From 5cf322b94150fb6c2a6c1e1212779eef28e0a108 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 21 Jun 2024 13:27:49 +0200 Subject: [PATCH 01/43] add service file for build.opensuse.org Change-Id: I29170db8c53159f7590981e42e8608ddb817d089 --- _service | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 _service diff --git a/_service b/_service new file mode 100644 index 00000000..ed1bc588 --- /dev/null +++ b/_service @@ -0,0 +1,12 @@ + + + github.com + https + /intel/pcm/archive/master.zip + + + github.com + https + /intel/pcm/archive/master.tar.gz + +raw.githubusercontent.comhttps/intel/pcm/master/pcm.spec From 4bf73258c7294f47632aa0fd2a49f233f0e0ee9e Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 21 Jun 2024 15:36:49 +0200 Subject: [PATCH 02/43] add PCM_HARDENING_FLAGS Change-Id: Ie1900493467cf85166cf569efab49884079f97e3 --- CMakeLists.txt | 5 +++-- src/CMakeLists.txt | 2 ++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 559aee9a..a4ff09fe 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,9 +82,10 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set (PCM_DYNAMIC "") endif() - set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC}") + set(PCM_HARDENING_FLAGS "-fPIE") + set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") - set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC}") + set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") if(FREE_BSD) set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -lexecinfo") set(CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -lexecinfo") diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 6e1a82cc..d279d2e8 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -32,6 +32,8 @@ if(UNIX) # LINUX, FREE_BSD, APPLE $<$:PCM_SILENT> ) + target_compile_options(PCM_STATIC_SILENT PRIVATE "-fPIC") + # libpcm.so add_library(PCM_SHARED SHARED pcm-core.cpp) # PCM_SILENT in Release* for pcm-core.cpp From 211e11dc1242f10db32954a484b400b13bb0080d Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 21 Jun 2024 15:54:21 +0200 Subject: [PATCH 03/43] add -fstack-protector option Change-Id: I39c34d420bd200da8e2b62ebbcaaf520cae1d3a4 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a4ff09fe..52ebae5e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,7 +82,7 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set (PCM_DYNAMIC "") endif() - set(PCM_HARDENING_FLAGS "-fPIE") + set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector") set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") From af97dd156225a779d24c7baba6935b24b102f4f9 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 21 Jun 2024 16:46:25 +0200 Subject: [PATCH 04/43] add -D_FORTIFY_SOURCE=2 Change-Id: I50ea80a71737a4cf204d6df4909aa28e89f85a49 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 52ebae5e..bae9425a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,7 +82,7 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set (PCM_DYNAMIC "") endif() - set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector") + set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2") set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") From 5e4c279c5cbd3ef895fc277b782485d23f862567 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Sat, 22 Jun 2024 16:09:18 +0200 Subject: [PATCH 05/43] added corpus for urltest-fuzz --- tests/urltest-fuzz.corpus/url_0.txt | 1 + tests/urltest-fuzz.corpus/url_1.txt | 1 + tests/urltest-fuzz.corpus/url_10.txt | 1 + tests/urltest-fuzz.corpus/url_11.txt | 1 + tests/urltest-fuzz.corpus/url_12.txt | 1 + tests/urltest-fuzz.corpus/url_13.txt | 1 + tests/urltest-fuzz.corpus/url_14.txt | 1 + tests/urltest-fuzz.corpus/url_15.txt | 1 + tests/urltest-fuzz.corpus/url_16.txt | 1 + tests/urltest-fuzz.corpus/url_17.txt | 1 + tests/urltest-fuzz.corpus/url_18.txt | 1 + tests/urltest-fuzz.corpus/url_19.txt | 1 + tests/urltest-fuzz.corpus/url_2.txt | 1 + tests/urltest-fuzz.corpus/url_20.txt | Bin 0 -> 21 bytes tests/urltest-fuzz.corpus/url_3.txt | 1 + tests/urltest-fuzz.corpus/url_4.txt | 1 + tests/urltest-fuzz.corpus/url_5.txt | 1 + tests/urltest-fuzz.corpus/url_6.txt | 1 + tests/urltest-fuzz.corpus/url_7.txt | 1 + tests/urltest-fuzz.corpus/url_8.txt | 1 + tests/urltest-fuzz.corpus/url_9.txt | 1 + 21 files changed, 20 insertions(+) create mode 100644 tests/urltest-fuzz.corpus/url_0.txt create mode 100644 tests/urltest-fuzz.corpus/url_1.txt create mode 100644 tests/urltest-fuzz.corpus/url_10.txt create mode 100644 tests/urltest-fuzz.corpus/url_11.txt create mode 100644 tests/urltest-fuzz.corpus/url_12.txt create mode 100644 tests/urltest-fuzz.corpus/url_13.txt create mode 100644 tests/urltest-fuzz.corpus/url_14.txt create mode 100644 tests/urltest-fuzz.corpus/url_15.txt create mode 100644 tests/urltest-fuzz.corpus/url_16.txt create mode 100644 tests/urltest-fuzz.corpus/url_17.txt create mode 100644 tests/urltest-fuzz.corpus/url_18.txt create mode 100644 tests/urltest-fuzz.corpus/url_19.txt create mode 100644 tests/urltest-fuzz.corpus/url_2.txt create mode 100644 tests/urltest-fuzz.corpus/url_20.txt create mode 100644 tests/urltest-fuzz.corpus/url_3.txt create mode 100644 tests/urltest-fuzz.corpus/url_4.txt create mode 100644 tests/urltest-fuzz.corpus/url_5.txt create mode 100644 tests/urltest-fuzz.corpus/url_6.txt create mode 100644 tests/urltest-fuzz.corpus/url_7.txt create mode 100644 tests/urltest-fuzz.corpus/url_8.txt create mode 100644 tests/urltest-fuzz.corpus/url_9.txt diff --git a/tests/urltest-fuzz.corpus/url_0.txt b/tests/urltest-fuzz.corpus/url_0.txt new file mode 100644 index 00000000..f3ae20c8 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_0.txt @@ -0,0 +1 @@ +http://otto:test@www.intel.com/~otto/file1.txt diff --git a/tests/urltest-fuzz.corpus/url_1.txt b/tests/urltest-fuzz.corpus/url_1.txt new file mode 100644 index 00000000..4454f14f --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_1.txt @@ -0,0 +1 @@ +file://localhost/c/mnt/cd/file2.txt diff --git a/tests/urltest-fuzz.corpus/url_10.txt b/tests/urltest-fuzz.corpus/url_10.txt new file mode 100644 index 00000000..249db60f --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_10.txt @@ -0,0 +1 @@ +https://intc.com/request? diff --git a/tests/urltest-fuzz.corpus/url_11.txt b/tests/urltest-fuzz.corpus/url_11.txt new file mode 100644 index 00000000..d1c40fdc --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_11.txt @@ -0,0 +1 @@ +htt:ps//www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_12.txt b/tests/urltest-fuzz.corpus/url_12.txt new file mode 100644 index 00000000..a7c5eea4 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_12.txt @@ -0,0 +1 @@ +http://www.intel.com:66666/ diff --git a/tests/urltest-fuzz.corpus/url_13.txt b/tests/urltest-fuzz.corpus/url_13.txt new file mode 100644 index 00000000..7d3bc6dc --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_13.txt @@ -0,0 +1 @@ +http:/// diff --git a/tests/urltest-fuzz.corpus/url_14.txt b/tests/urltest-fuzz.corpus/url_14.txt new file mode 100644 index 00000000..65577448 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_14.txt @@ -0,0 +1 @@ +http://[1234::1234::1234/ diff --git a/tests/urltest-fuzz.corpus/url_15.txt b/tests/urltest-fuzz.corpus/url_15.txt new file mode 100644 index 00000000..0934089d --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_15.txt @@ -0,0 +1 @@ +http://@www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_16.txt b/tests/urltest-fuzz.corpus/url_16.txt new file mode 100644 index 00000000..57caad81 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_16.txt @@ -0,0 +1 @@ +http://otto@:www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_17.txt b/tests/urltest-fuzz.corpus/url_17.txt new file mode 100644 index 00000000..a052eef7 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_17.txt @@ -0,0 +1 @@ +https://:@www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_18.txt b/tests/urltest-fuzz.corpus/url_18.txt new file mode 100644 index 00000000..f62579db --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_18.txt @@ -0,0 +1 @@ +https://user:@www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_19.txt b/tests/urltest-fuzz.corpus/url_19.txt new file mode 100644 index 00000000..2eab4d7f --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_19.txt @@ -0,0 +1 @@ +http:www.intel.com/ diff --git a/tests/urltest-fuzz.corpus/url_2.txt b/tests/urltest-fuzz.corpus/url_2.txt new file mode 100644 index 00000000..65b8f7f2 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_2.txt @@ -0,0 +1 @@ +ftp://otto%40yahoo.com:abcd%3B1234@www.intel.com:30/xyz.php?a=1&t=3 diff --git a/tests/urltest-fuzz.corpus/url_20.txt b/tests/urltest-fuzz.corpus/url_20.txt new file mode 100644 index 0000000000000000000000000000000000000000..d6e1b3d710e00a7ca98dd06022a71a01712d4266 GIT binary patch literal 21 ccmc~ODJihh*Do(;U|=XJF3C+S%I4w%07{_-UjP6A literal 0 HcmV?d00001 diff --git a/tests/urltest-fuzz.corpus/url_3.txt b/tests/urltest-fuzz.corpus/url_3.txt new file mode 100644 index 00000000..a17968b6 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_3.txt @@ -0,0 +1 @@ +gopher://otto@hostname1.intel.com:8080/file3.zyx diff --git a/tests/urltest-fuzz.corpus/url_4.txt b/tests/urltest-fuzz.corpus/url_4.txt new file mode 100644 index 00000000..bb770d2a --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_4.txt @@ -0,0 +1 @@ +www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_5.txt b/tests/urltest-fuzz.corpus/url_5.txt new file mode 100644 index 00000000..5c7c51b6 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_5.txt @@ -0,0 +1 @@ +http://www.blah.org/file.html#firstmark diff --git a/tests/urltest-fuzz.corpus/url_6.txt b/tests/urltest-fuzz.corpus/url_6.txt new file mode 100644 index 00000000..31993c8b --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_6.txt @@ -0,0 +1 @@ +http://www.blah.org/file.html#firstmark%21%23 diff --git a/tests/urltest-fuzz.corpus/url_7.txt b/tests/urltest-fuzz.corpus/url_7.txt new file mode 100644 index 00000000..2fbb50c4 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_7.txt @@ -0,0 +1 @@ +localhost diff --git a/tests/urltest-fuzz.corpus/url_8.txt b/tests/urltest-fuzz.corpus/url_8.txt new file mode 100644 index 00000000..412ad609 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_8.txt @@ -0,0 +1 @@ +https://www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_9.txt b/tests/urltest-fuzz.corpus/url_9.txt new file mode 100644 index 00000000..869300d6 --- /dev/null +++ b/tests/urltest-fuzz.corpus/url_9.txt @@ -0,0 +1 @@ +://google.com/ From b6f2b6762c251ca973e5d8ea9a7c3d90901a0a79 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Sat, 22 Jun 2024 16:33:47 +0200 Subject: [PATCH 06/43] use the corpus and refactor fuzz.sh --- tests/fuzz.sh | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/tests/fuzz.sh b/tests/fuzz.sh index 2a94779d..064d85e7 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -1,14 +1,16 @@ export PCM_ENFORCE_MBM="1" +factor=100 + CC=`which clang` CXX=`which clang++` cmake .. -DCMAKE_BUILD_TYPE=Debug -DFUZZ=1 && mkdir -p corpus && make urltest-fuzz pcm-fuzz pcm-memory-fuzz -j && -LLVM_PROFILE_FILE="urltest.profraw" bin/tests/urltest-fuzz -max_total_time=1000 corpus > /dev/null && -LLVM_PROFILE_FILE="pcm.profraw" bin/tests/pcm-fuzz -max_total_time=500 corpus > /dev/null && -LLVM_PROFILE_FILE="pcm.no_perf.profraw" PCM_NO_PERF=1 bin/tests/pcm-fuzz -max_total_time=500 corpus > /dev/null && -LLVM_PROFILE_FILE="pcm.uncore_perf.profraw" PCM_USE_UNCORE_PERF=1 bin/tests/pcm-fuzz -max_total_time=500 corpus > /dev/null && -LLVM_PROFILE_FILE="pcm.nmi_watchdog.profraw" PCM_KEEP_NMI_WATCHDOG=1 bin/tests/pcm-fuzz -max_total_time=100 corpus > /dev/null && -LLVM_PROFILE_FILE="pcm-memory.profraw" bin/tests/pcm-memory-fuzz -max_total_time=1000 corpus > /dev/null && +rm -rf corpus/* && cp ../tests/urltest-fuzz.corpus/* corpus/ && LLVM_PROFILE_FILE="urltest.profraw" bin/tests/urltest-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && +rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.profraw" bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && +rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.no_perf.profraw" PCM_NO_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && +rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.uncore_perf.profraw" PCM_USE_UNCORE_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && +rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.nmi_watchdog.profraw" PCM_KEEP_NMI_WATCHDOG=1 bin/tests/pcm-fuzz -max_total_time=$((1 * $factor)) corpus > /dev/null && +rm -rf corpus/* && LLVM_PROFILE_FILE="pcm-memory.profraw" bin/tests/pcm-memory-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && llvm-profdata merge -sparse urltest.profraw pcm.profraw pcm.no_perf.profraw pcm.uncore_perf.profraw pcm.nmi_watchdog.profraw pcm-memory.profraw -o all.profdata && llvm-cov report --summary-only -object ./bin/tests/pcm-fuzz -object ./bin/tests/urltest-fuzz -object ./bin/tests/pcm-memory-fuzz -instr-profile=all.profdata | tee report.txt From 1692c5ea642fa22b217320067c87830a21287949 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Mon, 24 Jun 2024 14:38:29 +0200 Subject: [PATCH 07/43] add fuzzer for pcm-sensor-server --- src/pcm-sensor-server.cpp | 2 + tests/CMakeLists.txt | 4 +- tests/fuzz.sh | 43 +++++++- tests/pcm-sensor-server-fuzz.cpp | 174 +++++++++++++++++++++++++++++++ 4 files changed, 218 insertions(+), 5 deletions(-) create mode 100644 tests/pcm-sensor-server-fuzz.cpp diff --git a/src/pcm-sensor-server.cpp b/src/pcm-sensor-server.cpp index 57d7e42f..ea5d1793 100644 --- a/src/pcm-sensor-server.cpp +++ b/src/pcm-sensor-server.cpp @@ -1170,8 +1170,10 @@ class Server { SignalHandler* shi = SignalHandler::getInstance(); shi->setSocket( serverSocket_ ); shi->ignoreSignal( SIGPIPE ); // Sorry Dennis Ritchie, we do not care about this, we always check return codes + #ifndef UNIT_TEST // libFuzzer installs own signal handlers shi->installHandler( SignalHandler::handleSignal, SIGTERM ); shi->installHandler( SignalHandler::handleSignal, SIGINT ); + #endif } Server( Server const & ) = delete; Server & operator = ( Server const & ) = delete; diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index a55a15c5..eb78bb67 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -20,11 +20,11 @@ endif(UNIX) if(FUZZ) add_executable(urltest-fuzz urltest-fuzz.cpp) - # TODO add_executable(pcm-sensor-server-fuzz pcm-sensor-server-fuzz.cpp) + add_executable(pcm-sensor-server-fuzz pcm-sensor-server-fuzz.cpp) add_executable(pcm-fuzz pcm-fuzz.cpp) add_executable(pcm-memory-fuzz pcm-memory-fuzz.cpp) target_link_libraries(urltest-fuzz Threads::Threads PCM_STATIC) - # TODO: target_link_libraries(pcm-sensor-server-fuzz Threads::Threads PCM_STATIC) + target_link_libraries(pcm-sensor-server-fuzz Threads::Threads PCM_STATIC) target_link_libraries(pcm-fuzz Threads::Threads PCM_STATIC) target_link_libraries(pcm-memory-fuzz Threads::Threads PCM_STATIC) endif() diff --git a/tests/fuzz.sh b/tests/fuzz.sh index 064d85e7..d2b5e331 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -4,13 +4,50 @@ export PCM_ENFORCE_MBM="1" factor=100 CC=`which clang` CXX=`which clang++` cmake .. -DCMAKE_BUILD_TYPE=Debug -DFUZZ=1 && mkdir -p corpus && -make urltest-fuzz pcm-fuzz pcm-memory-fuzz -j && +make urltest-fuzz \ + pcm-fuzz \ + pcm-memory-fuzz \ + pcm-sensor-server-fuzz \ + -j && +rm -rf corpus/* && +printf "GET / HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/1 && +printf "GET /metrics HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/2 && +printf "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/3 && +printf "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/3.1 && +printf "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/3.2 && +printf "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/4 && +printf "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/4.1 && +printf "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/4.2 && +printf "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/5 && +printf "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/5.1 && +printf "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/5.2 && +printf "GET /persecond/100 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/6 && +printf "GET /metrics HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/7 && +printf "GET /dashboard/influxdb HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/8 && +printf "GET /dashboard/prometheus HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/9 && +printf "GET /dashboard/prometheus/default HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/10 && +printf "GET /dashboard HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/11 && +printf "GET /favicon.ico HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/12 && +LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && cp ../tests/urltest-fuzz.corpus/* corpus/ && LLVM_PROFILE_FILE="urltest.profraw" bin/tests/urltest-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.profraw" bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.no_perf.profraw" PCM_NO_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.uncore_perf.profraw" PCM_USE_UNCORE_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.nmi_watchdog.profraw" PCM_KEEP_NMI_WATCHDOG=1 bin/tests/pcm-fuzz -max_total_time=$((1 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm-memory.profraw" bin/tests/pcm-memory-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && -llvm-profdata merge -sparse urltest.profraw pcm.profraw pcm.no_perf.profraw pcm.uncore_perf.profraw pcm.nmi_watchdog.profraw pcm-memory.profraw -o all.profdata && -llvm-cov report --summary-only -object ./bin/tests/pcm-fuzz -object ./bin/tests/urltest-fuzz -object ./bin/tests/pcm-memory-fuzz -instr-profile=all.profdata | tee report.txt +llvm-profdata merge -sparse \ + urltest.profraw \ + pcm.profraw \ + pcm.no_perf.profraw \ + pcm.uncore_perf.profraw \ + pcm.nmi_watchdog.profraw \ + pcm-memory.profraw \ + pcm-sensor-server.profraw \ + -o all.profdata && +llvm-cov report --summary-only \ + -object ./bin/tests/pcm-fuzz \ + -object ./bin/tests/urltest-fuzz \ + -object ./bin/tests/pcm-memory-fuzz \ + -object ./bin/tests/pcm-sensor-server-fuzz \ + -instr-profile=all.profdata | tee report.txt diff --git a/tests/pcm-sensor-server-fuzz.cpp b/tests/pcm-sensor-server-fuzz.cpp new file mode 100644 index 00000000..35bd4e89 --- /dev/null +++ b/tests/pcm-sensor-server-fuzz.cpp @@ -0,0 +1,174 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define UNIT_TEST 1 + +#include "../src/pcm-sensor-server.cpp" + +#undef UNIT_TEST + +int port = 0; + +bool waitForPort(int port, int timeoutSeconds) { + int sockfd; + struct sockaddr_in address; + bool isBound = false; + time_t startTime = time(nullptr); + + // Create a socket + sockfd = socket(AF_INET, SOCK_STREAM, 0); + if (sockfd < 0) { + std::cerr << "Error creating socket" << std::endl; + return false; + } + + // Set up the address structure + memset(&address, 0, sizeof(address)); + address.sin_family = AF_INET; + address.sin_addr.s_addr = inet_addr("127.0.0.1"); + address.sin_port = htons(port); + + // Loop until the port is bound or the timeout is reached + while (!isBound && (time(nullptr) - startTime) < timeoutSeconds) { + // Attempt to connect to the port + if (connect(sockfd, (struct sockaddr *)&address, sizeof(address)) < 0) { + // Connection failed, wait a bit before retrying + sleep(1); + } else { + // Connection succeeded, the port is bound + isBound = true; + } + } + + // Clean up the socket + close(sockfd); + return isBound; +} + +HTTPServer * httpServer; +std::thread * serverThread; + +void cleanup() +{ + std::cerr << "Stopping HTTPServer\n"; + httpServer->stop(); + std::cerr << "Cleaning up PMU:\n"; + PCM::getInstance()->cleanup(); +} + +bool init() +{ + port = (rand() % 100) + 10000; // to be able to restart the fuzzer quickly without waiting for the port to be released + serverThread = new std::thread([]() { + PCM::ErrorCode status; + PCM * pcmInstance = PCM::getInstance(); + assert(pcmInstance); + pcmInstance->resetPMU(); + status = pcmInstance->program(); + if (status != PCM::Success) { + std::cerr << "Error in program() function" << std::endl; + exit(1); + } + debug::dyn_debug_level(0); + std::cerr << "Starting plain HTTP server on http://localhost:" << port << "/\n"; + httpServer = new HTTPServer( "", port ); + // HEAD is GET without body, we will remove the body in execute() + httpServer->registerCallback( HTTPRequestMethod::GET, my_get_callback ); + httpServer->registerCallback( HTTPRequestMethod::HEAD, my_get_callback ); + httpServer->run(); + }); + int timeout = 60; // Timeout in seconds + if (waitForPort(port, timeout)) { + std::cout << "Port " << port << " is now bound." << std::endl; + } else { + std::cout << "Port " << port << " is not bound after " << timeout << " seconds." << std::endl; + exit(1); + } + atexit(cleanup); + return true; +} + + +std::vector buffer(1024*1024*16); + +std::string make_request(const std::string& request) { + std::string server = "127.0.0.1"; + // Resolve the host + struct hostent* host = gethostbyname(server.c_str()); + if (!host) { + throw std::runtime_error("Failed to resolve host: " + server); + } + + // Create socket + int sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock < 0) { + throw std::runtime_error("Failed to create socket"); + } + + // Create server address structure + struct sockaddr_in server_addr; + std::memset(&server_addr, 0, sizeof(server_addr)); + server_addr.sin_family = AF_INET; + server_addr.sin_port = htons(port); + std::memcpy(&server_addr.sin_addr, host->h_addr, host->h_length); + + // Connect to server + if (connect(sock, (struct sockaddr*)&server_addr, sizeof(server_addr)) < 0) { + close(sock); + throw std::runtime_error("Failed to connect to server"); + } + + // Form the request + std::cout << "Sending request: " << request << "\n=====\n"; + + // Send the request + if (send(sock, request.c_str(), request.length(), 0) < 0) { + std::cerr << "Failed to send request. Error: " << strerror(errno) << std::endl; + close(sock); + return "Failed to send request, no response"; // not sure why it happens relatively often + // throw std::runtime_error("Failed to send request"); + } + + // Receive the response + std::string response; + ssize_t bytes_received; + bytes_received = recv(sock, &(buffer[0]), buffer.size(), 0); + if (bytes_received > 0) + { + response.append(&(buffer[0]), bytes_received); + } + + if (bytes_received < 0) { + close(sock); + throw std::runtime_error("Failed to receive response"); + } + + // Close the socket + close(sock); + + return response; +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + static bool initialized = false; + if (!initialized) { + initialized = init(); + } + try { + std::string request = std::string((const char*)data, size); + std::string response = make_request(request); + std::cout << response << std::endl; + } catch (const std::exception& e) { + std::cerr << "LLVMFuzzerTestOneInput Exception: \"" << e.what() << "\"" << std::endl; + exit(1); + } + return 0; +} From 5ad7a93d1227c5434ea8b0e52fbddf1ba5a433ae Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Mon, 24 Jun 2024 16:56:35 +0200 Subject: [PATCH 08/43] replace files with human readable corpus --- tests/fuzz.sh | 24 +++++++++++++++++++++++- tests/urltest-fuzz.corpus/url_0.txt | 1 - tests/urltest-fuzz.corpus/url_1.txt | 1 - tests/urltest-fuzz.corpus/url_10.txt | 1 - tests/urltest-fuzz.corpus/url_11.txt | 1 - tests/urltest-fuzz.corpus/url_12.txt | 1 - tests/urltest-fuzz.corpus/url_13.txt | 1 - tests/urltest-fuzz.corpus/url_14.txt | 1 - tests/urltest-fuzz.corpus/url_15.txt | 1 - tests/urltest-fuzz.corpus/url_16.txt | 1 - tests/urltest-fuzz.corpus/url_17.txt | 1 - tests/urltest-fuzz.corpus/url_18.txt | 1 - tests/urltest-fuzz.corpus/url_19.txt | 1 - tests/urltest-fuzz.corpus/url_2.txt | 1 - tests/urltest-fuzz.corpus/url_20.txt | Bin 21 -> 0 bytes tests/urltest-fuzz.corpus/url_3.txt | 1 - tests/urltest-fuzz.corpus/url_4.txt | 1 - tests/urltest-fuzz.corpus/url_5.txt | 1 - tests/urltest-fuzz.corpus/url_6.txt | 1 - tests/urltest-fuzz.corpus/url_7.txt | 1 - tests/urltest-fuzz.corpus/url_8.txt | 1 - tests/urltest-fuzz.corpus/url_9.txt | 1 - 22 files changed, 23 insertions(+), 21 deletions(-) delete mode 100644 tests/urltest-fuzz.corpus/url_0.txt delete mode 100644 tests/urltest-fuzz.corpus/url_1.txt delete mode 100644 tests/urltest-fuzz.corpus/url_10.txt delete mode 100644 tests/urltest-fuzz.corpus/url_11.txt delete mode 100644 tests/urltest-fuzz.corpus/url_12.txt delete mode 100644 tests/urltest-fuzz.corpus/url_13.txt delete mode 100644 tests/urltest-fuzz.corpus/url_14.txt delete mode 100644 tests/urltest-fuzz.corpus/url_15.txt delete mode 100644 tests/urltest-fuzz.corpus/url_16.txt delete mode 100644 tests/urltest-fuzz.corpus/url_17.txt delete mode 100644 tests/urltest-fuzz.corpus/url_18.txt delete mode 100644 tests/urltest-fuzz.corpus/url_19.txt delete mode 100644 tests/urltest-fuzz.corpus/url_2.txt delete mode 100644 tests/urltest-fuzz.corpus/url_20.txt delete mode 100644 tests/urltest-fuzz.corpus/url_3.txt delete mode 100644 tests/urltest-fuzz.corpus/url_4.txt delete mode 100644 tests/urltest-fuzz.corpus/url_5.txt delete mode 100644 tests/urltest-fuzz.corpus/url_6.txt delete mode 100644 tests/urltest-fuzz.corpus/url_7.txt delete mode 100644 tests/urltest-fuzz.corpus/url_8.txt delete mode 100644 tests/urltest-fuzz.corpus/url_9.txt diff --git a/tests/fuzz.sh b/tests/fuzz.sh index d2b5e331..e8d2345b 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -29,7 +29,29 @@ printf "GET /dashboard/prometheus/default HTTP/1.1\r\nHost: localhost\r\nAccept: printf "GET /dashboard HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/11 && printf "GET /favicon.ico HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/12 && LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && -rm -rf corpus/* && cp ../tests/urltest-fuzz.corpus/* corpus/ && LLVM_PROFILE_FILE="urltest.profraw" bin/tests/urltest-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && +rm -rf corpus/* && +printf "http://otto:test@www.intel.com/~otto/file1.txt" > corpus/1 && +printf "file://localhost/c/mnt/cd/file2.txt" > corpus/2 && +printf "ftp://otto%40yahoo.com:abcd%3B1234@www.intel.com:30/xyz.php?a=1&t=3" > corpus/3 && +printf "gopher://otto@hostname1.intel.com:8080/file3.zyx" > corpus/4 && +printf "www.intel.com" > corpus/5 && +printf "http://www.blah.org/file.html#firstmark" > corpus/6 && +printf "http://www.blah.org/file.html#firstmark%21%23" > corpus/7 && +printf "localhost" > corpus/8 && +printf "https://www.intel.com" > corpus/9 && +printf "://google.com/" > corpus/10 && +printf "https://intc.com/request?" > corpus/11 && +printf "htt:ps//www.intel.com" > corpus/12 && +printf "http://www.intel.com:66666/" > corpus/13 && +printf "http:///" > corpus/14 && +printf "http://[1234::1234::1234/" > corpus/15 && +printf "http://@www.intel.com" > corpus/16 && +printf "http://otto@:www.intel.com" > corpus/17 && +printf "https://:@www.intel.com" > corpus/18 && +printf "https://user:@www.intel.com" > corpus/19 && +printf "http:www.intel.com/" > corpus/20 && +printf "http://ww\x00\x00\x00rstmark\x0a" > corpus/21 && +LLVM_PROFILE_FILE="urltest.profraw" bin/tests/urltest-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.profraw" bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.no_perf.profraw" PCM_NO_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.uncore_perf.profraw" PCM_USE_UNCORE_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && diff --git a/tests/urltest-fuzz.corpus/url_0.txt b/tests/urltest-fuzz.corpus/url_0.txt deleted file mode 100644 index f3ae20c8..00000000 --- a/tests/urltest-fuzz.corpus/url_0.txt +++ /dev/null @@ -1 +0,0 @@ -http://otto:test@www.intel.com/~otto/file1.txt diff --git a/tests/urltest-fuzz.corpus/url_1.txt b/tests/urltest-fuzz.corpus/url_1.txt deleted file mode 100644 index 4454f14f..00000000 --- a/tests/urltest-fuzz.corpus/url_1.txt +++ /dev/null @@ -1 +0,0 @@ -file://localhost/c/mnt/cd/file2.txt diff --git a/tests/urltest-fuzz.corpus/url_10.txt b/tests/urltest-fuzz.corpus/url_10.txt deleted file mode 100644 index 249db60f..00000000 --- a/tests/urltest-fuzz.corpus/url_10.txt +++ /dev/null @@ -1 +0,0 @@ -https://intc.com/request? diff --git a/tests/urltest-fuzz.corpus/url_11.txt b/tests/urltest-fuzz.corpus/url_11.txt deleted file mode 100644 index d1c40fdc..00000000 --- a/tests/urltest-fuzz.corpus/url_11.txt +++ /dev/null @@ -1 +0,0 @@ -htt:ps//www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_12.txt b/tests/urltest-fuzz.corpus/url_12.txt deleted file mode 100644 index a7c5eea4..00000000 --- a/tests/urltest-fuzz.corpus/url_12.txt +++ /dev/null @@ -1 +0,0 @@ -http://www.intel.com:66666/ diff --git a/tests/urltest-fuzz.corpus/url_13.txt b/tests/urltest-fuzz.corpus/url_13.txt deleted file mode 100644 index 7d3bc6dc..00000000 --- a/tests/urltest-fuzz.corpus/url_13.txt +++ /dev/null @@ -1 +0,0 @@ -http:/// diff --git a/tests/urltest-fuzz.corpus/url_14.txt b/tests/urltest-fuzz.corpus/url_14.txt deleted file mode 100644 index 65577448..00000000 --- a/tests/urltest-fuzz.corpus/url_14.txt +++ /dev/null @@ -1 +0,0 @@ -http://[1234::1234::1234/ diff --git a/tests/urltest-fuzz.corpus/url_15.txt b/tests/urltest-fuzz.corpus/url_15.txt deleted file mode 100644 index 0934089d..00000000 --- a/tests/urltest-fuzz.corpus/url_15.txt +++ /dev/null @@ -1 +0,0 @@ -http://@www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_16.txt b/tests/urltest-fuzz.corpus/url_16.txt deleted file mode 100644 index 57caad81..00000000 --- a/tests/urltest-fuzz.corpus/url_16.txt +++ /dev/null @@ -1 +0,0 @@ -http://otto@:www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_17.txt b/tests/urltest-fuzz.corpus/url_17.txt deleted file mode 100644 index a052eef7..00000000 --- a/tests/urltest-fuzz.corpus/url_17.txt +++ /dev/null @@ -1 +0,0 @@ -https://:@www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_18.txt b/tests/urltest-fuzz.corpus/url_18.txt deleted file mode 100644 index f62579db..00000000 --- a/tests/urltest-fuzz.corpus/url_18.txt +++ /dev/null @@ -1 +0,0 @@ -https://user:@www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_19.txt b/tests/urltest-fuzz.corpus/url_19.txt deleted file mode 100644 index 2eab4d7f..00000000 --- a/tests/urltest-fuzz.corpus/url_19.txt +++ /dev/null @@ -1 +0,0 @@ -http:www.intel.com/ diff --git a/tests/urltest-fuzz.corpus/url_2.txt b/tests/urltest-fuzz.corpus/url_2.txt deleted file mode 100644 index 65b8f7f2..00000000 --- a/tests/urltest-fuzz.corpus/url_2.txt +++ /dev/null @@ -1 +0,0 @@ -ftp://otto%40yahoo.com:abcd%3B1234@www.intel.com:30/xyz.php?a=1&t=3 diff --git a/tests/urltest-fuzz.corpus/url_20.txt b/tests/urltest-fuzz.corpus/url_20.txt deleted file mode 100644 index d6e1b3d710e00a7ca98dd06022a71a01712d4266..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 21 ccmc~ODJihh*Do(;U|=XJF3C+S%I4w%07{_-UjP6A diff --git a/tests/urltest-fuzz.corpus/url_3.txt b/tests/urltest-fuzz.corpus/url_3.txt deleted file mode 100644 index a17968b6..00000000 --- a/tests/urltest-fuzz.corpus/url_3.txt +++ /dev/null @@ -1 +0,0 @@ -gopher://otto@hostname1.intel.com:8080/file3.zyx diff --git a/tests/urltest-fuzz.corpus/url_4.txt b/tests/urltest-fuzz.corpus/url_4.txt deleted file mode 100644 index bb770d2a..00000000 --- a/tests/urltest-fuzz.corpus/url_4.txt +++ /dev/null @@ -1 +0,0 @@ -www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_5.txt b/tests/urltest-fuzz.corpus/url_5.txt deleted file mode 100644 index 5c7c51b6..00000000 --- a/tests/urltest-fuzz.corpus/url_5.txt +++ /dev/null @@ -1 +0,0 @@ -http://www.blah.org/file.html#firstmark diff --git a/tests/urltest-fuzz.corpus/url_6.txt b/tests/urltest-fuzz.corpus/url_6.txt deleted file mode 100644 index 31993c8b..00000000 --- a/tests/urltest-fuzz.corpus/url_6.txt +++ /dev/null @@ -1 +0,0 @@ -http://www.blah.org/file.html#firstmark%21%23 diff --git a/tests/urltest-fuzz.corpus/url_7.txt b/tests/urltest-fuzz.corpus/url_7.txt deleted file mode 100644 index 2fbb50c4..00000000 --- a/tests/urltest-fuzz.corpus/url_7.txt +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/tests/urltest-fuzz.corpus/url_8.txt b/tests/urltest-fuzz.corpus/url_8.txt deleted file mode 100644 index 412ad609..00000000 --- a/tests/urltest-fuzz.corpus/url_8.txt +++ /dev/null @@ -1 +0,0 @@ -https://www.intel.com diff --git a/tests/urltest-fuzz.corpus/url_9.txt b/tests/urltest-fuzz.corpus/url_9.txt deleted file mode 100644 index 869300d6..00000000 --- a/tests/urltest-fuzz.corpus/url_9.txt +++ /dev/null @@ -1 +0,0 @@ -://google.com/ From 8bd30244500181f16cff481dab867f3429a7298c Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Mon, 24 Jun 2024 17:09:45 +0200 Subject: [PATCH 09/43] print errno string --- tests/pcm-sensor-server-fuzz.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/pcm-sensor-server-fuzz.cpp b/tests/pcm-sensor-server-fuzz.cpp index 35bd4e89..3ee8c656 100644 --- a/tests/pcm-sensor-server-fuzz.cpp +++ b/tests/pcm-sensor-server-fuzz.cpp @@ -103,12 +103,14 @@ std::string make_request(const std::string& request) { // Resolve the host struct hostent* host = gethostbyname(server.c_str()); if (!host) { + std::cerr << "Failed to resolve host. Error: " << strerror(errno) << std::endl; throw std::runtime_error("Failed to resolve host: " + server); } // Create socket int sock = socket(AF_INET, SOCK_STREAM, 0); if (sock < 0) { + std::cerr << "Failed to create socket. Error: " << strerror(errno) << std::endl; throw std::runtime_error("Failed to create socket"); } @@ -121,6 +123,7 @@ std::string make_request(const std::string& request) { // Connect to server if (connect(sock, (struct sockaddr*)&server_addr, sizeof(server_addr)) < 0) { + std::cerr << "Failed to connect to server. Error: " << strerror(errno) << std::endl; close(sock); throw std::runtime_error("Failed to connect to server"); } @@ -146,6 +149,7 @@ std::string make_request(const std::string& request) { } if (bytes_received < 0) { + std::cerr << "Failed to receive response. Error: " << strerror(errno) << std::endl; close(sock); throw std::runtime_error("Failed to receive response"); } From f818668a7dd41ae8d1e65bf43fbe81519bb1e4e1 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Mon, 24 Jun 2024 19:06:00 +0200 Subject: [PATCH 10/43] recv may fail sometimes Change-Id: I22af45cfcea2ebd2a45249614f0fa140b9ab3a27 --- tests/pcm-sensor-server-fuzz.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/pcm-sensor-server-fuzz.cpp b/tests/pcm-sensor-server-fuzz.cpp index 3ee8c656..141a3887 100644 --- a/tests/pcm-sensor-server-fuzz.cpp +++ b/tests/pcm-sensor-server-fuzz.cpp @@ -151,7 +151,8 @@ std::string make_request(const std::string& request) { if (bytes_received < 0) { std::cerr << "Failed to receive response. Error: " << strerror(errno) << std::endl; close(sock); - throw std::runtime_error("Failed to receive response"); + // throw std::runtime_error("Failed to receive response"); + return "Failed to receive response"; // expected to happen sometimes } // Close the socket From d62a4290ff09c46d01f48c4ddb366d44d40f8cf6 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Mon, 24 Jun 2024 19:59:56 +0200 Subject: [PATCH 11/43] fix 'invalid format character' error Change-Id: I583b58f5b4d25336b29071c86c29c9abd7d5c898 --- tests/fuzz.sh | 78 +++++++++++++++++++++++++-------------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/tests/fuzz.sh b/tests/fuzz.sh index e8d2345b..6346d61e 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -10,47 +10,47 @@ make urltest-fuzz \ pcm-sensor-server-fuzz \ -j && rm -rf corpus/* && -printf "GET / HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/1 && -printf "GET /metrics HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/2 && -printf "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/3 && -printf "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/3.1 && -printf "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/3.2 && -printf "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/4 && -printf "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/4.1 && -printf "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/4.2 && -printf "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/5 && -printf "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/5.1 && -printf "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/5.2 && -printf "GET /persecond/100 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/6 && -printf "GET /metrics HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/7 && -printf "GET /dashboard/influxdb HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/8 && -printf "GET /dashboard/prometheus HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/9 && -printf "GET /dashboard/prometheus/default HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/10 && -printf "GET /dashboard HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/11 && -printf "GET /favicon.ico HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/12 && +printf '%b' "GET / HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/1 && +printf '%b' "GET /metrics HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/2 && +printf '%b' "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/3 && +printf '%b' "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/3.1 && +printf '%b' "GET /persecond HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/3.2 && +printf '%b' "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/4 && +printf '%b' "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/4.1 && +printf '%b' "GET /persecond/1 HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/4.2 && +printf '%b' "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/5 && +printf '%b' "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/5.1 && +printf '%b' "GET /persecond/10 HTTP/1.1\r\nHost: localhost\r\nAccept: text/plain; version=0.0.4\r\n\r\n" > corpus/5.2 && +printf '%b' "GET /persecond/100 HTTP/1.1\r\nHost: localhost\r\nAccept: application/json\r\n\r\n" > corpus/6 && +printf '%b' "GET /metrics HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/7 && +printf '%b' "GET /dashboard/influxdb HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/8 && +printf '%b' "GET /dashboard/prometheus HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/9 && +printf '%b' "GET /dashboard/prometheus/default HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/10 && +printf '%b' "GET /dashboard HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/11 && +printf '%b' "GET /favicon.ico HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/12 && LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && -printf "http://otto:test@www.intel.com/~otto/file1.txt" > corpus/1 && -printf "file://localhost/c/mnt/cd/file2.txt" > corpus/2 && -printf "ftp://otto%40yahoo.com:abcd%3B1234@www.intel.com:30/xyz.php?a=1&t=3" > corpus/3 && -printf "gopher://otto@hostname1.intel.com:8080/file3.zyx" > corpus/4 && -printf "www.intel.com" > corpus/5 && -printf "http://www.blah.org/file.html#firstmark" > corpus/6 && -printf "http://www.blah.org/file.html#firstmark%21%23" > corpus/7 && -printf "localhost" > corpus/8 && -printf "https://www.intel.com" > corpus/9 && -printf "://google.com/" > corpus/10 && -printf "https://intc.com/request?" > corpus/11 && -printf "htt:ps//www.intel.com" > corpus/12 && -printf "http://www.intel.com:66666/" > corpus/13 && -printf "http:///" > corpus/14 && -printf "http://[1234::1234::1234/" > corpus/15 && -printf "http://@www.intel.com" > corpus/16 && -printf "http://otto@:www.intel.com" > corpus/17 && -printf "https://:@www.intel.com" > corpus/18 && -printf "https://user:@www.intel.com" > corpus/19 && -printf "http:www.intel.com/" > corpus/20 && -printf "http://ww\x00\x00\x00rstmark\x0a" > corpus/21 && +printf '%b' "http://otto:test@www.intel.com/~otto/file1.txt" > corpus/1 && +printf '%b' "file://localhost/c/mnt/cd/file2.txt" > corpus/2 && +printf '%b' "ftp://otto%40yahoo.com:abcd%3B1234@www.intel.com:30/xyz.php?a=1&t=3" > corpus/3 && +printf '%b' "gopher://otto@hostname1.intel.com:8080/file3.zyx" > corpus/4 && +printf '%b' "www.intel.com" > corpus/5 && +printf '%b' "http://www.blah.org/file.html#firstmark" > corpus/6 && +printf '%b' "http://www.blah.org/file.html#firstmark%21%23" > corpus/7 && +printf '%b' "localhost" > corpus/8 && +printf '%b' "https://www.intel.com" > corpus/9 && +printf '%b' "://google.com/" > corpus/10 && +printf '%b' "https://intc.com/request?" > corpus/11 && +printf '%b' "htt:ps//www.intel.com" > corpus/12 && +printf '%b' "http://www.intel.com:66666/" > corpus/13 && +printf '%b' "http:///" > corpus/14 && +printf '%b' "http://[1234::1234::1234/" > corpus/15 && +printf '%b' "http://@www.intel.com" > corpus/16 && +printf '%b' "http://otto@:www.intel.com" > corpus/17 && +printf '%b' "https://:@www.intel.com" > corpus/18 && +printf '%b' "https://user:@www.intel.com" > corpus/19 && +printf '%b' "http:www.intel.com/" > corpus/20 && +printf '%b' "http://ww\x00\x00\x00rstmark\x0a" > corpus/21 && LLVM_PROFILE_FILE="urltest.profraw" bin/tests/urltest-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.profraw" bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && rm -rf corpus/* && LLVM_PROFILE_FILE="pcm.no_perf.profraw" PCM_NO_PERF=1 bin/tests/pcm-fuzz -max_total_time=$((5 * $factor)) corpus > /dev/null && From fdca5300be1611d0fd79810e8c4ea6c8350b208e Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Tue, 25 Jun 2024 11:35:18 +0200 Subject: [PATCH 12/43] the scripts require bash. call bash explicitly Change-Id: If4a862946289948607975c5deb77ee51dfc80615 --- .github/workflows/ci-fuzz.yml | 2 +- .github/workflows/ci-test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index 30b182fd..cecbb40b 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -32,7 +32,7 @@ jobs: set -o pipefail mkdir build cd build - sh ${{ github.workspace }}/tests/fuzz.sh 2>&1 | tee fuzz-log.txt + bash ${{ github.workspace }}/tests/fuzz.sh 2>&1 | tee fuzz-log.txt cd .. - name: Show report diff --git a/.github/workflows/ci-test.yml b/.github/workflows/ci-test.yml index b18a7289..63231c9c 100644 --- a/.github/workflows/ci-test.yml +++ b/.github/workflows/ci-test.yml @@ -37,7 +37,7 @@ jobs: - name: Test run: | set -o pipefail - sh ${{ github.workspace }}/tests/test.sh 2>&1 | tee test-log.txt + bash ${{ github.workspace }}/tests/test.sh 2>&1 | tee test-log.txt - name: upload-artifact uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 From 637119d361344d05a7147d17c99db47f59ee48c2 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Tue, 25 Jun 2024 12:12:21 +0200 Subject: [PATCH 13/43] ignore leaks on libFuzzer side use Change-Id: If6a80f36db2605523cff6315b3be3cb5eeb08a75 --- tests/fuzz.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/fuzz.sh b/tests/fuzz.sh index 6346d61e..2c9babb5 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -28,7 +28,7 @@ printf '%b' "GET /dashboard/prometheus HTTP/1.1\r\nHost: localhost\r\nAccept: */ printf '%b' "GET /dashboard/prometheus/default HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/10 && printf '%b' "GET /dashboard HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/11 && printf '%b' "GET /favicon.ico HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/12 && -LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -max_total_time=$((10 * $factor)) corpus > /dev/null && +LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -detect_leaks=0 -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && printf '%b' "http://otto:test@www.intel.com/~otto/file1.txt" > corpus/1 && printf '%b' "file://localhost/c/mnt/cd/file2.txt" > corpus/2 && From 7ac4e319a3af5b7b25b50fcb2beef809e17b7496 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Tue, 25 Jun 2024 14:39:31 +0200 Subject: [PATCH 14/43] fix a memory leak and throw exception with verbose reason Change-Id: I47fc52eade71d63852855cdd5abeeb1ef44bc87b --- src/utils.h | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/utils.h b/src/utils.h index f4775d90..73f0023a 100644 --- a/src/utils.h +++ b/src/utils.h @@ -675,7 +675,7 @@ class TemporalThreadAffinity // speedup trick for Linux, FreeBSD, DragonFlyBSD, bool supported() const { return true; } #elif defined(__linux__) - cpu_set_t* old_affinity; + cpu_set_t* old_affinity = nullptr; static constexpr auto maxCPUs = 8192; const size_t set_size; bool restore; @@ -691,7 +691,9 @@ class TemporalThreadAffinity // speedup trick for Linux, FreeBSD, DragonFlyBSD, if (res != 0) { std::cerr << "ERROR: pthread_getaffinity_np for core " << core_id << " failed with code " << res << "\n"; - throw std::exception(); + CPU_FREE(old_affinity); + old_affinity = nullptr; + throw std::runtime_error("pthread_getaffinity_np failed"); } cpu_set_t* new_affinity = CPU_ALLOC(maxCPUs); assert(new_affinity); @@ -708,13 +710,16 @@ class TemporalThreadAffinity // speedup trick for Linux, FreeBSD, DragonFlyBSD, if (res != 0 && checkStatus) { std::cerr << "ERROR: pthread_setaffinity_np for core " << core_id << " failed with code " << res << "\n"; - throw std::exception(); + CPU_FREE(old_affinity); + old_affinity = nullptr; + throw std::runtime_error("pthread_setaffinity_np failed"); } } ~TemporalThreadAffinity() { if (restore) pthread_setaffinity_np(pthread_self(), set_size, old_affinity); CPU_FREE(old_affinity); + old_affinity = nullptr; } bool supported() const { return true; } #elif defined(_MSC_VER) From f8dda061bd7fcf1e5c2579d62e9d3db9c665a599 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Tue, 25 Jun 2024 14:56:46 +0200 Subject: [PATCH 15/43] fix heap-buffer-overflow Change-Id: I3a2fabc50f15665781ac729233ab449e43664d79 --- src/pcm-sensor-server.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/pcm-sensor-server.cpp b/src/pcm-sensor-server.cpp index ea5d1793..4f2d51e8 100644 --- a/src/pcm-sensor-server.cpp +++ b/src/pcm-sensor-server.cpp @@ -2371,8 +2371,9 @@ std::string& compressLWSAndRemoveCR( std::string& line ) { } // Remove trailing '\r' - if ( line[line.size()-1] == '\r' ) + if (!line.empty() && line.back() == '\r') { line.pop_back(); + } return line; } From e8219dabc4810382869d53c53fc4baf2947b93cf Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Tue, 25 Jun 2024 16:05:06 +0200 Subject: [PATCH 16/43] add /sys/fs/cgroup/cpuset/cpuset.cpus diagnostic message in tests (for pcm-pcie root-causing) Change-Id: I19183f27fba2867877bd1ab115f2cf12fe2702e4 --- tests/test.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/test.sh b/tests/test.sh index ba1c8935..bc23ef59 100755 --- a/tests/test.sh +++ b/tests/test.sh @@ -159,6 +159,9 @@ if [ "$?" -ne "0" ]; then exit 1 fi +echo "/sys/fs/cgroup/cpuset/cpuset.cpus:" +cat /sys/fs/cgroup/cpuset/cpuset.cpus + echo Testing pcm-pcie ./pcm-pcie -- sleep 1 if [ "$?" -ne "0" ]; then From 14dc7accd0bfa045c91d7f21d3ad1712d0501303 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Wed, 26 Jun 2024 10:06:27 +0200 Subject: [PATCH 17/43] make fuzzing period configurable Change-Id: I9e3392d4c07311cbf18059dfd27ba587c931c080 --- tests/fuzz.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/fuzz.sh b/tests/fuzz.sh index 2c9babb5..a16c9e5d 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -1,7 +1,13 @@ export PCM_ENFORCE_MBM="1" -factor=100 +factor=1 + +if [ "$#" -eq 1 ]; then + factor=$1 +fi + +echo "Running fuzz tests with running time multiplier $factor" CC=`which clang` CXX=`which clang++` cmake .. -DCMAKE_BUILD_TYPE=Debug -DFUZZ=1 && mkdir -p corpus && make urltest-fuzz \ From 00369a0b51298815e1cb87f0a663024e5ce2e112 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Wed, 26 Jun 2024 10:07:13 +0200 Subject: [PATCH 18/43] make the fuzz-job run long on saturdays Change-Id: I8e50bc99b319fc62cdb1a4252a401dedb122384c --- .github/workflows/ci-fuzz.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index cecbb40b..7993ab5a 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -2,8 +2,8 @@ name: fuzz-job on: schedule: - # every sunday at midnight - - cron: '0 0 * * 0' + # every saturday at midnight + - cron: '0 0 * * 6' # also allow manual triggering workflow_dispatch: @@ -32,7 +32,7 @@ jobs: set -o pipefail mkdir build cd build - bash ${{ github.workspace }}/tests/fuzz.sh 2>&1 | tee fuzz-log.txt + bash ${{ github.workspace }}/tests/fuzz.sh 1000 2>&1 | tee fuzz-log.txt cd .. - name: Show report From 78bda31189a52decf01287809f80f1da012b626b Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Wed, 26 Jun 2024 10:17:02 +0200 Subject: [PATCH 19/43] add fuzz-short-job Change-Id: I362951c2fe996cfb038ac3ba80c30f13f49ea5f7 --- .github/workflows/ci-fuzz-short.yml | 46 +++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 .github/workflows/ci-fuzz-short.yml diff --git a/.github/workflows/ci-fuzz-short.yml b/.github/workflows/ci-fuzz-short.yml new file mode 100644 index 00000000..d1437ef5 --- /dev/null +++ b/.github/workflows/ci-fuzz-short.yml @@ -0,0 +1,46 @@ +name: fuzz-short-job + +on: + # manual triggering + workflow_dispatch: + + +permissions: + contents: read + +jobs: + fuzz: + runs-on: ci-test + if: ${{ github.repository != 'intel/pcm' }} + + steps: + - name: Harden Runner + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + with: + egress-policy: audit + + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + with: + submodules: recursive + + - name: Build and test + run: | + cmake --version + set -o pipefail + mkdir build + cd build + bash ${{ github.workspace }}/tests/fuzz.sh 10 2>&1 | tee fuzz-log.txt + cd .. + + - name: Show report + run: | + cat build/report.txt + echo "Fuzzing completed" + + - name: upload-artifact + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: fuzz-log-${{ github.sha }} + path: "build/fuzz-log.txt" + + From cc5d6e28576006e1c118305bfb0c5eff61db0aa1 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Wed, 26 Jun 2024 11:48:12 +0200 Subject: [PATCH 20/43] add on-push/pr micro fuzzing job Change-Id: Id82db481ea6c53c817db6bddc0a4c54563314ac0 --- .github/workflows/ci-fuzz-micro.yml | 47 +++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/ci-fuzz-micro.yml diff --git a/.github/workflows/ci-fuzz-micro.yml b/.github/workflows/ci-fuzz-micro.yml new file mode 100644 index 00000000..f9b16ebe --- /dev/null +++ b/.github/workflows/ci-fuzz-micro.yml @@ -0,0 +1,47 @@ +name: fuzz-micro-job + +on: + push: + branches: [ '**' ] + pull_request: + branches: [ '**' ] + +permissions: + contents: read + +jobs: + fuzz: + runs-on: ci-test + if: ${{ github.repository != 'intel/pcm' }} + + steps: + - name: Harden Runner + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + with: + egress-policy: audit + + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + with: + submodules: recursive + + - name: Build and test + run: | + cmake --version + set -o pipefail + mkdir build + cd build + bash ${{ github.workspace }}/tests/fuzz.sh 5 2>&1 | tee fuzz-log.txt + cd .. + + - name: Show report + run: | + cat build/report.txt + echo "Fuzzing completed" + + - name: upload-artifact + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: fuzz-log-${{ github.sha }} + path: "build/fuzz-log.txt" + + From 8c7d1cf637ed7927cbe7c7430daa530bb42e07ed Mon Sep 17 00:00:00 2001 From: Otto Bruggeman Date: Thu, 27 Jun 2024 20:30:39 +0200 Subject: [PATCH 21/43] Stop using deprecated functions (#643) * Stop using deperecated functions * Exclude the unwanted protocols from the SSL_CTX * Require openssl 1.1.1 now, tls_method is then available Subsequently remove sslv3 support by requiring minimum tls1 in the SSL_CTX * Check for minimum version 1.1.1 Disable SSL if not found and warn about it --- src/CMakeLists.txt | 14 +++++++++++--- src/pcm-sensor-server.cpp | 6 +++++- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index d279d2e8..09303b64 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -1,10 +1,13 @@ # SPDX-License-Identifier: BSD-3-Clause # Copyright (c) 2022, Intel Corporation +include(FindOpenSSL) # All pcm-* executables set(PROJECT_NAMES pcm pcm-numa pcm-latency pcm-power pcm-msr pcm-memory pcm-tsx pcm-pcie pcm-core pcm-iio pcm-lspci pcm-pcicfg pcm-mmio pcm-tpmi pcm-raw pcm-accel) +set(MINIMUM_OPENSSL_VERSION 1.1.1) + file(GLOB COMMON_SOURCES pcm-accel-common.cpp msr.cpp cpucounters.cpp pci.cpp mmio.cpp tpmi.cpp pmt.cpp bw.cpp utils.cpp topology.cpp debug.cpp threadpool.cpp uncore_pmu_discovery.cpp) if (APPLE) @@ -147,9 +150,14 @@ foreach(PROJECT_NAME ${PROJECT_NAMES}) else() message(STATUS "Compiling with SSL support, requires libssl-dev or openssl-devel or libopenssl-devel or libopenssl-dev package installed") message(STATUS "To disable SSL support, use -DNO_SSL=1 option") - find_package(OpenSSL REQUIRED) - target_compile_options(${PROJECT_NAME} PRIVATE "-DUSE_SSL") - set(LIBS ${LIBS} OpenSSL::SSL OpenSSL::Crypto) + find_package(OpenSSL ${MINIMUM_OPENSSL_VERSION} QUIET) + if(OPENSSL_FOUND) + message(STATUS "OpenSSL version ${OPENSSL_VERSION} >= ${MINIMUM_OPENSSL_VERSION}, OpenSSL support enabled") + target_compile_options(${PROJECT_NAME} PRIVATE "-DUSE_SSL") + set(LIBS ${LIBS} OpenSSL::SSL OpenSSL::Crypto) + else() + message(STATUS "OpenSSL support has been disabled, the version is less than ${MINIMUM_OPENSSL_VERSION}") + endif() endif() file(READ pcm-sensor-server.service.in SENSOR_SERVICE_IN) string(REPLACE "@@CMAKE_INSTALL_SBINDIR@@" "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_SBINDIR}" SENSOR_SERVICE "${SENSOR_SERVICE_IN}") diff --git a/src/pcm-sensor-server.cpp b/src/pcm-sensor-server.cpp index 4f2d51e8..c975d6b1 100644 --- a/src/pcm-sensor-server.cpp +++ b/src/pcm-sensor-server.cpp @@ -2886,9 +2886,13 @@ class HTTPSServer : public HTTPServer { // SSL too old on development machine, not available yet FIXME //OPENSSL_config(nullptr); - sslCTX_ = SSL_CTX_new( SSLv23_method() ); + // We require 1.1.1 now so TLS_method is available but still + // make sure minimum protocol is TSL1_VERSION below + sslCTX_ = SSL_CTX_new( TLS_method() ); if ( nullptr == sslCTX_ ) throw std::runtime_error( "Cannot create an SSL context" ); + if( SSL_CTX_set_min_proto_version( sslCTX_, TLS1_VERSION ) != 1 ) + throw std::runtime_error( "Cannot set minimum protocol to TSL1_VERSION" ); if ( SSL_CTX_use_certificate_file( sslCTX_, certificateFile_.c_str(), SSL_FILETYPE_PEM ) <= 0 ) throw std::runtime_error( "Cannot use certificate file" ); if ( SSL_CTX_use_PrivateKey_file( sslCTX_, privateKeyFile_.c_str(), SSL_FILETYPE_PEM ) <= 0 ) From f1c7703b62b672a0cd6bc1c95877b2e74697a6ef Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Wed, 26 Jun 2024 18:17:14 +0200 Subject: [PATCH 22/43] fix a memory leak in SSL code --- src/pcm-sensor-server.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/pcm-sensor-server.cpp b/src/pcm-sensor-server.cpp index c975d6b1..dee84ea1 100644 --- a/src/pcm-sensor-server.cpp +++ b/src/pcm-sensor-server.cpp @@ -2961,6 +2961,7 @@ void HTTPSServer::run() { } } catch( std::exception& e ) { DBG( 3, "SSL Accept: error accepting incoming connection, closing the FD and continuing: ", e.what() ); + SSL_free( ssl ); // Free the SSL structure to prevent memory leaks ::close( clientSocketFD ); continue; } @@ -2971,6 +2972,7 @@ void HTTPSServer::run() { char const * resbuf = ::inet_ntop( AF_INET, &(clientAddress.sin_addr), ipbuf, INET_ADDRSTRLEN ); if ( nullptr == resbuf ) { std::cerr << strerror( errno ) << "\n"; + SSL_free( ssl ); // Free the SSL structure to prevent memory leaks ::close( clientSocketFD ); continue; } From c4a205a41bd4f67a5117bd73584cdc37d0b866a7 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 28 Jun 2024 15:28:15 +0200 Subject: [PATCH 23/43] set pointers to nullptr after delete or free This will reduce the risk of using them again later. Change-Id: I1aee48765c4a48f5642d6a8ee157fc9e014019db --- src/cpuasynchcounter.h | 8 ++++---- src/cpucounters.cpp | 20 ++++++++++---------- src/daemon/daemon.cpp | 4 ++-- src/memoptest.cpp | 2 +- src/msr.cpp | 5 ++--- src/msrtest.cpp | 2 +- src/pcm-accel-common.cpp | 2 +- src/pcm-accel.cpp | 4 ++-- src/pcm-iio.cpp | 4 ++-- src/pcm-latency.cpp | 4 ++-- src/pcm-sensor-server.cpp | 4 ++-- src/realtime.cpp | 2 +- src/threadpool.cpp | 3 ++- src/topology.h | 10 +++++----- src/utils.cpp | 8 ++++---- src/utils.h | 33 ++++++++++++++++++++++++++++++++- tests/daemon_alignment_test.cpp | 3 ++- 17 files changed, 75 insertions(+), 43 deletions(-) diff --git a/src/cpuasynchcounter.h b/src/cpuasynchcounter.h index 92fd3981..7b33fe68 100644 --- a/src/cpuasynchcounter.h +++ b/src/cpuasynchcounter.h @@ -77,10 +77,10 @@ class AsynchronCounterState { { std::cerr << "PCM Error in ~AsynchronCounterState(). Exception " << e.what() << "\n"; } - delete[] cstates1; - delete[] cstates2; - delete[] skstates1; - delete[] skstates2; + deleteAndNullifyArray(cstates1); + deleteAndNullifyArray(cstates2); + deleteAndNullifyArray(skstates1); + deleteAndNullifyArray(skstates2); } uint32 getNumCores() diff --git a/src/cpucounters.cpp b/src/cpucounters.cpp index cbae950f..540146d1 100644 --- a/src/cpucounters.cpp +++ b/src/cpucounters.cpp @@ -513,7 +513,7 @@ bool PCM::isRDTDisabled() const flag = 0; } #ifdef _MSC_VER - free(env); + freeAndNullify(env); #endif } return flag > 0; @@ -1204,7 +1204,7 @@ bool PCM::discoverSystemTopology() while (res == FALSE) { - delete[] slpi; + deleteAndNullifyArray(slpi); if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) { @@ -1263,7 +1263,7 @@ bool PCM::discoverSystemTopology() socketIdMap[entry.socket] = 0; } - delete[] base_slpi; + deleteAndNullifyArray(base_slpi); #else // for Linux, Mac OS, FreeBSD and DragonFlyBSD @@ -1374,7 +1374,7 @@ bool PCM::discoverSystemTopology() return false; \ } \ ret_value = convertUnknownToInt(size, pParam); \ - free(pParam); \ + freeAndNullify(pParam); \ } // End SAFE_SYSCTLBYNAME @@ -3307,7 +3307,7 @@ PCM::~PCM() { destroyMSR(); instance = NULL; - delete systemTopology; + deleteAndNullify(systemTopology); } } @@ -7160,7 +7160,7 @@ PciHandleType * ServerUncorePMUs::createIntelPerfMonDevice(uint32 groupnr_, int3 if(vendor_id == PCM_INTEL_PCI_VENDOR_ID) return handle; - delete handle; + deleteAndNullify(handle); } return NULL; } @@ -9742,7 +9742,7 @@ PciHandleType * getDeviceHandle(uint32 vendorId, uint32 deviceId) const uint32 did = (value >> 16) & 0xffff; if (vid == vendorId && did == deviceId) return h; - delete h; + deleteAndNullify(h); } } } @@ -9792,7 +9792,7 @@ uint32 PCM::getMaxNumOfCBoxesInternal() const num = (uint32)weight32(value); h->read32(0xa0, &value); num += (uint32)weight32(value); - delete h; + deleteAndNullify(h); } else { @@ -10457,8 +10457,8 @@ CounterWidthExtender::CounterWidthExtender(AbstractRawCounter * raw_counter_, ui } CounterWidthExtender::~CounterWidthExtender() { - delete UpdateThread; - if (raw_counter) delete raw_counter; + deleteAndNullify(UpdateThread); + deleteAndNullify(raw_counter); } diff --git a/src/daemon/daemon.cpp b/src/daemon/daemon.cpp index ffa271f8..0a0bee20 100644 --- a/src/daemon/daemon.cpp +++ b/src/daemon/daemon.cpp @@ -89,8 +89,8 @@ namespace PCMDaemon { Daemon::~Daemon() { - delete[] serverUncoreCounterStatesBefore_; - delete[] serverUncoreCounterStatesAfter_; + deleteAndNullifyArray(serverUncoreCounterStatesBefore_); + deleteAndNullifyArray(serverUncoreCounterStatesAfter_); } void Daemon::setupPCM() diff --git a/src/memoptest.cpp b/src/memoptest.cpp index dda78042..3c852931 100644 --- a/src/memoptest.cpp +++ b/src/memoptest.cpp @@ -132,7 +132,7 @@ int main(int argc, char * argv[]) cout << "Bandwidth: " << (sizeof(T) * nelements * niter) / ((after_ts - before_ts) * 1024 * 1024) << " MByte/sec\n" << std::flush; } - delete[] vector; + deleteAndNullifyArray(vector); return 0; } diff --git a/src/msr.cpp b/src/msr.cpp index 27397e45..d7c93b77 100644 --- a/src/msr.cpp +++ b/src/msr.cpp @@ -126,8 +126,7 @@ MsrHandle::~MsrHandle() MsrHandle::num_handles--; if (MsrHandle::num_handles == 0) { - delete driver; - driver = NULL; + deleteAndNullify(driver); } } @@ -235,7 +234,7 @@ MsrHandle::MsrHandle(uint32 cpu) : fd(-1), cpu_id(cpu) snprintf(path, 200, "/dev/msr%d", cpu); handle = ::open(path, O_RDWR); } - delete[] path; + deleteAndNullifyArray(path); if (handle < 0) { std::cerr << "PCM Error: can't open MSR handle for core " << cpu << " (" << strerror(errno) << ")\n"; diff --git a/src/msrtest.cpp b/src/msrtest.cpp index a5ebf1d4..e2e08aee 100644 --- a/src/msrtest.cpp +++ b/src/msrtest.cpp @@ -73,7 +73,7 @@ int main() assert(res >= 0); } for (i = 0; i < NUM_CORES; ++i) - delete cpu_msr[i]; + deleteAndNullify(cpu_msr[i]); for (i = 0; i < NUM_CORES; ++i) std::cout << "Core " << i << "\t Instructions: " << (counters_after[i][0] - counters_before[i][0]) << diff --git a/src/pcm-accel-common.cpp b/src/pcm-accel-common.cpp index e1f27918..c702e93c 100644 --- a/src/pcm-accel-common.cpp +++ b/src/pcm-accel-common.cpp @@ -346,7 +346,7 @@ void readAccelCounters(SystemCounterState& sycs_) break; } - delete[] currState; + deleteAndNullifyArray(currState); } diff --git a/src/pcm-accel.cpp b/src/pcm-accel.cpp index 8c8d79a9..47af3003 100644 --- a/src/pcm-accel.cpp +++ b/src/pcm-accel.cpp @@ -291,8 +291,8 @@ void collect_data(PCM *m, const double delay, const ACCEL_IP accel, std::vector< break; } - delete[] before; - delete[] after; + deleteAndNullifyArray(before); + deleteAndNullifyArray(after); } diff --git a/src/pcm-iio.cpp b/src/pcm-iio.cpp index bfc8f570..ee97015c 100644 --- a/src/pcm-iio.cpp +++ b/src/pcm-iio.cpp @@ -1826,8 +1826,8 @@ result_content get_IIO_Samples(PCM *m, const std::vectorsocket_id][iio_unit_id][std::pair(ctr.h_id,ctr.v_id)] = trans_result; } } - delete[] before; - delete[] after; + deleteAndNullifyArray(before); + deleteAndNullifyArray(after); return results; } diff --git a/src/pcm-latency.cpp b/src/pcm-latency.cpp index 36c86e2e..b690943a 100644 --- a/src/pcm-latency.cpp +++ b/src/pcm-latency.cpp @@ -443,8 +443,8 @@ void collect_data(PCM *m, bool enable_pmm, bool enable_verbose, int delay_ms, Ma return true; }); - delete[] BeforeState; - delete[] AfterState; + deleteAndNullifyArray(BeforeState); + deleteAndNullifyArray(AfterState); } void print_usage() diff --git a/src/pcm-sensor-server.cpp b/src/pcm-sensor-server.cpp index dee84ea1..9c68c3d8 100644 --- a/src/pcm-sensor-server.cpp +++ b/src/pcm-sensor-server.cpp @@ -2713,7 +2713,7 @@ class HTTPServer : public Server { virtual ~HTTPServer() { pcf_->stop(); std::this_thread::sleep_for( std::chrono::seconds(1) ); - delete pcf_; + deleteAndNullify(pcf_); } public: @@ -2848,7 +2848,7 @@ void HTTPServer::run() { connection = new HTTPConnection( this, clientSocketFD, clientAddress, callbackList_ ); } catch ( std::exception& e ) { DBG( 3, "Exception caught while creating a HTTPConnection: " ); - if (connection) delete connection; + if (connection) deleteAndNullify(connection); ::close( clientSocketFD ); continue; } diff --git a/src/realtime.cpp b/src/realtime.cpp index 9285695a..e679253a 100644 --- a/src/realtime.cpp +++ b/src/realtime.cpp @@ -164,7 +164,7 @@ int main(int argc, char * argv[]) if (m->program() != PCM::Success) { cout << "Program was not successful...\n"; - delete m; + deleteAndNullify(m); return -1; } diff --git a/src/threadpool.cpp b/src/threadpool.cpp index 356c0ed1..cf565bce 100644 --- a/src/threadpool.cpp +++ b/src/threadpool.cpp @@ -2,6 +2,7 @@ // Copyright (c) 2020-2022, Intel Corporation #include "threadpool.h" +#include "utils.h" namespace pcm { @@ -10,7 +11,7 @@ void ThreadPool::execute( ThreadPool* tp ) { Work* w = tp->retrieveWork(); if ( w == nullptr ) break; w->execute(); - delete w; + deleteAndNullify(w); } } diff --git a/src/topology.h b/src/topology.h index 6ba8db9e..526455ad 100644 --- a/src/topology.h +++ b/src/topology.h @@ -120,7 +120,7 @@ class Core : public SystemObject virtual ~Core() { pcm_ = nullptr; for ( auto& thread : threads_ ) - delete thread; + deleteAndNullify(thread); } virtual void accept( Visitor& v ) override { @@ -272,9 +272,9 @@ class Socket : public SystemObject { virtual ~Socket() { pcm_ = nullptr; for ( auto& core : cores_ ) - delete core; + deleteAndNullify(core); refCore_ = nullptr; // cores_ is owner so it is already deleted by here - delete uncore_; + deleteAndNullify(uncore_); } virtual void accept( Visitor& v ) override { @@ -352,9 +352,9 @@ class SystemRoot : public SystemObject { virtual ~SystemRoot() { pcm_ = nullptr; for ( auto& socket : sockets_ ) - delete socket; + deleteAndNullify(socket); for ( auto& thread : offlinedThreadsAtStart_ ) - delete thread; + deleteAndNullify(thread); } virtual void accept( Visitor& v ) override { diff --git a/src/utils.cpp b/src/utils.cpp index cf25efc6..1723ab23 100644 --- a/src/utils.cpp +++ b/src/utils.cpp @@ -348,8 +348,7 @@ void sigSEGV_handler(int signum) { std::cerr << backtrace_strings[i] << "\n"; } - free(backtrace_strings); - backtrace_strings = NULL; + freeAndNullify(backtrace_strings); } sigINT_handler(signum); @@ -453,15 +452,16 @@ void set_signal_handlers(void) std::cerr << "\nPCM ERROR: _dupenv_s failed.\n"; _exit(EXIT_FAILURE); } - free(envPath); if (envPath) { std::cerr << "\nPCM ERROR: Detected cygwin/mingw environment which does not allow to setup PMU clean-up handlers on Ctrl-C and other termination signals.\n"; std::cerr << "See https://www.mail-archive.com/cygwin@cygwin.com/msg74817.html\n"; std::cerr << "As a workaround please run pcm directly from a native windows shell (e.g. cmd).\n"; std::cerr << "Exiting...\n\n"; + freeAndNullify(envPath); _exit(EXIT_FAILURE); } + freeAndNullify(envPath); std::cerr << "DEBUG: Setting Ctrl+C done.\n"; #else @@ -826,7 +826,7 @@ std::string safe_getenv(const char* env) if (_dupenv_s(&buffer, NULL, env) == 0 && buffer != nullptr) { result = buffer; - free(buffer); + freeAndNullify(buffer); } return result; } diff --git a/src/utils.h b/src/utils.h index 73f0023a..23e0091d 100644 --- a/src/utils.h +++ b/src/utils.h @@ -41,6 +41,37 @@ #include #endif namespace pcm { + + template + inline void deleteAndNullify(T & p) + { + if (p) + { + delete p; + p = nullptr; + } + } + + template + inline void deleteAndNullifyArray(T & p) + { + if (p) + { + delete [] p; + p = nullptr; + } + } + + template + inline void freeAndNullify(T & p) + { + if (p) + { + free(p); + p = nullptr; + } + } + std::string safe_getenv(const char* env); #ifdef _MSC_VER typedef std::wstring StringType; @@ -288,7 +319,7 @@ class s_expect : public std::string { istr.setstate(std::ios_base::failbit); } - delete [] buffer; + deleteAndNullifyArray(buffer); } }; diff --git a/tests/daemon_alignment_test.cpp b/tests/daemon_alignment_test.cpp index d4c61be2..acad1f8c 100644 --- a/tests/daemon_alignment_test.cpp +++ b/tests/daemon_alignment_test.cpp @@ -4,6 +4,7 @@ #include #include "../src/daemon/common.h" +#include "../src/utils.h" #define ALIGNMENT 64 @@ -83,7 +84,7 @@ int main() } } - free(pcmState); + pcm::freeAndNullify(pcmState); printf("\n------ All passed ------\n\n"); From 4546df07fd3cfe1369cef6b9e5334a5ee406ba7a Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Fri, 28 Jun 2024 17:43:18 +0200 Subject: [PATCH 24/43] address warning: nullptr check --- src/msr.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/msr.cpp b/src/msr.cpp index d7c93b77..46c36cd3 100644 --- a/src/msr.cpp +++ b/src/msr.cpp @@ -227,6 +227,7 @@ MsrHandle::MsrHandle(uint32 cpu) : fd(-1), cpu_id(cpu) writesEnabled = true; } char * path = new char[200]; + if (!path) throw std::runtime_error("Allocation of 200 bytes failed."); snprintf(path, 200, "/dev/cpu/%d/msr", cpu); int handle = ::open(path, O_RDWR); if (handle < 0) From 14e51abdc1d6446ea8e28918c889360e4ac02306 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Fri, 28 Jun 2024 17:44:02 +0200 Subject: [PATCH 25/43] cmake: print more flags --- CMakeLists.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index bae9425a..a70da2d3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -95,6 +95,10 @@ if(UNIX) # APPLE, LINUX, FREE_BSD set(CMAKE_C_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG}") set(CMAKE_C_FLAGS_RELWITHDEBINFO "${CMAKE_CXX_FLAGS_RELWITHDEBINFO}") + message(STATUS "CMAKE_CXX_FLAGS_RELEASE: ${CMAKE_CXX_FLAGS_RELEASE}") + message(STATUS "CMAKE_CXX_FLAGS_DEBUG: ${CMAKE_CXX_FLAGS_DEBUG}") + message(STATUS "CMAKE_CXX_FLAGS_RELWITHDEBINFO: ${CMAKE_CXX_FLAGS_RELWITHDEBINFO}") + endif(UNIX) if(FUZZ) From 3cb171b7aef41fce3607562d1b6ae4bd50734af4 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Fri, 28 Jun 2024 17:45:09 +0200 Subject: [PATCH 26/43] more hardening compile flags --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a70da2d3..0196c379 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,7 +82,7 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set (PCM_DYNAMIC "") endif() - set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2") + set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2 -ftrapv -fsanitize=address -fsanitize=undefined -fwrapv -fno-delete-null-pointer-checks -fno-strict-overflow") set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") From d103314a1d22e994a48a203b297956d0901bfae4 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 28 Jun 2024 18:01:13 +0200 Subject: [PATCH 27/43] fix compilation on old gcc Change-Id: I5eee1ad201e2570a82e12d4719d74d653b78664b --- CMakeLists.txt | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0196c379..8d5e472a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,7 +82,12 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set (PCM_DYNAMIC "") endif() - set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2 -ftrapv -fsanitize=address -fsanitize=undefined -fwrapv -fno-delete-null-pointer-checks -fno-strict-overflow") + set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2 -ftrapv -fsanitize=address -fwrapv -fno-delete-null-pointer-checks -fno-strict-overflow") + if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_LESS 5) + message(WARNING "Old gcc compiler (version < 5), -fsanitize=undefined option is not supported.") + elseif() + set(PCM_HARDENING_FLAGS "${PCM_HARDENING_FLAGS} -fsanitize=undefined") + endif() set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") From 2aff41bdfe10ce5ad9d3fc7fa09693e1417955f1 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 28 Jun 2024 20:38:04 +0200 Subject: [PATCH 28/43] do not include shared library code into pcm-core executable this causes mem init/destruction issues Change-Id: I8a87e220f1a687cfb598f3c8254f5978645b6178 --- src/CMakeLists.txt | 1 + src/pcm-core.cpp | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 09303b64..adf733f8 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -39,6 +39,7 @@ if(UNIX) # LINUX, FREE_BSD, APPLE # libpcm.so add_library(PCM_SHARED SHARED pcm-core.cpp) + target_compile_options(PCM_SHARED PRIVATE -DPCM_SHARED_LIBRARY=1) # PCM_SILENT in Release* for pcm-core.cpp target_compile_definitions(PCM_SHARED PRIVATE $<$:PCM_SILENT> diff --git a/src/pcm-core.cpp b/src/pcm-core.cpp index 6ec183fd..434accc9 100644 --- a/src/pcm-core.cpp +++ b/src/pcm-core.cpp @@ -48,6 +48,8 @@ struct CoreEvent char * description; } events[PERF_MAX_CUSTOM_COUNTERS]; +#ifdef PCM_SHARED_LIBRARY + extern "C" { SystemCounterState globalSysBeforeState, globalSysAfterState; std::vector globalBeforeState, globalAfterState; @@ -110,6 +112,8 @@ extern "C" { } } +#endif // PCM_SHARED_LIBRARY + void print_usage(const string & progname) { cout << "\n Usage: \n " << progname From 4fe531811d0a6ba6f67124251826f7d4e262ea91 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Fri, 28 Jun 2024 20:39:36 +0200 Subject: [PATCH 29/43] delete forbidden methods --- src/mutex.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/mutex.h b/src/mutex.h index a64a1f63..3b4e717d 100644 --- a/src/mutex.h +++ b/src/mutex.h @@ -57,6 +57,9 @@ namespace pcm class Scope { Mutex & m; + Scope() = delete; + Scope(const Scope &) = delete; + Scope & operator = (const Scope &) = delete; public: Scope(Mutex & m_) : m(m_) { From 6cbab91a2a9e1a4e7c80124c66f89aaa1f0a73cf Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Fri, 28 Jun 2024 21:06:35 +0200 Subject: [PATCH 30/43] fix linking with asan Change-Id: I02559203e0ef080991eccd185ec2b7446df86adf --- CMakeLists.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 8d5e472a..9c33f11d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -88,6 +88,9 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set(PCM_HARDENING_FLAGS "${PCM_HARDENING_FLAGS} -fsanitize=undefined") endif() + set(PCM_LINKER_HARDENING_FLAGS "-fsanitize=address") + set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${PCM_LINKER_HARDENING_FLAGS}") + set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} ${PCM_LINKER_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") From f1bd4a1127215ca722d8e4fd2c79496ef5903b84 Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Sat, 29 Jun 2024 09:12:48 +0200 Subject: [PATCH 31/43] use compiled lib, not the installed one --- tests/test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.sh b/tests/test.sh index bc23ef59..69a28999 100755 --- a/tests/test.sh +++ b/tests/test.sh @@ -132,7 +132,7 @@ if [ "$?" -ne "0" ]; then fi echo Testing c_example -./examples/c_example +LD_LIBRARY_PATH=../lib/ ./examples/c_example if [ "$?" -ne "0" ]; then echo "Error in c_example" exit 1 From 8cf0a3315555c4da26ccaaba6c30aa255e9855bc Mon Sep 17 00:00:00 2001 From: Roman Dementiev Date: Sat, 29 Jun 2024 09:14:03 +0200 Subject: [PATCH 32/43] avoid pre-mature PCM init triggered by global counter state init --- src/pcm-core.cpp | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/src/pcm-core.cpp b/src/pcm-core.cpp index 434accc9..9a1fbbf8 100644 --- a/src/pcm-core.cpp +++ b/src/pcm-core.cpp @@ -51,11 +51,11 @@ struct CoreEvent #ifdef PCM_SHARED_LIBRARY extern "C" { - SystemCounterState globalSysBeforeState, globalSysAfterState; - std::vector globalBeforeState, globalAfterState; - std::vector globalDummySocketStates; - EventSelectRegister globalRegs[PERF_MAX_COUNTERS]; - PCM::ExtendedCustomCoreEventDescription globalConf; + static std::shared_ptr globalSysBeforeState, globalSysAfterState; + static std::shared_ptr > globalBeforeState, globalAfterState; + static std::shared_ptr > globalDummySocketStates; + static EventSelectRegister globalRegs[PERF_MAX_COUNTERS]; + static PCM::ExtendedCustomCoreEventDescription globalConf; int pcm_c_build_core_event(uint8_t idx, const char * argv) { @@ -70,6 +70,11 @@ extern "C" { int pcm_c_init() { PCM * m = PCM::getInstance(); + globalSysBeforeState = std::make_shared(); + globalSysAfterState = std::make_shared(); + globalBeforeState = std::make_shared >(); + globalAfterState = std::make_shared >(); + globalDummySocketStates = std::make_shared >(); globalConf.fixedCfg = NULL; // default globalConf.nGPCounters = m->getMaxCustomCoreEvents(); globalConf.gpCounterCfg = globalRegs; @@ -87,28 +92,28 @@ extern "C" { void pcm_c_start() { PCM * m = PCM::getInstance(); - m->getAllCounterStates(globalSysBeforeState, globalDummySocketStates, globalBeforeState); + m->getAllCounterStates(*globalSysBeforeState.get(), *globalDummySocketStates.get(), *globalBeforeState.get()); } void pcm_c_stop() { PCM * m = PCM::getInstance(); - m->getAllCounterStates(globalSysAfterState, globalDummySocketStates, globalAfterState); + m->getAllCounterStates(*globalSysAfterState.get(), *globalDummySocketStates.get(), *globalAfterState.get()); } uint64_t pcm_c_get_cycles(uint32_t core_id) { - return getCycles(globalBeforeState[core_id], globalAfterState[core_id]); + return getCycles((*globalBeforeState.get())[core_id], (*globalAfterState.get())[core_id]); } uint64_t pcm_c_get_instr(uint32_t core_id) { - return getInstructionsRetired(globalBeforeState[core_id], globalAfterState[core_id]); + return getInstructionsRetired((*globalBeforeState.get())[core_id], (*globalAfterState.get())[core_id]); } uint64_t pcm_c_get_core_event(uint32_t core_id, uint32_t event_id) { - return getNumberOfCustomEvents(event_id, globalBeforeState[core_id], globalAfterState[core_id]); + return getNumberOfCustomEvents(event_id, (*globalBeforeState.get())[core_id], (*globalAfterState.get())[core_id]); } } From cf9f5d2f16609b660d5a1fd62ddebb1e753d028c Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 29 Jun 2024 15:12:00 +0200 Subject: [PATCH 33/43] workaround a known bug with sanitizers Change-Id: I85fcd8d60c12eb1068495acbdb2063d2244592e5 --- tests/test.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/test.sh b/tests/test.sh index 69a28999..5496fe8a 100755 --- a/tests/test.sh +++ b/tests/test.sh @@ -132,7 +132,8 @@ if [ "$?" -ne "0" ]; then fi echo Testing c_example -LD_LIBRARY_PATH=../lib/ ./examples/c_example +# see https://github.com/google/sanitizers/issues/934 +LD_PRELOAD="$(realpath "$(gcc -print-file-name=libasan.so)") $(realpath "$(gcc -print-file-name=libstdc++.so)")" LD_LIBRARY_PATH=../lib/ ./examples/c_example if [ "$?" -ne "0" ]; then echo "Error in c_example" exit 1 From 17c10e463e2c5c9d0d20452212af3ae11cf32c1e Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 29 Jun 2024 15:13:06 +0200 Subject: [PATCH 34/43] add -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer Change-Id: I1acceaa508bff6941fe405845b704573571099f7 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 9c33f11d..c6a200ea 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -82,7 +82,7 @@ if(UNIX) # APPLE, LINUX, FREE_BSD elseif() set (PCM_DYNAMIC "") endif() - set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2 -ftrapv -fsanitize=address -fwrapv -fno-delete-null-pointer-checks -fno-strict-overflow") + set(PCM_HARDENING_FLAGS "-fPIE -fstack-protector -D_FORTIFY_SOURCE=2 -ftrapv -fsanitize=address -fwrapv -fno-delete-null-pointer-checks -fno-strict-overflow -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer") if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_LESS 5) message(WARNING "Old gcc compiler (version < 5), -fsanitize=undefined option is not supported.") elseif() From 6a6ce98115b113b52140967bc63f4aae76c32efa Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 29 Jun 2024 15:15:02 +0200 Subject: [PATCH 35/43] harden the debug build too Change-Id: I0d1559a1c283c16aad4beaf59ed83ff62084285b --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index c6a200ea..7317172c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -92,7 +92,7 @@ if(UNIX) # APPLE, LINUX, FREE_BSD set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${PCM_LINKER_HARDENING_FLAGS}") set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} ${PCM_LINKER_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_RELEASE "${PCM_OPTIONAL_FLAGS} -O3 ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") - set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC}") + set(CMAKE_CXX_FLAGS_DEBUG "${PCM_OPTIONAL_FLAGS} -O0 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${PCM_OPTIONAL_FLAGS} -O3 -g ${PCM_DYNAMIC} ${PCM_HARDENING_FLAGS}") if(FREE_BSD) set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -lexecinfo") From 98d9f986b97ffc2da4332f8537865e34bbce42ab Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 29 Jun 2024 15:28:46 +0200 Subject: [PATCH 36/43] fix compilation on gcc48 Change-Id: I4e5c3e7111623f2f4851d3f7def772db37e77949 --- src/CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index adf733f8..a775e9d8 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -49,9 +49,9 @@ if(UNIX) # LINUX, FREE_BSD, APPLE if(APPLE) add_subdirectory(MacMSRDriver) include_directories("${CMAKE_SOURCE_DIR}/src/MacMSRDriver") # target_include_directories doesn't work - target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT PcmMsr Threads::Threads) + target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT PcmMsr Threads::Threads asan) else() - target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT Threads::Threads) + target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT Threads::Threads asan) endif() set_target_properties(PCM_SHARED PROPERTIES OUTPUT_NAME pcm) endif() From dc7f402514ca68770dacf6b05fdc9af92335572f Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 29 Jun 2024 16:00:48 +0200 Subject: [PATCH 37/43] pcm-latency: avoid pre-mature PCM init triggered by global counter state init Change-Id: Ic061b0e6e97271de644ccae993bb7180774768bf --- src/pcm-latency.cpp | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/src/pcm-latency.cpp b/src/pcm-latency.cpp index b690943a..144d6ed8 100644 --- a/src/pcm-latency.cpp +++ b/src/pcm-latency.cpp @@ -92,9 +92,9 @@ ServerUncoreCounterState * BeforeState; ServerUncoreCounterState * AfterState; -SystemCounterState SysBeforeState, SysAfterState; -std::vector BeforeState_core, AfterState_core; -std::vector DummySocketStates; +std::shared_ptr SysBeforeState, SysAfterState; +std::shared_ptr > BeforeState_core, AfterState_core; +std::shared_ptr > DummySocketStates; void collect_beforestate_uncore(PCM *m) { @@ -150,12 +150,12 @@ void store_latency_uncore(PCM *m, bool ddr, int delay_ms) void collect_beforestate_core(PCM *m) { - m->getAllCounterStates(SysBeforeState, DummySocketStates, BeforeState_core); + m->getAllCounterStates(*SysBeforeState.get(), *DummySocketStates.get(), *BeforeState_core.get()); } void collect_afterstate_core(PCM *m) { - m->getAllCounterStates(SysAfterState, DummySocketStates, AfterState_core); + m->getAllCounterStates(*SysAfterState.get(), *DummySocketStates.get(), *AfterState_core.get()); } void store_latency_core(PCM *m) @@ -173,12 +173,12 @@ void store_latency_core(PCM *m) } for (unsigned int i=0; igetNumCores(); i++) { - const double frequency = (((double)getCycles(BeforeState_core[i], AfterState_core[i]) / - (double)getRefCycles(BeforeState_core[i], AfterState_core[i])) * (double)m->getNominalFrequency()) / 1000000000; + const double frequency = (((double)getCycles(BeforeState_core->operator[](i), AfterState_core->operator[](i)) / + (double)getRefCycles(BeforeState_core->operator[](i), AfterState_core->operator[](i))) * (double)m->getNominalFrequency()) / 1000000000; for(int j=0; j<2; j++)// 2 events { core_event[j].core[i].core_id = i; - core_event[j].core[i].latency = (double)getNumberOfCustomEvents(j, BeforeState_core[i], AfterState_core[i]); + core_event[j].core[i].latency = (double)getNumberOfCustomEvents(j, BeforeState_core->operator[](i), AfterState_core->operator[](i)); } // L1 latency //Adding 5 clocks for L1 Miss @@ -512,6 +512,12 @@ int mainThrows(int argc, char * argv[]) PCM::ExtendedCustomCoreEventDescription conf; PCM * m = PCM::getInstance(); + SysBeforeState = std::make_shared(); + SysAfterState = std::make_shared(); + BeforeState_core = std::make_shared >(); + AfterState_core = std::make_shared >(); + DummySocketStates = std::make_shared >(); + build_registers(m, conf, enable_pmm, enable_verbose); collect_data(m, enable_pmm, enable_verbose, delay_ms, mainLoop); From 4b92b80bf6ab3d21fd08d36f0c59640161a01d20 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sun, 30 Jun 2024 12:28:57 +0200 Subject: [PATCH 38/43] run long fuzzer every every sunday at midnight Change-Id: I2f3e3537d403f93debceb41b2f663f8b71a6c42a --- .github/workflows/ci-fuzz.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index 7993ab5a..3bc23340 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -2,8 +2,8 @@ name: fuzz-job on: schedule: - # every saturday at midnight - - cron: '0 0 * * 6' + # every sunday at midnight + - cron: '0 0 * * 0' # also allow manual triggering workflow_dispatch: From c461cd166d2e113e25d0e797f351a408255b567a Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sun, 30 Jun 2024 12:31:38 +0200 Subject: [PATCH 39/43] increase rss limit Change-Id: Idd9fba2ea4365d92cbbbb54013ac7bc2e20f5125 --- tests/fuzz.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/fuzz.sh b/tests/fuzz.sh index a16c9e5d..3172d1a1 100644 --- a/tests/fuzz.sh +++ b/tests/fuzz.sh @@ -34,7 +34,7 @@ printf '%b' "GET /dashboard/prometheus HTTP/1.1\r\nHost: localhost\r\nAccept: */ printf '%b' "GET /dashboard/prometheus/default HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/10 && printf '%b' "GET /dashboard HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/11 && printf '%b' "GET /favicon.ico HTTP/1.1\r\nHost: localhost\r\nAccept: */*\r\n\r\n" > corpus/12 && -LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -detect_leaks=0 -max_total_time=$((10 * $factor)) corpus > /dev/null && +LLVM_PROFILE_FILE="pcm-sensor-server.profraw" bin/tests/pcm-sensor-server-fuzz -detect_leaks=0 -rss_limit_mb=10000 -max_total_time=$((10 * $factor)) corpus > /dev/null && rm -rf corpus/* && printf '%b' "http://otto:test@www.intel.com/~otto/file1.txt" > corpus/1 && printf '%b' "file://localhost/c/mnt/cd/file2.txt" > corpus/2 && From 65cfffaac3cc1ced6e9413c9b29e85491689c729 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sun, 30 Jun 2024 19:25:30 +0200 Subject: [PATCH 40/43] reduce the duration fuzzing CI job to fit the GH timeout budget Change-Id: I72da5c29e2fe2216ce8a41de90231dfb40339583 --- .github/workflows/ci-fuzz.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index 3bc23340..b8a99417 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -32,7 +32,7 @@ jobs: set -o pipefail mkdir build cd build - bash ${{ github.workspace }}/tests/fuzz.sh 1000 2>&1 | tee fuzz-log.txt + bash ${{ github.workspace }}/tests/fuzz.sh 300 2>&1 | tee fuzz-log.txt cd .. - name: Show report From aa549b194a98be0a997833c2792391a1b46d923d Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sun, 30 Jun 2024 19:25:30 +0200 Subject: [PATCH 41/43] parameter value checks Change-Id: Ia8c83416dc64e1a4c104ceb92d4e90165b2435b6 --- src/cpucounters.cpp | 22 ++++++++++++++++++++++ tests/pcm-memory-fuzz.cpp | 5 +++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/src/cpucounters.cpp b/src/cpucounters.cpp index 540146d1..22afedff 100644 --- a/src/cpucounters.cpp +++ b/src/cpucounters.cpp @@ -8600,6 +8600,18 @@ ServerUncorePMUs::~ServerUncorePMUs() void ServerUncorePMUs::programServerUncoreMemoryMetrics(const ServerUncoreMemoryMetrics & metrics, const int rankA, const int rankB) { + switch (metrics) + { + case PartialWrites: + case Pmem: + case PmemMemoryMode: + case PmemMixedMode: + break; + default: + std::cerr << "PCM Error: unknown memory metrics: " << metrics << "\n"; + return; + } + PCM * pcm = PCM::getInstance(); uint32 MCCntConfig[4] = {0,0,0,0}; uint32 EDCCntConfig[4] = {0,0,0,0}; @@ -8695,6 +8707,16 @@ void ServerUncorePMUs::programServerUncoreMemoryMetrics(const ServerUncoreMemory } } } else { + if (rankA < 0 || rankA > 7) + { + std::cerr << "PCM Error: invalid rankA value: " << rankA << "\n"; + return; + } + if (rankB < 0 || rankB > 7) + { + std::cerr << "PCM Error: invalid rankB value: " << rankB << "\n"; + return; + } switch(cpu_model) { case PCM::IVYTOWN: diff --git a/tests/pcm-memory-fuzz.cpp b/tests/pcm-memory-fuzz.cpp index f91841c1..66ddb6f9 100644 --- a/tests/pcm-memory-fuzz.cpp +++ b/tests/pcm-memory-fuzz.cpp @@ -25,8 +25,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) bool print_update = data_int[pos++] % 2; uint32 no_columns = DEFAULT_DISPLAY_COLUMNS; // Default number of columns is 2 int delay = data_int[pos++] % 4; - int rankA = data_int[pos++]; - int rankB = data_int[pos++]; + int rankA = data_int[pos++] % 11; + int rankB = data_int[pos++] % 11; bool use_rank = data_int[pos++] % 2; if (!use_rank) { @@ -90,6 +90,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) cerr << "Rank level output requires channel output\n"; return 0; } + std::cerr << "programServerUncoreMemoryMetrics parameters:" << metrics << ";" << rankA << ";" << rankB << "\n"; PCM::ErrorCode status = m->programServerUncoreMemoryMetrics(metrics, rankA, rankB); m->checkError(status); From ee69c2c39a4dc79407047dd94a5d7a752af3e510 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Mon, 1 Jul 2024 13:44:06 +0200 Subject: [PATCH 42/43] try to resolve link error on OSX Change-Id: I064758df7ebad02eaf7be3c094806d2dee62cf5d --- src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index a775e9d8..3f3755cf 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -49,7 +49,7 @@ if(UNIX) # LINUX, FREE_BSD, APPLE if(APPLE) add_subdirectory(MacMSRDriver) include_directories("${CMAKE_SOURCE_DIR}/src/MacMSRDriver") # target_include_directories doesn't work - target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT PcmMsr Threads::Threads asan) + target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT PcmMsr Threads::Threads) else() target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT Threads::Threads asan) endif() From eaaae6db902b24727ac78c62dfcb9981599d82c0 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Mon, 1 Jul 2024 13:55:27 +0200 Subject: [PATCH 43/43] try to fix compilation on *BSD Change-Id: I81913ed6cc512fe372de7cb099725cac056bb09e --- src/CMakeLists.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3f3755cf..a7db0e4b 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -50,8 +50,10 @@ if(UNIX) # LINUX, FREE_BSD, APPLE add_subdirectory(MacMSRDriver) include_directories("${CMAKE_SOURCE_DIR}/src/MacMSRDriver") # target_include_directories doesn't work target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT PcmMsr Threads::Threads) - else() + elseif(LINUX) target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT Threads::Threads asan) + else() + target_link_libraries(PCM_SHARED PRIVATE PCM_STATIC_SILENT Threads::Threads) endif() set_target_properties(PCM_SHARED PROPERTIES OUTPUT_NAME pcm) endif()