Created attachment 201852 [details] Test program When using the attached test program (which is part of syzkaller) results in a lockup of the operating system. I tested this on FreeBSD head r343837 on amd64 and arm64.
The problem was introduced by the change of head/sys/conf/files in base r343746.
The problem is that calling clang with -fsanitize-coverage=trace-pc,trace-cmp -fno-sanitize=all does not turn off the coverage sanitizer. This can be demonstrated: tuexen@epyc:~ % cat test.c int main(void) { return (0); } tuexen@epyc:~ % cc -fsanitize-coverage=trace-pc,trace-cmp -o test_1.o -c test.c tuexen@epyc:~ % cc -fsanitize-coverage=trace-pc,trace-cmp -fno-sanitize-coverage=trace-pc,trace-cmp -o test_2.o -c test.c tuexen@epyc:~ % cc -fsanitize-coverage=trace-pc,trace-cmp -fno-sanitize=all -o test_3.o -c test.c tuexen@epyc:~ % ls -l test_?.o -rw-r--r-- 1 tuexen wheel 1928 Feb 9 11:44 test_1.o -rw-r--r-- 1 tuexen wheel 1016 Feb 9 11:44 test_2.o -rw-r--r-- 1 tuexen wheel 1928 Feb 9 11:44 test_3.o tuexen@epyc:~ % diff test_1.o test_3.o So wither this is a bug in clang or you can't use -fno-sanitize=all to turn off the coverage sanitizers.
A potential fix is discussed in review D19135.
A commit references this bug: Author: tuexen Date: Mon Feb 11 15:38:05 UTC 2019 New revision: 344012 URL: https://svnweb.freebsd.org/changeset/base/344012 Log: Fix flags used when compiling kern_kcov.c and subr_coverage.c. Without this fix, the usage of kernel coverage would lockup the system. Thanks to Andrew for suggesting the final form of the fix. PR: 235611 Reviewed by: andrew@, emaste@ Differential Revision: https://reviews.freebsd.org/D19135 Changes: head/sys/conf/files