1326943Sdim//===- FuzzerUtilDarwin.cpp - Misc utils ----------------------------------===//
2326943Sdim//
3353358Sdim// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4353358Sdim// See https://llvm.org/LICENSE.txt for license information.
5353358Sdim// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6326943Sdim//
7326943Sdim//===----------------------------------------------------------------------===//
8326943Sdim// Misc utils for Darwin.
9326943Sdim//===----------------------------------------------------------------------===//
10326943Sdim#include "FuzzerDefs.h"
11326943Sdim#if LIBFUZZER_APPLE
12326943Sdim#include "FuzzerCommand.h"
13326943Sdim#include "FuzzerIO.h"
14326943Sdim#include <mutex>
15326943Sdim#include <signal.h>
16326943Sdim#include <spawn.h>
17326943Sdim#include <stdlib.h>
18326943Sdim#include <string.h>
19326943Sdim#include <sys/wait.h>
20360784Sdim#include <unistd.h>
21326943Sdim
22326943Sdim// There is no header for this on macOS so declare here
23326943Sdimextern "C" char **environ;
24326943Sdim
25326943Sdimnamespace fuzzer {
26326943Sdim
27326943Sdimstatic std::mutex SignalMutex;
28326943Sdim// Global variables used to keep track of how signal handling should be
29326943Sdim// restored. They should **not** be accessed without holding `SignalMutex`.
30326943Sdimstatic int ActiveThreadCount = 0;
31326943Sdimstatic struct sigaction OldSigIntAction;
32326943Sdimstatic struct sigaction OldSigQuitAction;
33326943Sdimstatic sigset_t OldBlockedSignalsSet;
34326943Sdim
35326943Sdim// This is a reimplementation of Libc's `system()`. On Darwin the Libc
36326943Sdim// implementation contains a mutex which prevents it from being used
37326943Sdim// concurrently. This implementation **can** be used concurrently. It sets the
38326943Sdim// signal handlers when the first thread enters and restores them when the last
39326943Sdim// thread finishes execution of the function and ensures this is not racey by
40326943Sdim// using a mutex.
41326943Sdimint ExecuteCommand(const Command &Cmd) {
42326943Sdim  std::string CmdLine = Cmd.toString();
43326943Sdim  posix_spawnattr_t SpawnAttributes;
44326943Sdim  if (posix_spawnattr_init(&SpawnAttributes))
45326943Sdim    return -1;
46326943Sdim  // Block and ignore signals of the current process when the first thread
47326943Sdim  // enters.
48326943Sdim  {
49326943Sdim    std::lock_guard<std::mutex> Lock(SignalMutex);
50326943Sdim    if (ActiveThreadCount == 0) {
51326943Sdim      static struct sigaction IgnoreSignalAction;
52326943Sdim      sigset_t BlockedSignalsSet;
53326943Sdim      memset(&IgnoreSignalAction, 0, sizeof(IgnoreSignalAction));
54326943Sdim      IgnoreSignalAction.sa_handler = SIG_IGN;
55326943Sdim
56326943Sdim      if (sigaction(SIGINT, &IgnoreSignalAction, &OldSigIntAction) == -1) {
57326943Sdim        Printf("Failed to ignore SIGINT\n");
58326943Sdim        (void)posix_spawnattr_destroy(&SpawnAttributes);
59326943Sdim        return -1;
60326943Sdim      }
61326943Sdim      if (sigaction(SIGQUIT, &IgnoreSignalAction, &OldSigQuitAction) == -1) {
62326943Sdim        Printf("Failed to ignore SIGQUIT\n");
63326943Sdim        // Try our best to restore the signal handlers.
64326943Sdim        (void)sigaction(SIGINT, &OldSigIntAction, NULL);
65326943Sdim        (void)posix_spawnattr_destroy(&SpawnAttributes);
66326943Sdim        return -1;
67326943Sdim      }
68326943Sdim
69326943Sdim      (void)sigemptyset(&BlockedSignalsSet);
70326943Sdim      (void)sigaddset(&BlockedSignalsSet, SIGCHLD);
71326943Sdim      if (sigprocmask(SIG_BLOCK, &BlockedSignalsSet, &OldBlockedSignalsSet) ==
72326943Sdim          -1) {
73326943Sdim        Printf("Failed to block SIGCHLD\n");
74326943Sdim        // Try our best to restore the signal handlers.
75326943Sdim        (void)sigaction(SIGQUIT, &OldSigQuitAction, NULL);
76326943Sdim        (void)sigaction(SIGINT, &OldSigIntAction, NULL);
77326943Sdim        (void)posix_spawnattr_destroy(&SpawnAttributes);
78326943Sdim        return -1;
79326943Sdim      }
80326943Sdim    }
81326943Sdim    ++ActiveThreadCount;
82326943Sdim  }
83326943Sdim
84326943Sdim  // NOTE: Do not introduce any new `return` statements past this
85326943Sdim  // point. It is important that `ActiveThreadCount` always be decremented
86326943Sdim  // when leaving this function.
87326943Sdim
88326943Sdim  // Make sure the child process uses the default handlers for the
89326943Sdim  // following signals rather than inheriting what the parent has.
90326943Sdim  sigset_t DefaultSigSet;
91326943Sdim  (void)sigemptyset(&DefaultSigSet);
92326943Sdim  (void)sigaddset(&DefaultSigSet, SIGQUIT);
93326943Sdim  (void)sigaddset(&DefaultSigSet, SIGINT);
94326943Sdim  (void)posix_spawnattr_setsigdefault(&SpawnAttributes, &DefaultSigSet);
95326943Sdim  // Make sure the child process doesn't block SIGCHLD
96326943Sdim  (void)posix_spawnattr_setsigmask(&SpawnAttributes, &OldBlockedSignalsSet);
97326943Sdim  short SpawnFlags = POSIX_SPAWN_SETSIGDEF | POSIX_SPAWN_SETSIGMASK;
98326943Sdim  (void)posix_spawnattr_setflags(&SpawnAttributes, SpawnFlags);
99326943Sdim
100326943Sdim  pid_t Pid;
101326943Sdim  char **Environ = environ; // Read from global
102326943Sdim  const char *CommandCStr = CmdLine.c_str();
103326943Sdim  char *const Argv[] = {
104326943Sdim    strdup("sh"),
105326943Sdim    strdup("-c"),
106326943Sdim    strdup(CommandCStr),
107326943Sdim    NULL
108326943Sdim  };
109326943Sdim  int ErrorCode = 0, ProcessStatus = 0;
110326943Sdim  // FIXME: We probably shouldn't hardcode the shell path.
111326943Sdim  ErrorCode = posix_spawn(&Pid, "/bin/sh", NULL, &SpawnAttributes,
112326943Sdim                          Argv, Environ);
113326943Sdim  (void)posix_spawnattr_destroy(&SpawnAttributes);
114326943Sdim  if (!ErrorCode) {
115326943Sdim    pid_t SavedPid = Pid;
116326943Sdim    do {
117326943Sdim      // Repeat until call completes uninterrupted.
118326943Sdim      Pid = waitpid(SavedPid, &ProcessStatus, /*options=*/0);
119326943Sdim    } while (Pid == -1 && errno == EINTR);
120326943Sdim    if (Pid == -1) {
121326943Sdim      // Fail for some other reason.
122326943Sdim      ProcessStatus = -1;
123326943Sdim    }
124326943Sdim  } else if (ErrorCode == ENOMEM || ErrorCode == EAGAIN) {
125326943Sdim    // Fork failure.
126326943Sdim    ProcessStatus = -1;
127326943Sdim  } else {
128326943Sdim    // Shell execution failure.
129326943Sdim    ProcessStatus = W_EXITCODE(127, 0);
130326943Sdim  }
131326943Sdim  for (unsigned i = 0, n = sizeof(Argv) / sizeof(Argv[0]); i < n; ++i)
132326943Sdim    free(Argv[i]);
133326943Sdim
134326943Sdim  // Restore the signal handlers of the current process when the last thread
135326943Sdim  // using this function finishes.
136326943Sdim  {
137326943Sdim    std::lock_guard<std::mutex> Lock(SignalMutex);
138326943Sdim    --ActiveThreadCount;
139326943Sdim    if (ActiveThreadCount == 0) {
140326943Sdim      bool FailedRestore = false;
141326943Sdim      if (sigaction(SIGINT, &OldSigIntAction, NULL) == -1) {
142326943Sdim        Printf("Failed to restore SIGINT handling\n");
143326943Sdim        FailedRestore = true;
144326943Sdim      }
145326943Sdim      if (sigaction(SIGQUIT, &OldSigQuitAction, NULL) == -1) {
146326943Sdim        Printf("Failed to restore SIGQUIT handling\n");
147326943Sdim        FailedRestore = true;
148326943Sdim      }
149326943Sdim      if (sigprocmask(SIG_BLOCK, &OldBlockedSignalsSet, NULL) == -1) {
150326943Sdim        Printf("Failed to unblock SIGCHLD\n");
151326943Sdim        FailedRestore = true;
152326943Sdim      }
153326943Sdim      if (FailedRestore)
154326943Sdim        ProcessStatus = -1;
155326943Sdim    }
156326943Sdim  }
157326943Sdim  return ProcessStatus;
158326943Sdim}
159326943Sdim
160360784Sdimvoid DiscardOutput(int Fd) {
161360784Sdim  FILE* Temp = fopen("/dev/null", "w");
162360784Sdim  if (!Temp)
163360784Sdim    return;
164360784Sdim  dup2(fileno(Temp), Fd);
165360784Sdim  fclose(Temp);
166360784Sdim}
167360784Sdim
168326943Sdim} // namespace fuzzer
169326943Sdim
170326943Sdim#endif // LIBFUZZER_APPLE
171