Path: blob/main/contrib/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtilWindows.cpp
35262 views
//===- FuzzerUtilWindows.cpp - Misc utils for Windows. --------------------===//1//2// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.3// See https://llvm.org/LICENSE.txt for license information.4// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception5//6//===----------------------------------------------------------------------===//7// Misc utils implementation for Windows.8//===----------------------------------------------------------------------===//9#include "FuzzerPlatform.h"10#if LIBFUZZER_WINDOWS11#include "FuzzerCommand.h"12#include "FuzzerIO.h"13#include "FuzzerInternal.h"14#include <cassert>15#include <chrono>16#include <cstring>17#include <errno.h>18#include <io.h>19#include <iomanip>20#include <signal.h>21#include <stdio.h>22#include <sys/types.h>23// clang-format off24#include <windows.h>25// These must be included after windows.h.26// archicture need to be set before including27// libloaderapi28#include <libloaderapi.h>29#include <stringapiset.h>30#include <psapi.h>31// clang-format on3233namespace fuzzer {3435static const FuzzingOptions* HandlerOpt = nullptr;3637static LONG CALLBACK ExceptionHandler(PEXCEPTION_POINTERS ExceptionInfo) {38switch (ExceptionInfo->ExceptionRecord->ExceptionCode) {39case EXCEPTION_ACCESS_VIOLATION:40case EXCEPTION_ARRAY_BOUNDS_EXCEEDED:41case EXCEPTION_STACK_OVERFLOW:42if (HandlerOpt->HandleSegv)43Fuzzer::StaticCrashSignalCallback();44break;45case EXCEPTION_DATATYPE_MISALIGNMENT:46case EXCEPTION_IN_PAGE_ERROR:47if (HandlerOpt->HandleBus)48Fuzzer::StaticCrashSignalCallback();49break;50case EXCEPTION_ILLEGAL_INSTRUCTION:51case EXCEPTION_PRIV_INSTRUCTION:52if (HandlerOpt->HandleIll)53Fuzzer::StaticCrashSignalCallback();54break;55case EXCEPTION_FLT_DENORMAL_OPERAND:56case EXCEPTION_FLT_DIVIDE_BY_ZERO:57case EXCEPTION_FLT_INEXACT_RESULT:58case EXCEPTION_FLT_INVALID_OPERATION:59case EXCEPTION_FLT_OVERFLOW:60case EXCEPTION_FLT_STACK_CHECK:61case EXCEPTION_FLT_UNDERFLOW:62case EXCEPTION_INT_DIVIDE_BY_ZERO:63case EXCEPTION_INT_OVERFLOW:64if (HandlerOpt->HandleFpe)65Fuzzer::StaticCrashSignalCallback();66break;67// This is an undocumented exception code corresponding to a Visual C++68// Exception.69//70// See: https://devblogs.microsoft.com/oldnewthing/20100730-00/?p=1327371case 0xE06D7363:72if (HandlerOpt->HandleWinExcept)73Fuzzer::StaticCrashSignalCallback();74break;75// TODO: Handle (Options.HandleXfsz)76}77return EXCEPTION_CONTINUE_SEARCH;78}7980BOOL WINAPI CtrlHandler(DWORD dwCtrlType) {81switch (dwCtrlType) {82case CTRL_C_EVENT:83if (HandlerOpt->HandleInt)84Fuzzer::StaticInterruptCallback();85return TRUE;86case CTRL_BREAK_EVENT:87if (HandlerOpt->HandleTerm)88Fuzzer::StaticInterruptCallback();89return TRUE;90}91return FALSE;92}9394void CALLBACK AlarmHandler(PVOID, BOOLEAN) {95Fuzzer::StaticAlarmCallback();96}9798class TimerQ {99HANDLE TimerQueue;100public:101TimerQ() : TimerQueue(NULL) {}102~TimerQ() {103if (TimerQueue)104DeleteTimerQueueEx(TimerQueue, NULL);105}106void SetTimer(int Seconds) {107if (!TimerQueue) {108TimerQueue = CreateTimerQueue();109if (!TimerQueue) {110Printf("libFuzzer: CreateTimerQueue failed.\n");111exit(1);112}113}114HANDLE Timer;115if (!CreateTimerQueueTimer(&Timer, TimerQueue, AlarmHandler, NULL,116Seconds*1000, Seconds*1000, 0)) {117Printf("libFuzzer: CreateTimerQueueTimer failed.\n");118exit(1);119}120}121};122123static TimerQ Timer;124125static void CrashHandler(int) { Fuzzer::StaticCrashSignalCallback(); }126127void SetSignalHandler(const FuzzingOptions& Options) {128HandlerOpt = &Options;129130if (Options.HandleAlrm && Options.UnitTimeoutSec > 0)131Timer.SetTimer(Options.UnitTimeoutSec / 2 + 1);132133if (Options.HandleInt || Options.HandleTerm)134if (!SetConsoleCtrlHandler(CtrlHandler, TRUE)) {135DWORD LastError = GetLastError();136Printf("libFuzzer: SetConsoleCtrlHandler failed (Error code: %lu).\n",137LastError);138exit(1);139}140141if (Options.HandleSegv || Options.HandleBus || Options.HandleIll ||142Options.HandleFpe || Options.HandleWinExcept)143SetUnhandledExceptionFilter(ExceptionHandler);144145if (Options.HandleAbrt)146if (SIG_ERR == signal(SIGABRT, CrashHandler)) {147Printf("libFuzzer: signal failed with %d\n", errno);148exit(1);149}150}151152void SleepSeconds(int Seconds) { Sleep(Seconds * 1000); }153154unsigned long GetPid() { return GetCurrentProcessId(); }155156size_t GetPeakRSSMb() {157PROCESS_MEMORY_COUNTERS info;158if (!GetProcessMemoryInfo(GetCurrentProcess(), &info, sizeof(info)))159return 0;160return info.PeakWorkingSetSize >> 20;161}162163FILE *OpenProcessPipe(const char *Command, const char *Mode) {164return _popen(Command, Mode);165}166167int CloseProcessPipe(FILE *F) {168return _pclose(F);169}170171int ExecuteCommand(const Command &Cmd) {172std::string CmdLine = Cmd.toString();173return system(CmdLine.c_str());174}175176bool ExecuteCommand(const Command &Cmd, std::string *CmdOutput) {177FILE *Pipe = _popen(Cmd.toString().c_str(), "r");178if (!Pipe)179return false;180181if (CmdOutput) {182char TmpBuffer[128];183while (fgets(TmpBuffer, sizeof(TmpBuffer), Pipe))184CmdOutput->append(TmpBuffer);185}186return _pclose(Pipe) == 0;187}188189const void *SearchMemory(const void *Data, size_t DataLen, const void *Patt,190size_t PattLen) {191// TODO: make this implementation more efficient.192const char *Cdata = (const char *)Data;193const char *Cpatt = (const char *)Patt;194195if (!Data || !Patt || DataLen == 0 || PattLen == 0 || DataLen < PattLen)196return NULL;197198if (PattLen == 1)199return memchr(Data, *Cpatt, DataLen);200201const char *End = Cdata + DataLen - PattLen + 1;202203for (const char *It = Cdata; It < End; ++It)204if (It[0] == Cpatt[0] && memcmp(It, Cpatt, PattLen) == 0)205return It;206207return NULL;208}209210std::string DisassembleCmd(const std::string &FileName) {211std::vector<std::string> command_vector;212command_vector.push_back("dumpbin /summary > nul");213if (ExecuteCommand(Command(command_vector)) == 0)214return "dumpbin /disasm " + FileName;215Printf("libFuzzer: couldn't find tool to disassemble (dumpbin)\n");216exit(1);217}218219std::string SearchRegexCmd(const std::string &Regex) {220return "findstr /r \"" + Regex + "\"";221}222223void DiscardOutput(int Fd) {224FILE* Temp = fopen("nul", "w");225if (!Temp)226return;227_dup2(_fileno(Temp), Fd);228fclose(Temp);229}230231size_t PageSize() {232static size_t PageSizeCached = []() -> size_t {233SYSTEM_INFO si;234GetSystemInfo(&si);235return si.dwPageSize;236}();237return PageSizeCached;238}239240void SetThreadName(std::thread &thread, const std::string &name) {241#ifndef __MINGW32__242// Not setting the thread name in MinGW environments. MinGW C++ standard243// libraries can either use native Windows threads or pthreads, so we244// don't know with certainty what kind of thread handle we're getting245// from thread.native_handle() here.246typedef HRESULT(WINAPI * proc)(HANDLE, PCWSTR);247HMODULE kbase = GetModuleHandleA("KernelBase.dll");248proc ThreadNameProc =249reinterpret_cast<proc>(GetProcAddress(kbase, "SetThreadDescription"));250if (ThreadNameProc) {251std::wstring buf;252auto sz = MultiByteToWideChar(CP_UTF8, 0, name.data(), -1, nullptr, 0);253if (sz > 0) {254buf.resize(sz);255if (MultiByteToWideChar(CP_UTF8, 0, name.data(), -1, &buf[0], sz) > 0) {256(void)ThreadNameProc(thread.native_handle(), buf.c_str());257}258}259}260#endif261}262263} // namespace fuzzer264265#endif // LIBFUZZER_WINDOWS266267268