ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-13 02:28:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
vanhauser-thc
2024-01-27 08:28:47 +01:00
parent d668010bed
commit ceb7e44e6f
1 changed files with 30 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
instrumentation/SanitizerCoverageLTO.so.cc
View File

@ -1299,7 +1299,7 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
bool IsLeafFunc = true; bool IsLeafFunc = true;
uint32_t skip_next = 0; uint32_t skip_next = 0;
uint32_t call_counter = 0; uint32_t call_counter = 0;
uint32_t inst_save = inst; uint32_t inst_save = inst, save_global = afl_global_id;
uint32_t inst_in_this_func = 0; uint32_t inst_in_this_func = 0;
LLVMContext &Context = F.getContext(); LLVMContext &Context = F.getContext();
@ -1332,15 +1332,13 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
SelectInst *selectInst = nullptr; SelectInst *selectInst = nullptr;
if (!skip_next && (selectInst = dyn_cast<SelectInst>(&IN)) && 1 == 0) { if ((selectInst = dyn_cast<SelectInst>(&IN))) {
uint32_t vector_cnt = 0; Value *condition = selectInst->getCondition();
Value *condition = selectInst->getCondition(); auto t = condition->getType();
auto t = condition->getType();
if (t->getTypeID() == llvm::Type::IntegerTyID) { if (t->getTypeID() == llvm::Type::IntegerTyID) {
skip_next = 1;
inst += 2; inst += 2;
} else } else
@ -1352,8 +1350,7 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
if (tt) { if (tt) {
uint32_t elements = tt->getElementCount().getFixedValue(); uint32_t elements = tt->getElementCount().getFixedValue();
vector_cnt = elements; inst += elements * 2;
inst += vector_cnt * 2;
} }
@ -1366,12 +1363,6 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
} }
skip_next = 1;
} else {
skip_next = 0;
} }
} }
@ -1478,19 +1469,22 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
// Now the real instrumentation // Now the real instrumentation
IsLeafFunc = true;
skip_next = 0;
if (CTX_add == NULL) { if (CTX_add == NULL) {
auto BB = &F.getEntryBlock(); auto BB = &F.getEntryBlock();
if (!BB) {
fprintf(stderr, "NULL %s %p\n", F.getName().str().c_str(), BB); fprintf(stderr, "NULL %s %p\n", F.getName().str().c_str(), BB);
if (!BB) { exit(-1); } exit(-1);
BasicBlock::iterator IP = BB->getFirstInsertionPt();
IRBuilder<> IRB(&(*IP)); }
CTX_add = IRB.CreateAlloca(Type::getInt32Ty(Context), nullptr, "CTX_add");
auto nosan = IRB.CreateStore(Zero, CTX_add); BasicBlock::iterator IP = BB->getFirstInsertionPt();
nosan->setMetadata("nosanitize", N); IRBuilder<> IRB(&(*IP));
CTX_add = IRB.CreateAlloca(Type::getInt32Ty(Context), nullptr, "CTX_add");
auto nosan = IRB.CreateStore(Zero, CTX_add);
nosan->setMetadata("nosanitize", N);
} }
for (auto &BB : F) { for (auto &BB : F) {
@ -1590,6 +1584,7 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
uint32_t elements = tt->getElementCount().getFixedValue(); uint32_t elements = tt->getElementCount().getFixedValue();
vector_cnt = elements; vector_cnt = elements;
inst += vector_cnt * 2; inst += vector_cnt * 2;
if (elements) { if (elements) {
FixedVectorType *GuardPtr1 = FixedVectorType *GuardPtr1 =
@ -1714,6 +1709,15 @@ void ModuleSanitizerCoverageLTO::instrumentFunction(
if (inst_in_this_func && call_counter > 1) { if (inst_in_this_func && call_counter > 1) {
if (inst_in_this_func != afl_global_id - save_global) {
fprintf(
stderr,
"BUG! inst_in_this_func %u != afl_global_id %u - save_global %u\n",
inst_in_this_func, afl_global_id, save_global);
}
extra_ctx_inst += inst_in_this_func * (call_counter - 1); extra_ctx_inst += inst_in_this_func * (call_counter - 1);
afl_global_id += extra_ctx_inst; afl_global_id += extra_ctx_inst;
@ -1883,7 +1887,7 @@ bool ModuleSanitizerCoverageLTO::Fake_InjectCoverage(
} }
inst++; // InjectCoverageAtBlock() ++inst; // InjectCoverageAtBlock()
} }
@ -2017,7 +2021,7 @@ void ModuleSanitizerCoverageLTO::InjectCoverageAtBlock(Function &F,
// done :) // done :)
inst++; ++inst;
// AFL++ END // AFL++ END
/* /*