From 92db44363543b510b7737d51ea2b9a4e790bfb07 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Sun, 20 Feb 2022 19:51:43 +0100 Subject: Revert "remove new llvm pass manager :(" This reverts commit 55ed2a443c5c61baba37415d4087164454d8a2a8. --- instrumentation/afl-llvm-dict2file.so.cc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'instrumentation/afl-llvm-dict2file.so.cc') diff --git a/instrumentation/afl-llvm-dict2file.so.cc b/instrumentation/afl-llvm-dict2file.so.cc index 39124660..440b9428 100644 --- a/instrumentation/afl-llvm-dict2file.so.cc +++ b/instrumentation/afl-llvm-dict2file.so.cc @@ -589,7 +589,6 @@ bool AFLdict2filePass::runOnModule(Module &M) { if (optLen < 2) { continue; } if (literalLength + 1 == optLen) { // add null byte - thestring.append("\0", 1); } @@ -612,11 +611,17 @@ bool AFLdict2filePass::runOnModule(Module &M) { } */ - if (!isStdString && thestring.find('\0', 0) != std::string::npos) { + + if (!isStdString) { // ensure we do not have garbage size_t offset = thestring.find('\0', 0); - if (offset + 1 < optLen) optLen = offset + 1; + if (offset && offset < optLen && offset + 1 < optLen) { + + optLen = offset + 1; + + } + thestring = thestring.substr(0, optLen); } -- cgit 1.4.1 From 05119990b6075aaf8f16a385a763651f68b8b1ef Mon Sep 17 00:00:00 2001 From: Raphael Isemann Date: Tue, 22 Feb 2022 10:54:51 +0100 Subject: LLVM 14 fixes --- instrumentation/SanitizerCoverageLTO.so.cc | 5 +++-- instrumentation/SanitizerCoveragePCGUARD.so.cc | 1 + instrumentation/afl-llvm-dict2file.so.cc | 4 ++-- instrumentation/afl-llvm-lto-instrumentlist.so.cc | 1 + instrumentation/afl-llvm-pass.so.cc | 1 + instrumentation/compare-transform-pass.so.cc | 4 ++-- src/afl-cc.c | 4 ++-- 7 files changed, 12 insertions(+), 8 deletions(-) (limited to 'instrumentation/afl-llvm-dict2file.so.cc') diff --git a/instrumentation/SanitizerCoverageLTO.so.cc b/instrumentation/SanitizerCoverageLTO.so.cc index 6a4a071f..1bdc5376 100644 --- a/instrumentation/SanitizerCoverageLTO.so.cc +++ b/instrumentation/SanitizerCoverageLTO.so.cc @@ -17,6 +17,7 @@ #include "llvm/Transforms/Instrumentation/SanitizerCoverage.h" #include "llvm/ADT/ArrayRef.h" #include "llvm/ADT/SmallVector.h" +#include "llvm/ADT/Triple.h" #include "llvm/Analysis/EHPersonalities.h" #include "llvm/Analysis/PostDominators.h" #include "llvm/Analysis/ValueTracking.h" @@ -757,7 +758,7 @@ bool ModuleSanitizerCoverage::instrumentModule( if (!HasStr2) { auto *Ptr = dyn_cast(Str2P); - if (Ptr && Ptr->isGEPWithNoNotionalOverIndexing()) { + if (Ptr && Ptr->getOpcode() == Instruction::GetElementPtr) { if (auto *Var = dyn_cast(Ptr->getOperand(0))) { @@ -838,7 +839,7 @@ bool ModuleSanitizerCoverage::instrumentModule( auto Ptr = dyn_cast(Str1P); - if (Ptr && Ptr->isGEPWithNoNotionalOverIndexing()) { + if (Ptr && Ptr->getOpcode() == Instruction::GetElementPtr) { if (auto *Var = dyn_cast(Ptr->getOperand(0))) { diff --git a/instrumentation/SanitizerCoveragePCGUARD.so.cc b/instrumentation/SanitizerCoveragePCGUARD.so.cc index e4ffeb50..48bb5a2c 100644 --- a/instrumentation/SanitizerCoveragePCGUARD.so.cc +++ b/instrumentation/SanitizerCoveragePCGUARD.so.cc @@ -13,6 +13,7 @@ #include "llvm/Transforms/Instrumentation/SanitizerCoverage.h" #include "llvm/ADT/ArrayRef.h" #include "llvm/ADT/SmallVector.h" +#include "llvm/ADT/Triple.h" #include "llvm/Analysis/EHPersonalities.h" #include "llvm/Analysis/PostDominators.h" #include "llvm/IR/CFG.h" diff --git a/instrumentation/afl-llvm-dict2file.so.cc b/instrumentation/afl-llvm-dict2file.so.cc index 39124660..94dc6984 100644 --- a/instrumentation/afl-llvm-dict2file.so.cc +++ b/instrumentation/afl-llvm-dict2file.so.cc @@ -435,7 +435,7 @@ bool AFLdict2filePass::runOnModule(Module &M) { if (!HasStr2) { auto *Ptr = dyn_cast(Str2P); - if (Ptr && Ptr->isGEPWithNoNotionalOverIndexing()) { + if (Ptr && Ptr->getOpcode() == Instruction::GetElementPtr) { if (auto *Var = dyn_cast(Ptr->getOperand(0))) { @@ -519,7 +519,7 @@ bool AFLdict2filePass::runOnModule(Module &M) { auto Ptr = dyn_cast(Str1P); - if (Ptr && Ptr->isGEPWithNoNotionalOverIndexing()) { + if (Ptr && Ptr->getOpcode() == Instruction::GetElementPtr) { if (auto *Var = dyn_cast(Ptr->getOperand(0))) { diff --git a/instrumentation/afl-llvm-lto-instrumentlist.so.cc b/instrumentation/afl-llvm-lto-instrumentlist.so.cc index 35ba9c5a..2ddbc725 100644 --- a/instrumentation/afl-llvm-lto-instrumentlist.so.cc +++ b/instrumentation/afl-llvm-lto-instrumentlist.so.cc @@ -43,6 +43,7 @@ #include "llvm/IR/IRBuilder.h" #include "llvm/IR/LegacyPassManager.h" #include "llvm/IR/Module.h" +#include "llvm/Pass.h" #include "llvm/Support/Debug.h" #include "llvm/Transforms/IPO/PassManagerBuilder.h" #include "llvm/IR/CFG.h" diff --git a/instrumentation/afl-llvm-pass.so.cc b/instrumentation/afl-llvm-pass.so.cc index 5246ba08..6419cd1d 100644 --- a/instrumentation/afl-llvm-pass.so.cc +++ b/instrumentation/afl-llvm-pass.so.cc @@ -45,6 +45,7 @@ typedef long double max_align_t; #endif #include "llvm/IR/IRBuilder.h" +#include "llvm/Pass.h" #include "llvm/IR/LegacyPassManager.h" #include "llvm/IR/BasicBlock.h" #include "llvm/IR/Module.h" diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc index c3a4ee34..1e250d7a 100644 --- a/instrumentation/compare-transform-pass.so.cc +++ b/instrumentation/compare-transform-pass.so.cc @@ -246,7 +246,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, if (!(HasStr1 || HasStr2)) { auto *Ptr = dyn_cast(Str2P); - if (Ptr && Ptr->isGEPWithNoNotionalOverIndexing()) { + if (Ptr && Ptr->getOpcode() == Instruction::GetElementPtr) { if (auto *Var = dyn_cast(Ptr->getOperand(0))) { @@ -271,7 +271,7 @@ bool CompareTransform::transformCmps(Module &M, const bool processStrcmp, if (!HasStr2) { Ptr = dyn_cast(Str1P); - if (Ptr && Ptr->isGEPWithNoNotionalOverIndexing()) { + if (Ptr && Ptr->getOpcode() == Instruction::GetElementPtr) { if (auto *Var = dyn_cast(Ptr->getOperand(0))) { diff --git a/src/afl-cc.c b/src/afl-cc.c index ed57ca1e..bacd9de9 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -549,8 +549,8 @@ static void edit_params(u32 argc, char **argv, char **envp) { } #if LLVM_MAJOR >= 13 - // fuck you llvm 13 - cc_params[cc_par_cnt++] = "-fno-experimental-new-pass-manager"; + // Use the old pass manager in LLVM 14 which the afl++ passes still use. + cc_params[cc_par_cnt++] = "-flegacy-pass-manager"; #endif if (lto_mode && !have_c) { -- cgit 1.4.1 From 33e43b11f8981ea97070a1f8b9a75e33b9fc1057 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 3 Mar 2022 18:24:26 +0100 Subject: port instrumentation/afl-llvm-dict2file --- instrumentation/afl-llvm-dict2file.so.cc | 113 +++++++++++++++++++++++-------- 1 file changed, 86 insertions(+), 27 deletions(-) (limited to 'instrumentation/afl-llvm-dict2file.so.cc') diff --git a/instrumentation/afl-llvm-dict2file.so.cc b/instrumentation/afl-llvm-dict2file.so.cc index a554c40e..37cd8ad0 100644 --- a/instrumentation/afl-llvm-dict2file.so.cc +++ b/instrumentation/afl-llvm-dict2file.so.cc @@ -39,7 +39,14 @@ #include "llvm/Config/llvm-config.h" #include "llvm/ADT/Statistic.h" #include "llvm/IR/IRBuilder.h" -#include "llvm/IR/LegacyPassManager.h" +#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ + #include "llvm/Passes/PassPlugin.h" + #include "llvm/Passes/PassBuilder.h" + #include "llvm/IR/PassManager.h" +#else + #include "llvm/IR/LegacyPassManager.h" + #include "llvm/Transforms/IPO/PassManagerBuilder.h" +#endif #include "llvm/IR/BasicBlock.h" #include "llvm/IR/Module.h" #include "llvm/IR/DebugInfo.h" @@ -60,31 +67,9 @@ #define O_DSYNC O_SYNC #endif -using namespace llvm; - -namespace { - -class AFLdict2filePass : public ModulePass { - - std::ofstream of; - void dict2file(u8 *, u32); - - public: - static char ID; - - AFLdict2filePass() : ModulePass(ID) { +std::ofstream of; - if (getenv("AFL_DEBUG")) debug = 1; - - } - - bool runOnModule(Module &M) override; - -}; - -} // namespace - -void AFLdict2filePass::dict2file(u8 *mem, u32 len) { +void dict2file(u8 *mem, u32 len) { u32 i, j, binary = 0; char line[MAX_AUTO_EXTRA * 8], tmp[8]; @@ -123,8 +108,74 @@ void AFLdict2filePass::dict2file(u8 *mem, u32 len) { } +using namespace llvm; + +namespace { + +#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ +class AFLdict2filePass : public PassInfoMixin { + + public: + AFLdict2filePass() { + +#else +class AFLdict2filePass : public ModulePass { + + public: + bool runOnModule(Module &M) override; + AFLdict2filePass() : ModulePass(ID) { + +#endif + + if (getenv("AFL_DEBUG")) debug = 1; + + } + +#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ + PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); +#endif + +}; + +} // namespace + +#if LLVM_MAJOR >= 11 +extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK +llvmGetPassPluginInfo() { + + return {LLVM_PLUGIN_API_VERSION, "dict2file", "v0.1", + /* lambda to insert our pass into the pass pipeline. */ + [](PassBuilder &PB) { + + #if LLVM_VERSION_MAJOR <= 13 + using OptimizationLevel = typename PassBuilder::OptimizationLevel; + #endif + PB.registerOptimizerLastEPCallback( + [](ModulePassManager &MPM, OptimizationLevel OL) { + + MPM.addPass(AFLdict2filePass()); + + }); + + }}; + +} + +#else + +char AFLdict2filePass::ID = 0; + +#endif + +#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ +PreservedAnalyses AFLdict2filePass::run(Module &M, ModuleAnalysisManager &MAM) { + +#else + bool AFLdict2filePass::runOnModule(Module &M) { +#endif + DenseMap valueMap; char * ptr; int found = 0; @@ -663,12 +714,18 @@ bool AFLdict2filePass::runOnModule(Module &M) { } +#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ + auto PA = PreservedAnalyses::all(); +#endif +#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ + return PA; +#else return true; +#endif } -char AFLdict2filePass::ID = 0; - +#if LLVM_VERSION_MAJOR < 11 /* use old pass manager */ static void registerAFLdict2filePass(const PassManagerBuilder &, legacy::PassManagerBase &PM) { @@ -686,3 +743,5 @@ static RegisterStandardPasses RegisterAFLdict2filePass( static RegisterStandardPasses RegisterAFLdict2filePass0( PassManagerBuilder::EP_EnabledOnOptLevel0, registerAFLdict2filePass); +#endif + -- cgit 1.4.1 From 3c11a377570512efeb3a197148ff1b7dddbd8e32 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Thu, 17 Mar 2022 15:48:06 +0100 Subject: fixes for llvm < 11 --- instrumentation/SanitizerCoveragePCGUARD.so.cc | 2 +- instrumentation/afl-llvm-dict2file.so.cc | 111 ++++++++++++------------- instrumentation/compare-transform-pass.so.cc | 19 +++-- src/afl-ld-lto.c | 3 +- 4 files changed, 69 insertions(+), 66 deletions(-) (limited to 'instrumentation/afl-llvm-dict2file.so.cc') diff --git a/instrumentation/SanitizerCoveragePCGUARD.so.cc b/instrumentation/SanitizerCoveragePCGUARD.so.cc index a5d8f895..e234cf57 100644 --- a/instrumentation/SanitizerCoveragePCGUARD.so.cc +++ b/instrumentation/SanitizerCoveragePCGUARD.so.cc @@ -242,7 +242,7 @@ class ModuleSanitizerCoverageLegacyPass : public ModulePass { } /*static*/ char ID; // Pass identification, replacement for typeid - StringRef getPassName() const override { + StringRef getPassName() const override { return "ModuleSanitizerCoverage"; diff --git a/instrumentation/afl-llvm-dict2file.so.cc b/instrumentation/afl-llvm-dict2file.so.cc index 37cd8ad0..79cdf491 100644 --- a/instrumentation/afl-llvm-dict2file.so.cc +++ b/instrumentation/afl-llvm-dict2file.so.cc @@ -45,7 +45,6 @@ #include "llvm/IR/PassManager.h" #else #include "llvm/IR/LegacyPassManager.h" - #include "llvm/Transforms/IPO/PassManagerBuilder.h" #endif #include "llvm/IR/BasicBlock.h" #include "llvm/IR/Module.h" @@ -67,47 +66,6 @@ #define O_DSYNC O_SYNC #endif -std::ofstream of; - -void dict2file(u8 *mem, u32 len) { - - u32 i, j, binary = 0; - char line[MAX_AUTO_EXTRA * 8], tmp[8]; - - strcpy(line, "\""); - j = 1; - for (i = 0; i < len; i++) { - - if (isprint(mem[i]) && mem[i] != '\\' && mem[i] != '"') { - - line[j++] = mem[i]; - - } else { - - if (i + 1 != len || mem[i] != 0 || binary || len == 4 || len == 8) { - - line[j] = 0; - sprintf(tmp, "\\x%02x", (u8)mem[i]); - strcat(line, tmp); - j = strlen(line); - - } - - binary = 1; - - } - - } - - line[j] = 0; - strcat(line, "\"\n"); - of << line; - of.flush(); - - if (!be_quiet) fprintf(stderr, "Found dictionary token: %s", line); - -} - using namespace llvm; namespace { @@ -115,14 +73,22 @@ namespace { #if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ class AFLdict2filePass : public PassInfoMixin { + std::ofstream of; + void dict2file(u8 *, u32); + public: AFLdict2filePass() { #else + class AFLdict2filePass : public ModulePass { + std::ofstream of; + void dict2file(u8 *, u32); + public: - bool runOnModule(Module &M) override; + static char ID; + AFLdict2filePass() : ModulePass(ID) { #endif @@ -133,6 +99,8 @@ class AFLdict2filePass : public ModulePass { #if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); +#else + bool runOnModule(Module &M) override; #endif }; @@ -143,7 +111,7 @@ class AFLdict2filePass : public ModulePass { extern "C" ::llvm::PassPluginLibraryInfo LLVM_ATTRIBUTE_WEAK llvmGetPassPluginInfo() { - return {LLVM_PLUGIN_API_VERSION, "dict2file", "v0.1", + return {LLVM_PLUGIN_API_VERSION, "AFLdict2filePass", "v0.1", /* lambda to insert our pass into the pass pipeline. */ [](PassBuilder &PB) { @@ -162,16 +130,52 @@ llvmGetPassPluginInfo() { } #else - char AFLdict2filePass::ID = 0; - #endif +void AFLdict2filePass::dict2file(u8 *mem, u32 len) { + + u32 i, j, binary = 0; + char line[MAX_AUTO_EXTRA * 8], tmp[8]; + + strcpy(line, "\""); + j = 1; + for (i = 0; i < len; i++) { + + if (isprint(mem[i]) && mem[i] != '\\' && mem[i] != '"') { + + line[j++] = mem[i]; + + } else { + + if (i + 1 != len || mem[i] != 0 || binary || len == 4 || len == 8) { + + line[j] = 0; + sprintf(tmp, "\\x%02x", (u8)mem[i]); + strcat(line, tmp); + j = strlen(line); + + } + + binary = 1; + + } + + } + + line[j] = 0; + strcat(line, "\"\n"); + of << line; + of.flush(); + + if (!be_quiet) fprintf(stderr, "Found dictionary token: %s", line); + +} + #if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ PreservedAnalyses AFLdict2filePass::run(Module &M, ModuleAnalysisManager &MAM) { #else - bool AFLdict2filePass::runOnModule(Module &M) { #endif @@ -640,6 +644,7 @@ bool AFLdict2filePass::runOnModule(Module &M) { if (optLen < 2) { continue; } if (literalLength + 1 == optLen) { // add null byte + thestring.append("\0", 1); } @@ -662,17 +667,11 @@ bool AFLdict2filePass::runOnModule(Module &M) { } */ - - if (!isStdString) { + if (!isStdString && thestring.find('\0', 0) != std::string::npos) { // ensure we do not have garbage size_t offset = thestring.find('\0', 0); - if (offset && offset < optLen && offset + 1 < optLen) { - - optLen = offset + 1; - - } - + if (offset + 1 < optLen) optLen = offset + 1; thestring = thestring.substr(0, optLen); } @@ -716,8 +715,6 @@ bool AFLdict2filePass::runOnModule(Module &M) { #if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ auto PA = PreservedAnalyses::all(); -#endif -#if LLVM_VERSION_MAJOR >= 11 /* use new pass manager */ return PA; #else return true; diff --git a/instrumentation/compare-transform-pass.so.cc b/instrumentation/compare-transform-pass.so.cc index 4e471ea3..34c88735 100644 --- a/instrumentation/compare-transform-pass.so.cc +++ b/instrumentation/compare-transform-pass.so.cc @@ -88,21 +88,26 @@ class CompareTransform : public ModulePass { const char *getPassName() const override { #endif + + return "cmplog transform"; + + } + #endif #if LLVM_MAJOR >= 11 /* use new pass manager */ - PreservedAnalyses run(Module & M, ModuleAnalysisManager & MAM); + PreservedAnalyses run(Module &M, ModuleAnalysisManager &MAM); #else bool runOnModule(Module &M) override; #endif - private: - bool transformCmps(Module & M, const bool processStrcmp, - const bool processMemcmp, const bool processStrncmp, - const bool processStrcasecmp, - const bool processStrncasecmp); + private: + bool transformCmps(Module &M, const bool processStrcmp, + const bool processMemcmp, const bool processStrncmp, + const bool processStrcasecmp, + const bool processStrncasecmp); - }; +}; } // namespace diff --git a/src/afl-ld-lto.c b/src/afl-ld-lto.c index f2f95fd7..5797def8 100644 --- a/src/afl-ld-lto.c +++ b/src/afl-ld-lto.c @@ -237,7 +237,8 @@ static void edit_params(int argc, char **argv) { } if (!rt_present) - ld_params[ld_param_cnt++] = alloc_printf("%s/afl-compiler-rt.o", afl_path); + ld_params[ld_param_cnt++] = + alloc_printf("%s/afl-compiler-rt.o", afl_path); if (!rt_lto_present) ld_params[ld_param_cnt++] = alloc_printf("%s/afl-llvm-rt-lto.o", afl_path); -- cgit 1.4.1 From 285a5cb38b994b514744c49bad409a49210765d4 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Thu, 31 Mar 2022 15:35:38 +0000 Subject: Some scan-build fixes --- instrumentation/SanitizerCoveragePCGUARD.so.cc | 27 ++++++++++++++++++++++++++ instrumentation/afl-llvm-dict2file.so.cc | 8 +++++--- instrumentation/cmplog-instructions-pass.cc | 17 ++++++++-------- src/afl-cc.c | 14 ++++++++++++- src/afl-fuzz-cmplog.c | 10 +--------- src/afl-fuzz-redqueen.c | 2 +- 6 files changed, 56 insertions(+), 22 deletions(-) (limited to 'instrumentation/afl-llvm-dict2file.so.cc') diff --git a/instrumentation/SanitizerCoveragePCGUARD.so.cc b/instrumentation/SanitizerCoveragePCGUARD.so.cc index e234cf57..f80b1a1e 100644 --- a/instrumentation/SanitizerCoveragePCGUARD.so.cc +++ b/instrumentation/SanitizerCoveragePCGUARD.so.cc @@ -932,6 +932,15 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage( IRBuilder<> IRB(callInst); + if (!FunctionGuardArray) { + + fprintf(stderr, + "SANCOV: FunctionGuardArray is NULL, failed to emit " + "instrumentation."); + continue; + + } + Value *GuardPtr = IRB.CreateIntToPtr( IRB.CreateAdd( IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), @@ -957,6 +966,15 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage( if (t->getTypeID() == llvm::Type::IntegerTyID) { + if (!FunctionGuardArray) { + + fprintf(stderr, + "SANCOV: FunctionGuardArray is NULL, failed to emit " + "instrumentation."); + continue; + + } + auto GuardPtr1 = IRB.CreateIntToPtr( IRB.CreateAdd( IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), @@ -993,6 +1011,15 @@ bool ModuleSanitizerCoverageAFL::InjectCoverage( FixedVectorType::get(Int32PtrTy, elements); Value *x, *y; + if (!FunctionGuardArray) { + + fprintf(stderr, + "SANCOV: FunctionGuardArray is NULL, failed to emit " + "instrumentation."); + continue; + + } + Value *val1 = IRB.CreateIntToPtr( IRB.CreateAdd( IRB.CreatePointerCast(FunctionGuardArray, IntptrTy), diff --git a/instrumentation/afl-llvm-dict2file.so.cc b/instrumentation/afl-llvm-dict2file.so.cc index 79cdf491..31aaab07 100644 --- a/instrumentation/afl-llvm-dict2file.so.cc +++ b/instrumentation/afl-llvm-dict2file.so.cc @@ -536,15 +536,17 @@ bool AFLdict2filePass::runOnModule(Module &M) { } - if (optLength > Str2.length()) { optLength = Str2.length(); } - } valueMap[Str1P] = new std::string(Str2); - if (debug) + if (debug) { + fprintf(stderr, "Saved: %s for %p\n", Str2.c_str(), (void *)Str1P); + + } + continue; } diff --git a/instrumentation/cmplog-instructions-pass.cc b/instrumentation/cmplog-instructions-pass.cc index 7c95d9bb..fd7930a1 100644 --- a/instrumentation/cmplog-instructions-pass.cc +++ b/instrumentation/cmplog-instructions-pass.cc @@ -515,7 +515,7 @@ bool CmpLogInstructions::hookInstrs(Module &M) { while (1) { std::vector args; - uint32_t skip = 0; + bool skip = true; if (vector_cnt) { @@ -537,16 +537,18 @@ bool CmpLogInstructions::hookInstrs(Module &M) { if (i0) { cur_val = (uint64_t)i0->getValue().convertToDouble(); - if (last_val0 && last_val0 == cur_val) { skip = 1; } - last_val0 = cur_val; + if (last_val0 && last_val0 == cur_val) { skip = true; + + } last_val0 = cur_val; } if (i1) { cur_val = (uint64_t)i1->getValue().convertToDouble(); - if (last_val1 && last_val1 == cur_val) { skip = 1; } - last_val1 = cur_val; + if (last_val1 && last_val1 == cur_val) { skip = true; + + } last_val1 = cur_val; } @@ -559,7 +561,7 @@ bool CmpLogInstructions::hookInstrs(Module &M) { if (i0 && i0->uge(0xffffffffffffffff) == false) { cur_val = i0->getZExtValue(); - if (last_val0 && last_val0 == cur_val) { skip = 1; } + if (last_val0 && last_val0 == cur_val) { skip = true; } last_val0 = cur_val; } @@ -567,7 +569,7 @@ bool CmpLogInstructions::hookInstrs(Module &M) { if (i1 && i1->uge(0xffffffffffffffff) == false) { cur_val = i1->getZExtValue(); - if (last_val1 && last_val1 == cur_val) { skip = 1; } + if (last_val1 && last_val1 == cur_val) { skip = true; } last_val1 = cur_val; } @@ -649,7 +651,6 @@ bool CmpLogInstructions::hookInstrs(Module &M) { ++cur; if (cur >= vector_cnt) { break; } - skip = 0; } diff --git a/src/afl-cc.c b/src/afl-cc.c index 4cec7740..ffdda386 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -566,7 +566,19 @@ static void edit_params(u32 argc, char **argv, char **envp) { } - if (!ld_path || !*ld_path) { ld_path = strdup("ld.lld"); } + if (!ld_path || !*ld_path) { + + if (ld_path) { + + // Freeing empty string + free(ld_path); + + } + + ld_path = strdup("ld.lld"); + + } + if (!ld_path) { PFATAL("Could not allocate mem for ld_path"); } #if defined(AFL_CLANG_LDPATH) && LLVM_MAJOR >= 12 cc_params[cc_par_cnt++] = alloc_printf("--ld-path=%s", ld_path); diff --git a/src/afl-fuzz-cmplog.c b/src/afl-fuzz-cmplog.c index 1a8052a0..7d94085d 100644 --- a/src/afl-fuzz-cmplog.c +++ b/src/afl-fuzz-cmplog.c @@ -49,7 +49,7 @@ u8 common_fuzz_cmplog_stuff(afl_state_t *afl, u8 *out_buf, u32 len) { u8 fault; - len = write_to_testcase(afl, out_buf, len, 0); + write_to_testcase(afl, out_buf, len, 0); fault = fuzz_run_target(afl, &afl->cmplog_fsrv, afl->fsrv.exec_tmout); @@ -81,14 +81,6 @@ u8 common_fuzz_cmplog_stuff(afl_state_t *afl, u8 *out_buf, u32 len) { } - /* This handles FAULT_ERROR for us: */ - - /* afl->queued_discovered += save_if_interesting(afl, argv, out_buf, len, - fault); - - if (!(afl->stage_cur % afl->stats_update_freq) || afl->stage_cur + 1 == - afl->stage_max) show_stats(afl); */ - return 0; } diff --git a/src/afl-fuzz-redqueen.c b/src/afl-fuzz-redqueen.c index 2f32ef1e..2dbad5cf 100644 --- a/src/afl-fuzz-redqueen.c +++ b/src/afl-fuzz-redqueen.c @@ -1969,7 +1969,7 @@ static u8 rtn_extend_encoding(afl_state_t *afl, u8 entry, if (l0 == 0 || l1 == 0 || ol0 == 0 || ol1 == 0 || l0 > 31 || l1 > 31 || ol0 > 31 || ol1 > 31) { - l0 = l1 = ol0 = ol1 = hshape; + l0 = ol0 = hshape; } -- cgit 1.4.1