From cbe029664e9e4d718119d8f1758c1bcc6c8dbfce Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Tue, 7 Jul 2020 12:59:00 +0200 Subject: fix issue #446 --- llvm_mode/split-compares-pass.so.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index 651fa5b4..82645224 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -640,7 +640,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { BranchInst::Create(end_bb, signequal_bb); - /* create a new bb which is executed if exponents are equal */ + /* create a new bb which is executed if exponents are satisfying the compare */ BasicBlock *middle_bb = BasicBlock::Create(C, "injected", end_bb->getParent(), end_bb); @@ -711,7 +711,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { case CmpInst::FCMP_UGT: Instruction *icmp_exponent; icmp_exponent = - CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, m_e0, m_e1); + CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGE, m_e0, m_e1); signequal_bb->getInstList().insert( BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponent); icmp_exponent_result = @@ -720,7 +720,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { case CmpInst::FCMP_OLT: case CmpInst::FCMP_ULT: icmp_exponent = - CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, m_e0, m_e1); + CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULE, m_e0, m_e1); signequal_bb->getInstList().insert( BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponent); icmp_exponent_result = @@ -738,7 +738,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { { auto term = signequal_bb->getTerminator(); - /* if the exponents are different do a fraction cmp */ + /* if the exponents are satifying the compare do a fraction cmp in middle_bb */ BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, signequal_bb); term->eraseFromParent(); -- cgit 1.4.1 From 60bb1afc727bdade0504e14a8d781c1a37fcda28 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Thu, 9 Jul 2020 21:32:06 +0200 Subject: code format --- llvm_mode/split-compares-pass.so.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index 82645224..1333bd41 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -640,7 +640,8 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { BranchInst::Create(end_bb, signequal_bb); - /* create a new bb which is executed if exponents are satisfying the compare */ + /* create a new bb which is executed if exponents are satisfying the compare + */ BasicBlock *middle_bb = BasicBlock::Create(C, "injected", end_bb->getParent(), end_bb); @@ -738,7 +739,8 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { { auto term = signequal_bb->getTerminator(); - /* if the exponents are satifying the compare do a fraction cmp in middle_bb */ + /* if the exponents are satifying the compare do a fraction cmp in + * middle_bb */ BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, signequal_bb); term->eraseFromParent(); -- cgit 1.4.1 From 571031a46730a7f0d5a99ff373d7bdc8c2561149 Mon Sep 17 00:00:00 2001 From: hexcoder- Date: Sat, 11 Jul 2020 00:56:35 +0200 Subject: fix several cases in floating point comparison splitting --- llvm_mode/split-compares-pass.so.cc | 362 ++++++++++++++++++++++++------------ 1 file changed, 238 insertions(+), 124 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index 1333bd41..615253ce 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -80,6 +80,7 @@ class SplitComparesTransform : public ModulePass { size_t splitIntCompares(Module &M, unsigned bitw); size_t splitFPCompares(Module &M); bool simplifyCompares(Module &M); + bool simplifyFPCompares(Module &M); bool simplifyIntSignedness(Module &M); size_t nextPowerOfTwo(size_t in); @@ -89,12 +90,10 @@ class SplitComparesTransform : public ModulePass { char SplitComparesTransform::ID = 0; -/* This function splits ICMP instructions with xGE or xLE predicates into two - * ICMP instructions with predicate xGT or xLT and EQ */ -bool SplitComparesTransform::simplifyCompares(Module &M) { - +/* This function splits FCMP instructions with xGE or xLE predicates into two + * FCMP instructions with predicate xGT or xLT and EQ */ +bool SplitComparesTransform::simplifyFPCompares(Module &M) { LLVMContext & C = M.getContext(); - std::vector icomps; std::vector fcomps; IntegerType * Int1Ty = IntegerType::getInt1Ty(C); @@ -112,24 +111,6 @@ bool SplitComparesTransform::simplifyCompares(Module &M) { if ((selectcmpInst = dyn_cast(&IN))) { - if (selectcmpInst->getPredicate() == CmpInst::ICMP_UGE || - selectcmpInst->getPredicate() == CmpInst::ICMP_SGE || - selectcmpInst->getPredicate() == CmpInst::ICMP_ULE || - selectcmpInst->getPredicate() == CmpInst::ICMP_SLE) { - - auto op0 = selectcmpInst->getOperand(0); - auto op1 = selectcmpInst->getOperand(1); - - IntegerType *intTyOp0 = dyn_cast(op0->getType()); - IntegerType *intTyOp1 = dyn_cast(op1->getType()); - - /* this is probably not needed but we do it anyway */ - if (!intTyOp0 || !intTyOp1) { continue; } - - icomps.push_back(selectcmpInst); - - } - if (enableFPSplit && (selectcmpInst->getPredicate() == CmpInst::FCMP_OGE || selectcmpInst->getPredicate() == CmpInst::FCMP_UGE || @@ -159,105 +140,159 @@ bool SplitComparesTransform::simplifyCompares(Module &M) { } - if (!icomps.size() && !fcomps.size()) { return false; } + if (!fcomps.size()) { return false; } - for (auto &IcmpInst : icomps) { + /* transform for floating point */ + for (auto &FcmpInst : fcomps) { - BasicBlock *bb = IcmpInst->getParent(); + BasicBlock *bb = FcmpInst->getParent(); - auto op0 = IcmpInst->getOperand(0); - auto op1 = IcmpInst->getOperand(1); + auto op0 = FcmpInst->getOperand(0); + auto op1 = FcmpInst->getOperand(1); /* find out what the new predicate is going to be */ - auto pred = dyn_cast(IcmpInst)->getPredicate(); + auto pred = dyn_cast(FcmpInst)->getPredicate(); CmpInst::Predicate new_pred; switch (pred) { - case CmpInst::ICMP_UGE: - new_pred = CmpInst::ICMP_UGT; + case CmpInst::FCMP_UGE: + new_pred = CmpInst::FCMP_UGT; break; - case CmpInst::ICMP_SGE: - new_pred = CmpInst::ICMP_SGT; + case CmpInst::FCMP_OGE: + new_pred = CmpInst::FCMP_OGT; break; - case CmpInst::ICMP_ULE: - new_pred = CmpInst::ICMP_ULT; + case CmpInst::FCMP_ULE: + new_pred = CmpInst::FCMP_ULT; break; - case CmpInst::ICMP_SLE: - new_pred = CmpInst::ICMP_SLT; + case CmpInst::FCMP_OLE: + new_pred = CmpInst::FCMP_OLT; break; default: // keep the compiler happy continue; } - /* split before the icmp instruction */ - BasicBlock *end_bb = bb->splitBasicBlock(BasicBlock::iterator(IcmpInst)); + /* split before the fcmp instruction */ + BasicBlock *end_bb = bb->splitBasicBlock(BasicBlock::iterator(FcmpInst)); /* the old bb now contains a unconditional jump to the new one (end_bb) * we need to delete it later */ - /* create the ICMP instruction with new_pred and add it to the old basic - * block bb it is now at the position where the old IcmpInst was */ - Instruction *icmp_np; - icmp_np = CmpInst::Create(Instruction::ICmp, new_pred, op0, op1); + /* create the FCMP instruction with new_pred and add it to the old basic + * block bb it is now at the position where the old FcmpInst was */ + Instruction *fcmp_np; + fcmp_np = CmpInst::Create(Instruction::FCmp, new_pred, op0, op1); bb->getInstList().insert(BasicBlock::iterator(bb->getTerminator()), - icmp_np); + fcmp_np); - /* create a new basic block which holds the new EQ icmp */ - Instruction *icmp_eq; + /* create a new basic block which holds the new EQ fcmp */ + Instruction *fcmp_eq; /* insert middle_bb before end_bb */ BasicBlock *middle_bb = BasicBlock::Create(C, "injected", end_bb->getParent(), end_bb); - icmp_eq = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, op0, op1); - middle_bb->getInstList().push_back(icmp_eq); + fcmp_eq = CmpInst::Create(Instruction::FCmp, CmpInst::FCMP_OEQ, op0, op1); + middle_bb->getInstList().push_back(fcmp_eq); /* add an unconditional branch to the end of middle_bb with destination * end_bb */ BranchInst::Create(end_bb, middle_bb); /* replace the uncond branch with a conditional one, which depends on the - * new_pred icmp. True goes to end, false to the middle (injected) bb */ + * new_pred fcmp. True goes to end, false to the middle (injected) bb */ auto term = bb->getTerminator(); - BranchInst::Create(end_bb, middle_bb, icmp_np, bb); + BranchInst::Create(end_bb, middle_bb, fcmp_np, bb); term->eraseFromParent(); - /* replace the old IcmpInst (which is the first inst in end_bb) with a PHI + /* replace the old FcmpInst (which is the first inst in end_bb) with a PHI * inst to wire up the loose ends */ PHINode *PN = PHINode::Create(Int1Ty, 2, ""); - /* the first result depends on the outcome of icmp_eq */ - PN->addIncoming(icmp_eq, middle_bb); - /* if the source was the original bb we know that the icmp_np yielded true + /* the first result depends on the outcome of fcmp_eq */ + PN->addIncoming(fcmp_eq, middle_bb); + /* if the source was the original bb we know that the fcmp_np yielded true * hence we can hardcode this value */ PN->addIncoming(ConstantInt::get(Int1Ty, 1), bb); - /* replace the old IcmpInst with our new and shiny PHI inst */ - BasicBlock::iterator ii(IcmpInst); - ReplaceInstWithInst(IcmpInst->getParent()->getInstList(), ii, PN); + /* replace the old FcmpInst with our new and shiny PHI inst */ + BasicBlock::iterator ii(FcmpInst); + ReplaceInstWithInst(FcmpInst->getParent()->getInstList(), ii, PN); } - /* now for floating point */ - for (auto &FcmpInst : fcomps) { + return true; - BasicBlock *bb = FcmpInst->getParent(); +} - auto op0 = FcmpInst->getOperand(0); - auto op1 = FcmpInst->getOperand(1); +/* This function splits ICMP instructions with xGE or xLE predicates into two + * ICMP instructions with predicate xGT or xLT and EQ */ +bool SplitComparesTransform::simplifyCompares(Module &M) { + + LLVMContext & C = M.getContext(); + std::vector icomps; + IntegerType * Int1Ty = IntegerType::getInt1Ty(C); + + /* iterate over all functions, bbs and instruction and add + * all integer comparisons with >= and <= predicates to the icomps vector */ + for (auto &F : M) { + + if (!isInInstrumentList(&F)) continue; + + for (auto &BB : F) { + + for (auto &IN : BB) { + + CmpInst *selectcmpInst = nullptr; + + if ((selectcmpInst = dyn_cast(&IN))) { + + if (selectcmpInst->getPredicate() == CmpInst::ICMP_UGE || + selectcmpInst->getPredicate() == CmpInst::ICMP_SGE || + selectcmpInst->getPredicate() == CmpInst::ICMP_ULE || + selectcmpInst->getPredicate() == CmpInst::ICMP_SLE) { + + auto op0 = selectcmpInst->getOperand(0); + auto op1 = selectcmpInst->getOperand(1); + + IntegerType *intTyOp0 = dyn_cast(op0->getType()); + IntegerType *intTyOp1 = dyn_cast(op1->getType()); + + /* this is probably not needed but we do it anyway */ + if (!intTyOp0 || !intTyOp1) { continue; } + + icomps.push_back(selectcmpInst); + + } + + } + + } + + } + + } + + if (!icomps.size()) { return false; } + + for (auto &IcmpInst : icomps) { + + BasicBlock *bb = IcmpInst->getParent(); + + auto op0 = IcmpInst->getOperand(0); + auto op1 = IcmpInst->getOperand(1); /* find out what the new predicate is going to be */ - auto pred = dyn_cast(FcmpInst)->getPredicate(); + auto pred = dyn_cast(IcmpInst)->getPredicate(); CmpInst::Predicate new_pred; switch (pred) { - case CmpInst::FCMP_UGE: - new_pred = CmpInst::FCMP_UGT; + case CmpInst::ICMP_UGE: + new_pred = CmpInst::ICMP_UGT; break; - case CmpInst::FCMP_OGE: - new_pred = CmpInst::FCMP_OGT; + case CmpInst::ICMP_SGE: + new_pred = CmpInst::ICMP_SGT; break; - case CmpInst::FCMP_ULE: - new_pred = CmpInst::FCMP_ULT; + case CmpInst::ICMP_ULE: + new_pred = CmpInst::ICMP_ULT; break; - case CmpInst::FCMP_OLE: - new_pred = CmpInst::FCMP_OLT; + case CmpInst::ICMP_SLE: + new_pred = CmpInst::ICMP_SLT; break; default: // keep the compiler happy continue; @@ -265,25 +300,25 @@ bool SplitComparesTransform::simplifyCompares(Module &M) { } /* split before the icmp instruction */ - BasicBlock *end_bb = bb->splitBasicBlock(BasicBlock::iterator(FcmpInst)); + BasicBlock *end_bb = bb->splitBasicBlock(BasicBlock::iterator(IcmpInst)); /* the old bb now contains a unconditional jump to the new one (end_bb) * we need to delete it later */ /* create the ICMP instruction with new_pred and add it to the old basic * block bb it is now at the position where the old IcmpInst was */ - Instruction *fcmp_np; - fcmp_np = CmpInst::Create(Instruction::FCmp, new_pred, op0, op1); + Instruction *icmp_np; + icmp_np = CmpInst::Create(Instruction::ICmp, new_pred, op0, op1); bb->getInstList().insert(BasicBlock::iterator(bb->getTerminator()), - fcmp_np); + icmp_np); - /* create a new basic block which holds the new EQ fcmp */ - Instruction *fcmp_eq; + /* create a new basic block which holds the new EQ icmp */ + Instruction *icmp_eq; /* insert middle_bb before end_bb */ BasicBlock *middle_bb = BasicBlock::Create(C, "injected", end_bb->getParent(), end_bb); - fcmp_eq = CmpInst::Create(Instruction::FCmp, CmpInst::FCMP_OEQ, op0, op1); - middle_bb->getInstList().push_back(fcmp_eq); + icmp_eq = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, op0, op1); + middle_bb->getInstList().push_back(icmp_eq); /* add an unconditional branch to the end of middle_bb with destination * end_bb */ BranchInst::Create(end_bb, middle_bb); @@ -291,20 +326,20 @@ bool SplitComparesTransform::simplifyCompares(Module &M) { /* replace the uncond branch with a conditional one, which depends on the * new_pred icmp. True goes to end, false to the middle (injected) bb */ auto term = bb->getTerminator(); - BranchInst::Create(end_bb, middle_bb, fcmp_np, bb); + BranchInst::Create(end_bb, middle_bb, icmp_np, bb); term->eraseFromParent(); /* replace the old IcmpInst (which is the first inst in end_bb) with a PHI * inst to wire up the loose ends */ PHINode *PN = PHINode::Create(Int1Ty, 2, ""); /* the first result depends on the outcome of icmp_eq */ - PN->addIncoming(fcmp_eq, middle_bb); + PN->addIncoming(icmp_eq, middle_bb); /* if the source was the original bb we know that the icmp_np yielded true * hence we can hardcode this value */ PN->addIncoming(ConstantInt::get(Int1Ty, 1), bb); /* replace the old IcmpInst with our new and shiny PHI inst */ - BasicBlock::iterator ii(FcmpInst); - ReplaceInstWithInst(FcmpInst->getParent()->getInstList(), ii, PN); + BasicBlock::iterator ii(IcmpInst); + ReplaceInstWithInst(IcmpInst->getParent()->getInstList(), ii, PN); } @@ -696,7 +731,9 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { } /* compare the exponents of the operands */ + Instruction *icmp_exponents_equal; Instruction *icmp_exponent_result; + BasicBlock *signequal2_bb = signequal_bb; switch (FcmpInst->getPredicate()) { case CmpInst::FCMP_OEQ: @@ -708,22 +745,52 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { icmp_exponent_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_NE, m_e0, m_e1); break; + /* compare the exponents of the operands (signs are equal) + * if exponents are equal -> proceed to mantissa comparison + * else get result depending on sign + */ case CmpInst::FCMP_OGT: case CmpInst::FCMP_UGT: Instruction *icmp_exponent; - icmp_exponent = - CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGE, m_e0, m_e1); + icmp_exponents_equal = + CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, m_e0, m_e1); signequal_bb->getInstList().insert( - BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponent); + BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponents_equal); + + // shortcut for unequal exponents + signequal2_bb = signequal_bb->splitBasicBlock(BasicBlock::iterator(signequal_bb->getTerminator())); + + /* if the exponents are equal goto middle_bb else to signequal2_bb */ + term = signequal_bb->getTerminator(); + BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, signequal_bb); + term->eraseFromParent(); + + icmp_exponent = + CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, m_e0, m_e1); + signequal2_bb->getInstList().insert( + BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent); icmp_exponent_result = BinaryOperator::Create(Instruction::Xor, icmp_exponent, t_s0); break; case CmpInst::FCMP_OLT: case CmpInst::FCMP_ULT: - icmp_exponent = - CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULE, m_e0, m_e1); + icmp_exponents_equal = + CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, m_e0, m_e1); signequal_bb->getInstList().insert( - BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponent); + BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponents_equal); + + // shortcut for unequal exponents + signequal2_bb = signequal_bb->splitBasicBlock(BasicBlock::iterator(signequal_bb->getTerminator())); + + /* if the exponents are equal goto middle_bb else to signequal2_bb */ + term = signequal_bb->getTerminator(); + BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, signequal_bb); + term->eraseFromParent(); + + icmp_exponent = + CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, m_e0, m_e1); + signequal2_bb->getInstList().insert( + BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent); icmp_exponent_result = BinaryOperator::Create(Instruction::Xor, icmp_exponent, t_s0); break; @@ -732,16 +799,35 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { } - signequal_bb->getInstList().insert( - BasicBlock::iterator(signequal_bb->getTerminator()), + signequal2_bb->getInstList().insert( + BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent_result); { - auto term = signequal_bb->getTerminator(); - /* if the exponents are satifying the compare do a fraction cmp in - * middle_bb */ - BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, signequal_bb); + term = signequal2_bb->getTerminator(); + + switch (FcmpInst->getPredicate()) { + case CmpInst::FCMP_OEQ: + /* if the exponents are satifying the compare do a fraction cmp in middle_bb */ + BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, signequal2_bb); + break; + case CmpInst::FCMP_ONE: + case CmpInst::FCMP_UNE: + /* if the exponents are satifying the compare do a fraction cmp in middle_bb */ + BranchInst::Create(end_bb, middle_bb, icmp_exponent_result, signequal2_bb); + break; + case CmpInst::FCMP_OGT: + case CmpInst::FCMP_UGT: + case CmpInst::FCMP_OLT: + case CmpInst::FCMP_ULT: + BranchInst::Create(end_bb, signequal2_bb); + break; + default: + continue; + + } + term->eraseFromParent(); } @@ -802,44 +888,67 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { /* compare the fractions of the operands */ Instruction *icmp_fraction_result; + Instruction *icmp_fraction_result2; + BasicBlock * middle2_bb = middle_bb; + PHINode *PN2 = nullptr; switch (FcmpInst->getPredicate()) { case CmpInst::FCMP_OEQ: icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, t_f0, t_f1); + middle2_bb->getInstList().insert( + BasicBlock::iterator(middle2_bb->getTerminator()), icmp_fraction_result); + break; case CmpInst::FCMP_UNE: case CmpInst::FCMP_ONE: icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_NE, t_f0, t_f1); + middle2_bb->getInstList().insert( + BasicBlock::iterator(middle2_bb->getTerminator()), icmp_fraction_result); + break; case CmpInst::FCMP_OGT: case CmpInst::FCMP_UGT: - Instruction *icmp_fraction; - icmp_fraction = - CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1); - middle_bb->getInstList().insert( - BasicBlock::iterator(middle_bb->getTerminator()), icmp_fraction); - icmp_fraction_result = - BinaryOperator::Create(Instruction::Xor, icmp_fraction, t_s0); - break; case CmpInst::FCMP_OLT: case CmpInst::FCMP_ULT: - icmp_fraction = - CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1); - middle_bb->getInstList().insert( - BasicBlock::iterator(middle_bb->getTerminator()), icmp_fraction); - icmp_fraction_result = - BinaryOperator::Create(Instruction::Xor, icmp_fraction, t_s0); + { + middle2_bb = middle_bb->splitBasicBlock(BasicBlock::iterator(middle_bb->getTerminator())); + + BasicBlock * negative_bb = + BasicBlock::Create(C, "negative_value", middle2_bb->getParent(), middle2_bb); + BasicBlock * positive_bb = + BasicBlock::Create(C, "positive_value", negative_bb->getParent(), negative_bb); + + if (FcmpInst->getPredicate() == CmpInst::FCMP_OGT + || + FcmpInst->getPredicate() == CmpInst::FCMP_UGT) { + negative_bb->getInstList().push_back(icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1)); + positive_bb->getInstList().push_back(icmp_fraction_result2 = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1)); + } else { + negative_bb->getInstList().push_back(icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1)); + positive_bb->getInstList().push_back(icmp_fraction_result2 = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1)); + } + BranchInst::Create(middle2_bb, negative_bb); + BranchInst::Create(middle2_bb, positive_bb); + + term = middle_bb->getTerminator(); + BranchInst::Create(negative_bb, positive_bb, t_s0, middle_bb); + term->eraseFromParent(); + + PN2 = PHINode::Create(Int1Ty, 2, ""); + PN2->addIncoming(icmp_fraction_result, negative_bb); + PN2->addIncoming(icmp_fraction_result2, positive_bb); + middle2_bb->getInstList().insert( + BasicBlock::iterator(middle2_bb->getTerminator()), PN2); + + } break; default: continue; } - middle_bb->getInstList().insert( - BasicBlock::iterator(middle_bb->getTerminator()), icmp_fraction_result); - PHINode *PN = PHINode::Create(Int1Ty, 3, ""); switch (FcmpInst->getPredicate()) { @@ -851,7 +960,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { /* unequal exponents cannot be equal values, too */ PN->addIncoming(ConstantInt::get(Int1Ty, 0), signequal_bb); /* fractions comparison */ - PN->addIncoming(icmp_fraction_result, middle_bb); + PN->addIncoming(icmp_fraction_result, middle2_bb); break; case CmpInst::FCMP_ONE: case CmpInst::FCMP_UNE: @@ -859,25 +968,25 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { /* goto true branch */ PN->addIncoming(ConstantInt::get(Int1Ty, 1), bb); /* unequal exponents are unequal values, too */ - PN->addIncoming(ConstantInt::get(Int1Ty, 1), signequal_bb); + PN->addIncoming(icmp_exponent_result, signequal_bb); /* fractions comparison */ - PN->addIncoming(icmp_fraction_result, middle_bb); + PN->addIncoming(icmp_fraction_result, middle2_bb); break; case CmpInst::FCMP_OGT: case CmpInst::FCMP_UGT: /* if op1 is negative goto true branch, else go on comparing */ PN->addIncoming(t_s1, bb); - PN->addIncoming(icmp_exponent_result, signequal_bb); - PN->addIncoming(icmp_fraction_result, middle_bb); + PN->addIncoming(icmp_exponent_result, signequal2_bb); + PN->addIncoming(PN2, middle2_bb); break; case CmpInst::FCMP_OLT: case CmpInst::FCMP_ULT: /* if op0 is negative goto true branch, else go on comparing */ PN->addIncoming(t_s0, bb); - PN->addIncoming(icmp_exponent_result, signequal_bb); - PN->addIncoming(icmp_fraction_result, middle_bb); + PN->addIncoming(icmp_exponent_result, signequal2_bb); + PN->addIncoming(PN2, middle2_bb); break; default: continue; @@ -1117,24 +1226,29 @@ bool SplitComparesTransform::runOnModule(Module &M) { enableFPSplit = getenv("AFL_LLVM_LAF_SPLIT_FLOATS") != NULL; - simplifyCompares(M); - - simplifyIntSignedness(M); - if ((isatty(2) && getenv("AFL_QUIET") == NULL) || getenv("AFL_DEBUG") != NULL) { errs() << "Split-compare-pass by laf.intel@gmail.com, extended by " "heiko@hexco.de\n"; - if (enableFPSplit) + if (enableFPSplit) { + + simplifyFPCompares(M); + errs() << "Split-floatingpoint-compare-pass: " << splitFPCompares(M) << " FP comparisons splitted\n"; + } + } else be_quiet = 1; + simplifyCompares(M); + + simplifyIntSignedness(M); + switch (bitw) { case 64: -- cgit 1.4.1 From b126a5d5a8d90dcc10ccb890b379c3dfdc5cf8d4 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Sun, 12 Jul 2020 13:44:25 +0200 Subject: LTO: autodict default, instrim disabled --- docs/Changelog.md | 5 ++ llvm_mode/afl-clang-fast.c | 20 ++--- llvm_mode/afl-llvm-lto-instrim.so.cc | 6 +- llvm_mode/afl-llvm-lto-instrumentation.so.cc | 6 +- llvm_mode/split-compares-pass.so.cc | 107 +++++++++++++++++---------- 5 files changed, 86 insertions(+), 58 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/docs/Changelog.md b/docs/Changelog.md index 18e4e97e..b0bda6dc 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -12,6 +12,11 @@ sending a mail to . ### Version ++2.66d (devel) - afl-fuzz: - eliminated CPU affinity race condition for -S/-M runs + - llvm_mode: + - fix for laf-intel float splitting + - LTO: autodictionary mode is a default + - LTO: instrim instrumentation disabled, only classic support used + as it is always better - small fixes to afl-plot, afl-whatsup and man page creation diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index fa15a278..8823b6a5 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -311,12 +311,15 @@ static void edit_params(u32 argc, char **argv, char **envp) { cc_params[cc_par_cnt++] = alloc_printf("-fuse-ld=%s", AFL_REAL_LD); cc_params[cc_par_cnt++] = "-Wl,--allow-multiple-definition"; - if (instrument_mode == INSTRUMENT_CFG) - cc_params[cc_par_cnt++] = - alloc_printf("-Wl,-mllvm=-load=%s/afl-llvm-lto-instrim.so", obj_path); - else - cc_params[cc_par_cnt++] = alloc_printf( - "-Wl,-mllvm=-load=%s/afl-llvm-lto-instrumentation.so", obj_path); + /* + The current LTO instrim mode is not good, so we disable it + if (instrument_mode == INSTRUMENT_CFG) + cc_params[cc_par_cnt++] = + alloc_printf("-Wl,-mllvm=-load=%s/afl-llvm-lto-instrim.so", + obj_path); else + */ + cc_params[cc_par_cnt++] = alloc_printf( + "-Wl,-mllvm=-load=%s/afl-llvm-lto-instrumentation.so", obj_path); cc_params[cc_par_cnt++] = lto_flag; } else { @@ -378,9 +381,8 @@ static void edit_params(u32 argc, char **argv, char **envp) { if (!strcmp(cur, "-Wl,-z,defs") || !strcmp(cur, "-Wl,--no-undefined")) continue; - - if (lto_mode && !strncmp(cur, "-fuse-ld=", 9)) - continue; + + if (lto_mode && !strncmp(cur, "-fuse-ld=", 9)) continue; cc_params[cc_par_cnt++] = cur; diff --git a/llvm_mode/afl-llvm-lto-instrim.so.cc b/llvm_mode/afl-llvm-lto-instrim.so.cc index ca2b5886..880963ac 100644 --- a/llvm_mode/afl-llvm-lto-instrim.so.cc +++ b/llvm_mode/afl-llvm-lto-instrim.so.cc @@ -73,7 +73,7 @@ struct InsTrimLTO : public ModulePass { protected: uint32_t function_minimum_size = 1; char * skip_nozero = NULL; - int afl_global_id = 1, debug = 0, autodictionary = 0; + int afl_global_id = 1, debug = 0, autodictionary = 1; uint32_t be_quiet = 0, inst_blocks = 0, inst_funcs = 0; uint64_t map_addr = 0x10000; @@ -127,10 +127,6 @@ struct InsTrimLTO : public ModulePass { /* Process environment variables */ - if (getenv("AFL_LLVM_AUTODICTIONARY") || - getenv("AFL_LLVM_LTO_AUTODICTIONARY")) - autodictionary = 1; - if (getenv("AFL_LLVM_MAP_DYNAMIC")) map_addr = 0; if ((ptr = getenv("AFL_LLVM_MAP_ADDR"))) { diff --git a/llvm_mode/afl-llvm-lto-instrumentation.so.cc b/llvm_mode/afl-llvm-lto-instrumentation.so.cc index af2db3ff..3c1d3565 100644 --- a/llvm_mode/afl-llvm-lto-instrumentation.so.cc +++ b/llvm_mode/afl-llvm-lto-instrumentation.so.cc @@ -86,7 +86,7 @@ class AFLLTOPass : public ModulePass { bool runOnModule(Module &M) override; protected: - int afl_global_id = 1, debug = 0, autodictionary = 0; + int afl_global_id = 1, debug = 0, autodictionary = 1; uint32_t function_minimum_size = 1; uint32_t be_quiet = 0, inst_blocks = 0, inst_funcs = 0, total_instr = 0; uint64_t map_addr = 0x10000; @@ -120,10 +120,6 @@ bool AFLLTOPass::runOnModule(Module &M) { be_quiet = 1; - if (getenv("AFL_LLVM_AUTODICTIONARY") || - getenv("AFL_LLVM_LTO_AUTODICTIONARY")) - autodictionary = 1; - if (getenv("AFL_LLVM_MAP_DYNAMIC")) map_addr = 0; if (getenv("AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK") || diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index 615253ce..0681fbd6 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -93,6 +93,7 @@ char SplitComparesTransform::ID = 0; /* This function splits FCMP instructions with xGE or xLE predicates into two * FCMP instructions with predicate xGT or xLT and EQ */ bool SplitComparesTransform::simplifyFPCompares(Module &M) { + LLVMContext & C = M.getContext(); std::vector fcomps; IntegerType * Int1Ty = IntegerType::getInt1Ty(C); @@ -733,7 +734,7 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { /* compare the exponents of the operands */ Instruction *icmp_exponents_equal; Instruction *icmp_exponent_result; - BasicBlock *signequal2_bb = signequal_bb; + BasicBlock * signequal2_bb = signequal_bb; switch (FcmpInst->getPredicate()) { case CmpInst::FCMP_OEQ: @@ -755,20 +756,24 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { icmp_exponents_equal = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, m_e0, m_e1); signequal_bb->getInstList().insert( - BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponents_equal); + BasicBlock::iterator(signequal_bb->getTerminator()), + icmp_exponents_equal); // shortcut for unequal exponents - signequal2_bb = signequal_bb->splitBasicBlock(BasicBlock::iterator(signequal_bb->getTerminator())); + signequal2_bb = signequal_bb->splitBasicBlock( + BasicBlock::iterator(signequal_bb->getTerminator())); /* if the exponents are equal goto middle_bb else to signequal2_bb */ - term = signequal_bb->getTerminator(); - BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, signequal_bb); - term->eraseFromParent(); + term = signequal_bb->getTerminator(); + BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, + signequal_bb); + term->eraseFromParent(); icmp_exponent = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, m_e0, m_e1); signequal2_bb->getInstList().insert( - BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent); + BasicBlock::iterator(signequal2_bb->getTerminator()), + icmp_exponent); icmp_exponent_result = BinaryOperator::Create(Instruction::Xor, icmp_exponent, t_s0); break; @@ -777,20 +782,24 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { icmp_exponents_equal = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, m_e0, m_e1); signequal_bb->getInstList().insert( - BasicBlock::iterator(signequal_bb->getTerminator()), icmp_exponents_equal); + BasicBlock::iterator(signequal_bb->getTerminator()), + icmp_exponents_equal); // shortcut for unequal exponents - signequal2_bb = signequal_bb->splitBasicBlock(BasicBlock::iterator(signequal_bb->getTerminator())); + signequal2_bb = signequal_bb->splitBasicBlock( + BasicBlock::iterator(signequal_bb->getTerminator())); /* if the exponents are equal goto middle_bb else to signequal2_bb */ - term = signequal_bb->getTerminator(); - BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, signequal_bb); - term->eraseFromParent(); + term = signequal_bb->getTerminator(); + BranchInst::Create(middle_bb, signequal2_bb, icmp_exponents_equal, + signequal_bb); + term->eraseFromParent(); icmp_exponent = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, m_e0, m_e1); signequal2_bb->getInstList().insert( - BasicBlock::iterator(signequal2_bb->getTerminator()), icmp_exponent); + BasicBlock::iterator(signequal2_bb->getTerminator()), + icmp_exponent); icmp_exponent_result = BinaryOperator::Create(Instruction::Xor, icmp_exponent, t_s0); break; @@ -808,21 +817,26 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { term = signequal2_bb->getTerminator(); switch (FcmpInst->getPredicate()) { + case CmpInst::FCMP_OEQ: - /* if the exponents are satifying the compare do a fraction cmp in middle_bb */ - BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, signequal2_bb); + /* if the exponents are satifying the compare do a fraction cmp in + * middle_bb */ + BranchInst::Create(middle_bb, end_bb, icmp_exponent_result, + signequal2_bb); break; case CmpInst::FCMP_ONE: case CmpInst::FCMP_UNE: - /* if the exponents are satifying the compare do a fraction cmp in middle_bb */ - BranchInst::Create(end_bb, middle_bb, icmp_exponent_result, signequal2_bb); + /* if the exponents are satifying the compare do a fraction cmp in + * middle_bb */ + BranchInst::Create(end_bb, middle_bb, icmp_exponent_result, + signequal2_bb); break; case CmpInst::FCMP_OGT: case CmpInst::FCMP_UGT: case CmpInst::FCMP_OLT: case CmpInst::FCMP_ULT: - BranchInst::Create(end_bb, signequal2_bb); - break; + BranchInst::Create(end_bb, signequal2_bb); + break; default: continue; @@ -890,14 +904,15 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { Instruction *icmp_fraction_result; Instruction *icmp_fraction_result2; BasicBlock * middle2_bb = middle_bb; - PHINode *PN2 = nullptr; + PHINode * PN2 = nullptr; switch (FcmpInst->getPredicate()) { case CmpInst::FCMP_OEQ: icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_EQ, t_f0, t_f1); middle2_bb->getInstList().insert( - BasicBlock::iterator(middle2_bb->getTerminator()), icmp_fraction_result); + BasicBlock::iterator(middle2_bb->getTerminator()), + icmp_fraction_result); break; case CmpInst::FCMP_UNE: @@ -905,36 +920,50 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_NE, t_f0, t_f1); middle2_bb->getInstList().insert( - BasicBlock::iterator(middle2_bb->getTerminator()), icmp_fraction_result); + BasicBlock::iterator(middle2_bb->getTerminator()), + icmp_fraction_result); break; case CmpInst::FCMP_OGT: case CmpInst::FCMP_UGT: case CmpInst::FCMP_OLT: - case CmpInst::FCMP_ULT: - { - middle2_bb = middle_bb->splitBasicBlock(BasicBlock::iterator(middle_bb->getTerminator())); + case CmpInst::FCMP_ULT: { + + middle2_bb = middle_bb->splitBasicBlock( + BasicBlock::iterator(middle_bb->getTerminator())); - BasicBlock * negative_bb = - BasicBlock::Create(C, "negative_value", middle2_bb->getParent(), middle2_bb); - BasicBlock * positive_bb = - BasicBlock::Create(C, "positive_value", negative_bb->getParent(), negative_bb); + BasicBlock *negative_bb = BasicBlock::Create( + C, "negative_value", middle2_bb->getParent(), middle2_bb); + BasicBlock *positive_bb = BasicBlock::Create( + C, "positive_value", negative_bb->getParent(), negative_bb); - if (FcmpInst->getPredicate() == CmpInst::FCMP_OGT - || + if (FcmpInst->getPredicate() == CmpInst::FCMP_OGT || FcmpInst->getPredicate() == CmpInst::FCMP_UGT) { - negative_bb->getInstList().push_back(icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1)); - positive_bb->getInstList().push_back(icmp_fraction_result2 = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1)); + + negative_bb->getInstList().push_back( + icmp_fraction_result = CmpInst::Create( + Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1)); + positive_bb->getInstList().push_back( + icmp_fraction_result2 = CmpInst::Create( + Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1)); + } else { - negative_bb->getInstList().push_back(icmp_fraction_result = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1)); - positive_bb->getInstList().push_back(icmp_fraction_result2 = CmpInst::Create(Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1)); + + negative_bb->getInstList().push_back( + icmp_fraction_result = CmpInst::Create( + Instruction::ICmp, CmpInst::ICMP_UGT, t_f0, t_f1)); + positive_bb->getInstList().push_back( + icmp_fraction_result2 = CmpInst::Create( + Instruction::ICmp, CmpInst::ICMP_ULT, t_f0, t_f1)); + } + BranchInst::Create(middle2_bb, negative_bb); BranchInst::Create(middle2_bb, positive_bb); - term = middle_bb->getTerminator(); + term = middle_bb->getTerminator(); BranchInst::Create(negative_bb, positive_bb, t_s0, middle_bb); - term->eraseFromParent(); + term->eraseFromParent(); PN2 = PHINode::Create(Int1Ty, 2, ""); PN2->addIncoming(icmp_fraction_result, negative_bb); @@ -942,8 +971,8 @@ size_t SplitComparesTransform::splitFPCompares(Module &M) { middle2_bb->getInstList().insert( BasicBlock::iterator(middle2_bb->getTerminator()), PN2); - } - break; + } break; + default: continue; -- cgit 1.4.1 From 4d929f80fbf22eeb09612a575bcd1a4141b9a8a9 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Mon, 13 Jul 2020 17:57:02 +0200 Subject: fix for laf intel float split not enabled if not not on a tty --- .custom-format.py | 3 ++- docs/Changelog.md | 3 ++- examples/afl_untracer/README.md | 1 + examples/afl_untracer/afl-untracer.c | 14 ++++++++------ llvm_mode/split-compares-pass.so.cc | 4 ++-- 5 files changed, 15 insertions(+), 10 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/.custom-format.py b/.custom-format.py index 6f1b0bfa..60f6d9c3 100755 --- a/.custom-format.py +++ b/.custom-format.py @@ -32,7 +32,8 @@ if CLANG_FORMAT_BIN is None: p = subprocess.Popen(["clang-format-10", "--version"], stdout=subprocess.PIPE) o, _ = p.communicate() o = str(o, "utf-8") - o = o[len("clang-format version "):].strip() + o = re.sub(r".*ersion ", "", o) + #o = o[len("clang-format version "):].strip() o = o[:o.find(".")] o = int(o) except: diff --git a/docs/Changelog.md b/docs/Changelog.md index b0bda6dc..8fb85ce6 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -13,7 +13,8 @@ sending a mail to . - afl-fuzz: - eliminated CPU affinity race condition for -S/-M runs - llvm_mode: - - fix for laf-intel float splitting + - fixes for laf-intel float splitting (thanks to mark-griffin for + reporting) - LTO: autodictionary mode is a default - LTO: instrim instrumentation disabled, only classic support used as it is always better diff --git a/examples/afl_untracer/README.md b/examples/afl_untracer/README.md index e59792cb..9cb13527 100644 --- a/examples/afl_untracer/README.md +++ b/examples/afl_untracer/README.md @@ -32,6 +32,7 @@ To easily run the scripts without needing to run the GUI with Ghidra: /opt/ghidra/support/analyzeHeadless /tmp/ tmp$$ -import libtestinstr.so -postscript ./ghidra_get_patchpoints.java rm -rf /tmp/tmp$$ ``` +The file is created at `~/Desktop/patches.txt` ### Fuzzing diff --git a/examples/afl_untracer/afl-untracer.c b/examples/afl_untracer/afl-untracer.c index dc2cd378..68658bfd 100644 --- a/examples/afl_untracer/afl-untracer.c +++ b/examples/afl_untracer/afl-untracer.c @@ -74,6 +74,9 @@ // STEP 1: +/* here you need to specify the parameter for the target function */ +static void *(*o_function)(u8 *buf, int len); + /* use stdin (1) or a file on the commandline (0) */ static u32 use_stdin = 1; @@ -668,13 +671,10 @@ static void sigtrap_handler(int signum, siginfo_t *si, void *context) { } -/* here you need to specify the parameter for the target function */ -static void *(*o_function)(u8 *buf, int len); - /* the MAIN function */ int main(int argc, char *argv[]) { - (void) personality(ADDR_NO_RANDOMIZE); // disable ASLR + (void)personality(ADDR_NO_RANDOMIZE); // disable ASLR pid = getpid(); if (getenv("AFL_DEBUG")) debug = 1; @@ -745,9 +745,10 @@ int main(int argc, char *argv[]) { } #ifndef _DEBUG -inline +inline #endif -static void fuzz() { + static void + fuzz() { // STEP 3: call the function to fuzz, also the functions you might // need to call to prepare the function and - important! - @@ -762,3 +763,4 @@ static void fuzz() { // END STEP 3 } + diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index 0681fbd6..55128ca2 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -1263,8 +1263,6 @@ bool SplitComparesTransform::runOnModule(Module &M) { if (enableFPSplit) { - simplifyFPCompares(M); - errs() << "Split-floatingpoint-compare-pass: " << splitFPCompares(M) << " FP comparisons splitted\n"; @@ -1274,6 +1272,8 @@ bool SplitComparesTransform::runOnModule(Module &M) { be_quiet = 1; + if (enableFPSplit) simplifyFPCompares(M); + simplifyCompares(M); simplifyIntSignedness(M); -- cgit 1.4.1 From 486e5365d9e5cb56ffd5b5ade2f81a728de4a175 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Thu, 30 Jul 2020 18:01:18 +0200 Subject: fix float splitting if not on a tty --- llvm_mode/split-compares-pass.so.cc | 38 ++++++++++++++++++++++++------------- test/test-floatingpoint.c | 2 +- test/test.sh | 2 +- 3 files changed, 27 insertions(+), 15 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index 55128ca2..f65adde8 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -1247,7 +1247,8 @@ size_t SplitComparesTransform::splitIntCompares(Module &M, unsigned bitw) { bool SplitComparesTransform::runOnModule(Module &M) { - int bitw = 64; + int bitw = 64; + size_t count; char *bitw_env = getenv("AFL_LLVM_LAF_SPLIT_COMPARES_BITW"); if (!bitw_env) bitw_env = getenv("LAF_SPLIT_COMPARES_BITW"); @@ -1261,18 +1262,26 @@ bool SplitComparesTransform::runOnModule(Module &M) { errs() << "Split-compare-pass by laf.intel@gmail.com, extended by " "heiko@hexco.de\n"; - if (enableFPSplit) { + } else { + + be_quiet = 1; + + } + + if (enableFPSplit) { - errs() << "Split-floatingpoint-compare-pass: " << splitFPCompares(M) + count = splitFPCompares(M); + + if (!be_quiet) { + + errs() << "Split-floatingpoint-compare-pass: " << count << " FP comparisons splitted\n"; } - } else + simplifyFPCompares(M); - be_quiet = 1; - - if (enableFPSplit) simplifyFPCompares(M); + } simplifyCompares(M); @@ -1281,9 +1290,10 @@ bool SplitComparesTransform::runOnModule(Module &M) { switch (bitw) { case 64: + count = splitIntCompares(M, bitw); if (!be_quiet) - errs() << "Split-integer-compare-pass " << bitw - << "bit: " << splitIntCompares(M, bitw) << " splitted\n"; + errs() << "Split-integer-compare-pass " << bitw << "bit: " << count + << " splitted\n"; bitw >>= 1; #if LLVM_VERSION_MAJOR > 3 || \ @@ -1291,9 +1301,10 @@ bool SplitComparesTransform::runOnModule(Module &M) { [[clang::fallthrough]]; /*FALLTHRU*/ /* FALLTHROUGH */ #endif case 32: + count = splitIntCompares(M, bitw); if (!be_quiet) - errs() << "Split-integer-compare-pass " << bitw - << "bit: " << splitIntCompares(M, bitw) << " splitted\n"; + errs() << "Split-integer-compare-pass " << bitw << "bit: " << count + << " splitted\n"; bitw >>= 1; #if LLVM_VERSION_MAJOR > 3 || \ @@ -1301,9 +1312,10 @@ bool SplitComparesTransform::runOnModule(Module &M) { [[clang::fallthrough]]; /*FALLTHRU*/ /* FALLTHROUGH */ #endif case 16: + count = splitIntCompares(M, bitw); if (!be_quiet) - errs() << "Split-integer-compare-pass " << bitw - << "bit: " << splitIntCompares(M, bitw) << " splitted\n"; + errs() << "Split-integer-compare-pass " << bitw << "bit: " << count + << " splitted\n"; bitw >>= 1; break; diff --git a/test/test-floatingpoint.c b/test/test-floatingpoint.c index 3a699595..66d84411 100644 --- a/test/test-floatingpoint.c +++ b/test/test-floatingpoint.c @@ -15,7 +15,7 @@ int main(void) { while (__AFL_LOOP(INT_MAX)) { int len = __AFL_FUZZ_TESTCASE_LEN; - if (len != sizeof(float)) return 1; + if (len < sizeof(float)) return 1; /* 15 + 1/2 = 15.5 */ /* 15 + 1/2 + 1/8 = 15.625 */ diff --git a/test/test.sh b/test/test.sh index 437a5113..dea9134f 100755 --- a/test/test.sh +++ b/test/test.sh @@ -389,7 +389,7 @@ test -e ../afl-clang-fast -a -e ../split-switches-pass.so && { CODE=1 } rm -f test-compcov.compcov test.out - AFL_LLVM_INSTRUMENT=AFL AFL_LLVM_LAF_SPLIT_FLOATS=1 ../afl-clang-fast -o test-floatingpoint test-floatingpoint.c >errors + AFL_LLVM_INSTRUMENT=AFL AFL_LLVM_LAF_SPLIT_FLOATS=1 ../afl-clang-fast -o test-floatingpoint test-floatingpoint.c >errors 2>&1 test -e test-floatingpoint && { mkdir -p in echo ZZZZ > in/in -- cgit 1.4.1 From 1cddd51662865ee407dcc93d6f1ef8ce443585a1 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Sun, 2 Aug 2020 22:28:16 +0200 Subject: refactoring debug/be_quiet, fatal on dont_optimize and instrument_file --- llvm_mode/LLVMInsTrim.so.cc | 2 -- llvm_mode/afl-clang-fast.c | 4 ++++ llvm_mode/afl-llvm-common.cc | 20 ++++++++++++++++---- llvm_mode/afl-llvm-common.h | 9 +++++++++ llvm_mode/afl-llvm-lto-instrim.so.cc | 4 ++-- llvm_mode/afl-llvm-lto-instrumentation.so.cc | 7 ++++--- llvm_mode/afl-llvm-lto-instrumentlist.so.cc | 8 ++++---- llvm_mode/afl-llvm-pass.so.cc | 2 -- llvm_mode/cmplog-instructions-pass.cc | 3 --- llvm_mode/cmplog-routines-pass.cc | 3 --- llvm_mode/compare-transform-pass.so.cc | 3 --- llvm_mode/split-compares-pass.so.cc | 3 --- llvm_mode/split-switches-pass.so.cc | 3 --- 13 files changed, 39 insertions(+), 32 deletions(-) (limited to 'llvm_mode/split-compares-pass.so.cc') diff --git a/llvm_mode/LLVMInsTrim.so.cc b/llvm_mode/LLVMInsTrim.so.cc index 75548266..4d8c4719 100644 --- a/llvm_mode/LLVMInsTrim.so.cc +++ b/llvm_mode/LLVMInsTrim.so.cc @@ -56,7 +56,6 @@ struct InsTrim : public ModulePass { protected: uint32_t function_minimum_size = 1; - uint32_t debug = 0; char * skip_nozero = NULL; private: @@ -102,7 +101,6 @@ struct InsTrim : public ModulePass { bool runOnModule(Module &M) override { - char be_quiet = 0; setvbuf(stdout, NULL, _IONBF, 0); if ((isatty(2) && !getenv("AFL_QUIET")) || getenv("AFL_DEBUG") != NULL) { diff --git a/llvm_mode/afl-clang-fast.c b/llvm_mode/afl-clang-fast.c index 57330395..738433ac 100644 --- a/llvm_mode/afl-clang-fast.c +++ b/llvm_mode/afl-clang-fast.c @@ -639,6 +639,10 @@ int main(int argc, char **argv, char **envp) { } + if ((getenv("AFL_LLVM_INSTRUMENT_FILE") || getenv("AFL_LLVM_WHITELIST")) && + getenv("AFL_DONT_OPTIMIZE")) + FATAL("AFL_LLVM_INSTRUMENT_FILE and AFL_DONT_OPTIMIZE cannot be combined"); + if (getenv("AFL_LLVM_INSTRIM") || getenv("INSTRIM") || getenv("INSTRIM_LIB")) { diff --git a/llvm_mode/afl-llvm-common.cc b/llvm_mode/afl-llvm-common.cc index 47b49358..9a884ded 100644 --- a/llvm_mode/afl-llvm-common.cc +++ b/llvm_mode/afl-llvm-common.cc @@ -14,6 +14,8 @@ #include #include + +#define IS_EXTERN extern #include "afl-llvm-common.h" using namespace llvm; @@ -88,6 +90,7 @@ void initInstrumentList() { char *instrumentListFilename = getenv("AFL_LLVM_INSTRUMENT_FILE"); if (!instrumentListFilename) instrumentListFilename = getenv("AFL_LLVM_WHITELIST"); + if (instrumentListFilename) { std::string line; @@ -105,6 +108,10 @@ void initInstrumentList() { } + if (debug) + SAYF(cMGN "[D] " cRST "loaded instrument list with %zu entries\n", + myInstrumentList.size()); + } bool isInInstrumentList(llvm::Function *F) { @@ -145,8 +152,6 @@ bool isInInstrumentList(llvm::Function *F) { } - (void)instLine; - /* Continue only if we know where we actually are */ if (!instFilename.str().empty()) { @@ -164,6 +169,10 @@ bool isInInstrumentList(llvm::Function *F) { if (fnmatch(("*" + *it).c_str(), instFilename.str().c_str(), 0) == 0) { + if (debug) + SAYF(cMGN "[D] " cRST + "Function %s is in the list (%s), instrumenting ... \n", + F->getName().str().c_str(), instFilename.str().c_str()); return true; } @@ -219,12 +228,15 @@ bool isInInstrumentList(llvm::Function *F) { // we could not find out the location. in this case we say it is not // in the the instrument file list - + if (!be_quiet) + WARNF( + "No debug information found for function %s, will not be " + "instrumented (recompile with -g -O[1-3]).", + F->getName().str().c_str()); return false; } - // return false; } diff --git a/llvm_mode/afl-llvm-common.h b/llvm_mode/afl-llvm-common.h index 38e0c830..5b96be43 100644 --- a/llvm_mode/afl-llvm-common.h +++ b/llvm_mode/afl-llvm-common.h @@ -38,5 +38,14 @@ void initInstrumentList(); bool isInInstrumentList(llvm::Function *F); unsigned long long int calculateCollisions(uint32_t edges); +#ifndef IS_EXTERN + #define IS_EXTERN +#endif + +IS_EXTERN int debug; +IS_EXTERN int be_quiet; + +#undef IS_EXTERN + #endif diff --git a/llvm_mode/afl-llvm-lto-instrim.so.cc b/llvm_mode/afl-llvm-lto-instrim.so.cc index dba98777..98e9ff9a 100644 --- a/llvm_mode/afl-llvm-lto-instrim.so.cc +++ b/llvm_mode/afl-llvm-lto-instrim.so.cc @@ -73,8 +73,8 @@ struct InsTrimLTO : public ModulePass { protected: uint32_t function_minimum_size = 1; char * skip_nozero = NULL; - int afl_global_id = 1, debug = 0, autodictionary = 1; - uint32_t be_quiet = 0, inst_blocks = 0, inst_funcs = 0; + int afl_global_id = 1, autodictionary = 1; + uint32_t inst_blocks = 0, inst_funcs = 0; uint64_t map_addr = 0x10000; public: diff --git a/llvm_mode/afl-llvm-lto-instrumentation.so.cc b/llvm_mode/afl-llvm-lto-instrumentation.so.cc index d81b35f4..5686eb56 100644 --- a/llvm_mode/afl-llvm-lto-instrumentation.so.cc +++ b/llvm_mode/afl-llvm-lto-instrumentation.so.cc @@ -86,9 +86,9 @@ class AFLLTOPass : public ModulePass { bool runOnModule(Module &M) override; protected: - int afl_global_id = 1, debug = 0, autodictionary = 1; + int afl_global_id = 1, autodictionary = 1; uint32_t function_minimum_size = 1; - uint32_t be_quiet = 0, inst_blocks = 0, inst_funcs = 0, total_instr = 0; + uint32_t inst_blocks = 0, inst_funcs = 0, total_instr = 0; uint64_t map_addr = 0x10000; char * skip_nozero = NULL; @@ -207,7 +207,8 @@ bool AFLLTOPass::runOnModule(Module &M) { if (debug) fprintf(stderr, "DEBUG: Function %s is not in a source file that was specified " - "in the instrument file list\n", F.getName().str().c_str()); + "in the instrument file list\n", + F.getName().str().c_str()); continue; } diff --git a/llvm_mode/afl-llvm-lto-instrumentlist.so.cc b/llvm_mode/afl-llvm-lto-instrumentlist.so.cc index dc1a9a61..ab7c0c58 100644 --- a/llvm_mode/afl-llvm-lto-instrumentlist.so.cc +++ b/llvm_mode/afl-llvm-lto-instrumentlist.so.cc @@ -104,7 +104,6 @@ class AFLcheckIfInstrument : public ModulePass { protected: std::list myInstrumentList; - int debug = 0; }; @@ -116,7 +115,6 @@ bool AFLcheckIfInstrument::runOnModule(Module &M) { /* Show a banner */ - char be_quiet = 0; setvbuf(stdout, NULL, _IONBF, 0); if ((isatty(2) && !getenv("AFL_QUIET")) || getenv("AFL_DEBUG") != NULL) { @@ -209,8 +207,10 @@ bool AFLcheckIfInstrument::runOnModule(Module &M) { } else { if (!be_quiet) - WARNF("No debug information found for function %s, recompile with -g", - F.getName().str().c_str()); + WARNF( + "No debug information found for function %s, recompile with -g " + "-O[1-3]", + F.getName().str().c_str()); continue; } diff --git a/llvm_mode/afl-llvm-pass.so.cc b/llvm_mode/afl-llvm-pass.so.cc index 90cf3eb4..618abe48 100644 --- a/llvm_mode/afl-llvm-pass.so.cc +++ b/llvm_mode/afl-llvm-pass.so.cc @@ -82,7 +82,6 @@ class AFLCoverage : public ModulePass { protected: uint32_t ngram_size = 0; - uint32_t debug = 0; uint32_t map_size = MAP_SIZE; uint32_t function_minimum_size = 1; char * ctx_str = NULL, *skip_nozero = NULL; @@ -139,7 +138,6 @@ bool AFLCoverage::runOnModule(Module &M) { /* Show a banner */ - char be_quiet = 0; setvbuf(stdout, NULL, _IONBF, 0); if (getenv("AFL_DEBUG")) debug = 1; diff --git a/llvm_mode/cmplog-instructions-pass.cc b/llvm_mode/cmplog-instructions-pass.cc index f929361a..7c48d906 100644 --- a/llvm_mode/cmplog-instructions-pass.cc +++ b/llvm_mode/cmplog-instructions-pass.cc @@ -76,9 +76,6 @@ class CmpLogInstructions : public ModulePass { } - protected: - int be_quiet = 0; - private: bool hookInstrs(Module &M); diff --git a/llvm_mode/cmplog-routines-pass.cc b/llvm_mode/cmplog-routines-pass.cc index 318193a4..a0f8f64f 100644 --- a/llvm_mode/cmplog-routines-pass.cc +++ b/llvm_mode/cmplog-routines-pass.cc @@ -76,9 +76,6 @@ class CmpLogRoutines : public ModulePass { } - protected: - int be_quiet = 0; - private: bool hookRtns(Module &M); diff --git a/llvm_mode/compare-transform-pass.so.cc b/llvm_mode/compare-transform-pass.so.cc index d389651c..bed3597a 100644 --- a/llvm_mode/compare-transform-pass.so.cc +++ b/llvm_mode/compare-transform-pass.so.cc @@ -75,9 +75,6 @@ class CompareTransform : public ModulePass { } - protected: - int be_quiet = 0; - private: bool transformCmps(Module &M, const bool processStrcmp, const bool processMemcmp, const bool processStrncmp, diff --git a/llvm_mode/split-compares-pass.so.cc b/llvm_mode/split-compares-pass.so.cc index f65adde8..3630bd8c 100644 --- a/llvm_mode/split-compares-pass.so.cc +++ b/llvm_mode/split-compares-pass.so.cc @@ -71,9 +71,6 @@ class SplitComparesTransform : public ModulePass { } - protected: - int be_quiet = 0; - private: int enableFPSplit; diff --git a/llvm_mode/split-switches-pass.so.cc b/llvm_mode/split-switches-pass.so.cc index 44075c94..f025df77 100644 --- a/llvm_mode/split-switches-pass.so.cc +++ b/llvm_mode/split-switches-pass.so.cc @@ -91,9 +91,6 @@ class SplitSwitchesTransform : public ModulePass { typedef std::vector CaseVector; - protected: - int be_quiet = 0; - private: bool splitSwitches(Module &M); bool transformCmps(Module &M, const bool processStrcmp, -- cgit 1.4.1