From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 19587 invoked from network); 29 Dec 2020 06:15:17 -0000
Received: from mother.openwall.net (195.42.179.200)
  by inbox.vuxu.org with ESMTPUTF8; 29 Dec 2020 06:15:17 -0000
Received: (qmail 3195 invoked by uid 550); 29 Dec 2020 06:15:15 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 3165 invoked from network); 29 Dec 2020 06:15:14 -0000
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:subject:message-id:mime-version
         :content-disposition;
        bh=A4CvCDLwQuy8YfIlVISuV3E/6H2Jn77zovCndwfmMnU=;
        b=dH+Oq2C/U0fnfpPgJ2EblB+wz4vrNeReC9EPLNsLa6YT1EWStCKeL9r3f5Xd1v23Km
         PJK2xwex8jlkgAgVgUYGseWJG2uQjfKlT/6RpBpeBBm33RmKXADlmg8Xs5JrbSHVoyIg
         f3cSgBlVsw18E6gN/7pT432hXMT8Z23F06GzBl0vNeQhrNbCby8wfU6fcMs5Gr9irv6n
         VoNbDM5D34GMi58R2BBSYi3jzE9SpZTzofVzh9qF4cZxa05fXESxOD2pKBKjNiuvg/cy
         qbymQvx26FyCa1WrRIu48cFArunBb+1/Usckd8GlJK8iIlRoYVEzffhVtqaEjJ8chdu1
         +6CQ==
X-Gm-Message-State: AOAM531Ulii6CamnMzijdrg1qbaZV4Q3MYJUkwhqzuwAs9LYsZX/c0D1
	8TuSAKsk9vNsJpZOymxcuBBjMOtqdis=
X-Google-Smtp-Source: ABdhPJwdV6k+y4xQ+YAz9KyflXMh0QYXGAEjOc2Wa6LQX53P/E3JUs/ZVrtcIxqP5WW7kspzmOQlww==
X-Received: by 2002:a17:90b:ec2:: with SMTP id gz2mr2599970pjb.143.1609222502330;
        Mon, 28 Dec 2020 22:15:02 -0800 (PST)
Date: Mon, 28 Dec 2020 22:15:00 -0800
From: Fangrui Song <i@maskray.me>
To: musl@lists.openwall.com
Message-ID: <20201229061500.7eksavfiobh326lk@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
Subject: [musl] sanitizers and musl

With https://reviews.llvm.org/D93848 (and various random fixes I pushed
separately), many sanitizers will build and work on a musl based distribution.
A maintainer said the patch is in a pretty good shape and is very likely
accepted.

For folks who want to play with sanitizers ( https://github.com/llvm/llvm-project )

cmake -GNinja -Hllvm -BRelease -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_PROJECTS='clang;lld;libunwind;compiler-rt;libcxx;libcxxabi' -DLLVM_DEFAULT_TARGET_TRIPLE=x86_64-alpine-linux-musl -DLLVM_TARGETS_TO_BUILD=X86 -DLIBCXX_HAS_MUSL_LIBC=On -DLLVM_APPEND_VC_REV=OFF
ninja -C Release asan cfi msan tsan ubsan

Release/bin/clang -fsanitize=address
Release/bin/clang -fsanitize=memory
Release/bin/clang -fsanitize=thread
Release/bin/clang -fsanitize=undefined
Release/bin/clang -fsanitize=cfi -flto -fvisibility=default

Hopefully this can be available before LLVM 12.0 is branched.

There is currently a CMake issue making check-msan/check-tsan fail to build
with libc++. I filed https://bugs.llvm.org/show_bug.cgi?id=48618 Hope someone
with CMake experience can figure out the solution:) 

(
Are interceptors poking into internals brittle?

Yes and no. sanitizer_platform_limits_posix.h has many structures which assume specific struct layouts.
Functions using them are surely less reliable. For asan (which tracks
addressability)/tsan (which detects concurrency issues in libc functions),
failure to intercept libc functions in many cases just increase false
negatives, which is not an insurmountable problem. For msan (initialized bits),
smaller interception coverage can increase false positives, which is a big problem.)

% ninja check-asan
(known issues:
* ASAN_OPTIONS=fast_unwind_on_malloc=0 odr-violations hangs
)
...
Testing Time: 332.62s
   Unsupported      : 185
   Passed           : 511
   Expectedly Failed:   1
   Failed           :  13

% ninja check-ubsan check-ubsan-minimal check-memprof # all passed

% ninja check-cfi
( all cross-dso/)
...
Testing Time: 8.68s
   Unsupported      : 264
   Passed           :  80
   Expectedly Failed:   8
   Failed           :  32

% ninja check-msan
(Work around a CMake problem (https://bugs.llvm.org/show_bug.cgi?id=48618))
Testing Time: 23.48s
   Unsupported      :   6
   Passed           : 756
   Expectedly Failed:   2
   Failed           :  66

% ninja check-tsan
(Work around a CMake problem (https://bugs.llvm.org/show_bug.cgi?id=48618))
Testing Time: 23.21s
   Unsupported      :  86
   Passed           : 295
   Expectedly Failed:   1
   Failed           :  25