[PATCH] D29462: [libFuzzer] Properly handle exceptions with UnhandledExceptionFilter
Marcos Pividori via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Feb 2 10:30:26 PST 2017
mpividori created this revision.
I realized we should use `SetUnhandledExceptionFilter` instead of `AddVectoredExceptionHandler`.
After reading the documentation again on Structured Exception Handling, I have a better understanding on the exception handling. It is a bit confusing because all the documentation is not in the same place. (from: https://msdn.microsoft.com/en-us/library/windows/desktop/ms679327(v=vs.85).aspx, https://msdn.microsoft.com/en-us/library/windows/desktop/ms681420(v=vs.85).aspx and https://msdn.microsoft.com/en-us/library/windows/desktop/ms680634(v=vs.85).aspx)
This is the order for the Exception Dispatching:
- If the process is being debugged, the system notifies the debugger.
- The Vectored Exception Handler is called. ("Vectored handlers are called in the order that they were added, after the debugger gets a first chance notification, but before the system begins unwinding the stack.")
- The system attempts to locate a frame-based exception handler by searching the stack frames of the thread in which the exception occurred.
- If no frame-based handler can be found, the `UnhandledExceptionFilter` filter is called.
- Default handling based on the exception type.
So, similar to what we do for asan, we should use `SetUnhandledExceptionFilter` instead of `AddVectoredExceptionHandler`, so the user's code that is been fuzzed can execute frame-based exception handlers before we catch them . I mean, we want to catch unhandled exceptions, not all the exceptions.
https://reviews.llvm.org/D29462
Files:
lib/Fuzzer/FuzzerUtilWindows.cpp
Index: lib/Fuzzer/FuzzerUtilWindows.cpp
===================================================================
--- lib/Fuzzer/FuzzerUtilWindows.cpp
+++ lib/Fuzzer/FuzzerUtilWindows.cpp
@@ -28,7 +28,7 @@
static const FuzzingOptions* HandlerOpt = nullptr;
-LONG CALLBACK ExceptionHandler(PEXCEPTION_POINTERS ExceptionInfo) {
+static LONG CALLBACK ExceptionHandler(PEXCEPTION_POINTERS ExceptionInfo) {
switch (ExceptionInfo->ExceptionRecord->ExceptionCode) {
case EXCEPTION_ACCESS_VIOLATION:
case EXCEPTION_ARRAY_BOUNDS_EXCEEDED:
@@ -126,10 +126,7 @@
if (Options.HandleSegv || Options.HandleBus || Options.HandleIll ||
Options.HandleFpe)
- if (!AddVectoredExceptionHandler(1, ExceptionHandler)) {
- Printf("libFuzzer: AddVectoredExceptionHandler failed.\n");
- exit(1);
- }
+ SetUnhandledExceptionFilter(ExceptionHandler);
if (Options.HandleAbrt)
if (SIG_ERR == signal(SIGABRT, CrashHandler)) {
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D29462.86850.patch
Type: text/x-patch
Size: 948 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170202/67b969c8/attachment.bin>
More information about the llvm-commits
mailing list