metalnem / libfuzzer-dotnet Goto Github PK

On Windows, if --target_path is set to a process that starts successfully (and even exits), but does not initialize IPC, the libfuzzer-dotnet.exe runtime will hang in the initial ReadFile() call.

Instead, we should detect process exit (if it occurs), and offer a configurable timeout.

When testing single inputs on Windows (using libfuzzer-dotnet.exe --target_path=my-target.exe some-input.txt), the harness can be observed to exit, while the target child process continues, blocked on an IPC read. When invoked in some settings, this can cause the entire process tree to appear to hang.

If we spawn the target in a job object with the appropriate settings, we can instead ensure that the child is terminated when the parent exits.

This is mostly just an FYI/suggestion as I'm not experiencing any problems with libfuzzer-dotnet.

The build pipelines uses the default Clang for Windows and Ubuntu and manually installs Clang-16 for Debian.
So for the v2023.06.26.1359 release of libfuzzer-dotnet these different versions of Clang where used:

• Windows: 15.0.7
• Ubuntu: 14.0.6
• Debian: 16.0.6

windows-latest has recently been updated to clang-16 and ubuntu-latest will be updated to include clang-15, but still default to clang-14.

So to bring the three OS targets of libfuzzer-dotnet closer, it might be beneficial to at least use clang-15 for Ubuntu when that PR is merged and released.

The commits that looked directly relevant to libfuzzer by comparing https://github.com/llvm/llvm-project/tree/main/compiler-rt/lib/fuzzer

llvmorg-14.0.6..llvmorg-15.0.7

92fb310151d2 [libFuzzer] Extend the fuzz target intarface to allow -1 return value.
7524fe962e47 [libFuzzer] Use the compiler to link the relocatable object
fc0bd3c2cee9 [libFuzzer] Refactor GetNextInstructionPc/GetPreviousInstructionPc

llvmorg-15.0.7..llvmorg-16.0.6

6c485409de52 Adding missing colon
98c2754abd8f [Libfuzzer] Include signal.h for SIGINT
aa0e9046c16b Libfuzzer fix for Ctrl + c not working with -fork and -ignore_crashes=1