Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / honggfuzz / dec78f15d589b285059b14493c8dac1a201dc4c7 / . / honggfuzz.c
blob: ab870bab47053ad1548b0e3a8b7ae2b7d613932f [file] [log] [blame]
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]1/*
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]2 *
robert.swiecki@gmail.com90e99112015-02-15 02:05:14 +0000[diff] [blame]3 * honggfuzz - the main file
4 * -----------------------------------------
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]5 *
robert.swiecki@gmail.com8531f692015-02-17 12:25:36 +0000[diff] [blame]6 * Author:
7 * Robert Swiecki <swiecki@google.com>
8 * Felix Gröbert <groebert@google.com>
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]9 *
robert.swiecki@gmail.com772b33d2015-02-14 20:35:00 +0000[diff] [blame]10 * Copyright 2010-2015 by Google Inc. All Rights Reserved.
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]11 *
12 * Licensed under the Apache License, Version 2.0 (the "License"); you may
13 * not use this file except in compliance with the License. You may obtain
robert.swiecki@gmail.com772b33d2015-02-14 20:35:00 +0000[diff] [blame]14 * a copy of the License at
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]15 *
robert.swiecki@gmail.com772b33d2015-02-14 20:35:00 +0000[diff] [blame]16 * http://www.apache.org/licenses/LICENSE-2.0
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]17 *
robert.swiecki@gmail.com772b33d2015-02-14 20:35:00 +0000[diff] [blame]18 * Unless required by applicable law or agreed to in writing, software
19 * distributed under the License is distributed on an "AS IS" BASIS,
20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
21 * implied. See the License for the specific language governing
22 * permissions and limitations under the License.
robert.swiecki@gmail.com3b630b42015-02-16 10:53:53 +0000[diff] [blame]23 *
robert.swiecki@gmail.com772b33d2015-02-14 20:35:00 +0000[diff] [blame]24 */
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]25
robert.swiecki@gmail.comba85c3e2015-02-02 14:55:16 +0000[diff] [blame]26#include <getopt.h>
Robert Swieckid0fa62c2017-09-28 18:11:05 +0200[diff] [blame]27#include <inttypes.h>
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]28#include <signal.h>
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]29#include <stdio.h>
30#include <stdlib.h>
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]31#include <string.h>
Robert Swiecki10eeb0a2017-09-28 15:42:52 +0200[diff] [blame]32#include <sys/mman.h>
robert.swiecki@gmail.comba85c3e2015-02-02 14:55:16 +0000[diff] [blame]33#include <time.h>
34#include <unistd.h>
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]35
Robert Swieckic8c32db2015-10-09 18:06:22 +0200[diff] [blame]36#include "cmdline.h"
Robert Swieckia375f4b2017-06-01 13:20:54 +0200[diff] [blame]37#include "display.h"
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]38#include "fuzz.h"
Robert Swiecki10eeb0a2017-09-28 15:42:52 +0200[diff] [blame]39#include "input.h"
Robert Swieckid0fa62c2017-09-28 18:11:05 +0200[diff] [blame]40#include "libcommon/common.h"
41#include "libcommon/files.h"
42#include "libcommon/log.h"
43#include "libcommon/util.h"
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]44
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]45static int sigReceived = 0;
46
Robert Swieckic6a48b12016-03-11 17:41:57 +0100[diff] [blame]47/*
48 * CygWin/MinGW incorrectly copies stack during fork(), so we need to keep some
49 * structures in the data section
50 */
51honggfuzz_t hfuzz;
Robert Swieckic6a48b12016-03-11 17:41:57 +0100[diff] [blame]52
Robert Swiecki35978ac2017-11-16 18:00:53 +0100[diff] [blame]53static void exitWithMsg(const char* msg, int exit_code) {
Robert Swiecki3edbe822017-11-16 22:40:32 +0100[diff] [blame]54 UNUSED ssize_t sz = write(STDERR_FILENO, msg, strlen(msg));
Robert Swiecki35978ac2017-11-16 18:00:53 +0100[diff] [blame]55 exit(exit_code);
56 abort();
57}
58
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]59void sigHandler(int sig) {
Robert Swiecki1c9d8092017-06-01 02:39:09 +0200[diff] [blame]60 /* We should not terminate upon SIGALRM delivery */
61 if (sig == SIGALRM) {
Robert Swiecki0dde76d2017-11-16 19:25:44 +0100[diff] [blame]62 if (fuzz_shouldTerminate()) {
63 exitWithMsg("Terminating forcefully\n", EXIT_FAILURE);
Robert Swiecki35978ac2017-11-16 18:00:53 +0100[diff] [blame]64 }
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]65 return;
66 }
67
Robert Swiecki8d01b012017-02-19 15:48:11 +0100[diff] [blame]68 if (ATOMIC_GET(sigReceived) != 0) {
Robert Swiecki35978ac2017-11-16 18:00:53 +0100[diff] [blame]69 exitWithMsg("Repeated termination signal caugth\n", EXIT_FAILURE);
Robert Swiecki8d01b012017-02-19 15:48:11 +0100[diff] [blame]70 }
71
72 ATOMIC_SET(sigReceived, sig);
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]73}
74
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]75static void setupTimer(void) {
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]76 struct itimerval it = {
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]77 .it_value = {.tv_sec = 1, .tv_usec = 0},
78 .it_interval = {.tv_sec = 1, .tv_usec = 0},
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]79 };
80 if (setitimer(ITIMER_REAL, &it, NULL) == -1) {
81 PLOG_F("setitimer(ITIMER_REAL)");
82 }
83}
84
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]85static void setupSignalsPreThr(void) {
Jaggerfbd4ae12016-09-02 02:26:02 +0200[diff] [blame]86 /* Block signals which should be handled or blocked in the main thread */
Jagger33cce5d2016-04-16 20:10:36 +0200[diff] [blame]87 sigset_t ss;
Jagger090de222016-04-16 20:05:13 +0200[diff] [blame]88 sigemptyset(&ss);
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]89 sigaddset(&ss, SIGTERM);
90 sigaddset(&ss, SIGINT);
91 sigaddset(&ss, SIGQUIT);
Jagger33cce5d2016-04-16 20:10:36 +0200[diff] [blame]92 sigaddset(&ss, SIGALRM);
Jaggerac75f262016-08-20 12:38:20 +0200[diff] [blame]93 sigaddset(&ss, SIGPIPE);
Jaggerfbd4ae12016-09-02 02:26:02 +0200[diff] [blame]94 sigaddset(&ss, SIGIO);
Robert Swiecki746eaf02017-03-01 23:49:48 +0100[diff] [blame]95 sigaddset(&ss, SIGCHLD);
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]96 if (sigprocmask(SIG_BLOCK, &ss, NULL) != 0) {
97 PLOG_F("pthread_sigmask(SIG_BLOCK)");
98 }
Jagger848c4fc2016-03-11 01:34:53 +0100[diff] [blame]99}
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]100
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]101static void setupSignalsPostThr(void) {
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]102 struct sigaction sa = {
103 .sa_handler = sigHandler,
104 .sa_flags = 0,
105 };
106 sigemptyset(&sa.sa_mask);
107 if (sigaction(SIGTERM, &sa, NULL) == -1) {
108 PLOG_F("sigaction(SIGTERM) failed");
109 }
110 if (sigaction(SIGINT, &sa, NULL) == -1) {
111 PLOG_F("sigaction(SIGINT) failed");
112 }
113 if (sigaction(SIGQUIT, &sa, NULL) == -1) {
114 PLOG_F("sigaction(SIGQUIT) failed");
115 }
Jagger33cce5d2016-04-16 20:10:36 +0200[diff] [blame]116 if (sigaction(SIGALRM, &sa, NULL) == -1) {
117 PLOG_F("sigaction(SIGQUIT) failed");
118 }
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]119 /* Unblock signals which should be handled by the main thread */
120 sigset_t ss;
121 sigemptyset(&ss);
122 sigaddset(&ss, SIGTERM);
123 sigaddset(&ss, SIGINT);
124 sigaddset(&ss, SIGQUIT);
Jagger3846dfc2016-04-16 20:06:16 +0200[diff] [blame]125 sigaddset(&ss, SIGALRM);
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]126 if (sigprocmask(SIG_UNBLOCK, &ss, NULL) != 0) {
Jagger33cce5d2016-04-16 20:10:36 +0200[diff] [blame]127 PLOG_F("pthread_sigmask(SIG_UNBLOCK)");
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]128 }
129}
130
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]131int main(int argc, char** argv) {
Robert Swieckic6a48b12016-03-11 17:41:57 +0100[diff] [blame]132 /*
133 * Work around CygWin/MinGW
134 */
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]135 char** myargs = (char**)util_Malloc(sizeof(char*) * (argc + 1));
Robert Swiecki0b566112017-10-17 17:39:07 +0200[diff] [blame]136 defer { free(myargs); };
Jagger1ebc6dc2016-03-12 01:39:09 +0100[diff] [blame]137
138 int i;
139 for (i = 0U; i < argc; i++) {
Robert Swieckic6a48b12016-03-11 17:41:57 +0100[diff] [blame]140 myargs[i] = argv[i];
141 }
142 myargs[i] = NULL;
143
144 if (cmdlineParse(argc, myargs, &hfuzz) == false) {
Robert Swieckic8c32db2015-10-09 18:06:22 +0200[diff] [blame]145 LOG_F("Parsing of the cmd-line arguments failed");
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]146 }
147
Robert Swiecki1f1ce172017-02-10 03:43:00 +0100[diff] [blame]148 if (hfuzz.useScreen) {
149 display_init();
150 }
151
Robert Swiecki10eeb0a2017-09-28 15:42:52 +0200[diff] [blame]152 if (!input_init(&hfuzz)) {
Robert Swieckic1deec82017-04-27 02:42:12 +0200[diff] [blame]153 if (hfuzz.externalCommand) {
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]154 LOG_I(
155 "No input file corpus loaded, the external command '%s' is responsible for "
156 "creating the fuzz files",
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]157 hfuzz.externalCommand);
Robert Swieckic1deec82017-04-27 02:42:12 +0200[diff] [blame]158 } else {
159 LOG_F("Couldn't load input files");
160 exit(EXIT_FAILURE);
161 }
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]162 }
163
Robert Swiecki10eeb0a2017-09-28 15:42:52 +0200[diff] [blame]164 if (hfuzz.dictionaryFile && (input_parseDictionary(&hfuzz) == false)) {
Robert Swieckic8c32db2015-10-09 18:06:22 +0200[diff] [blame]165 LOG_F("Couldn't parse dictionary file ('%s')", hfuzz.dictionaryFile);
robert.swiecki@gmail.com4f1124f2015-04-21 17:12:22 +0000[diff] [blame]166 }
167
Robert Swiecki10eeb0a2017-09-28 15:42:52 +0200[diff] [blame]168 if (hfuzz.blacklistFile && (input_parseBlacklist(&hfuzz) == false)) {
Robert Swieckic8c32db2015-10-09 18:06:22 +0200[diff] [blame]169 LOG_F("Couldn't parse stackhash blacklist file ('%s')", hfuzz.blacklistFile);
Anestis Bechtsoudisd59af692015-09-21 15:15:05 +0300[diff] [blame]170 }
Anestis Bechtsoudis00be1892016-10-31 09:29:44 +0200[diff] [blame]171#define hfuzzl hfuzz.linux
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]172 if (hfuzzl.symsBlFile &&
173 ((hfuzzl.symsBlCnt = files_parseSymbolFilter(hfuzzl.symsBlFile, &hfuzzl.symsBl)) == 0)) {
Anestis Bechtsoudis3dce6ac2016-10-31 08:51:14 +0200[diff] [blame]174 LOG_F("Couldn't parse symbols blacklist file ('%s')", hfuzzl.symsBlFile);
Anestis Bechtsoudisba68b382016-10-29 20:44:15 +0300[diff] [blame]175 }
176
Robert Swieckid50ed422017-11-13 23:32:26 +0100[diff] [blame]177 if (hfuzzl.symsWlFile &&
178 ((hfuzzl.symsWlCnt = files_parseSymbolFilter(hfuzzl.symsWlFile, &hfuzzl.symsWl)) == 0)) {
Anestis Bechtsoudis3dce6ac2016-10-31 08:51:14 +0200[diff] [blame]179 LOG_F("Couldn't parse symbols whitelist file ('%s')", hfuzzl.symsWlFile);
Anestis Bechtsoudisba68b382016-10-29 20:44:15 +0300[diff] [blame]180 }
Anestis Bechtsoudis00be1892016-10-31 09:29:44 +0200[diff] [blame]181
Robert Swieckie4d63d42016-11-01 00:40:51 +0100[diff] [blame]182 if (hfuzz.dynFileMethod != _HF_DYNFILE_NONE) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]183 hfuzz.feedback = files_mapSharedMem(sizeof(feedback_t), &hfuzz.bbFd, hfuzz.io.workDir);
Robert Swieckie4d63d42016-11-01 00:40:51 +0100[diff] [blame]184 if (hfuzz.feedback == MAP_FAILED) {
Robert Swiecki82c707c2017-11-14 16:36:23 +0100[diff] [blame]185 LOG_F("files_mapSharedMem(sz=%zu, dir='%s') failed", sizeof(feedback_t),
186 hfuzz.io.workDir);
Robert Swieckie4d63d42016-11-01 00:40:51 +0100[diff] [blame]187 }
188 }
189
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]190 /*
Robert Swiecki3c01a0c2017-03-15 02:31:26 +0100[diff] [blame]191 * So far, so good
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]192 */
Robert Swiecki66b65122017-11-11 02:55:55 +0100[diff] [blame]193 pthread_t threads[hfuzz.threads.threadsMax];
Robert Swiecki33fb2842017-02-19 05:39:50 +0100[diff] [blame]194
Robert Swiecki37778e02016-03-15 15:45:28 +0100[diff] [blame]195 setupSignalsPreThr();
Robert Swiecki33fb2842017-02-19 05:39:50 +0100[diff] [blame]196 fuzz_threadsStart(&hfuzz, threads);
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]197 setupSignalsPostThr();
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]198
Robert Swiecki37778e02016-03-15 15:45:28 +0100[diff] [blame]199 setupTimer();
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]200 for (;;) {
201 if (hfuzz.useScreen) {
202 display_display(&hfuzz);
203 }
Robert Swiecki8d01b012017-02-19 15:48:11 +0100[diff] [blame]204 if (ATOMIC_GET(sigReceived) > 0) {
Robert Swieckic95cf2a2017-06-23 15:31:08 +0200[diff] [blame]205 LOG_I("Signal %d (%s) received, terminating", ATOMIC_GET(sigReceived),
Robert Swiecki4e595fb2017-10-11 17:26:51 +0200[diff] [blame]206 strsignal(ATOMIC_GET(sigReceived)));
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]207 break;
208 }
Robert Swiecki66b65122017-11-11 02:55:55 +0100[diff] [blame]209 if (ATOMIC_GET(hfuzz.threads.threadsFinished) >= hfuzz.threads.threadsMax) {
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]210 break;
211 }
Robert Swieckic95cf2a2017-06-23 15:31:08 +0200[diff] [blame]212 if (hfuzz.runEndTime > 0 && (time(NULL) > hfuzz.runEndTime)) {
213 LOG_I("Maximum run time reached, terminating");
Robert Swiecki0dde76d2017-11-16 19:25:44 +0100[diff] [blame]214 fuzz_setTerminating();
Robert Swieckic95cf2a2017-06-23 15:31:08 +0200[diff] [blame]215 break;
216 }
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]217 pause();
218 }
219
Robert Swiecki0dde76d2017-11-16 19:25:44 +0100[diff] [blame]220 fuzz_setTerminating();
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]221
Robert Swiecki33fb2842017-02-19 05:39:50 +0100[diff] [blame]222 fuzz_threadsStop(&hfuzz, threads);
223
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]224 /* Clean-up global buffers */
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]225 if (hfuzz.blacklist) {
226 free(hfuzz.blacklist);
227 }
Anestis Bechtsoudisba68b382016-10-29 20:44:15 +0300[diff] [blame]228 if (hfuzz.linux.symsBl) {
229 free(hfuzz.linux.symsBl);
230 }
231 if (hfuzz.linux.symsWl) {
232 free(hfuzz.linux.symsWl);
233 }
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]234 if (hfuzz.sanOpts.asanOpts) {
235 free(hfuzz.sanOpts.asanOpts);
236 }
237 if (hfuzz.sanOpts.ubsanOpts) {
238 free(hfuzz.sanOpts.ubsanOpts);
239 }
240 if (hfuzz.sanOpts.msanOpts) {
241 free(hfuzz.sanOpts.msanOpts);
242 }
Jagger08816fd2016-03-11 01:32:38 +0100[diff] [blame]243
Robert Swiecki37778e02016-03-15 15:45:28 +0100[diff] [blame]244 return EXIT_SUCCESS;
robert.swiecki3bb518c2010-10-14 00:48:24 +0000[diff] [blame]245}