From d0fc985e22328504dd0c4e21770ae2b31e63421a Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Tue, 12 Oct 2021 00:00:05 +0200 Subject: prototype compiles --- instrumentation/split-compares-pass.so.cc | 71 ++++++++++++++++++++++--------- 1 file changed, 51 insertions(+), 20 deletions(-) diff --git a/instrumentation/split-compares-pass.so.cc b/instrumentation/split-compares-pass.so.cc index 13f45b69..a0dbba7a 100644 --- a/instrumentation/split-compares-pass.so.cc +++ b/instrumentation/split-compares-pass.so.cc @@ -28,7 +28,11 @@ #include "llvm/Pass.h" #include "llvm/Support/raw_ostream.h" -#include "llvm/IR/LegacyPassManager.h" + +#include "llvm/Passes/PassPlugin.h" +#include "llvm/Passes/PassBuilder.h" +#include "llvm/IR/PassManager.h" +//#include "llvm/IR/LegacyPassManager.h" #include "llvm/Transforms/IPO/PassManagerBuilder.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/IR/Module.h" @@ -53,27 +57,17 @@ using namespace llvm; namespace { -class SplitComparesTransform : public ModulePass { +//class SplitComparesTransform : public ModulePass { +class SplitComparesTransform : public PassInfoMixin { public: static char ID; - SplitComparesTransform() : ModulePass(ID), enableFPSplit(0) { + SplitComparesTransform() : enableFPSplit(0) { initInstrumentList(); - } - bool runOnModule(Module &M) override; -#if LLVM_VERSION_MAJOR >= 4 - StringRef getPassName() const override { - -#else - const char *getPassName() const override { - -#endif - return "AFL_SplitComparesTransform"; - - } + PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); private: int enableFPSplit; @@ -162,6 +156,37 @@ class SplitComparesTransform : public ModulePass { } // namespace +extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK +llvmGetPassPluginInfo() { + return { + LLVM_PLUGIN_API_VERSION, "SplitCompares", "v0.1", + /* lambda to insert our pass into the pass pipeline. */ + [](PassBuilder &PB) { +#if 1 + using OptimizationLevel = typename PassBuilder::OptimizationLevel; + PB.registerOptimizerLastEPCallback( + [](ModulePassManager &MPM, OptimizationLevel OL) { + MPM.addPass(SplitComparesTransform()); + } + ); +/* TODO LTO registration */ +#else + using PipelineElement = typename PassBuilder::PipelineElement; + PB.registerPipelineParsingCallback( + [](StringRef Name, ModulePassManager &MPM, ArrayRef) { + if ( Name == "splitcompares" ) { + MPM.addPass(SplitComparesTransform); + return true; + } else { + return false; + } + } + ); +#endif + } + }; +} + char SplitComparesTransform::ID = 0; /// This function splits FCMP instructions with xGE or xLE predicates into two @@ -1316,7 +1341,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { } -bool SplitComparesTransform::runOnModule(Module &M) { +PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager &MAM) { char *bitw_env = getenv("AFL_LLVM_LAF_SPLIT_COMPARES_BITW"); if (!bitw_env) bitw_env = getenv("LAF_SPLIT_COMPARES_BITW"); @@ -1339,6 +1364,8 @@ bool SplitComparesTransform::runOnModule(Module &M) { } + auto PA = PreservedAnalyses::all(); + if (enableFPSplit) { count = splitFPCompares(M); @@ -1371,7 +1398,7 @@ bool SplitComparesTransform::runOnModule(Module &M) { auto op0 = CI->getOperand(0); auto op1 = CI->getOperand(1); - if (!op0 || !op1) { return false; } + if (!op0 || !op1) { return PA; } auto iTy1 = dyn_cast(op0->getType()); if (iTy1 && isa(op1->getType())) { @@ -1420,10 +1447,14 @@ bool SplitComparesTransform::runOnModule(Module &M) { } - return true; +/* if (modified) { + PA.abandon(); + }*/ -} + return PA; +} +#if 0 static void registerSplitComparesPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { @@ -1447,4 +1478,4 @@ static RegisterPass X("splitcompares", "AFL++ split compares", true /* Only looks at CFG */, true /* Analysis Pass */); - +#endif -- cgit 1.4.1 From 8e662898095ed6ba283a87119e383948b83b8d75 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Tue, 12 Oct 2021 19:04:35 +0200 Subject: adapt compiler driver to laod new pass manager passes --- instrumentation/split-compares-pass.so.cc | 20 +++++++++++++------- src/afl-cc.c | 11 ++++++----- 2 files changed, 19 insertions(+), 12 deletions(-) diff --git a/instrumentation/split-compares-pass.so.cc b/instrumentation/split-compares-pass.so.cc index a0dbba7a..2ae6f893 100644 --- a/instrumentation/split-compares-pass.so.cc +++ b/instrumentation/split-compares-pass.so.cc @@ -1,6 +1,7 @@ /* * Copyright 2016 laf-intel * extended for floating point by Heiko Eißfeldt + * adapted to new pass manager by Heiko Eißfeldt * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -33,7 +34,7 @@ #include "llvm/Passes/PassBuilder.h" #include "llvm/IR/PassManager.h" //#include "llvm/IR/LegacyPassManager.h" -#include "llvm/Transforms/IPO/PassManagerBuilder.h" +//#include "llvm/Transforms/IPO/PassManagerBuilder.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/IR/Module.h" @@ -61,7 +62,7 @@ namespace { class SplitComparesTransform : public PassInfoMixin { public: - static char ID; +// static char ID; SplitComparesTransform() : enableFPSplit(0) { initInstrumentList(); @@ -159,7 +160,7 @@ class SplitComparesTransform : public PassInfoMixin { extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK llvmGetPassPluginInfo() { return { - LLVM_PLUGIN_API_VERSION, "SplitCompares", "v0.1", + LLVM_PLUGIN_API_VERSION, "splitcompares", "v0.1", /* lambda to insert our pass into the pass pipeline. */ [](PassBuilder &PB) { #if 1 @@ -187,7 +188,7 @@ llvmGetPassPluginInfo() { }; } -char SplitComparesTransform::ID = 0; +//char SplitComparesTransform::ID = 0; /// This function splits FCMP instructions with xGE or xLE predicates into two /// FCMP instructions with predicate xGT or xLT and EQ @@ -700,7 +701,7 @@ bool SplitComparesTransform::splitCompare(CmpInst *cmp_inst, Module &M, ReplaceInstWithInst(cmp_inst->getParent()->getInstList(), ii, PN); // We split the comparison into low and high. If this isn't our target - // bitwidth we recursivly split the low and high parts again until we have + // bitwidth we recursively split the low and high parts again until we have // target bitwidth. if ((bitw / 2) > target_bitwidth) { @@ -1352,7 +1353,7 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & if ((isatty(2) && getenv("AFL_QUIET") == NULL) || getenv("AFL_DEBUG") != NULL) { - errs() << "Split-compare-pass by laf.intel@gmail.com, extended by " + errs() << "Split-compare-newpass by laf.intel@gmail.com, extended by " "heiko@hexco.de (splitting icmp to " << target_bitwidth << " bit)\n"; @@ -1364,7 +1365,7 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & } - auto PA = PreservedAnalyses::all(); + auto PA = PreservedAnalyses::none(); if (enableFPSplit) { @@ -1447,6 +1448,11 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & } + if ((isatty(2) && getenv("AFL_QUIET") == NULL) || + getenv("AFL_DEBUG") != NULL) { + errs() << count << " comparisons found\n"; + } + /* if (modified) { PA.abandon(); }*/ diff --git a/src/afl-cc.c b/src/afl-cc.c index e49addc4..f8621d72 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -500,11 +500,12 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = "-load"; - cc_params[cc_par_cnt++] = "-Xclang"; +// cc_params[cc_par_cnt++] = "-Xclang"; +// cc_params[cc_par_cnt++] = "-load"; +// cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = - alloc_printf("%s/split-compares-pass.so", obj_path); + alloc_printf("-fpass-plugin=%s/split-compares-pass.so", obj_path); } @@ -548,7 +549,7 @@ static void edit_params(u32 argc, char **argv, char **envp) { #if LLVM_MAJOR >= 13 // fuck you llvm 13 - cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; +// cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; #endif if (lto_mode && !have_c) { -- cgit 1.4.1 From 544a65db5470359c18436eca123282d74fa47f2e Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Tue, 12 Oct 2021 23:02:15 +0200 Subject: converted afl-llvm-pass to new pass manager --- instrumentation/afl-llvm-pass.so.cc | 59 ++++++++++++++++++++++++++++++------- src/afl-cc.c | 10 ++----- 2 files changed, 51 insertions(+), 18 deletions(-) diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc index ecf28f31..c2b87ecb 100644 --- a/instrumentation/afl-llvm-pass.so.cc +++ b/instrumentation/afl-llvm-pass.so.cc @@ -45,12 +45,15 @@ typedef long double max_align_t; #endif #include "llvm/IR/IRBuilder.h" -#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Passes/PassPlugin.h" +#include "llvm/Passes/PassBuilder.h" +#include "llvm/IR/PassManager.h" +//#include "llvm/IR/LegacyPassManager.h" #include "llvm/IR/BasicBlock.h" #include "llvm/IR/Module.h" #include "llvm/Support/Debug.h" #include "llvm/Support/MathExtras.h" -#include "llvm/Transforms/IPO/PassManagerBuilder.h" +//#include "llvm/Transforms/IPO/PassManagerBuilder.h" #if LLVM_VERSION_MAJOR > 3 || \ (LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4) @@ -68,17 +71,18 @@ using namespace llvm; namespace { -class AFLCoverage : public ModulePass { +//class AFLCoverage : public ModulePass { +class AFLCoverage : public PassInfoMixin { public: - static char ID; - AFLCoverage() : ModulePass(ID) { +// static char ID; + AFLCoverage() { initInstrumentList(); } - bool runOnModule(Module &M) override; + PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); protected: uint32_t ngram_size = 0; @@ -92,7 +96,38 @@ class AFLCoverage : public ModulePass { } // namespace -char AFLCoverage::ID = 0; +extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK +llvmGetPassPluginInfo() { + return { + LLVM_PLUGIN_API_VERSION, "AFLCoverage", "v0.1", + /* lambda to insert our pass into the pass pipeline. */ + [](PassBuilder &PB) { +#if 1 + using OptimizationLevel = typename PassBuilder::OptimizationLevel; + PB.registerOptimizerLastEPCallback( + [](ModulePassManager &MPM, OptimizationLevel OL) { + MPM.addPass(AFLCoverage()); + } + ); +/* TODO LTO registration */ +#else + using PipelineElement = typename PassBuilder::PipelineElement; + PB.registerPipelineParsingCallback( + [](StringRef Name, ModulePassManager &MPM, ArrayRef) { + if ( Name == "AFLCoverage" ) { + MPM.addPass(AFLCoverage); + return true; + } else { + return false; + } + } + ); +#endif + } + }; +} + +//char AFLCoverage::ID = 0; /* needed up to 3.9.0 */ #if LLVM_VERSION_MAJOR == 3 && \ @@ -118,7 +153,7 @@ uint64_t PowerOf2Ceil(unsigned in) { (LLVM_VERSION_MAJOR == 4 && LLVM_VERSION_PATCH >= 1) #define AFL_HAVE_VECTOR_INTRINSICS 1 #endif -bool AFLCoverage::runOnModule(Module &M) { +PreservedAnalyses AFLCoverage::run(Module &M, ModuleAnalysisManager &MAM) { LLVMContext &C = M.getContext(); @@ -133,6 +168,8 @@ bool AFLCoverage::runOnModule(Module &M) { u32 rand_seed; unsigned int cur_loc = 0; + auto PA = PreservedAnalyses::none(); + /* Setup random() so we get Actually Random(TM) outputs from AFL_R() */ gettimeofday(&tv, &tz); rand_seed = tv.tv_sec ^ tv.tv_usec ^ getpid(); @@ -969,10 +1006,10 @@ bool AFLCoverage::runOnModule(Module &M) { } - return true; + return PA; } - +#if 0 static void registerAFLPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { @@ -985,4 +1022,4 @@ static RegisterStandardPasses RegisterAFLPass( static RegisterStandardPasses RegisterAFLPass0( PassManagerBuilder::EP_EnabledOnOptLevel0, registerAFLPass); - +#endif diff --git a/src/afl-cc.c b/src/afl-cc.c index f8621d72..bbe548d9 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -500,12 +500,10 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { -// cc_params[cc_par_cnt++] = "-Xclang"; -// cc_params[cc_par_cnt++] = "-load"; -// cc_params[cc_par_cnt++] = "-Xclang"; cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/split-compares-pass.so", obj_path); +// cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; } @@ -629,10 +627,8 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = "-load"; - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = alloc_printf("%s/afl-llvm-pass.so", obj_path); + cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; + cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/afl-llvm-pass.so", obj_path); } -- cgit 1.4.1 From 6e08e809074763a9c4b35b65805e628689a2d562 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Tue, 12 Oct 2021 23:24:28 +0200 Subject: converted compare-transform-pass to new pass manager --- instrumentation/compare-transform-pass.so.cc | 69 ++++++++++++++++++++-------- src/afl-cc.c | 6 +-- 2 files changed, 52 insertions(+), 23 deletions(-) diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc index 288e8282..e6695185 100644 --- a/instrumentation/compare-transform-pass.so.cc +++ b/instrumentation/compare-transform-pass.so.cc @@ -26,7 +26,10 @@ #include "llvm/ADT/Statistic.h" #include "llvm/IR/IRBuilder.h" -#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Passes/PassPlugin.h" +#include "llvm/Passes/PassBuilder.h" +#include "llvm/IR/PassManager.h" +//#include "llvm/IR/LegacyPassManager.h" #include "llvm/IR/Module.h" #include "llvm/Support/Debug.h" #include "llvm/Support/raw_ostream.h" @@ -52,28 +55,16 @@ using namespace llvm; namespace { -class CompareTransform : public ModulePass { +class CompareTransform : public PassInfoMixin { public: - static char ID; - CompareTransform() : ModulePass(ID) { + CompareTransform() { initInstrumentList(); } - bool runOnModule(Module &M) override; - -#if LLVM_VERSION_MAJOR < 4 - const char *getPassName() const override { - -#else - StringRef getPassName() const override { - -#endif - return "transforms compare functions"; - - } + PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); private: bool transformCmps(Module &M, const bool processStrcmp, @@ -85,7 +76,37 @@ class CompareTransform : public ModulePass { } // namespace -char CompareTransform::ID = 0; +extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK +llvmGetPassPluginInfo() { + return { + LLVM_PLUGIN_API_VERSION, "comparetransform", "v0.1", + /* lambda to insert our pass into the pass pipeline. */ + [](PassBuilder &PB) { +#if 1 + using OptimizationLevel = typename PassBuilder::OptimizationLevel; + PB.registerOptimizerLastEPCallback( + [](ModulePassManager &MPM, OptimizationLevel OL) { + MPM.addPass(CompareTransform()); + } + ); +/* TODO LTO registration */ +#else + using PipelineElement = typename PassBuilder::PipelineElement; + PB.registerPipelineParsingCallback( + [](StringRef Name, ModulePassManager &MPM, ArrayRef) { + if ( Name == "comparetransform" ) { + MPM.addPass(CompareTransform); + return true; + } else { + return false; + } + } + ); +#endif + } + }; +} + bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, const bool processMemcmp, @@ -592,7 +613,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, } -bool CompareTransform::runOnModule(Module &M) { +PreservedAnalyses CompareTransform::run(Module &M, ModuleAnalysisManager &MAM) { if ((isatty(2) && getenv("AFL_QUIET") == NULL) || getenv("AFL_DEBUG") != NULL) printf( @@ -601,13 +622,22 @@ bool CompareTransform::runOnModule(Module &M) { else be_quiet = 1; + auto PA = PreservedAnalyses::none(); + transformCmps(M, true, true, true, true, true); verifyModule(M); - return true; +/* if (modified) { + PA.abandon(); + }*/ + + return PA; + +// return true; } +#if 0 static void registerCompTransPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { @@ -626,4 +656,5 @@ static RegisterStandardPasses RegisterCompTransPass0( static RegisterStandardPasses RegisterCompTransPassLTO( PassManagerBuilder::EP_FullLinkTimeOptimizationLast, registerCompTransPass); #endif +#endif diff --git a/src/afl-cc.c b/src/afl-cc.c index bbe548d9..a51632a2 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -480,11 +480,9 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = "-load"; - cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = - alloc_printf("%s/compare-transform-pass.so", obj_path); + alloc_printf("-fpass-plugin=%s/compare-transform-pass.so", obj_path); } -- cgit 1.4.1 From 379c5806580dd58824df0f4fb7d215841d1bd459 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Tue, 12 Oct 2021 23:40:05 +0200 Subject: converted split-switches-pass to new pass manager --- instrumentation/split-compares-pass.so.cc | 2 +- instrumentation/split-switches-pass.so.cc | 71 +++++++++++++++++++++---------- src/afl-cc.c | 12 ++---- 3 files changed, 54 insertions(+), 31 deletions(-) diff --git a/instrumentation/split-compares-pass.so.cc b/instrumentation/split-compares-pass.so.cc index 2ae6f893..8d4935f5 100644 --- a/instrumentation/split-compares-pass.so.cc +++ b/instrumentation/split-compares-pass.so.cc @@ -176,7 +176,7 @@ llvmGetPassPluginInfo() { PB.registerPipelineParsingCallback( [](StringRef Name, ModulePassManager &MPM, ArrayRef) { if ( Name == "splitcompares" ) { - MPM.addPass(SplitComparesTransform); + MPM.addPass(SplitComparesTransform()); return true; } else { return false; diff --git a/instrumentation/split-switches-pass.so.cc b/instrumentation/split-switches-pass.so.cc index 82f198aa..ba143dca 100644 --- a/instrumentation/split-switches-pass.so.cc +++ b/instrumentation/split-switches-pass.so.cc @@ -27,11 +27,14 @@ #include "llvm/ADT/Statistic.h" #include "llvm/IR/IRBuilder.h" -#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Passes/PassPlugin.h" +#include "llvm/Passes/PassBuilder.h" +#include "llvm/IR/PassManager.h" +//#include "llvm/IR/LegacyPassManager.h" #include "llvm/IR/Module.h" #include "llvm/Support/Debug.h" #include "llvm/Support/raw_ostream.h" -#include "llvm/Transforms/IPO/PassManagerBuilder.h" +//#include "llvm/Transforms/IPO/PassManagerBuilder.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/Pass.h" #include "llvm/Analysis/ValueTracking.h" @@ -54,28 +57,16 @@ using namespace llvm; namespace { -class SplitSwitchesTransform : public ModulePass { +class SplitSwitchesTransform : public PassInfoMixin { public: - static char ID; - SplitSwitchesTransform() : ModulePass(ID) { + SplitSwitchesTransform() { initInstrumentList(); } - bool runOnModule(Module &M) override; - -#if LLVM_VERSION_MAJOR >= 4 - StringRef getPassName() const override { - -#else - const char *getPassName() const override { - -#endif - return "splits switch constructs"; - - } + PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); struct CaseExpr { @@ -103,7 +94,36 @@ class SplitSwitchesTransform : public ModulePass { } // namespace -char SplitSwitchesTransform::ID = 0; +extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK +llvmGetPassPluginInfo() { + return { + LLVM_PLUGIN_API_VERSION, "splitswitches", "v0.1", + /* lambda to insert our pass into the pass pipeline. */ + [](PassBuilder &PB) { +#if 1 + using OptimizationLevel = typename PassBuilder::OptimizationLevel; + PB.registerOptimizerLastEPCallback( + [](ModulePassManager &MPM, OptimizationLevel OL) { + MPM.addPass(SplitSwitchesTransform()); + } + ); +/* TODO LTO registration */ +#else + using PipelineElement = typename PassBuilder::PipelineElement; + PB.registerPipelineParsingCallback( + [](StringRef Name, ModulePassManager &MPM, ArrayRef) { + if ( Name == "splitswitches" ) { + MPM.addPass(SplitSwitchesTransform()); + return true; + } else { + return false; + } + } + ); +#endif + } + }; +} /* switchConvert - Transform simple list of Cases into list of CaseRange's */ BasicBlock *SplitSwitchesTransform::switchConvert( @@ -415,19 +435,26 @@ bool SplitSwitchesTransform::splitSwitches(Module &M) { } -bool SplitSwitchesTransform::runOnModule(Module &M) { +PreservedAnalyses SplitSwitchesTransform::run(Module &M, ModuleAnalysisManager &MAM) { if ((isatty(2) && getenv("AFL_QUIET") == NULL) || getenv("AFL_DEBUG") != NULL) printf("Running split-switches-pass by laf.intel@gmail.com\n"); else be_quiet = 1; + + auto PA = PreservedAnalyses::none(); + splitSwitches(M); verifyModule(M); - return true; +/* if (modified) { + PA.abandon(); + }*/ -} + return PA; +} +#if 0 static void registerSplitSwitchesTransPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { @@ -447,4 +474,4 @@ static RegisterStandardPasses RegisterSplitSwitchesTransPassLTO( PassManagerBuilder::EP_FullLinkTimeOptimizationLast, registerSplitSwitchesTransPass); #endif - +#endif diff --git a/src/afl-cc.c b/src/afl-cc.c index a51632a2..e8584d50 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -460,11 +460,9 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = "-load"; - cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = - alloc_printf("%s/split-switches-pass.so", obj_path); + alloc_printf("-fpass-plugin=%s/split-switches-pass.so", obj_path); } @@ -531,11 +529,9 @@ static void edit_params(u32 argc, char **argv, char **envp) { alloc_printf("%s/cmplog-switches-pass.so", obj_path); // reuse split switches from laf - cc_params[cc_par_cnt++] = "-Xclang"; - cc_params[cc_par_cnt++] = "-load"; - cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = - alloc_printf("%s/split-switches-pass.so", obj_path); + alloc_printf("-fpass-plugin=%s/split-switches-pass.so", obj_path); } -- cgit 1.4.1 From c49b30879474042f16dcf8de200c603a47965ea4 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Sat, 16 Oct 2021 12:56:31 +0200 Subject: switch PreservedAnalyses from none to all --- instrumentation/afl-llvm-pass.so.cc | 4 ++-- instrumentation/compare-transform-pass.so.cc | 4 ++-- instrumentation/split-compares-pass.so.cc | 2 +- instrumentation/split-switches-pass.so.cc | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc index c2b87ecb..92999443 100644 --- a/instrumentation/afl-llvm-pass.so.cc +++ b/instrumentation/afl-llvm-pass.so.cc @@ -115,7 +115,7 @@ llvmGetPassPluginInfo() { PB.registerPipelineParsingCallback( [](StringRef Name, ModulePassManager &MPM, ArrayRef) { if ( Name == "AFLCoverage" ) { - MPM.addPass(AFLCoverage); + MPM.addPass(AFLCoverage()); return true; } else { return false; @@ -168,7 +168,7 @@ PreservedAnalyses AFLCoverage::run(Module &M, ModuleAnalysisManager &MAM) { u32 rand_seed; unsigned int cur_loc = 0; - auto PA = PreservedAnalyses::none(); + auto PA = PreservedAnalyses::all(); /* Setup random() so we get Actually Random(TM) outputs from AFL_R() */ gettimeofday(&tv, &tz); diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc index e6695185..ce8efaa7 100644 --- a/instrumentation/compare-transform-pass.so.cc +++ b/instrumentation/compare-transform-pass.so.cc @@ -95,7 +95,7 @@ llvmGetPassPluginInfo() { PB.registerPipelineParsingCallback( [](StringRef Name, ModulePassManager &MPM, ArrayRef) { if ( Name == "comparetransform" ) { - MPM.addPass(CompareTransform); + MPM.addPass(CompareTransform()); return true; } else { return false; @@ -622,7 +622,7 @@ PreservedAnalyses CompareTransform::run(Module &M, ModuleAnalysisManager &MAM) { else be_quiet = 1; - auto PA = PreservedAnalyses::none(); + auto PA = PreservedAnalyses::all(); transformCmps(M, true, true, true, true, true); verifyModule(M); diff --git a/instrumentation/split-compares-pass.so.cc b/instrumentation/split-compares-pass.so.cc index 8d4935f5..75a9c35c 100644 --- a/instrumentation/split-compares-pass.so.cc +++ b/instrumentation/split-compares-pass.so.cc @@ -1365,7 +1365,7 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & } - auto PA = PreservedAnalyses::none(); + auto PA = PreservedAnalyses::all(); if (enableFPSplit) { diff --git a/instrumentation/split-switches-pass.so.cc b/instrumentation/split-switches-pass.so.cc index ba143dca..b8cd61c3 100644 --- a/instrumentation/split-switches-pass.so.cc +++ b/instrumentation/split-switches-pass.so.cc @@ -442,7 +442,7 @@ PreservedAnalyses SplitSwitchesTransform::run(Module &M, ModuleAnalysisManager & else be_quiet = 1; - auto PA = PreservedAnalyses::none(); + auto PA = PreservedAnalyses::all(); splitSwitches(M); verifyModule(M); -- cgit 1.4.1 From 1f2fa22dad4440bf053e24811b5ece89ca276afc Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Sat, 16 Oct 2021 14:37:54 +0200 Subject: make new pass manager interface compiler version dependent (>=7) --- instrumentation/afl-llvm-pass.so.cc | 43 ++++++++++++++++++++----- instrumentation/compare-transform-pass.so.cc | 38 ++++++++++++++++++---- instrumentation/split-compares-pass.so.cc | 48 +++++++++++++++++++++++----- instrumentation/split-switches-pass.so.cc | 46 ++++++++++++++++++++++++-- src/afl-cc.c | 43 +++++++++++++++++++++++-- 5 files changed, 190 insertions(+), 28 deletions(-) diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc index 92999443..75f8621b 100644 --- a/instrumentation/afl-llvm-pass.so.cc +++ b/instrumentation/afl-llvm-pass.so.cc @@ -45,15 +45,18 @@ typedef long double max_align_t; #endif #include "llvm/IR/IRBuilder.h" +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ #include "llvm/Passes/PassPlugin.h" #include "llvm/Passes/PassBuilder.h" #include "llvm/IR/PassManager.h" -//#include "llvm/IR/LegacyPassManager.h" +#else +#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Transforms/IPO/PassManagerBuilder.h" +#endif #include "llvm/IR/BasicBlock.h" #include "llvm/IR/Module.h" #include "llvm/Support/Debug.h" #include "llvm/Support/MathExtras.h" -//#include "llvm/Transforms/IPO/PassManagerBuilder.h" #if LLVM_VERSION_MAJOR > 3 || \ (LLVM_VERSION_MAJOR == 3 && LLVM_VERSION_MINOR > 4) @@ -71,18 +74,26 @@ using namespace llvm; namespace { -//class AFLCoverage : public ModulePass { +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ class AFLCoverage : public PassInfoMixin { - - public: -// static char ID; AFLCoverage() { + public: +#else +class AFLCoverage : public ModulePass { + public: + static char ID; + AFLCoverage() : ModulePass(ID) { +#endif initInstrumentList(); } +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); +#else + bool runOnModule(Module &M) override; +#endif protected: uint32_t ngram_size = 0; @@ -96,6 +107,7 @@ class AFLCoverage : public PassInfoMixin { } // namespace +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK llvmGetPassPluginInfo() { return { @@ -126,8 +138,10 @@ llvmGetPassPluginInfo() { } }; } +#else -//char AFLCoverage::ID = 0; +char AFLCoverage::ID = 0; +#endif /* needed up to 3.9.0 */ #if LLVM_VERSION_MAJOR == 3 && \ @@ -153,7 +167,13 @@ uint64_t PowerOf2Ceil(unsigned in) { (LLVM_VERSION_MAJOR == 4 && LLVM_VERSION_PATCH >= 1) #define AFL_HAVE_VECTOR_INTRINSICS 1 #endif + + +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ PreservedAnalyses AFLCoverage::run(Module &M, ModuleAnalysisManager &MAM) { +#else +bool AFLCoverage::runOnModule(Module &M) { +#endif LLVMContext &C = M.getContext(); @@ -168,7 +188,9 @@ PreservedAnalyses AFLCoverage::run(Module &M, ModuleAnalysisManager &MAM) { u32 rand_seed; unsigned int cur_loc = 0; +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ auto PA = PreservedAnalyses::all(); +#endif /* Setup random() so we get Actually Random(TM) outputs from AFL_R() */ gettimeofday(&tv, &tz); @@ -1006,10 +1028,15 @@ PreservedAnalyses AFLCoverage::run(Module &M, ModuleAnalysisManager &MAM) { } +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ return PA; +#else + return true; +#endif } -#if 0 + +#if LLVM_VERSION_MAJOR < 7 /* use old pass manager */ static void registerAFLPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc index ce8efaa7..3c975fe8 100644 --- a/instrumentation/compare-transform-pass.so.cc +++ b/instrumentation/compare-transform-pass.so.cc @@ -26,14 +26,17 @@ #include "llvm/ADT/Statistic.h" #include "llvm/IR/IRBuilder.h" +#if LLVM_MAJOR >= 7 /* use new pass manager */ #include "llvm/Passes/PassPlugin.h" #include "llvm/Passes/PassBuilder.h" #include "llvm/IR/PassManager.h" -//#include "llvm/IR/LegacyPassManager.h" +#else +#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Transforms/IPO/PassManagerBuilder.h" +#endif #include "llvm/IR/Module.h" #include "llvm/Support/Debug.h" #include "llvm/Support/raw_ostream.h" -#include "llvm/Transforms/IPO/PassManagerBuilder.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/Pass.h" #include "llvm/Analysis/ValueTracking.h" @@ -55,16 +58,28 @@ using namespace llvm; namespace { +#if LLVM_MAJOR >= 7 /* use new pass manager */ class CompareTransform : public PassInfoMixin { public: CompareTransform() { +#else +class CompareTransform : public ModulePass { + + public: + static char ID; + CompareTransform() : ModulePass(ID) { +#endif initInstrumentList(); } +#if LLVM_MAJOR >= 7 /* use new pass manager */ PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); +#else + bool runOnModule(Module &M) override; +#endif private: bool transformCmps(Module &M, const bool processStrcmp, @@ -76,6 +91,7 @@ class CompareTransform : public PassInfoMixin { } // namespace +#if LLVM_MAJOR >= 7 /* use new pass manager */ extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK llvmGetPassPluginInfo() { return { @@ -106,7 +122,9 @@ llvmGetPassPluginInfo() { } }; } - +#else +char CompareTransform::ID = 0; +#endif bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, const bool processMemcmp, @@ -613,7 +631,11 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, } +#if LLVM_MAJOR >= 7 /* use new pass manager */ PreservedAnalyses CompareTransform::run(Module &M, ModuleAnalysisManager &MAM) { +#else +bool CompareTransform::runOnModule(Module &M) { +#endif if ((isatty(2) && getenv("AFL_QUIET") == NULL) || getenv("AFL_DEBUG") != NULL) printf( @@ -622,22 +644,26 @@ PreservedAnalyses CompareTransform::run(Module &M, ModuleAnalysisManager &MAM) { else be_quiet = 1; +#if LLVM_MAJOR >= 7 /* use new pass manager */ auto PA = PreservedAnalyses::all(); +#endif transformCmps(M, true, true, true, true, true); verifyModule(M); +#if LLVM_MAJOR >= 7 /* use new pass manager */ /* if (modified) { PA.abandon(); }*/ return PA; - -// return true; +#else + return true; +#endif } -#if 0 +#if LLVM_MAJOR < 7 /* use old pass manager */ static void registerCompTransPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { diff --git a/instrumentation/split-compares-pass.so.cc b/instrumentation/split-compares-pass.so.cc index 75a9c35c..ed7e111e 100644 --- a/instrumentation/split-compares-pass.so.cc +++ b/instrumentation/split-compares-pass.so.cc @@ -30,11 +30,14 @@ #include "llvm/Pass.h" #include "llvm/Support/raw_ostream.h" +#if LLVM_MAJOR >= 7 #include "llvm/Passes/PassPlugin.h" #include "llvm/Passes/PassBuilder.h" #include "llvm/IR/PassManager.h" -//#include "llvm/IR/LegacyPassManager.h" -//#include "llvm/Transforms/IPO/PassManagerBuilder.h" +#else +#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Transforms/IPO/PassManagerBuilder.h" +#endif #include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/IR/Module.h" @@ -58,17 +61,26 @@ using namespace llvm; namespace { -//class SplitComparesTransform : public ModulePass { +#if LLVM_MAJOR >= 7 class SplitComparesTransform : public PassInfoMixin { - public: // static char ID; SplitComparesTransform() : enableFPSplit(0) { +#else +class SplitComparesTransform : public ModulePass { + public: + static char ID; + SplitComparesTransform() : ModulePass(ID), enableFPSplit(0) { +#endif initInstrumentList(); } +#if LLVM_MAJOR >= 7 PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); +#else + bool runOnModule(Module &M) override; +#endif private: int enableFPSplit; @@ -157,6 +169,7 @@ class SplitComparesTransform : public PassInfoMixin { } // namespace +#if LLVM_MAJOR >= 7 extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK llvmGetPassPluginInfo() { return { @@ -187,8 +200,9 @@ llvmGetPassPluginInfo() { } }; } - -//char SplitComparesTransform::ID = 0; +#else +char SplitComparesTransform::ID = 0; +#endif /// This function splits FCMP instructions with xGE or xLE predicates into two /// FCMP instructions with predicate xGT or xLT and EQ @@ -1342,7 +1356,11 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { } +#if LLVM_MAJOR >= 7 PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager &MAM) { +#else +bool SplitComparesTransform::runOnModule(Module &M) { +#endif char *bitw_env = getenv("AFL_LLVM_LAF_SPLIT_COMPARES_BITW"); if (!bitw_env) bitw_env = getenv("LAF_SPLIT_COMPARES_BITW"); @@ -1365,7 +1383,9 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & } +#if LLVM_MAJOR >= 7 auto PA = PreservedAnalyses::all(); +#endif if (enableFPSplit) { @@ -1399,7 +1419,13 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & auto op0 = CI->getOperand(0); auto op1 = CI->getOperand(1); - if (!op0 || !op1) { return PA; } + if (!op0 || !op1) { +#if LLVM_MAJOR >= 7 + return PA; +#else + return false; +#endif + } auto iTy1 = dyn_cast(op0->getType()); if (iTy1 && isa(op1->getType())) { @@ -1453,14 +1479,20 @@ PreservedAnalyses SplitComparesTransform::run(Module &M, ModuleAnalysisManager & errs() << count << " comparisons found\n"; } +#if LLVM_MAJOR >= 7 /* if (modified) { PA.abandon(); }*/ return PA; +#else + return true; +#endif } -#if 0 + +#if LLVM_MAJOR < 7 /* use old pass manager */ + static void registerSplitComparesPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { diff --git a/instrumentation/split-switches-pass.so.cc b/instrumentation/split-switches-pass.so.cc index b8cd61c3..42441de1 100644 --- a/instrumentation/split-switches-pass.so.cc +++ b/instrumentation/split-switches-pass.so.cc @@ -27,14 +27,17 @@ #include "llvm/ADT/Statistic.h" #include "llvm/IR/IRBuilder.h" +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ #include "llvm/Passes/PassPlugin.h" #include "llvm/Passes/PassBuilder.h" #include "llvm/IR/PassManager.h" -//#include "llvm/IR/LegacyPassManager.h" +#else +#include "llvm/IR/LegacyPassManager.h" +#include "llvm/Transforms/IPO/PassManagerBuilder.h" +#endif #include "llvm/IR/Module.h" #include "llvm/Support/Debug.h" #include "llvm/Support/raw_ostream.h" -//#include "llvm/Transforms/IPO/PassManagerBuilder.h" #include "llvm/Transforms/Utils/BasicBlockUtils.h" #include "llvm/Pass.h" #include "llvm/Analysis/ValueTracking.h" @@ -57,16 +60,38 @@ using namespace llvm; namespace { +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ class SplitSwitchesTransform : public PassInfoMixin { public: SplitSwitchesTransform() { +#else +class SplitSwitchesTransform : public ModulePass { + public: + static char ID; + SplitSwitchesTransform() : ModulePass(ID) { +#endif initInstrumentList(); } +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); +#else + bool runOnModule(Module &M) override; + +#if LLVM_VERSION_MAJOR >= 4 + StringRef getPassName() const override { + +#else + const char *getPassName() const override { + +#endif + return "splits switch constructs"; + + } +#endif struct CaseExpr { @@ -94,6 +119,7 @@ class SplitSwitchesTransform : public PassInfoMixin { } // namespace +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK llvmGetPassPluginInfo() { return { @@ -124,6 +150,9 @@ llvmGetPassPluginInfo() { } }; } +#else +char SplitSwitchesTransform::ID = 0; +#endif /* switchConvert - Transform simple list of Cases into list of CaseRange's */ BasicBlock *SplitSwitchesTransform::switchConvert( @@ -435,26 +464,37 @@ bool SplitSwitchesTransform::splitSwitches(Module &M) { } +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ PreservedAnalyses SplitSwitchesTransform::run(Module &M, ModuleAnalysisManager &MAM) { +#else +bool SplitSwitchesTransform::runOnModule(Module &M) { +#endif if ((isatty(2) && getenv("AFL_QUIET") == NULL) || getenv("AFL_DEBUG") != NULL) printf("Running split-switches-pass by laf.intel@gmail.com\n"); else be_quiet = 1; +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ auto PA = PreservedAnalyses::all(); +#endif splitSwitches(M); verifyModule(M); +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ /* if (modified) { PA.abandon(); }*/ return PA; +#else + return true; +#endif } -#if 0 + +#if LLVM_VERSION_MAJOR < 7 /* use old pass manager */ static void registerSplitSwitchesTransPass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { diff --git a/src/afl-cc.c b/src/afl-cc.c index e8584d50..7549e17b 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -460,10 +460,17 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/split-switches-pass.so", obj_path); - +#else + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-load"; + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = + alloc_printf("%s/split-switches-pass.so", obj_path); +#endif } } @@ -478,9 +485,17 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { +#if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/compare-transform-pass.so", obj_path); +#else + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-load"; + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = + alloc_printf("%s/compare-transform-pass.so", obj_path); +#endif } @@ -496,10 +511,18 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { +#if LLVM_MAJOR >= 7 cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/split-compares-pass.so", obj_path); // cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; +#else + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-load"; + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = + alloc_printf("%s/split-compares-pass.so", obj_path); +#endif } @@ -529,9 +552,17 @@ static void edit_params(u32 argc, char **argv, char **envp) { alloc_printf("%s/cmplog-switches-pass.so", obj_path); // reuse split switches from laf +#if LLVM_MAJOR >= 7 cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/split-switches-pass.so", obj_path); +#else + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-load"; + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = + alloc_printf("%s/split-switches-pass.so", obj_path); +#endif } @@ -541,7 +572,7 @@ static void edit_params(u32 argc, char **argv, char **envp) { #if LLVM_MAJOR >= 13 // fuck you llvm 13 -// cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; + cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; #endif if (lto_mode && !have_c) { @@ -621,9 +652,15 @@ static void edit_params(u32 argc, char **argv, char **envp) { } else { +#if LLVM_MAJOR >= 7 cc_params[cc_par_cnt++] = "-fexperimental-new-pass-manager"; cc_params[cc_par_cnt++] = alloc_printf("-fpass-plugin=%s/afl-llvm-pass.so", obj_path); - +#else + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = "-load"; + cc_params[cc_par_cnt++] = "-Xclang"; + cc_params[cc_par_cnt++] = alloc_printf("%s/afl-llvm-pass.so", obj_path); +#endif } } -- cgit 1.4.1 From 7d0e0cde0ad8c5b89eaf72a9751e3fb7513cc0e9 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Sat, 16 Oct 2021 14:51:51 +0200 Subject: fix declaration for new pass manager --- instrumentation/afl-llvm-pass.so.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc index 75f8621b..67abc36a 100644 --- a/instrumentation/afl-llvm-pass.so.cc +++ b/instrumentation/afl-llvm-pass.so.cc @@ -76,8 +76,8 @@ namespace { #if LLVM_VERSION_MAJOR >= 7 /* use new pass manager */ class AFLCoverage : public PassInfoMixin { - AFLCoverage() { public: + AFLCoverage() { #else class AFLCoverage : public ModulePass { public: -- cgit 1.4.1 From de027b3b6b92723b9561137795ac38f57eebc9ad Mon Sep 17 00:00:00 2001 From: Akira Moroo Date: Sun, 21 Nov 2021 11:42:53 +0900 Subject: coresight_mode: Change to use https for submodule URLs Signed-off-by: Akira Moroo --- .gitmodules | 2 +- coresight_mode/coresight-trace | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitmodules b/.gitmodules index cd9d73e9..6569c0b1 100644 --- a/.gitmodules +++ b/.gitmodules @@ -18,4 +18,4 @@ url = https://github.com/NixOS/patchelf.git [submodule "coresight_mode/coresight-trace"] path = coresight_mode/coresight-trace - url = git@github.com:RICSecLab/coresight-trace.git + url = https://github.com/RICSecLab/coresight-trace.git diff --git a/coresight_mode/coresight-trace b/coresight_mode/coresight-trace index ec0fd610..4f1019d9 160000 --- a/coresight_mode/coresight-trace +++ b/coresight_mode/coresight-trace @@ -1 +1 @@ -Subproject commit ec0fd6104720ac0b59967616363dc18209adc02e +Subproject commit 4f1019d903f1f657e88b3e1941168fd1ce126b85 -- cgit 1.4.1 From ef35c803da168816eab6d9ee3fbeb682322792e0 Mon Sep 17 00:00:00 2001 From: hexcoder Date: Sun, 21 Nov 2021 21:33:19 +0100 Subject: add supported boards, name prerequisite --- coresight_mode/README.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/coresight_mode/README.md b/coresight_mode/README.md index dac44076..cd1bccab 100644 --- a/coresight_mode/README.md +++ b/coresight_mode/README.md @@ -1,12 +1,16 @@ # AFL++ CoreSight mode -CoreSight mode enables binary-only fuzzing on ARM64 Linux using CoreSight. +CoreSight mode enables binary-only fuzzing on ARM64 Linux using CoreSight (ARM's hardware tracing technology). NOTE: CoreSight mode is in the early development stage. Not applicable for production use. +Currently the following hardware boards are supported: +* NVIDIA Jetson TX2 (NVIDIA Parker) +* NVIDIA Jetson Nano (NVIDIA Tegra X1) +* GIGABYTE R181-T90 (Marvell ThunderX2 CN99XX) ## Getting started -Please read the [RICSec/coresight-trace README](https://github.com/RICSecLab/coresight-trace/blob/master/README.md) and check the prerequisites before getting started. +Please read the [RICSec/coresight-trace README](https://github.com/RICSecLab/coresight-trace/blob/master/README.md) and check the prerequisites (capstone) before getting started. CoreSight mode supports the AFL fork server mode to reduce `exec` system call overhead. To support it for binary-only fuzzing, it needs to modify the target ELF binary to re-link to the patched glibc. We employ this design from [PTrix](https://github.com/junxzm1990/afl-pt). -- cgit 1.4.1 From 3a7a8704eeca4fccf9629552574c5aac5f0f2271 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 22 Nov 2021 13:27:56 +0100 Subject: better string length counting --- coresight_mode/coresight-trace | 2 +- instrumentation/afl-compiler-rt.o.c | 14 ++++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/coresight_mode/coresight-trace b/coresight_mode/coresight-trace index 4f1019d9..ec0fd610 160000 --- a/coresight_mode/coresight-trace +++ b/coresight_mode/coresight-trace @@ -1 +1 @@ -Subproject commit 4f1019d903f1f657e88b3e1941168fd1ce126b85 +Subproject commit ec0fd6104720ac0b59967616363dc18209adc02e diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index 7c628fcd..ef1d9300 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -1892,9 +1892,10 @@ void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) { // fprintf(stderr, "RTN1 %p %p %u\n", ptr1, ptr2, len); if (likely(!__afl_cmp_map)) return; if (unlikely(!len)) return; - int len1 = MIN(31, strlen(ptr1) + 1); - int len2 = MIN(31, strlen(ptr2) + 1); - int l = MIN(MAX(len1, len2), 31); + int len1 = strnlen(ptr1, 30) + 1; + int len2 = strnlen(ptr2, 30) + 1; + int l = MAX(len1, len2); + if (l < 3) return; uintptr_t k = (uintptr_t)__builtin_return_address(0); k = (uintptr_t)(default_hash((u8 *)&k, sizeof(uintptr_t)) & (CMP_MAP_W - 1)); @@ -1937,9 +1938,10 @@ void __cmplog_rtn_hook_str(u8 *ptr1, u8 *ptr2) { // fprintf(stderr, "RTN1 %p %p\n", ptr1, ptr2); if (likely(!__afl_cmp_map)) return; if (unlikely(!ptr1 || !ptr2)) return; - int len1 = MIN(31, strlen(ptr1) + 1); - int len2 = MIN(31, strlen(ptr2) + 1); - int l = MIN(MAX(len1, len2), 31); + int len1 = strnlen(ptr1, 30) + 1; + int len2 = strnlen(ptr2, 30) + 1; + int l = MAX(len1, len2); + if (l < 3) return; uintptr_t k = (uintptr_t)__builtin_return_address(0); k = (uintptr_t)(default_hash((u8 *)&k, sizeof(uintptr_t)) & (CMP_MAP_W - 1)); -- cgit 1.4.1 From 6f9a98c4a97e8e261fc52891d61f0b0c145b6364 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 22 Nov 2021 14:38:43 +0100 Subject: better string length counting --- instrumentation/afl-compiler-rt.o.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/instrumentation/afl-compiler-rt.o.c b/instrumentation/afl-compiler-rt.o.c index ef1d9300..5d198ada 100644 --- a/instrumentation/afl-compiler-rt.o.c +++ b/instrumentation/afl-compiler-rt.o.c @@ -1892,10 +1892,13 @@ void __cmplog_rtn_hook_strn(u8 *ptr1, u8 *ptr2, u64 len) { // fprintf(stderr, "RTN1 %p %p %u\n", ptr1, ptr2, len); if (likely(!__afl_cmp_map)) return; if (unlikely(!len)) return; - int len1 = strnlen(ptr1, 30) + 1; - int len2 = strnlen(ptr2, 30) + 1; + int len0 = MIN(len, 31); + int len1 = strnlen(ptr1, len0); + if (len1 < 31) len1 = area_is_valid(ptr1, len1 + 1); + int len2 = strnlen(ptr2, len0); + if (len2 < 31) len2 = area_is_valid(ptr1, len2 + 1); int l = MAX(len1, len2); - if (l < 3) return; + if (l < 2) return; uintptr_t k = (uintptr_t)__builtin_return_address(0); k = (uintptr_t)(default_hash((u8 *)&k, sizeof(uintptr_t)) & (CMP_MAP_W - 1)); -- cgit 1.4.1