diff options
Diffstat (limited to 'instrumentation')
| -rw-r--r-- | instrumentation/SanitizerCoverageLTO.so.cc | 19 | ||||
| -rw-r--r-- | instrumentation/SanitizerCoveragePCGUARD.so.cc | 23 | ||||
| -rw-r--r-- | instrumentation/afl-llvm-pass.so.cc | 44 | ||||
| -rw-r--r-- | instrumentation/cmplog-instructions-pass.cc | 6 | ||||
| -rw-r--r-- | instrumentation/cmplog-routines-pass.cc | 48 | ||||
| -rw-r--r-- | instrumentation/cmplog-switches-pass.cc | 6 | ||||
| -rw-r--r-- | instrumentation/compare-transform-pass.so.cc | 12 |
7 files changed, 118 insertions, 40 deletions
diff --git a/instrumentation/SanitizerCoverageLTO.so.cc b/instrumentation/SanitizerCoverageLTO.so.cc index 8d7f0c80..aa1826cd 100644 --- a/instrumentation/SanitizerCoverageLTO.so.cc +++ b/instrumentation/SanitizerCoverageLTO.so.cc @@ -1123,7 +1123,7 @@ bool ModuleSanitizerCoverage::instrumentModule( M, PointerType::get(Int8Tyi, 0), false, GlobalValue::ExternalLinkage, 0, "__afl_dictionary"); - Value *AFLDictOff = IRB.CreateGEP(AFLInternalDictionary, Zero); + Value *AFLDictOff = IRB.CreateGEP(Int8Ty, AFLInternalDictionary, Zero); Value *AFLDictPtr = IRB.CreatePointerCast(AFLDictOff, PointerType::get(Int8Tyi, 0)); StoreInst *StoreDict = IRB.CreateStore(AFLDictPtr, AFLDictionary); @@ -1388,7 +1388,8 @@ void ModuleSanitizerCoverage::instrumentFunction( local_selects++; uint32_t vector_cur = 0; /* Load SHM pointer */ - LoadInst *MapPtr = IRB.CreateLoad(AFLMapPtr); + LoadInst *MapPtr = + IRB.CreateLoad(PointerType::get(Int8Ty, 0), AFLMapPtr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(MapPtr); while (1) { @@ -1399,12 +1400,12 @@ void ModuleSanitizerCoverage::instrumentFunction( /* Load counter for CurLoc */ if (!vector_cnt) { - MapPtrIdx = IRB.CreateGEP(MapPtr, result); + MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtr, result); } else { auto element = IRB.CreateExtractElement(result, vector_cur++); - MapPtrIdx = IRB.CreateGEP(MapPtr, element); + MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtr, element); } @@ -1418,7 +1419,7 @@ void ModuleSanitizerCoverage::instrumentFunction( } else { - LoadInst *Counter = IRB.CreateLoad(MapPtrIdx); + LoadInst *Counter = IRB.CreateLoad(IRB.getInt8Ty(), MapPtrIdx); ModuleSanitizerCoverage::SetNoSanitizeMetadata(Counter); /* Update bitmap */ @@ -1672,13 +1673,13 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB, if (map_addr) { - MapPtrIdx = IRB.CreateGEP(MapPtrFixed, CurLoc); + MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtrFixed, CurLoc); } else { - LoadInst *MapPtr = IRB.CreateLoad(AFLMapPtr); + LoadInst *MapPtr = IRB.CreateLoad(PointerType::get(Int8Ty, 0), AFLMapPtr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(MapPtr); - MapPtrIdx = IRB.CreateGEP(MapPtr, CurLoc); + MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtr, CurLoc); } @@ -1693,7 +1694,7 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB, } else { - LoadInst *Counter = IRB.CreateLoad(MapPtrIdx); + LoadInst *Counter = IRB.CreateLoad(IRB.getInt8Ty(), MapPtrIdx); ModuleSanitizerCoverage::SetNoSanitizeMetadata(Counter); Value *Incr = IRB.CreateAdd(Counter, One); diff --git a/instrumentation/SanitizerCoveragePCGUARD.so.cc b/instrumentation/SanitizerCoveragePCGUARD.so.cc index d5746cc7..7b1d1d40 100644 --- a/instrumentation/SanitizerCoveragePCGUARD.so.cc +++ b/instrumentation/SanitizerCoveragePCGUARD.so.cc @@ -937,7 +937,7 @@ bool ModuleSanitizerCoverage::InjectCoverage(Function & F, ConstantInt::get(IntptrTy, (++special + AllBlocks.size()) * 4)), Int32PtrTy); - LoadInst *Idx = IRB.CreateLoad(GuardPtr); + LoadInst *Idx = IRB.CreateLoad(IRB.getInt32Ty(), GuardPtr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(Idx); callInst->setOperand(1, Idx); @@ -1059,7 +1059,8 @@ bool ModuleSanitizerCoverage::InjectCoverage(Function & F, /* Load SHM pointer */ - LoadInst *MapPtr = IRB.CreateLoad(AFLMapPtr); + LoadInst *MapPtr = + IRB.CreateLoad(PointerType::get(Int8Ty, 0), AFLMapPtr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(MapPtr); /* @@ -1078,17 +1079,17 @@ bool ModuleSanitizerCoverage::InjectCoverage(Function & F, /* Load counter for CurLoc */ if (!vector_cnt) { - CurLoc = IRB.CreateLoad(result); + CurLoc = IRB.CreateLoad(IRB.getInt32Ty(), result); ModuleSanitizerCoverage::SetNoSanitizeMetadata(CurLoc); - MapPtrIdx = IRB.CreateGEP(MapPtr, CurLoc); + MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtr, CurLoc); } else { auto element = IRB.CreateExtractElement(result, vector_cur++); auto elementptr = IRB.CreateIntToPtr(element, Int32PtrTy); - auto elementld = IRB.CreateLoad(elementptr); + auto elementld = IRB.CreateLoad(IRB.getInt32Ty(), elementptr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(elementld); - MapPtrIdx = IRB.CreateGEP(MapPtr, elementld); + MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtr, elementld); } @@ -1102,7 +1103,7 @@ bool ModuleSanitizerCoverage::InjectCoverage(Function & F, } else { - LoadInst *Counter = IRB.CreateLoad(MapPtrIdx); + LoadInst *Counter = IRB.CreateLoad(IRB.getInt8Ty(), MapPtrIdx); ModuleSanitizerCoverage::SetNoSanitizeMetadata(Counter); /* Update bitmap */ @@ -1347,17 +1348,17 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB, ConstantInt::get(IntptrTy, Idx * 4)), Int32PtrTy); - LoadInst *CurLoc = IRB.CreateLoad(GuardPtr); + LoadInst *CurLoc = IRB.CreateLoad(IRB.getInt32Ty(), GuardPtr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(CurLoc); /* Load SHM pointer */ - LoadInst *MapPtr = IRB.CreateLoad(AFLMapPtr); + LoadInst *MapPtr = IRB.CreateLoad(PointerType::get(Int8Ty, 0), AFLMapPtr); ModuleSanitizerCoverage::SetNoSanitizeMetadata(MapPtr); /* Load counter for CurLoc */ - Value *MapPtrIdx = IRB.CreateGEP(MapPtr, CurLoc); + Value *MapPtrIdx = IRB.CreateGEP(Int8Ty, MapPtr, CurLoc); if (use_threadsafe_counters) { @@ -1369,7 +1370,7 @@ void ModuleSanitizerCoverage::InjectCoverageAtBlock(Function &F, BasicBlock &BB, } else { - LoadInst *Counter = IRB.CreateLoad(MapPtrIdx); + LoadInst *Counter = IRB.CreateLoad(IRB.getInt8Ty(), MapPtrIdx); ModuleSanitizerCoverage::SetNoSanitizeMetadata(Counter); /* Update bitmap */ diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc index 8e22fde8..640aa4dd 100644 --- a/instrumentation/afl-llvm-pass.so.cc +++ b/instrumentation/afl-llvm-pass.so.cc @@ -454,7 +454,11 @@ bool AFLCoverage::runOnModule(Module &M) { #ifdef AFL_HAVE_VECTOR_INTRINSICS if (ctx_k) { - PrevCaller = IRB.CreateLoad(AFLPrevCaller); + PrevCaller = IRB.CreateLoad( + #if LLVM_VERSION_MAJOR >= 14 + IRB.getInt32Ty(), + #endif + AFLPrevCaller); PrevCaller->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); PrevCtx = @@ -467,7 +471,11 @@ bool AFLCoverage::runOnModule(Module &M) { // load the context ID of the previous function and write to to a // local variable on the stack - LoadInst *PrevCtxLoad = IRB.CreateLoad(AFLContext); + LoadInst *PrevCtxLoad = IRB.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + IRB.getInt32Ty(), +#endif + AFLContext); PrevCtxLoad->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); PrevCtx = PrevCtxLoad; @@ -620,7 +628,11 @@ bool AFLCoverage::runOnModule(Module &M) { /* Load prev_loc */ - LoadInst *PrevLoc = IRB.CreateLoad(AFLPrevLoc); + LoadInst *PrevLoc = IRB.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + IRB.getInt32Ty(), +#endif + AFLPrevLoc); PrevLoc->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); Value *PrevLocTrans; @@ -644,20 +656,28 @@ bool AFLCoverage::runOnModule(Module &M) { /* Load SHM pointer */ - LoadInst *MapPtr = IRB.CreateLoad(AFLMapPtr); + LoadInst *MapPtr = IRB.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLMapPtr); MapPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); Value *MapPtrIdx; #ifdef AFL_HAVE_VECTOR_INTRINSICS if (ngram_size) MapPtrIdx = IRB.CreateGEP( - MapPtr, + Int8Ty, MapPtr, IRB.CreateZExt( IRB.CreateXor(PrevLocTrans, IRB.CreateZExt(CurLoc, Int32Ty)), Int32Ty)); else #endif - MapPtrIdx = IRB.CreateGEP(MapPtr, IRB.CreateXor(PrevLocTrans, CurLoc)); + MapPtrIdx = IRB.CreateGEP( +#if LLVM_VERSION_MAJOR >= 14 + Int8Ty, +#endif + MapPtr, IRB.CreateXor(PrevLocTrans, CurLoc)); /* Update bitmap */ @@ -676,7 +696,11 @@ bool AFLCoverage::runOnModule(Module &M) { } else { - LoadInst *Counter = IRB.CreateLoad(MapPtrIdx); + LoadInst *Counter = IRB.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + IRB.getInt8Ty(), +#endif + MapPtrIdx); Counter->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); Value *Incr = IRB.CreateAdd(Counter, One); @@ -813,7 +837,11 @@ bool AFLCoverage::runOnModule(Module &M) { IRBuilder<> IRB(&(*it0)); // load the old counter value atomically - LoadInst *Counter = IRB.CreateLoad(MapPtrIdx); + LoadInst *Counter = IRB.CreateLoad( + #if LLVM_VERSION_MAJOR >= 14 + IRB.getInt8Ty(), + #endif + MapPtrIdx); Counter->setAlignment(llvm::Align()); Counter->setAtomic(llvm::AtomicOrdering::Monotonic); Counter->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); diff --git a/instrumentation/cmplog-instructions-pass.cc b/instrumentation/cmplog-instructions-pass.cc index 07f80b2c..054caee2 100644 --- a/instrumentation/cmplog-instructions-pass.cc +++ b/instrumentation/cmplog-instructions-pass.cc @@ -264,7 +264,11 @@ bool CmpLogInstructions::hookInstrs(Module &M) { IRBuilder<> IRB2(selectcmpInst->getParent()); IRB2.SetInsertPoint(selectcmpInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = diff --git a/instrumentation/cmplog-routines-pass.cc b/instrumentation/cmplog-routines-pass.cc index 0565875e..82c2fa4d 100644 --- a/instrumentation/cmplog-routines-pass.cc +++ b/instrumentation/cmplog-routines-pass.cc @@ -448,7 +448,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -475,7 +479,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -506,7 +514,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -533,7 +545,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -564,7 +580,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -590,7 +610,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -616,7 +640,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); @@ -642,7 +670,11 @@ bool CmpLogRoutines::hookRtns(Module &M) { IRBuilder<> IRB2(callInst->getParent()); IRB2.SetInsertPoint(callInst); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, callInst, false); diff --git a/instrumentation/cmplog-switches-pass.cc b/instrumentation/cmplog-switches-pass.cc index bcd5f8bd..4f6f2eca 100644 --- a/instrumentation/cmplog-switches-pass.cc +++ b/instrumentation/cmplog-switches-pass.cc @@ -246,7 +246,11 @@ bool CmpLogInstructions::hookInstrs(Module &M) { IRBuilder<> IRB2(SI->getParent()); IRB2.SetInsertPoint(SI); - LoadInst *CmpPtr = IRB2.CreateLoad(AFLCmplogPtr); + LoadInst *CmpPtr = IRB2.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + PointerType::get(Int8Ty, 0), +#endif + AFLCmplogPtr); CmpPtr->setMetadata(M.getMDKindID("nosanitize"), MDNode::get(C, None)); auto is_not_null = IRB2.CreateICmpNE(CmpPtr, Null); auto ThenTerm = SplitBlockAndInsertIfThen(is_not_null, SI, false); diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc index ef3bd66b..2ced37c5 100644 --- a/instrumentation/compare-transform-pass.so.cc +++ b/instrumentation/compare-transform-pass.so.cc @@ -529,8 +529,16 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, IRBuilder<> cur_cmp_IRB(&*(cur_cmp_bb->getFirstInsertionPt())); Value *v = ConstantInt::get(Int64Ty, i); - Value *ele = cur_cmp_IRB.CreateInBoundsGEP(VarStr, v, "empty"); - Value *load = cur_cmp_IRB.CreateLoad(ele); + Value *ele = cur_cmp_IRB.CreateInBoundsGEP( +#if LLVM_VERSION_MAJOR >= 14 + Int8Ty, +#endif + VarStr, v, "empty"); + Value *load = cur_cmp_IRB.CreateLoad( +#if LLVM_VERSION_MAJOR >= 14 + Int8Ty, +#endif + ele); if (isCaseInsensitive) { |