about summary refs log tree commit diff
path: root/instrumentation
diff options
context:
space:
mode:
Diffstat (limited to 'instrumentation')
-rw-r--r--instrumentation/SanitizerCoveragePCGUARD.so.cc4
-rw-r--r--instrumentation/afl-compiler-rt.o.c41
-rw-r--r--instrumentation/afl-llvm-dict2file.so.cc13
-rw-r--r--instrumentation/afl-llvm-pass.so.cc4
-rw-r--r--instrumentation/cmplog-instructions-pass.cc2
-rw-r--r--instrumentation/cmplog-routines-pass.cc2
-rw-r--r--instrumentation/cmplog-switches-pass.cc2
-rw-r--r--instrumentation/split-switches-pass.so.cc2
8 files changed, 46 insertions, 24 deletions
diff --git a/instrumentation/SanitizerCoveragePCGUARD.so.cc b/instrumentation/SanitizerCoveragePCGUARD.so.cc
index 98c5973c..588eb950 100644
--- a/instrumentation/SanitizerCoveragePCGUARD.so.cc
+++ b/instrumentation/SanitizerCoveragePCGUARD.so.cc
@@ -214,7 +214,11 @@ llvmGetPassPluginInfo() {
 #if LLVM_VERSION_MAJOR == 13
             using OptimizationLevel = typename PassBuilder::OptimizationLevel;
 #endif
+#if LLVM_VERSION_MAJOR >= 16
+            PB.registerOptimizerEarlyEPCallback(
+#else
             PB.registerOptimizerLastEPCallback(
+#endif
                 [](ModulePassManager &MPM, OptimizationLevel OL) {
 
                   MPM.addPass(ModuleSanitizerCoverageAFL());
diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c
index dd9aae77..8ce8bca1 100644
--- a/instrumentation/afl-compiler-rt.o.c
+++ b/instrumentation/afl-compiler-rt.o.c
@@ -48,7 +48,7 @@
 #include <errno.h>
 
 #include <sys/mman.h>
-#ifndef __HAIKU__
+#if !defined(__HAIKU__) && !defined(__OpenBSD__)
   #include <sys/syscall.h>
 #endif
 #ifndef USEMMAP
@@ -667,7 +667,8 @@ static void __afl_map_shm(void) {
 
   if (id_str) {
 
-    if ((__afl_dummy_fd[1] = open("/dev/null", O_WRONLY)) < 0) {
+    // /dev/null doesn't work so we use /dev/urandom
+    if ((__afl_dummy_fd[1] = open("/dev/urandom", O_WRONLY)) < 0) {
 
       if (pipe(__afl_dummy_fd) < 0) { __afl_dummy_fd[1] = 1; }
 
@@ -871,7 +872,7 @@ static void __afl_start_snapshots(void) {
 
     if (__afl_debug) {
 
-      fprintf(stderr, "target forkserver recv: %08x\n", was_killed);
+      fprintf(stderr, "DEBUG: target forkserver recv: %08x\n", was_killed);
 
     }
 
@@ -1138,7 +1139,7 @@ static void __afl_start_forkserver(void) {
 
     if (__afl_debug) {
 
-      fprintf(stderr, "target forkserver recv: %08x\n", was_killed);
+      fprintf(stderr, "DEBUG: target forkserver recv: %08x\n", was_killed);
 
     }
 
@@ -1471,6 +1472,7 @@ __attribute__((constructor(1))) void __afl_auto_second(void) {
 
     __afl_debug = 1;
     fprintf(stderr, "DEBUG: debug enabled\n");
+    fprintf(stderr, "DEBUG: AFL++ afl-compiler-rt" VERSION "\n");
 
   }
 
@@ -1699,11 +1701,12 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
 
   if (__afl_debug) {
 
-    fprintf(stderr,
-            "Running __sanitizer_cov_trace_pc_guard_init: %p-%p (%lu edges) "
-            "after_fs=%u\n",
-            start, stop, (unsigned long)(stop - start),
-            __afl_already_initialized_forkserver);
+    fprintf(
+        stderr,
+        "DEBUG: Running __sanitizer_cov_trace_pc_guard_init: %p-%p (%lu edges) "
+        "after_fs=%u\n",
+        start, stop, (unsigned long)(stop - start),
+        __afl_already_initialized_forkserver);
 
   }
 
@@ -1801,7 +1804,8 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
       u8 ignore_dso_after_fs = !!getenv("AFL_IGNORE_PROBLEMS_COVERAGE");
       if (__afl_debug && ignore_dso_after_fs) {
 
-        fprintf(stderr, "Ignoring coverage from dynamically loaded code\n");
+        fprintf(stderr,
+                "DEBUG: Ignoring coverage from dynamically loaded code\n");
 
       }
 
@@ -1871,7 +1875,8 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
   if (__afl_debug) {
 
     fprintf(stderr,
-            "Done __sanitizer_cov_trace_pc_guard_init: __afl_final_loc = %u\n",
+            "DEBUG: Done __sanitizer_cov_trace_pc_guard_init: __afl_final_loc "
+            "= %u\n",
             __afl_final_loc);
 
   }
@@ -1882,7 +1887,7 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) {
 
       if (__afl_debug) {
 
-        fprintf(stderr, "Reinit shm necessary (+%u)\n",
+        fprintf(stderr, "DEBUG: Reinit shm necessary (+%u)\n",
                 __afl_final_loc - __afl_map_size);
 
       }
@@ -2252,11 +2257,13 @@ static int area_is_valid(void *ptr, size_t len) {
 
   if (unlikely(!ptr || __asan_region_is_poisoned(ptr, len))) { return 0; }
 
-#ifndef __HAIKU__
-  long r = syscall(SYS_write, __afl_dummy_fd[1], ptr, len);
-#else
+#ifdef __HAIKU__
   long r = _kern_write(__afl_dummy_fd[1], -1, ptr, len);
-#endif  // HAIKU
+#elif defined(__OpenBSD__)
+  long r = write(__afl_dummy_fd[1], ptr, len);
+#else
+  long r = syscall(SYS_write, __afl_dummy_fd[1], ptr, len);
+#endif  // HAIKU, OPENBSD
 
   if (r <= 0 || r > len) return 0;
 
@@ -2294,7 +2301,7 @@ void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) {
   int len1 = strnlen(ptr1, len0);
   if (len1 < 31) len1 = area_is_valid(ptr1, len1 + 1);
   int len2 = strnlen(ptr2, len0);
-  if (len2 < 31) len2 = area_is_valid(ptr1, len2 + 1);
+  if (len2 < 31) len2 = area_is_valid(ptr2, len2 + 1);
   int l = MAX(len1, len2);
   if (l < 2) return;
 
diff --git a/instrumentation/afl-llvm-dict2file.so.cc b/instrumentation/afl-llvm-dict2file.so.cc
index 8ee13010..59b16ca0 100644
--- a/instrumentation/afl-llvm-dict2file.so.cc
+++ b/instrumentation/afl-llvm-dict2file.so.cc
@@ -206,7 +206,18 @@ bool AFLdict2filePass::runOnModule(Module &M) {
 
   ptr = getenv("AFL_LLVM_DICT2FILE");
 
-  if (!ptr || *ptr != '/')
+  if (!ptr) {
+
+#if LLVM_VERSION_MAJOR >= 11                        /* use new pass manager */
+    auto PA = PreservedAnalyses::all();
+    return PA;
+#else
+    return true;
+#endif
+
+  }
+
+  if (*ptr != '/')
     FATAL("AFL_LLVM_DICT2FILE is not set to an absolute path: %s", ptr);
 
   of.open(ptr, std::ofstream::out | std::ofstream::app);
diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc
index c59324fd..052488a9 100644
--- a/instrumentation/afl-llvm-pass.so.cc
+++ b/instrumentation/afl-llvm-pass.so.cc
@@ -552,7 +552,7 @@ bool AFLCoverage::runOnModule(Module &M) {
 #endif
         {
 
-          // load the context ID of the previous function and write to to a
+          // load the context ID of the previous function and write to a
           // local variable on the stack
           LoadInst *PrevCtxLoad = IRB.CreateLoad(
 #if LLVM_VERSION_MAJOR >= 14
@@ -634,7 +634,7 @@ bool AFLCoverage::runOnModule(Module &M) {
 
 /* There is a problem with Ubuntu 18.04 and llvm 6.0 (see issue #63).
    The inline function successors() is not inlined and also not found at runtime
-   :-( As I am unable to detect Ubuntu18.04 heree, the next best thing is to
+   :-( As I am unable to detect Ubuntu18.04 here, the next best thing is to
    disable this optional optimization for LLVM 6.0.0 and Linux */
 #if !(LLVM_VERSION_MAJOR == 6 && LLVM_VERSION_MINOR == 0) || !defined __linux__
       // only instrument if this basic block is the destination of a previous
diff --git a/instrumentation/cmplog-instructions-pass.cc b/instrumentation/cmplog-instructions-pass.cc
index bca1f927..9cd1dc59 100644
--- a/instrumentation/cmplog-instructions-pass.cc
+++ b/instrumentation/cmplog-instructions-pass.cc
@@ -90,7 +90,7 @@ class CmpLogInstructions : public ModulePass {
 #if LLVM_MAJOR >= 11                                /* use new pass manager */
   PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM);
 #else
-  bool      runOnModule(Module &M) override;
+  bool runOnModule(Module &M) override;
 
   #if LLVM_VERSION_MAJOR >= 4
   StringRef getPassName() const override {
diff --git a/instrumentation/cmplog-routines-pass.cc b/instrumentation/cmplog-routines-pass.cc
index c3fbed8d..54e9ddf3 100644
--- a/instrumentation/cmplog-routines-pass.cc
+++ b/instrumentation/cmplog-routines-pass.cc
@@ -85,7 +85,7 @@ class CmpLogRoutines : public ModulePass {
 #if LLVM_VERSION_MAJOR >= 11                        /* use new pass manager */
   PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM);
 #else
-  bool      runOnModule(Module &M) override;
+  bool runOnModule(Module &M) override;
 
   #if LLVM_VERSION_MAJOR >= 4
   StringRef getPassName() const override {
diff --git a/instrumentation/cmplog-switches-pass.cc b/instrumentation/cmplog-switches-pass.cc
index 38de669d..01da6da7 100644
--- a/instrumentation/cmplog-switches-pass.cc
+++ b/instrumentation/cmplog-switches-pass.cc
@@ -85,7 +85,7 @@ class CmplogSwitches : public ModulePass {
 #if LLVM_VERSION_MAJOR >= 11                        /* use new pass manager */
   PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM);
 #else
-  bool        runOnModule(Module &M) override;
+  bool runOnModule(Module &M) override;
 
   #if LLVM_VERSION_MAJOR < 4
   const char *getPassName() const override {
diff --git a/instrumentation/split-switches-pass.so.cc b/instrumentation/split-switches-pass.so.cc
index dcd89652..e3dfea0d 100644
--- a/instrumentation/split-switches-pass.so.cc
+++ b/instrumentation/split-switches-pass.so.cc
@@ -84,7 +84,7 @@ class SplitSwitchesTransform : public ModulePass {
 #if LLVM_VERSION_MAJOR >= 11                        /* use new pass manager */
   PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM);
 #else
-  bool      runOnModule(Module &M) override;
+  bool runOnModule(Module &M) override;
 
   #if LLVM_VERSION_MAJOR >= 4
   StringRef getPassName() const override {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-12-09 22:38:38 +0000