diff options
-rw-r--r-- | cmdline.c | 42 | ||||
-rw-r--r-- | display.c | 2 | ||||
-rw-r--r-- | fuzz.c | 17 | ||||
-rw-r--r-- | honggfuzz.c | 8 | ||||
-rw-r--r-- | honggfuzz.h | 19 | ||||
-rw-r--r-- | input.c | 46 | ||||
-rw-r--r-- | linux/arch.c | 4 | ||||
-rw-r--r-- | linux/trace.c | 23 | ||||
-rw-r--r-- | mac/arch.c | 10 | ||||
-rw-r--r-- | posix/arch.c | 4 | ||||
-rw-r--r-- | report.c | 4 | ||||
-rw-r--r-- | sancov.c | 18 | ||||
-rw-r--r-- | sanitizers.c | 15 | ||||
-rw-r--r-- | subproc.c | 2 |
14 files changed, 113 insertions, 101 deletions
@@ -132,19 +132,22 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { honggfuzz_t tmp = { .cmdline = NULL, .cmdline_txt[0] = '\0', - .inputDir = NULL, - .inputDirP = NULL, - .fileCnt = 0, - .fileCntDone = false, + .io = + { + .inputDir = NULL, + .inputDirP = NULL, + .fileCnt = 0, + .fileCntDone = false, + .fileExtn = "fuzz", + .workDir = ".", + .covDir = NULL, + }, .nullifyStdio = true, .fuzzStdin = false, .saveUnique = true, .useScreen = true, .useVerifier = false, .timeStart = time(NULL), - .fileExtn = "fuzz", - .workDir = ".", - .covDir = NULL, .mutationsPerRun = 6U, .externalCommand = NULL, .postExternalCommand = NULL, @@ -168,7 +171,6 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { #else .monitorSIGABRT = true, #endif - .mainPid = getpid(), .terminating = false, .exitUponCrash = false, @@ -178,6 +180,8 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { .threadsMax = (sysconf(_SC_NPROCESSORS_ONLN) <= 1) ? 1 : sysconf(_SC_NPROCESSORS_ONLN) / 2, .threadsActiveCnt = 0, + .mainThread = pthread_self(), + .mainPid = getpid(), }, .dictionaryFile = NULL, @@ -340,7 +344,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { cmdlineUsage(argv[0], custom_opts); break; case 'f': - hfuzz->inputDir = optarg; + hfuzz->io.inputDir = optarg; break; case 'x': hfuzz->dynFileMethod = _HF_DYNFILE_NONE; @@ -367,10 +371,10 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { ll = atoi(optarg); break; case 'e': - hfuzz->fileExtn = optarg; + hfuzz->io.fileExtn = optarg; break; case 'W': - hfuzz->workDir = optarg; + hfuzz->io.workDir = optarg; break; case 'r': hfuzz->mutationsPerRun = strtoul(optarg, NULL, 10); @@ -415,7 +419,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { hfuzz->clearEnv = true; break; case 0x103: - hfuzz->covDir = optarg; + hfuzz->io.covDir = optarg; break; case 0x104: hfuzz->postExternalCommand = optarg; @@ -544,14 +548,14 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { return false; } - if (strchr(hfuzz->fileExtn, '/')) { - LOG_E("The file extension contains the '/' character: '%s'", hfuzz->fileExtn); + if (strchr(hfuzz->io.fileExtn, '/')) { + LOG_E("The file extension contains the '/' character: '%s'", hfuzz->io.fileExtn); return false; } - if (hfuzz->workDir[0] != '.' || strlen(hfuzz->workDir) > 2) { - if (!files_exists(hfuzz->workDir)) { - LOG_E("Provided workspace directory '%s' doesn't exist", hfuzz->workDir); + if (hfuzz->io.workDir[0] != '.' || strlen(hfuzz->io.workDir) > 2) { + if (!files_exists(hfuzz->io.workDir)) { + LOG_E("Provided workspace directory '%s' doesn't exist", hfuzz->io.workDir); return false; } } @@ -582,10 +586,10 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) { "threads.threadsMax: %zu, " "fileExtn: '%s', " "memoryLimit: 0x%" PRIx64 "(MiB), fuzzExe: '%s', fuzzedPid: %d, monitorSIGABRT: '%s'", - (int)getpid(), hfuzz->inputDir, cmdlineYesNo(hfuzz->nullifyStdio), + (int)getpid(), hfuzz->io.inputDir, cmdlineYesNo(hfuzz->nullifyStdio), cmdlineYesNo(hfuzz->fuzzStdin), cmdlineYesNo(hfuzz->saveUnique), hfuzz->mutationsPerRun, hfuzz->externalCommand == NULL ? "NULL" : hfuzz->externalCommand, (int)hfuzz->runEndTime, - hfuzz->tmOut, hfuzz->mutationsMax, hfuzz->threads.threadsMax, hfuzz->fileExtn, + hfuzz->tmOut, hfuzz->mutationsMax, hfuzz->threads.threadsMax, hfuzz->io.fileExtn, hfuzz->asLimit, hfuzz->cmdline[0], hfuzz->linux.pid, cmdlineYesNo(hfuzz->monitorSIGABRT)); snprintf(hfuzz->cmdline_txt, sizeof(hfuzz->cmdline_txt), "%s", hfuzz->cmdline[0]); @@ -185,7 +185,7 @@ static void display_displayLocked(honggfuzz_t* hfuzz) { } } display_put("\n Input Dir : [% " _HF_MONETARY_MOD "zu] '" ESC_BOLD "%s" ESC_RESET "'\n", - ATOMIC_GET(hfuzz->fileCnt), hfuzz->inputDir != NULL ? hfuzz->inputDir : "[NONE]"); + ATOMIC_GET(hfuzz->io.fileCnt), hfuzz->io.inputDir != NULL ? hfuzz->io.inputDir : "[NONE]"); if (hfuzz->linux.pid > 0) { display_put(" Remote cmd : [" ESC_BOLD "%d" ESC_RESET "] '" ESC_BOLD "%s" ESC_RESET "'\n", @@ -57,11 +57,10 @@ #include "sanitizers.h" #include "subproc.h" -static pthread_t fuzz_mainThread; - static void fuzz_getFileName(run_t* run) { - snprintf(run->fileName, PATH_MAX, "%s/honggfuzz.input.%" PRIu32 ".%s.%s", run->global->workDir, - run->fuzzNo, basename(run->global->cmdline[0]), run->global->fileExtn); + snprintf(run->fileName, PATH_MAX, "%s/honggfuzz.input.%" PRIu32 ".%s.%s", + run->global->io.workDir, run->fuzzNo, basename(run->global->cmdline[0]), + run->global->io.fileExtn); } static bool fuzz_prepareFileDynamically(run_t* run) { @@ -357,7 +356,7 @@ static void fuzz_addFileToFileQ(run_t* run) { run->global->dynfileqCnt++; /* No need to add new coverage if we are supposed to append new coverage-inducing inputs only */ - if (run->state == _HF_STATE_DYNAMIC_PRE && run->global->covDir == NULL) { + if (run->state == _HF_STATE_DYNAMIC_PRE && run->global->io.covDir == NULL) { LOG_D("New coverage found, but we're in the initial coverage assessment state. Skipping"); return; } @@ -366,7 +365,7 @@ static void fuzz_addFileToFileQ(run_t* run) { uint64_t crc64f = util_CRC64(run->dynamicFile, run->dynamicFileSz); uint64_t crc64r = util_CRC64Rev(run->dynamicFile, run->dynamicFileSz); snprintf(fname, sizeof(fname), "%s/%016" PRIx64 "%016" PRIx64 ".%08" PRIx32 ".honggfuzz.cov", - run->global->covDir ? run->global->covDir : run->global->inputDir, crc64f, crc64r, + run->global->io.covDir ? run->global->io.covDir : run->global->io.inputDir, crc64f, crc64r, (uint32_t)run->dynamicFileSz); if (access(fname, R_OK) == 0) { @@ -617,7 +616,7 @@ static void* fuzz_threadNew(void* arg) { for (;;) { /* Check if dry run mode with verifier enabled */ if (run.global->mutationsPerRun == 0U && run.global->useVerifier) { - if (ATOMIC_POST_INC(run.global->cnts.mutationsCnt) >= run.global->fileCnt) { + if (ATOMIC_POST_INC(run.global->cnts.mutationsCnt) >= run.global->io.fileCnt) { ATOMIC_POST_INC(run.global->threads.threadsFinished); break; } @@ -644,7 +643,7 @@ static void* fuzz_threadNew(void* arg) { LOG_I("Terminating thread no. #%" PRId32, fuzzNo); ATOMIC_POST_INC(run.global->threads.threadsFinished); - pthread_kill(fuzz_mainThread, SIGALRM); + pthread_kill(run.global->threads.mainThread, SIGALRM); return NULL; } @@ -666,8 +665,6 @@ static void fuzz_runThread(honggfuzz_t* hfuzz, pthread_t* thread, void* (*thread } void fuzz_threadsStart(honggfuzz_t* hfuzz, pthread_t* threads) { - fuzz_mainThread = pthread_self(); - if (!arch_archInit(hfuzz)) { LOG_F("Couldn't prepare arch for fuzzing"); } diff --git a/honggfuzz.c b/honggfuzz.c index ea06b6d9..de7d8fae 100644 --- a/honggfuzz.c +++ b/honggfuzz.c @@ -60,7 +60,8 @@ void sigHandler(int sig) { static const char* const sigMsg = "Repeated termination signal caugth\n"; if (write(STDERR_FILENO, sigMsg, strlen(sigMsg) + 1) == -1) { }; - _exit(EXIT_FAILURE); + alarm(1); + exit(EXIT_FAILURE); } ATOMIC_SET(sigReceived, sig); @@ -174,9 +175,10 @@ int main(int argc, char** argv) { } if (hfuzz.dynFileMethod != _HF_DYNFILE_NONE) { - hfuzz.feedback = files_mapSharedMem(sizeof(feedback_t), &hfuzz.bbFd, hfuzz.workDir); + hfuzz.feedback = files_mapSharedMem(sizeof(feedback_t), &hfuzz.bbFd, hfuzz.io.workDir); if (hfuzz.feedback == MAP_FAILED) { - LOG_F("files_mapSharedMem(sz=%zu, dir='%s') failed", sizeof(feedback_t), hfuzz.workDir); + LOG_F("files_mapSharedMem(sz=%zu, dir='%s') failed", sizeof(feedback_t), + hfuzz.io.workDir); } } diff --git a/honggfuzz.h b/honggfuzz.h index 97d496a6..368520d1 100644 --- a/honggfuzz.h +++ b/honggfuzz.h @@ -170,19 +170,21 @@ typedef struct { typedef struct { char** cmdline; char cmdline_txt[61]; - char* inputDir; - DIR* inputDirP; - size_t fileCnt; - bool fileCntDone; bool nullifyStdio; bool fuzzStdin; bool saveUnique; bool useScreen; bool useVerifier; time_t timeStart; - char* fileExtn; - char* workDir; - char* covDir; + struct { + char* inputDir; + DIR* inputDirP; + size_t fileCnt; + char* fileExtn; + bool fileCntDone; + char* workDir; + char* covDir; + } io; unsigned mutationsPerRun; char* externalCommand; char* postExternalCommand; @@ -202,7 +204,6 @@ typedef struct { bool skipFeedbackOnTimeout; bool enableSanitizers; bool monitorSIGABRT; - pid_t mainPid; bool terminating; bool exitUponCrash; @@ -210,6 +211,8 @@ typedef struct { size_t threadsMax; size_t threadsFinished; uint32_t threadsActiveCnt; + pthread_t mainThread; + pid_t mainPid; } threads; const char* dictionaryFile; @@ -51,18 +51,18 @@ #include "libcommon/util.h" static bool input_getDirStatsAndRewind(honggfuzz_t* hfuzz) { - rewinddir(hfuzz->inputDirP); + rewinddir(hfuzz->io.inputDirP); size_t maxSize = 0U; size_t fileCnt = 0U; for (;;) { errno = 0; - struct dirent* entry = readdir(hfuzz->inputDirP); + struct dirent* entry = readdir(hfuzz->io.inputDirP); if (entry == NULL && errno == EINTR) { continue; } if (entry == NULL && errno != 0) { - PLOG_W("readdir('%s')", hfuzz->inputDir); + PLOG_W("readdir('%s')", hfuzz->io.inputDir); return false; } if (entry == NULL) { @@ -70,7 +70,7 @@ static bool input_getDirStatsAndRewind(honggfuzz_t* hfuzz) { } char fname[PATH_MAX]; - snprintf(fname, sizeof(fname), "%s/%s", hfuzz->inputDir, entry->d_name); + snprintf(fname, sizeof(fname), "%s/%s", hfuzz->io.inputDir, entry->d_name); LOG_D("Analyzing file '%s'", fname); struct stat st; @@ -96,7 +96,7 @@ static bool input_getDirStatsAndRewind(honggfuzz_t* hfuzz) { fileCnt++; } - ATOMIC_SET(hfuzz->fileCnt, fileCnt); + ATOMIC_SET(hfuzz->io.fileCnt, fileCnt); if (hfuzz->maxFileSz == 0U) { if (maxSize < 8192) { hfuzz->maxFileSz = 8192; @@ -109,15 +109,15 @@ static bool input_getDirStatsAndRewind(honggfuzz_t* hfuzz) { hfuzz->maxFileSz = 1024U * 128; } - if (hfuzz->fileCnt == 0U) { - LOG_W("No usable files in the input directory '%s'", hfuzz->inputDir); + if (hfuzz->io.fileCnt == 0U) { + LOG_W("No usable files in the input directory '%s'", hfuzz->io.inputDir); return false; } - LOG_D("Re-read the '%s', maxFileSz:%zu, number of usable files:%zu", hfuzz->inputDir, - hfuzz->maxFileSz, hfuzz->fileCnt); + LOG_D("Re-read the '%s', maxFileSz:%zu, number of usable files:%zu", hfuzz->io.inputDir, + hfuzz->maxFileSz, hfuzz->io.fileCnt); - rewinddir(hfuzz->inputDirP); + rewinddir(hfuzz->io.inputDirP); return true; } @@ -126,18 +126,18 @@ bool input_getNext(run_t* run, char* fname, bool rewind) { static pthread_mutex_t input_mutex = PTHREAD_MUTEX_INITIALIZER; MX_SCOPED_LOCK(&input_mutex); - if (run->global->fileCnt == 0U) { + if (run->global->io.fileCnt == 0U) { return false; } for (;;) { errno = 0; - struct dirent* entry = readdir(run->global->inputDirP); + struct dirent* entry = readdir(run->global->io.inputDirP); if (entry == NULL && errno == EINTR) { continue; } if (entry == NULL && errno != 0) { - PLOG_W("readdir_r('%s')", run->global->inputDir); + PLOG_W("readdir_r('%s')", run->global->io.inputDir); return false; } if (entry == NULL && rewind == false) { @@ -145,13 +145,13 @@ bool input_getNext(run_t* run, char* fname, bool rewind) { } if (entry == NULL && rewind == true) { if (input_getDirStatsAndRewind(run->global) == false) { - LOG_E("input_getDirStatsAndRewind('%s')", run->global->inputDir); + LOG_E("input_getDirStatsAndRewind('%s')", run->global->io.inputDir); return false; } continue; } - snprintf(fname, PATH_MAX, "%s/%s", run->global->inputDir, entry->d_name); + snprintf(fname, PATH_MAX, "%s/%s", run->global->io.inputDir, entry->d_name); struct stat st; if (stat(fname, &st) == -1) { @@ -171,26 +171,26 @@ bool input_getNext(run_t* run, char* fname, bool rewind) { } bool input_init(honggfuzz_t* hfuzz) { - hfuzz->fileCnt = 0U; + hfuzz->io.fileCnt = 0U; - if (!hfuzz->inputDir) { + if (!hfuzz->io.inputDir) { LOG_W("No input file/dir specified"); return false; } - int dir_fd = open(hfuzz->inputDir, O_DIRECTORY | O_RDONLY | O_CLOEXEC); + int dir_fd = open(hfuzz->io.inputDir, O_DIRECTORY | O_RDONLY | O_CLOEXEC); if (dir_fd == -1) { - PLOG_W("open('%s', O_DIRECTORY|O_RDONLY|O_CLOEXEC)", hfuzz->inputDir); + PLOG_W("open('%s', O_DIRECTORY|O_RDONLY|O_CLOEXEC)", hfuzz->io.inputDir); return false; } - if ((hfuzz->inputDirP = fdopendir(dir_fd)) == NULL) { + if ((hfuzz->io.inputDirP = fdopendir(dir_fd)) == NULL) { close(dir_fd); - PLOG_W("opendir('%s')", hfuzz->inputDir); + PLOG_W("opendir('%s')", hfuzz->io.inputDir); return false; } if (input_getDirStatsAndRewind(hfuzz) == false) { - hfuzz->fileCnt = 0U; - LOG_W("input_getDirStatsAndRewind('%s')", hfuzz->inputDir); + hfuzz->io.fileCnt = 0U; + LOG_W("input_getDirStatsAndRewind('%s')", hfuzz->io.inputDir); return false; } diff --git a/linux/arch.c b/linux/arch.c index 043f5c02..0ee3f18b 100644 --- a/linux/arch.c +++ b/linux/arch.c @@ -102,6 +102,8 @@ static pid_t arch_clone(uintptr_t flags) { } pid_t arch_fork(run_t* run) { + run->global->linux.useClone = true; + pid_t pid = run->global->linux.useClone ? arch_clone(CLONE_UNTRACED | SIGCHLD) : fork(); if (pid == -1) { return pid; @@ -347,7 +349,7 @@ void arch_reapChild(run_t* run) { if (run->global->enableSanitizers) { pid_t ptracePid = (run->global->linux.pid > 0) ? run->global->linux.pid : run->pid; char crashReport[PATH_MAX]; - snprintf(crashReport, sizeof(crashReport), "%s/%s.%d", run->global->workDir, kLOGPREFIX, + snprintf(crashReport, sizeof(crashReport), "%s/%s.%d", run->global->io.workDir, kLOGPREFIX, ptracePid); if (files_exists(crashReport)) { if (run->backtrace) { diff --git a/linux/trace.c b/linux/trace.c index 2c9726cf..cea1c536 100644 --- a/linux/trace.c +++ b/linux/trace.c @@ -797,20 +797,20 @@ static void arch_traceSaveData(run_t* run, pid_t pid) { /* If dry run mode, copy file with same name into workspace */ if (run->global->mutationsPerRun == 0U && run->global->useVerifier) { - snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s", run->global->workDir, + snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s", run->global->io.workDir, run->origFileName); } else if (saveUnique) { snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s.PC.%" REG_PM ".STACK.%" PRIx64 ".CODE.%d.ADDR.%p.INSTR.%s.%s", - run->global->workDir, arch_sigName(si.si_signo), pc, run->backtrace, si.si_code, - sig_addr, instr, run->global->fileExtn); + run->global->io.workDir, arch_sigName(si.si_signo), pc, run->backtrace, si.si_code, + sig_addr, instr, run->global->io.fileExtn); } else { char localtmstr[PATH_MAX]; util_getLocalTime("%F.%H:%M:%S", localtmstr, sizeof(localtmstr), time(NULL)); snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s.PC.%" REG_PM ".STACK.%" PRIx64 ".CODE.%d.ADDR.%p.INSTR.%s.%s.%d.%s", - run->global->workDir, arch_sigName(si.si_signo), pc, run->backtrace, si.si_code, - sig_addr, instr, localtmstr, pid, run->global->fileExtn); + run->global->io.workDir, arch_sigName(si.si_signo), pc, run->backtrace, si.si_code, + sig_addr, instr, localtmstr, pid, run->global->io.fileExtn); } if (files_exists(run->crashFileName)) { @@ -840,7 +840,8 @@ static int arch_parseAsanReport( run_t* run, pid_t pid, funcs_t* funcs, void** crashAddr, char** op) { char crashReport[PATH_MAX] = {0}; const char* const crashReportCpy = crashReport; - snprintf(crashReport, sizeof(crashReport), "%s/%s.%d", run->global->workDir, kLOGPREFIX, pid); + snprintf( + crashReport, sizeof(crashReport), "%s/%s.%d", run->global->io.workDir, kLOGPREFIX, pid); FILE* fReport = fopen(crashReport, "rb"); if (fReport == NULL) { @@ -1025,23 +1026,23 @@ static void arch_traceExitSaveData(run_t* run, pid_t pid) { /* If dry run mode, copy file with same name into workspace */ if (run->global->mutationsPerRun == 0U && run->global->useVerifier) { - snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s", run->global->workDir, + snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s", run->global->io.workDir, run->origFileName); } else { /* Keep the crashes file name format identical */ if (run->backtrace != 0ULL && run->global->saveUnique) { snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s.PC.%" REG_PM ".STACK.%" PRIx64 ".CODE.%s.ADDR.%p.INSTR.%s.%s", - run->global->workDir, "SAN", pc, run->backtrace, op, crashAddr, "[UNKNOWN]", - run->global->fileExtn); + run->global->io.workDir, "SAN", pc, run->backtrace, op, crashAddr, "[UNKNOWN]", + run->global->io.fileExtn); } else { /* If no stack hash available, all crashes treated as unique */ char localtmstr[PATH_MAX]; util_getLocalTime("%F.%H:%M:%S", localtmstr, sizeof(localtmstr), time(NULL)); snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s.PC.%" REG_PM ".STACK.%" PRIx64 ".CODE.%s.ADDR.%p.INSTR.%s.%s.%s", - run->global->workDir, "SAN", pc, run->backtrace, op, crashAddr, "[UNKNOWN]", - localtmstr, run->global->fileExtn); + run->global->io.workDir, "SAN", pc, run->backtrace, op, crashAddr, "[UNKNOWN]", + localtmstr, run->global->io.fileExtn); } } @@ -251,21 +251,21 @@ static bool arch_analyzeSignal(run_t* run, int status) { /* If dry run mode, copy file with same name into workspace */ if (run->global->mutationsPerRun == 0U && run->global->useVerifier) { - snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s", run->global->workDir, + snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s", run->global->io.workDir, run->origFileName); } else if (run->global->saveUnique) { snprintf(run->crashFileName, sizeof(run->crashFileName), - "%s/%s.%s.PC.%.16llx.STACK.%.16llx.ADDR.%.16llx.%s", run->global->workDir, + "%s/%s.%s.PC.%.16llx.STACK.%.16llx.ADDR.%.16llx.%s", run->global->io.workDir, arch_sigs[termsig].descr, exception_to_string(run->exception), run->pc, run->backtrace, - run->access, run->global->fileExtn); + run->access, run->global->io.fileExtn); } else { char localtmstr[PATH_MAX]; util_getLocalTime("%F.%H.%M.%S", localtmstr, sizeof(localtmstr), time(NULL)); snprintf(run->crashFileName, sizeof(run->crashFileName), "%s/%s.%s.PC.%.16llx.STACK.%.16llx.ADDR.%.16llx.TIME.%s.PID.%.5d.%s", - run->global->workDir, arch_sigs[termsig].descr, exception_to_string(run->exception), - run->pc, run->backtrace, run->access, localtmstr, run->pid, run->global->fileExtn); + run->global->io.workDir, arch_sigs[termsig].descr, exception_to_string(run->exception), + run->pc, run->backtrace, run->access, localtmstr, run->pid, run->global->io.fileExtn); } if (files_exists(run->crashFileName)) { diff --git a/posix/arch.c b/posix/arch.c index 6f998cd2..36c24519 100644 --- a/posix/arch.c +++ b/posix/arch.c @@ -124,8 +124,8 @@ static bool arch_analyzeSignal(run_t* run, int status) { if (run->global->mutationsPerRun == 0U && run->global->useVerifier) { snprintf(newname, sizeof(newname), "%s", run->origFileName); } else { - snprintf(newname, sizeof(newname), "%s/%s.PID.%d.TIME.%s.%s", run->global->workDir, - arch_sigs[termsig].descr, run->pid, localtmstr, run->global->fileExtn); + snprintf(newname, sizeof(newname), "%s/%s.PID.%d.TIME.%s.%s", run->global->io.workDir, + arch_sigs[termsig].descr, run->pid, localtmstr, run->global->io.fileExtn); } LOG_I("Ok, that's interesting, saving the '%s' as '%s'", run->fileName, newname); @@ -71,8 +71,8 @@ void report_Report(run_t* run) { if (reportFD == -1) { char reportFName[PATH_MAX]; if (run->global->reportFile == NULL) { - snprintf( - reportFName, sizeof(reportFName), "%s/%s", run->global->workDir, _HF_REPORT_FILE); + snprintf(reportFName, sizeof(reportFName), "%s/%s", run->global->io.workDir, + _HF_REPORT_FILE); } else { snprintf(reportFName, sizeof(reportFName), "%s", run->global->reportFile); } @@ -326,8 +326,8 @@ static bool sancov_sanCovParseRaw(run_t* run) { size_t lineSz = 0; /* Coverage data analysis starts by parsing map file listing */ - snprintf(covFile, sizeof(covFile), "%s/%s/%d.sancov.map", run->global->workDir, _HF_SANCOV_DIR, - targetPid); + snprintf(covFile, sizeof(covFile), "%s/%s/%d.sancov.map", run->global->io.workDir, + _HF_SANCOV_DIR, targetPid); if (!files_exists(covFile)) { LOG_D("sancov map file not found"); return false; @@ -435,8 +435,8 @@ static bool sancov_sanCovParseRaw(run_t* run) { } /* mmap() .sancov.raw file */ - snprintf(covFile, sizeof(covFile), "%s/%s/%d.sancov.raw", run->global->workDir, _HF_SANCOV_DIR, - targetPid); + snprintf(covFile, sizeof(covFile), "%s/%s/%d.sancov.raw", run->global->io.workDir, + _HF_SANCOV_DIR, targetPid); dataBuf = files_mapFile(covFile, &dataFileSz, &dataFd, false); if (dataBuf == NULL) { LOG_E("Couldn't open and map '%s' in R/O mode", covFile); @@ -570,8 +570,8 @@ static bool sancov_sanCovParse(run_t* run) { DIR* pSanCovDir = NULL; pid_t targetPid = (run->global->linux.pid > 0) ? run->global->linux.pid : run->pid; - snprintf(covFile, sizeof(covFile), "%s/%s/%s.%d.sancov", run->global->workDir, _HF_SANCOV_DIR, - files_basename(run->global->cmdline[0]), targetPid); + snprintf(covFile, sizeof(covFile), "%s/%s/%s.%d.sancov", run->global->io.workDir, + _HF_SANCOV_DIR, files_basename(run->global->cmdline[0]), targetPid); if (!files_exists(covFile)) { LOG_D("Target sancov file not found"); return false; @@ -585,7 +585,7 @@ static bool sancov_sanCovParse(run_t* run) { uint64_t nBBs = 0; /* Iterate sancov dir for files generated against target pid */ - snprintf(covFile, sizeof(covFile), "%s/%s", run->global->workDir, _HF_SANCOV_DIR); + snprintf(covFile, sizeof(covFile), "%s/%s", run->global->io.workDir, _HF_SANCOV_DIR); pSanCovDir = opendir(covFile); if (pSanCovDir == NULL) { PLOG_E("opendir('%s')", covFile); @@ -597,7 +597,7 @@ static bool sancov_sanCovParse(run_t* run) { while ((pDir = readdir(pSanCovDir)) != NULL) { /* Parse files with target's pid */ if (strstr(pDir->d_name, pidFSuffix)) { - snprintf(covFile, sizeof(covFile), "%s/%s/%s", run->global->workDir, _HF_SANCOV_DIR, + snprintf(covFile, sizeof(covFile), "%s/%s/%s", run->global->io.workDir, _HF_SANCOV_DIR, pDir->d_name); dataBuf = files_mapFile(covFile, &dataFileSz, &dataFd, false); if (dataBuf == NULL) { @@ -689,7 +689,7 @@ bool sancov_Init(honggfuzz_t* hfuzz) { sancov_trieCreate(&hfuzz->covMetadata); char sanCovOutDir[PATH_MAX] = {0}; - snprintf(sanCovOutDir, sizeof(sanCovOutDir), "%s/%s", hfuzz->workDir, _HF_SANCOV_DIR); + snprintf(sanCovOutDir, sizeof(sanCovOutDir), "%s/%s", hfuzz->io.workDir, _HF_SANCOV_DIR); if (!files_exists(sanCovOutDir)) { if (mkdir(sanCovOutDir, S_IRWXU | S_IXGRP | S_IXOTH) != 0) { PLOG_E("mkdir() '%s' failed", sanCovOutDir); diff --git a/sanitizers.c b/sanitizers.c index aed795ea..f380077f 100644 --- a/sanitizers.c +++ b/sanitizers.c @@ -154,10 +154,11 @@ bool sanitizers_Init(honggfuzz_t* hfuzz) { /* Address Sanitizer (ASan) */ if (hfuzz->useSanCov) { snprintf(san_opts, bufSz, "%s:%s:%s:%s%s/%s:%s%s/%s", kASAN_OPTS, abortFlag, kSAN_COV_OPTS, - kSANCOVDIR, hfuzz->workDir, _HF_SANCOV_DIR, kSANLOGDIR, hfuzz->workDir, kLOGPREFIX); + kSANCOVDIR, hfuzz->io.workDir, _HF_SANCOV_DIR, kSANLOGDIR, hfuzz->io.workDir, + kLOGPREFIX); } else { snprintf(san_opts, bufSz, "%s:%s:%s%s/%s", kASAN_OPTS, abortFlag, kSANLOGDIR, - hfuzz->workDir, kLOGPREFIX); + hfuzz->io.workDir, kLOGPREFIX); } flagsSz = strlen(san_opts) + 1; @@ -169,10 +170,11 @@ bool sanitizers_Init(honggfuzz_t* hfuzz) { memset(san_opts, 0, bufSz); if (hfuzz->useSanCov) { snprintf(san_opts, bufSz, "%s:%s:%s:%s%s/%s:%s%s/%s", kUBSAN_OPTS, abortFlag, kSAN_COV_OPTS, - kSANCOVDIR, hfuzz->workDir, _HF_SANCOV_DIR, kSANLOGDIR, hfuzz->workDir, kLOGPREFIX); + kSANCOVDIR, hfuzz->io.workDir, _HF_SANCOV_DIR, kSANLOGDIR, hfuzz->io.workDir, + kLOGPREFIX); } else { snprintf(san_opts, bufSz, "%s:%s:%s%s/%s", kUBSAN_OPTS, abortFlag, kSANLOGDIR, - hfuzz->workDir, kLOGPREFIX); + hfuzz->io.workDir, kLOGPREFIX); } flagsSz = strlen(san_opts) + 1; @@ -185,10 +187,11 @@ bool sanitizers_Init(honggfuzz_t* hfuzz) { if (hfuzz->useSanCov) { snprintf(san_opts, bufSz, "%s:%s:%s:%s%s/%s:%s%s/%s", kMSAN_OPTS, abortFlag, kSAN_COV_OPTS, - kSANCOVDIR, hfuzz->workDir, _HF_SANCOV_DIR, kSANLOGDIR, hfuzz->workDir, kLOGPREFIX); + kSANCOVDIR, hfuzz->io.workDir, _HF_SANCOV_DIR, kSANLOGDIR, hfuzz->io.workDir, + kLOGPREFIX); } else { snprintf(san_opts, bufSz, "%s:%s:%s%s/%s", kMSAN_OPTS, abortFlag, kSANLOGDIR, - hfuzz->workDir, kLOGPREFIX); + hfuzz->io.workDir, kLOGPREFIX); } flagsSz = strlen(san_opts) + 1; @@ -266,8 +266,8 @@ static bool subproc_New(run_t* run) { exit(EXIT_FAILURE); } if (!arch_launchChild(run)) { - kill(run->global->mainPid, SIGTERM); LOG_E("Error launching child process"); + kill(run->global->threads.mainPid, SIGTERM); _exit(1); } abort(); |