ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-13 18:48:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
vanhauser-thc
2024-01-26 15:27:20 +01:00
parent b0a912a838
commit 44a7696169
1 changed files with 30 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
instrumentation/SanitizerCoverageLTO.so.cc
View File

@ -1453,6 +1453,24 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
} }
// we have to set __afl_ctx 0 for all indirect calls
for (auto &IN : BB) {
if (auto *Call = dyn_cast<CallInst>(&IN)) {
if (Call->isIndirectCall()) {
IRBuilder<> Builder(IN.getContext());
Builder.SetInsertPoint(IN.getParent(), IN.getIterator());
StoreInst *StoreCtx = Builder.CreateStore(Zero, AFLContext);
StoreCtx->setMetadata("nosanitize", N);
}
}
}
} }
inst_in_this_func = inst - inst_save; inst_in_this_func = inst - inst_save;
@ -1569,18 +1587,18 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
Value *x, *y; Value *x, *y;
Value *val1 = ConstantInt::get(Int32Ty, ++afl_global_id); Value *val1 = ConstantInt::get(Int32Ty, ++afl_global_id);
Value *val11 = IRB.CreateAdd(val1, CTX_add); Value *val11 = IRB.CreateAdd(val1, CTX_load);
Value *val2 = ConstantInt::get(Int32Ty, ++afl_global_id); Value *val2 = ConstantInt::get(Int32Ty, ++afl_global_id);
Value *val22 = IRB.CreateAdd(val2, CTX_add); Value *val22 = IRB.CreateAdd(val2, CTX_load);
x = IRB.CreateInsertElement(GuardPtr1, val11, (uint64_t)0); x = IRB.CreateInsertElement(GuardPtr1, val11, (uint64_t)0);
y = IRB.CreateInsertElement(GuardPtr2, val22, (uint64_t)0); y = IRB.CreateInsertElement(GuardPtr2, val22, (uint64_t)0);
for (uint64_t i = 1; i < elements; i++) { for (uint64_t i = 1; i < elements; i++) {
val1 = ConstantInt::get(Int32Ty, ++afl_global_id); val1 = ConstantInt::get(Int32Ty, ++afl_global_id);
val11 = IRB.CreateAdd(val1, CTX_add); val11 = IRB.CreateAdd(val1, CTX_load);
val2 = ConstantInt::get(Int32Ty, ++afl_global_id); val2 = ConstantInt::get(Int32Ty, ++afl_global_id);
val11 = IRB.CreateAdd(val1, CTX_add); val11 = IRB.CreateAdd(val1, CTX_load);
x = IRB.CreateInsertElement(GuardPtr1, val11, i); x = IRB.CreateInsertElement(GuardPtr1, val11, i);
y = IRB.CreateInsertElement(GuardPtr2, val22, i); y = IRB.CreateInsertElement(GuardPtr2, val22, i);
@ -1628,12 +1646,13 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
if (use_threadsafe_counters) { if (use_threadsafe_counters) {
IRB.CreateAtomicRMW(llvm::AtomicRMWInst::BinOp::Add, MapPtrIdx, auto nosan = IRB.CreateAtomicRMW(llvm::AtomicRMWInst::BinOp::Add,
One, MapPtrIdx, One,
#if LLVM_VERSION_MAJOR >= 13 #if LLVM_VERSION_MAJOR >= 13
llvm::MaybeAlign(1), llvm::MaybeAlign(1),
#endif #endif
llvm::AtomicOrdering::Monotonic); llvm::AtomicOrdering::Monotonic);
ModuleSanitizerCoverageLTO::SetNoSanitizeMetadata(nosan);
} else { } else {
@ -1684,14 +1703,13 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
if (inst_in_this_func && call_counter > 1) { if (inst_in_this_func && call_counter > 1) {
extra_ctx_inst += inst_in_this_func * (call_counter - 1); extra_ctx_inst += inst_in_this_func * (call_counter - 1);
afl_global_id += inst_in_this_func * (call_counter - 1); afl_global_id += extra_ctx_inst;
} }
/* /*
fprintf(stderr, "FUNCTION: %s\n", F.getName().str().c_str()); fprintf(stderr, "FUNCTION: %s [%u]\n", F.getName().str().c_str(),
int n = 0; extra_ctx_inst); int n = 0; for (auto &BB : F) {
for (auto &BB : F) {
fprintf(stderr, "BB %d\n", n++); fprintf(stderr, "BB %d\n", n++);
for (auto &IN : BB) { for (auto &IN : BB) {