Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 24a148b1d41ec1ac38ef15f39f38073ce50a1bfa / . / llvm / lib / Fuzzer / FuzzerUtilDarwin.cpp
blob: 62f0f2271fe172a65194f55c4d70071d30fe453d [file] [log] [blame]
Dan Liewed3c9ca2016-08-12 18:29:36 +0000[diff] [blame]1//===- FuzzerUtilDarwin.cpp - Misc utils ----------------------------------===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9// Misc utils for Darwin.
10//===----------------------------------------------------------------------===//
Kostya Serebryany86586182016-09-21 21:17:23 +0000[diff] [blame]11#include "FuzzerDefs.h"
Dan Liewed3c9ca2016-08-12 18:29:36 +0000[diff] [blame]12#if LIBFUZZER_APPLE
Zachary Turner24a148b2016-11-30 19:06:14 +0000[diff] [blame^]13#include "FuzzerIO.h"
Dan Liewed3c9ca2016-08-12 18:29:36 +0000[diff] [blame]14#include <mutex>
15#include <signal.h>
16#include <spawn.h>
17#include <sys/wait.h>
18
19// There is no header for this on macOS so declare here
20extern "C" char **environ;
21
22namespace fuzzer {
23
24static std::mutex SignalMutex;
25// Global variables used to keep track of how signal handling should be
26// restored. They should **not** be accessed without holding `SignalMutex`.
27static int ActiveThreadCount = 0;
28static struct sigaction OldSigIntAction;
29static struct sigaction OldSigQuitAction;
30static sigset_t OldBlockedSignalsSet;
31
32// This is a reimplementation of Libc's `system()`. On Darwin the Libc
33// implementation contains a mutex which prevents it from being used
34// concurrently. This implementation **can** be used concurrently. It sets the
35// signal handlers when the first thread enters and restores them when the last
36// thread finishes execution of the function and ensures this is not racey by
37// using a mutex.
38int ExecuteCommand(const std::string &Command) {
39 posix_spawnattr_t SpawnAttributes;
40 if (posix_spawnattr_init(&SpawnAttributes))
41 return -1;
42 // Block and ignore signals of the current process when the first thread
43 // enters.
44 {
45 std::lock_guard<std::mutex> Lock(SignalMutex);
46 if (ActiveThreadCount == 0) {
47 static struct sigaction IgnoreSignalAction;
48 sigset_t BlockedSignalsSet;
49 memset(&IgnoreSignalAction, 0, sizeof(IgnoreSignalAction));
50 IgnoreSignalAction.sa_handler = SIG_IGN;
51
52 if (sigaction(SIGINT, &IgnoreSignalAction, &OldSigIntAction) == -1) {
53 Printf("Failed to ignore SIGINT\n");
54 (void)posix_spawnattr_destroy(&SpawnAttributes);
55 return -1;
56 }
57 if (sigaction(SIGQUIT, &IgnoreSignalAction, &OldSigQuitAction) == -1) {
58 Printf("Failed to ignore SIGQUIT\n");
59 // Try our best to restore the signal handlers.
60 (void)sigaction(SIGINT, &OldSigIntAction, NULL);
61 (void)posix_spawnattr_destroy(&SpawnAttributes);
62 return -1;
63 }
64
65 (void)sigemptyset(&BlockedSignalsSet);
66 (void)sigaddset(&BlockedSignalsSet, SIGCHLD);
67 if (sigprocmask(SIG_BLOCK, &BlockedSignalsSet, &OldBlockedSignalsSet) ==
68 -1) {
69 Printf("Failed to block SIGCHLD\n");
70 // Try our best to restore the signal handlers.
71 (void)sigaction(SIGQUIT, &OldSigQuitAction, NULL);
72 (void)sigaction(SIGINT, &OldSigIntAction, NULL);
73 (void)posix_spawnattr_destroy(&SpawnAttributes);
74 return -1;
75 }
76 }
77 ++ActiveThreadCount;
78 }
79
80 // NOTE: Do not introduce any new `return` statements past this
81 // point. It is important that `ActiveThreadCount` always be decremented
82 // when leaving this function.
83
84 // Make sure the child process uses the default handlers for the
85 // following signals rather than inheriting what the parent has.
86 sigset_t DefaultSigSet;
87 (void)sigemptyset(&DefaultSigSet);
88 (void)sigaddset(&DefaultSigSet, SIGQUIT);
89 (void)sigaddset(&DefaultSigSet, SIGINT);
90 (void)posix_spawnattr_setsigdefault(&SpawnAttributes, &DefaultSigSet);
91 // Make sure the child process doesn't block SIGCHLD
92 (void)posix_spawnattr_setsigmask(&SpawnAttributes, &OldBlockedSignalsSet);
93 short SpawnFlags = POSIX_SPAWN_SETSIGDEF | POSIX_SPAWN_SETSIGMASK;
94 (void)posix_spawnattr_setflags(&SpawnAttributes, SpawnFlags);
95
96 pid_t Pid;
97 char **Environ = environ; // Read from global
98 const char *CommandCStr = Command.c_str();
99 const char *Argv[] = {"sh", "-c", CommandCStr, NULL};
100 int ErrorCode = 0, ProcessStatus = 0;
101 // FIXME: We probably shouldn't hardcode the shell path.
102 ErrorCode = posix_spawn(&Pid, "/bin/sh", NULL, &SpawnAttributes,
103 (char *const *)Argv, Environ);
104 (void)posix_spawnattr_destroy(&SpawnAttributes);
105 if (!ErrorCode) {
106 pid_t SavedPid = Pid;
107 do {
108 // Repeat until call completes uninterrupted.
109 Pid = waitpid(SavedPid, &ProcessStatus, /*options=*/0);
110 } while (Pid == -1 && errno == EINTR);
111 if (Pid == -1) {
112 // Fail for some other reason.
113 ProcessStatus = -1;
114 }
115 } else if (ErrorCode == ENOMEM || ErrorCode == EAGAIN) {
116 // Fork failure.
117 ProcessStatus = -1;
118 } else {
119 // Shell execution failure.
120 ProcessStatus = W_EXITCODE(127, 0);
121 }
122
123 // Restore the signal handlers of the current process when the last thread
124 // using this function finishes.
125 {
126 std::lock_guard<std::mutex> Lock(SignalMutex);
127 --ActiveThreadCount;
128 if (ActiveThreadCount == 0) {
129 bool FailedRestore = false;
130 if (sigaction(SIGINT, &OldSigIntAction, NULL) == -1) {
131 Printf("Failed to restore SIGINT handling\n");
132 FailedRestore = true;
133 }
134 if (sigaction(SIGQUIT, &OldSigQuitAction, NULL) == -1) {
135 Printf("Failed to restore SIGQUIT handling\n");
136 FailedRestore = true;
137 }
138 if (sigprocmask(SIG_BLOCK, &OldBlockedSignalsSet, NULL) == -1) {
139 Printf("Failed to unblock SIGCHLD\n");
140 FailedRestore = true;
141 }
142 if (FailedRestore)
143 ProcessStatus = -1;
144 }
145 }
146 return ProcessStatus;
147}
148}
149#endif // LIBFUZZER_APPLE