LTO: autodict default, instrim disabled

author: van Hauser <vh@thc.org> 2020-07-12 13:44:25 +0200
committer: van Hauser <vh@thc.org> 2020-07-12 13:44:25 +0200
commit: b126a5d5a8d90dcc10ccb890b379c3dfdc5cf8d4 (patch)
tree: fbcbf33493455e04d600d93fec5a72701ca91fed
parent: 571031a46730a7f0d5a99ff373d7bdc8c2561149 (diff)
download: afl++-b126a5d5a8d90dcc10ccb890b379c3dfdc5cf8d4.tar.gz
5 files changed, 86 insertions, 58 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md
index 18e4e97e..b0bda6dc 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -12,6 +12,11 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
 ### Version ++2.66d (devel)
   - afl-fuzz:
      - eliminated CPU affinity race condition for -S/-M runs
+  - llvm_mode:
+     - fix for laf-intel float splitting
+     - LTO: autodictionary mode is a default
+     - LTO: instrim instrumentation disabled, only classic support used
+            as it is always better
   - small fixes to afl-plot, afl-whatsup and man page creation
 
 
diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c
index fa15a278..8823b6a5 100644
--- a/llvm_mode/afl-clang-fast.c
+++ b/llvm_mode/afl-clang-fast.c
@@ -311,12 +311,15 @@ static void edit_params(u32 argc, char **argv, char **envp) {
 
     cc_params[cc_par_cnt++] = alloc_printf("-fuse-ld=%s", AFL_REAL_LD);
     cc_params[cc_par_cnt++] = "-Wl,--allow-multiple-definition";
-    if (instrument_mode == INSTRUMENT_CFG)
-      cc_params[cc_par_cnt++] =
-          alloc_printf("-Wl,-mllvm=-load=%s/afl-llvm-lto-instrim.so", obj_path);
-    else
-      cc_params[cc_par_cnt++] = alloc_printf(
-          "-Wl,-mllvm=-load=%s/afl-llvm-lto-instrumentation.so", obj_path);
+    /*
+        The current LTO instrim mode is not good, so we disable it
+        if (instrument_mode == INSTRUMENT_CFG)
+          cc_params[cc_par_cnt++] =
+              alloc_printf("-Wl,-mllvm=-load=%s/afl-llvm-lto-instrim.so",
+       obj_path); else
+    */
+    cc_params[cc_par_cnt++] = alloc_printf(
+        "-Wl,-mllvm=-load=%s/afl-llvm-lto-instrumentation.so", obj_path);
     cc_params[cc_par_cnt++] = lto_flag;
 
   } else {
@@ -378,9 +381,8 @@ static void edit_params(u32 argc, char **argv, char **envp) {
 
     if (!strcmp(cur, "-Wl,-z,defs") || !strcmp(cur, "-Wl,--no-undefined"))
       continue;
-      
-    if (lto_mode && !strncmp(cur, "-fuse-ld=", 9))
-      continue;
+
+    if (lto_mode && !strncmp(cur, "-fuse-ld=", 9)) continue;
 
     cc_params[cc_par_cnt++] = cur;
 
diff --git a/llvm_mode/afl-llvm-lto-instrim.so.cc b/llvm_mode/afl-llvm-lto-instrim.so.cc
index ca2b5886..880963ac 100644
--- a/llvm_mode/afl-llvm-lto-instrim.so.cc
+++ b/llvm_mode/afl-llvm-lto-instrim.so.cc
@@ -73,7 +73,7 @@ struct InsTrimLTO : public ModulePass {
  protected:
   uint32_t function_minimum_size = 1;
   char *   skip_nozero = NULL;
-  int      afl_global_id = 1, debug = 0, autodictionary = 0;
+  int      afl_global_id = 1, debug = 0, autodictionary = 1;
   uint32_t be_quiet = 0, inst_blocks = 0, inst_funcs = 0;
   uint64_t map_addr = 0x10000;
 
@@ -127,10 +127,6 @@ struct InsTrimLTO : public ModulePass {
 
     /* Process environment variables */
 
-    if (getenv("AFL_LLVM_AUTODICTIONARY") ||
-        getenv("AFL_LLVM_LTO_AUTODICTIONARY"))
-      autodictionary = 1;
-
     if (getenv("AFL_LLVM_MAP_DYNAMIC")) map_addr = 0;
 
     if ((ptr = getenv("AFL_LLVM_MAP_ADDR"))) {
diff --git a/llvm_mode/afl-llvm-lto-instrumentation.so.cc b/llvm_mode/afl-llvm-lto-instrumentation.so.cc
index af2db3ff..3c1d3565 100644
--- a/llvm_mode/afl-llvm-lto-instrumentation.so.cc
+++ b/llvm_mode/afl-llvm-lto-instrumentation.so.cc
@@ -86,7 +86,7 @@ class AFLLTOPass : public ModulePass {
   bool runOnModule(Module &M) override;
 
  protected:
-  int      afl_global_id = 1, debug = 0, autodictionary = 0;
+  int      afl_global_id = 1, debug = 0, autodictionary = 1;
   uint32_t function_minimum_size = 1;
   uint32_t be_quiet = 0, inst_blocks = 0, inst_funcs = 0, total_instr = 0;
   uint64_t map_addr = 0x10000;
@@ -120,10 +120,6 @@ bool AFLLTOPass::runOnModule(Module &M) {
 
     be_quiet = 1;
 
-  if (getenv("AFL_LLVM_AUTODICTIONARY") ||
-      getenv("AFL_LLVM_LTO_AUTODICTIONARY"))
-    autodictionary = 1;
-
   if (getenv("AFL_LLVM_MAP_DYNAMIC")) map_addr = 0;
 
   if (getenv("AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK") ||
diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc
index 615253ce..0681fbd6 100644
--- a/llvm_mode/split-compares-pass.so.cc
+++ b/llvm_mode/split-compares-pass.so.cc
@@ -93,6 +93,7 @@ char SplitComparesTransform::ID = 0;
 /* This function splits FCMP instructions with xGE or xLE predicates into two
  * FCMP instructions with predicate xGT or xLT and EQ */
 bool SplitComparesTransform::simplifyFPCompares(Module &M) {
+
   LLVMContext &              C = M.getContext();
   std::vector<Instruction *> fcomps;
   IntegerType *              Int1Ty = IntegerType::getInt1Ty(C);
@@ -733,7 +734,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
     /* compare the exponents of the operands */
     Instruction *icmp_exponents_equal;
     Instruction *icmp_exponent_result;
-    BasicBlock *signequal2_bb = signequal_bb;
+    BasicBlock * signequal2_bb = signequal_bb;
     switch (FcmpInst->getPredicate()) {
 
       case CmpInst::FCMP_OEQ:
@@ -755,20 +756,24 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
         icmp_exponents_equal =
             CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, m_e0, m_e1);
         signequal_bb->getInstList().insert(
-            BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponents_equal);
+            BasicBlock::iterator(signequal_bb->getTerminator()),
+            icmp_exponents_equal);
 
         // shortcut for unequal exponents
-	signequal2_bb = signequal_bb->splitBasicBlock(BasicBlock::iterator(signequal_bb->getTerminator()));
+        signequal2_bb = signequal_bb->splitBasicBlock(
+            BasicBlock::iterator(signequal_bb->getTerminator()));
 
         /* if the exponents are equal goto middle_bb else to signequal2_bb */
-	term = signequal_bb->getTerminator();
-        BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, signequal_bb);
-	term->eraseFromParent();
+        term = signequal_bb->getTerminator();
+        BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal,
+                           signequal_bb);
+        term->eraseFromParent();
 
         icmp_exponent =
             CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, m_e0, m_e1);
         signequal2_bb->getInstList().insert(
-            BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent);
+            BasicBlock::iterator(signequal2_bb->getTerminator()),
+            icmp_exponent);
         icmp_exponent_result =
             BinaryOperator::Create(Instruction::Xor, icmp_exponent, t_s0);
         break;
@@ -777,20 +782,24 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
         icmp_exponents_equal =
             CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, m_e0, m_e1);
         signequal_bb->getInstList().insert(
-            BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponents_equal);
+            BasicBlock::iterator(signequal_bb->getTerminator()),
+            icmp_exponents_equal);
 
         // shortcut for unequal exponents
-	signequal2_bb = signequal_bb->splitBasicBlock(BasicBlock::iterator(signequal_bb->getTerminator()));
+        signequal2_bb = signequal_bb->splitBasicBlock(
+            BasicBlock::iterator(signequal_bb->getTerminator()));
 
         /* if the exponents are equal goto middle_bb else to signequal2_bb */
-	term = signequal_bb->getTerminator();
-        BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, signequal_bb);
-	term->eraseFromParent();
+        term = signequal_bb->getTerminator();
+        BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal,
+                           signequal_bb);
+        term->eraseFromParent();
 
         icmp_exponent =
             CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, m_e0, m_e1);
         signequal2_bb->getInstList().insert(
-            BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent);
+            BasicBlock::iterator(signequal2_bb->getTerminator()),
+            icmp_exponent);
         icmp_exponent_result =
             BinaryOperator::Create(Instruction::Xor, icmp_exponent, t_s0);
         break;
@@ -808,21 +817,26 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
       term = signequal2_bb->getTerminator();
 
       switch (FcmpInst->getPredicate()) {
+
         case CmpInst::FCMP_OEQ:
-        /* if the exponents are satifying the compare do a fraction cmp in middle_bb */
-        BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, signequal2_bb);
+          /* if the exponents are satifying the compare do a fraction cmp in
+           * middle_bb */
+          BranchInst::Create(middle_bb, end_bb, icmp_exponent_result,
+                             signequal2_bb);
           break;
         case CmpInst::FCMP_ONE:
         case CmpInst::FCMP_UNE:
-        /* if the exponents are satifying the compare do a fraction cmp in middle_bb */
-        BranchInst::Create(end_bb, middle_bb, icmp_exponent_result, signequal2_bb);
+          /* if the exponents are satifying the compare do a fraction cmp in
+           * middle_bb */
+          BranchInst::Create(end_bb, middle_bb, icmp_exponent_result,
+                             signequal2_bb);
           break;
         case CmpInst::FCMP_OGT:
         case CmpInst::FCMP_UGT:
         case CmpInst::FCMP_OLT:
         case CmpInst::FCMP_ULT:
-        BranchInst::Create(end_bb, signequal2_bb);
-        break;
+          BranchInst::Create(end_bb, signequal2_bb);
+          break;
         default:
           continue;
 
@@ -890,14 +904,15 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
     Instruction *icmp_fraction_result;
     Instruction *icmp_fraction_result2;
     BasicBlock * middle2_bb = middle_bb;
-    PHINode *PN2 = nullptr;
+    PHINode *    PN2 = nullptr;
     switch (FcmpInst->getPredicate()) {
 
       case CmpInst::FCMP_OEQ:
         icmp_fraction_result =
             CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, t_f0, t_f1);
         middle2_bb->getInstList().insert(
-            BasicBlock::iterator(middle2_bb->getTerminator()), icmp_fraction_result);
+            BasicBlock::iterator(middle2_bb->getTerminator()),
+            icmp_fraction_result);
 
         break;
       case CmpInst::FCMP_UNE:
@@ -905,36 +920,50 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
         icmp_fraction_result =
             CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_NE, t_f0, t_f1);
         middle2_bb->getInstList().insert(
-            BasicBlock::iterator(middle2_bb->getTerminator()), icmp_fraction_result);
+            BasicBlock::iterator(middle2_bb->getTerminator()),
+            icmp_fraction_result);
 
         break;
       case CmpInst::FCMP_OGT:
       case CmpInst::FCMP_UGT:
       case CmpInst::FCMP_OLT:
-      case CmpInst::FCMP_ULT:
-       {
-	middle2_bb = middle_bb->splitBasicBlock(BasicBlock::iterator(middle_bb->getTerminator()));
+      case CmpInst::FCMP_ULT: {
+
+        middle2_bb = middle_bb->splitBasicBlock(
+            BasicBlock::iterator(middle_bb->getTerminator()));
 
-        BasicBlock * negative_bb =
-            BasicBlock::Create(C, "negative_value", middle2_bb->getParent(), middle2_bb);
-        BasicBlock * positive_bb =
-            BasicBlock::Create(C, "positive_value", negative_bb->getParent(), negative_bb);
+        BasicBlock *negative_bb = BasicBlock::Create(
+            C, "negative_value", middle2_bb->getParent(), middle2_bb);
+        BasicBlock *positive_bb = BasicBlock::Create(
+            C, "positive_value", negative_bb->getParent(), negative_bb);
 
-	if (FcmpInst->getPredicate() == CmpInst::FCMP_OGT
-	    ||
+        if (FcmpInst->getPredicate() == CmpInst::FCMP_OGT ||
             FcmpInst->getPredicate() == CmpInst::FCMP_UGT) {
-            negative_bb->getInstList().push_back(icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1));
-            positive_bb->getInstList().push_back(icmp_fraction_result2 = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1));
+
+          negative_bb->getInstList().push_back(
+              icmp_fraction_result = CmpInst::Create(
+                  Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1));
+          positive_bb->getInstList().push_back(
+              icmp_fraction_result2 = CmpInst::Create(
+                  Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1));
+
         } else {
-            negative_bb->getInstList().push_back(icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1));
-            positive_bb->getInstList().push_back(icmp_fraction_result2 = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1));
+
+          negative_bb->getInstList().push_back(
+              icmp_fraction_result = CmpInst::Create(
+                  Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1));
+          positive_bb->getInstList().push_back(
+              icmp_fraction_result2 = CmpInst::Create(
+                  Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1));
+
         }
+
         BranchInst::Create(middle2_bb, negative_bb);
         BranchInst::Create(middle2_bb, positive_bb);
 
-	term = middle_bb->getTerminator();
+        term = middle_bb->getTerminator();
         BranchInst::Create(negative_bb, positive_bb, t_s0, middle_bb);
-	term->eraseFromParent();
+        term->eraseFromParent();
 
         PN2 = PHINode::Create(Int1Ty, 2, "");
         PN2->addIncoming(icmp_fraction_result, negative_bb);
@@ -942,8 +971,8 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) {
         middle2_bb->getInstList().insert(
             BasicBlock::iterator(middle2_bb->getTerminator()), PN2);
 
-       }
-        break;
+      } break;
+
       default:
         continue;
author	van Hauser <vh@thc.org>	2020-07-12 13:44:25 +0200
committer	van Hauser <vh@thc.org>	2020-07-12 13:44:25 +0200
commit	b126a5d5a8d90dcc10ccb890b379c3dfdc5cf8d4 (patch)
tree	fbcbf33493455e04d600d93fec5a72701ca91fed
parent	571031a46730a7f0d5a99ff373d7bdc8c2561149 (diff)
download	afl++-b126a5d5a8d90dcc10ccb890b379c3dfdc5cf8d4.tar.gz