[Libguestfs] [nbdkit PATCH] maint: Default to probing valgrind at runtime
Richard W.M. Jones
rjones at redhat.com
Wed Aug 11 14:39:32 UTC 2021
On Wed, Aug 11, 2021 at 09:28:17AM -0500, Eric Blake wrote:
> When we added --enable-valgrind in commit ac4ad5545, we argued that a
> runtime probe for valgrind might be invasive enough that it should be
> opt-in for developers only. But it turns out that valgrind.h's
> implementation for RUNNING_ON_VALGRIND is intentionally minimally
> invasive: it does not link in any external library or function calls,
> but merely injects a few benign instructions (a sequence of rol on
> x86_64) that the valgrind JIT recognizes as special, but which are a
> no-op on bare-metal runs. Furthermore, we are not checking valgrind
> use in a hotspot. So there is no real penalty to defaulting the
> valgrind probe to on, which makes 'make check-valgrind' more likely to
> work out-of-the-box. Still, we keep --disable-valgrind for anyone
> that does not want to use 'CFLAGS=-DNVALGRIND' as another alternative
> for avoiding even those few assembly instructions in a production
> binary.
>
> Also, we misused AC_ARG_ENABLE, such that './configure
> --disable-valgrind' actually enables valgrind. We then copied that
> same bug for --disable-libfuzzer (commit 9b0300ca). An audit of the
> other AC_ARG_WITH and AC_ARG_ENABLE did not find other instances of
> this misuse.
>
> In addition to tweaking the configure default, we need to rearrange
> the logic of internal.h so that libfuzzer and sanitize address still
> unconditionally disable dlclose, even when valgrind headers were
> detected.
> ---
> configure.ac | 20 +++++++++++---------
> server/internal.h | 14 ++++++++------
> 2 files changed, 19 insertions(+), 15 deletions(-)
>
> diff --git a/configure.ac b/configure.ac
> index a813dfff..ef9c99b4 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -638,20 +638,22 @@ dnl Check for valgrind.
> AC_CHECK_PROG([VALGRIND],[valgrind],[valgrind],[no])
>
> dnl If valgrind headers are available (optional).
> -dnl Since this is only useful for developers, you have to enable
> -dnl it explicitly using --enable-valgrind.
> +dnl Although the runtime check adds only a trivial amount of code, you can
> +dnl avoid it with explicit --disable-valgrind.
> AC_ARG_ENABLE([valgrind],
> - [AS_HELP_STRING([--enable-valgrind],
> - [enable Valgrind extensions (for developers)])],
> - [enable_valgrind=yes],
> - [enable_valgrind=no])
> -AS_IF([test "x$enable_valgrind" = "xyes"],[
> + [AS_HELP_STRING([--disable-valgrind],
> + [disable Valgrind probe])],
> + [],
> + [enable_valgrind=check])
> +AS_IF([test "x$enable_valgrind" != "xno"],[
> PKG_CHECK_MODULES([VALGRIND], [valgrind], [
> AC_SUBST([VALGRIND_CFLAGS])
> AC_SUBST([VALGRIND_LIBS])
> AC_DEFINE([HAVE_VALGRIND],[1],[Valgrind headers found at compile time])
> ],[
> - AC_MSG_ERROR([--enable-valgrind given, but Valgrind headers are not available])
> + AS_IF([test "x$enable_valgrind" = "xyes"], [
> + AC_MSG_ERROR([--enable-valgrind given, but Valgrind headers are not available])
> + ])
> ])
> ])
>
> @@ -660,7 +662,7 @@ dnl normal builds. See fuzzing/README.
> AC_ARG_ENABLE([libfuzzer],
> [AS_HELP_STRING([--enable-libfuzzer],
> [build libFuzzer test binary (developers only)])],
> - [enable_libfuzzer=yes],
> + [],
> [enable_libfuzzer=no])
> AS_IF([test "x$enable_libfuzzer" = "xyes"],[
> AC_DEFINE([ENABLE_LIBFUZZER],[1],[Enable special libFuzzer binary])
> diff --git a/server/internal.h b/server/internal.h
> index b1473911..bc81b786 100644
> --- a/server/internal.h
> +++ b/server/internal.h
> @@ -63,11 +63,7 @@
> #define if_verbose if (verbose)
> #endif
>
> -#if HAVE_VALGRIND
> -# include <valgrind.h>
> -/* http://valgrind.org/docs/manual/faq.html#faq.unhelpful */
> -# define DO_DLCLOSE !RUNNING_ON_VALGRIND
> -#elif defined(__SANITIZE_ADDRESS__)
> +#if defined(__SANITIZE_ADDRESS__)
> # define DO_DLCLOSE 0
> #elif ENABLE_LIBFUZZER
> /* XXX This causes dlopen in the server to leak during fuzzing.
> @@ -76,7 +72,13 @@
> */
> # define DO_DLCLOSE 0
> #else
> -# define DO_DLCLOSE 1
> +# if HAVE_VALGRIND
> +# include <valgrind.h>
> +/* http://valgrind.org/docs/manual/faq.html#faq.unhelpful */
> +# define DO_DLCLOSE !RUNNING_ON_VALGRIND
> +# else
> +# define DO_DLCLOSE 1
> +# endif
> #endif
>
> /* Declare program_name. */
> --
ACK
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
More information about the Libguestfs
mailing list