Skip to content

[libFuzzer] always install signal handler with SA_ONSTACK #147422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

randall77
Copy link
Contributor

SA_ONSTACK is required for certain runtimes that use small stacks, for instance the Go runtime.
See golang/go#49075
SA_ONSTACK is a no-op unless someone also calls sigaltstack.

SA_ONSTACK is required for certain runtimes that use small stacks, for instance the Go runtime.
See golang/go#49075
SA_ONSTACK is a no-op unless someone also calls sigaltstack.
@llvmbot
Copy link
Member

llvmbot commented Jul 7, 2025

@llvm/pr-subscribers-compiler-rt-sanitizer

Author: Keith Randall (randall77)

Changes

SA_ONSTACK is required for certain runtimes that use small stacks, for instance the Go runtime.
See golang/go#49075
SA_ONSTACK is a no-op unless someone also calls sigaltstack.


Full diff: https://github.com/llvm/llvm-project/pull/147422.diff

1 Files Affected:

  • (modified) compiler-rt/lib/fuzzer/FuzzerUtilPosix.cpp (+8-4)
diff --git a/compiler-rt/lib/fuzzer/FuzzerUtilPosix.cpp b/compiler-rt/lib/fuzzer/FuzzerUtilPosix.cpp
index 392c1e5be4eea..b6cc3bcf8a3f3 100644
--- a/compiler-rt/lib/fuzzer/FuzzerUtilPosix.cpp
+++ b/compiler-rt/lib/fuzzer/FuzzerUtilPosix.cpp
@@ -78,10 +78,14 @@ static void SetSigaction(int signum,
   }
 
   struct sigaction new_sigact = {};
-  // Address sanitizer needs SA_ONSTACK (causing the signal handler to run on a
-  // dedicated stack) in order to be able to detect stack overflows; keep the
-  // flag if it's set.
-  new_sigact.sa_flags = SA_SIGINFO | (sigact.sa_flags & SA_ONSTACK);
+  // SA_ONSTACK is required for certain runtimes that use small stacks, for
+  // instance the Go runtime.
+  // See https://github.com/golang/go/issues/49075
+  // Address sanitizer also wants SA_ONSTACK, and the fuzzer and sanitizer
+  // often run together.
+  // SA_ONSTACK is a no-op unless someone also calls sigaltstack. That is left
+  // up to code that needs it.
+  new_sigact.sa_flags = SA_SIGINFO | SA_ONSTACK;
   new_sigact.sa_sigaction = callback;
   if (sigaction(signum, &new_sigact, nullptr)) {
     Printf("libFuzzer: sigaction failed with %d\n", errno);

@randall77
Copy link
Contributor Author

Previous patch and discussion on Phabricator. It's been a few years, trying to get this landed.

https://reviews.llvm.org/D150231

Why this matters: it causes random stack corruption in Go when running with libFuzzer. See golang/go#49075 (comment) and subsequent comments.

@dvyukov @sebastianpoeplau @vitalybuka @ramosian-glider

@sebastianpoeplau
Copy link
Contributor

Like I said on the old Phabricator discussion, I think this is good to go in. However, I don't have rights to formally approve or merge 🤷‍♂️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants