about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--GNUmakefile1
-rw-r--r--docs/Changelog.md4
-rw-r--r--docs/INSTALL.md20
-rw-r--r--include/config.h2
-rw-r--r--instrumentation/SanitizerCoverageLTO.so.cc3
-rw-r--r--instrumentation/SanitizerCoveragePCGUARD.so.cc3
-rw-r--r--instrumentation/afl-llvm-lto-instrumentation.so.cc3
-rw-r--r--instrumentation/afl-llvm-pass.so.cc3
-rw-r--r--src/afl-fuzz-redqueen.c7
-rw-r--r--src/afl-fuzz-run.c1
-rw-r--r--src/afl-fuzz.c3
11 files changed, 30 insertions, 20 deletions
diff --git a/GNUmakefile b/GNUmakefile
index 270746b4..a45f6d5c 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -572,6 +572,7 @@ clean:
 	$(MAKE) -C qemu_mode/unsigaction clean
 	$(MAKE) -C qemu_mode/libcompcov clean
 	$(MAKE) -C qemu_mode/libqasan clean
+	$(MAKE) -C frida_mode clean
 ifeq "$(IN_REPO)" "1"
 	test -e qemu_mode/qemuafl/Makefile && $(MAKE) -C qemu_mode/qemuafl clean || true
 	test -e unicorn_mode/unicornafl/Makefile && $(MAKE) -C unicorn_mode/unicornafl clean || true
diff --git a/docs/Changelog.md b/docs/Changelog.md
index 1887c099..a49c0672 100644
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@@ -8,6 +8,10 @@
 Want to stay in the loop on major new features? Join our mailing list by
 sending a mail to <afl-users+subscribe@googlegroups.com>.
 
+### Version ++3.14a (release)
+  - Fix for llvm 13
+
+
 ### Version ++3.13c (release)
   - Note: plot_data switched to relative time from unix time in 3.10
   - frida_mode - new mode that uses frida to fuzz binary-only targets,
diff --git a/docs/INSTALL.md b/docs/INSTALL.md
index 80d452f7..fc57f546 100644
--- a/docs/INSTALL.md
+++ b/docs/INSTALL.md
@@ -65,22 +65,17 @@ The QEMU mode is currently supported only on Linux. I think it's just a QEMU
 problem, I couldn't get a vanilla copy of user-mode emulation support working
 correctly on BSD at all.
 
-## 3. MacOS X on x86
+## 3. MacOS X on x86 and arm64 (M1)
 
 MacOS X should work, but there are some gotchas due to the idiosyncrasies of
 the platform. On top of this, I have limited release testing capabilities
 and depend mostly on user feedback.
 
-To build AFL, install Xcode and follow the general instructions for Linux.
+To build AFL, install llvm (and perhaps gcc) from brew and follow the general
+instructions for Linux. If possible avoid Xcode at all cost.
 
-The Xcode 'gcc' tool is just a wrapper for clang, so be sure to use afl-clang
-to compile any instrumented binaries; afl-gcc will fail unless you have GCC
-installed from another source (in which case, please specify `AFL_CC` and
-`AFL_CXX` to point to the "real" GCC binaries).
-
-Only 64-bit compilation will work on the platform; porting the 32-bit
-instrumentation would require a fair amount of work due to the way OS X
-handles relocations, and today, virtually all MacOS X boxes are 64-bit.
+afl-gcc will fail unless you have GCC installed, but that is using outdated
+instrumentation anyway. You don't want that.
 
 The crash reporting daemon that comes by default with MacOS X will cause
 problems with fuzzing. You need to turn it off by following the instructions
@@ -98,10 +93,7 @@ and definitely don't look POSIX-compliant. This means two things:
 
 User emulation mode of QEMU does not appear to be supported on MacOS X, so
 black-box instrumentation mode (`-Q`) will not work.
-
-The llvm instrumentation requires a fully-operational installation of clang. The one that
-comes with Xcode is missing some of the essential headers and helper tools.
-See README.llvm.md for advice on how to build the compiler from scratch.
+However Frida mode (`-O`) should work on x86 and arm64 MacOS boxes.
 
 MacOS X supports SYSV shared memory used by AFL's instrumentation, but the
 default settings aren't usable with AFL++. The default settings on 10.14 seem
diff --git a/include/config.h b/include/config.h
index a1fdd789..9d732e53 100644
--- a/include/config.h
+++ b/include/config.h
@@ -26,7 +26,7 @@
 /* Version string: */
 
 // c = release, a = volatile github dev, e = experimental branch
-#define VERSION "++3.13c"
+#define VERSION "++3.14a"
 
 /******************************************************
  *                                                    *
diff --git a/instrumentation/SanitizerCoverageLTO.so.cc b/instrumentation/SanitizerCoverageLTO.so.cc
index 20f1856e..372af003 100644
--- a/instrumentation/SanitizerCoverageLTO.so.cc
+++ b/instrumentation/SanitizerCoverageLTO.so.cc
@@ -1500,6 +1500,9 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB,
     if (use_threadsafe_counters) {                                /* Atomic */
 
       IRB.CreateAtomicRMW(llvm::AtomicRMWInst::BinOp::Add, MapPtrIdx, One,
+#if LLVM_VERSION_MAJOR >= 13
+                          llvm::MaybeAlign(1),
+#endif
                           llvm::AtomicOrdering::Monotonic);
 
     } else {
diff --git a/instrumentation/SanitizerCoveragePCGUARD.so.cc b/instrumentation/SanitizerCoveragePCGUARD.so.cc
index 4a8c9e28..48ad2d02 100644
--- a/instrumentation/SanitizerCoveragePCGUARD.so.cc
+++ b/instrumentation/SanitizerCoveragePCGUARD.so.cc
@@ -1074,6 +1074,9 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB,
     if (use_threadsafe_counters) {
 
       IRB.CreateAtomicRMW(llvm::AtomicRMWInst::BinOp::Add, MapPtrIdx, One,
+#if LLVM_VERSION_MAJOR >= 13
+                          llvm::MaybeAlign(1),
+#endif
                           llvm::AtomicOrdering::Monotonic);
 
     } else {
diff --git a/instrumentation/afl-llvm-lto-instrumentation.so.cc b/instrumentation/afl-llvm-lto-instrumentation.so.cc
index fe43fbe5..bb9b9279 100644
--- a/instrumentation/afl-llvm-lto-instrumentation.so.cc
+++ b/instrumentation/afl-llvm-lto-instrumentation.so.cc
@@ -845,6 +845,9 @@ bool AFLLTOPass::runOnModule(Module &M) {
           if (use_threadsafe_counters) {
 
             IRB.CreateAtomicRMW(llvm::AtomicRMWInst::BinOp::Add, MapPtrIdx, One,
+#if LLVM_VERSION_MAJOR >= 13
+                                llvm::MaybeAlign(1),
+#endif
                                 llvm::AtomicOrdering::Monotonic);
 
           } else {
diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc
index a8f1baff..6fe34ccd 100644
--- a/instrumentation/afl-llvm-pass.so.cc
+++ b/instrumentation/afl-llvm-pass.so.cc
@@ -679,6 +679,9 @@ bool AFLCoverage::runOnModule(Module &M) {
 
                                      */
         IRB.CreateAtomicRMW(llvm::AtomicRMWInst::BinOp::Add, MapPtrIdx, One,
+#if LLVM_VERSION_MAJOR >= 13
+                            llvm::MaybeAlign(1),
+#endif
                             llvm::AtomicOrdering::Monotonic);
         /*
 
diff --git a/src/afl-fuzz-redqueen.c b/src/afl-fuzz-redqueen.c
index 22fd0621..b41ffa88 100644
--- a/src/afl-fuzz-redqueen.c
+++ b/src/afl-fuzz-redqueen.c
@@ -2663,7 +2663,12 @@ exit_its:
 
     afl->queue_cur->colorized = CMPLOG_LVL_MAX;
 
-    ck_free(afl->queue_cur->cmplog_colorinput);
+    if (afl->queue_cur->cmplog_colorinput) {
+
+      ck_free(afl->queue_cur->cmplog_colorinput);
+
+    }
+
     while (taint) {
 
       t = taint->next;
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c
index 2c3e8a1b..493735ff 100644
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@@ -333,7 +333,6 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem,
 
     if (afl->fsrv.support_shmem_fuzz && !afl->fsrv.use_shmem_fuzz) {
 
-      unsetenv(SHM_FUZZ_ENV_VAR);
       afl_shm_deinit(afl->shm_fuzz);
       ck_free(afl->shm_fuzz);
       afl->shm_fuzz = NULL;
diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c
index 5bdb4c8d..196547f4 100644
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@@ -2283,13 +2283,10 @@ stop_fuzzing:
   destroy_queue(afl);
   destroy_extras(afl);
   destroy_custom_mutators(afl);
-  unsetenv(SHM_ENV_VAR);
-  unsetenv(CMPLOG_SHM_ENV_VAR);
   afl_shm_deinit(&afl->shm);
 
   if (afl->shm_fuzz) {
 
-    unsetenv(SHM_FUZZ_ENV_VAR);
     afl_shm_deinit(afl->shm_fuzz);
     ck_free(afl->shm_fuzz);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-21 11:16:36 +0000