fix multiple sanitizer RT deps.

Fuzz targets currently have dependencies on multiple libclang_rt runtime
libraries when building with ASan/HWAsan on device. This is an error.

This happens as Soong adds the dependency on the ASan/HWASan shared
runtime library. These libraries should provide the required UBSan
components. The clang driver was previously being passed
-fsanitize=fuzzer-no-link at link time, and as it doesn't know about the
already-established dependency on ASan/HWASan, it mistakenly thinks that
there is not runtime providing the UBSan components.

This patch fixes that problem by not adding -fsanitize=fuzzer-no-link to
the link-time flags.

This revealed a underlying issue in the upstream runtime compilation.
Android uses emulated TLS, which changes the symbol names from
<my_symbol_name> to __emutls_v._<my_symbol_name>. In particular, this
fails to account for the '__sancov_lowest_stack' symbol, as it no longer
matches the linker script rule for '__sancov*', and the symbol is no
longer exported in the shared library variant of ASan/HWASan.

This patch works around the discovered issue, which is being tracked in
the linked bug. It disables stack depth instrumentation, and we no
longer depend on this symbol. This means we get a missing sanitizer
coverage feature when fuzzing, but shouldn't be too detrimental.

Bug: 142430592
Test: SANITIZE_TARGET=hwaddress m example_fuzzer && \
readelf -d example_fuzzer # ensure only ONE libclang_rt dep (in this
case, hwasan)

Change-Id: Iea6df55d592a801732511c9b690134367429d62a

diff --git a/cc/sanitize.go b/cc/sanitize.go
index c0a7c63..1009f46 100644
--- a/cc/sanitize.go
+++ b/cc/sanitize.go

@@ -465,7 +465,6 @@
 
 	if Bool(sanitize.Properties.Sanitize.Fuzzer) {
 		flags.CFlags = append(flags.CFlags, "-fsanitize=fuzzer-no-link")
-		flags.LdFlags = append(flags.LdFlags, "-fsanitize=fuzzer-no-link")
 
 		// TODO(b/131771163): LTO and Fuzzer support is mutually incompatible.
 		_, flags.LdFlags = removeFromList("-flto", flags.LdFlags)
@@ -473,6 +472,12 @@
 		flags.LdFlags = append(flags.LdFlags, "-fno-lto")
 		flags.CFlags = append(flags.CFlags, "-fno-lto")
 
+		// TODO(b/142430592): Upstream linker scripts for sanitizer runtime libraries
+		// discard the sancov_lowest_stack symbol, because it's emulated TLS (and thus
+		// doesn't match the linker script due to the "__emutls_v." prefix).
+		flags.LdFlags = append(flags.LdFlags, "-fno-sanitize-coverage=stack-depth")
+		flags.CFlags = append(flags.CFlags, "-fno-sanitize-coverage=stack-depth")
+
 		// TODO(b/133876586): Experimental PM breaks sanitizer coverage.
 		_, flags.CFlags = removeFromList("-fexperimental-new-pass-manager", flags.CFlags)
 		flags.CFlags = append(flags.CFlags, "-fno-experimental-new-pass-manager")
@@ -860,7 +865,8 @@
 			} else {
 				runtimeLibrary = config.ScudoRuntimeLibrary(toolchain)
 			}
-		} else if len(diagSanitizers) > 0 || c.sanitize.Properties.UbsanRuntimeDep {
+		} else if len(diagSanitizers) > 0 || c.sanitize.Properties.UbsanRuntimeDep ||
+			Bool(c.sanitize.Properties.Sanitize.Fuzzer) {
 			runtimeLibrary = config.UndefinedBehaviorSanitizerRuntimeLibrary(toolchain)
 		}