New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aflplusplus: 2.59c -> 2.64c #85950
aflplusplus: 2.59c -> 2.64c #85950
Conversation
Neat, a toy to play with over the weekend... |
Oh we should probably change the |
I've got qemu building in 229f58b Now I'm getting a failure building |
Oh but it seems (see d4e6258) |
Ok and I've got the tests working again in 5fee991 I also added I also haven't used it yet. |
Some discussion points:
|
|
Hmm, I can't get |
Seems to be possible to use an older llvm/clang version, but I don't think that's too useful for most people. Let's just leave them out of the configurable options. |
Maybe you should create an issue upstream, if you think the issue lies there. |
ceaf01f
to
cacce4e
Compare
I've managed to get
This also fixes build on i686 for me. |
cacce4e
to
7a3392b
Compare
I've applied the patch you sent in. It seems to be working ok, but I'm on a 64-bit system. Should the unsigaction32.so be built on a 64-bit system? It doesn't build for me. Only unsigaction64.so seems to build for me. |
I find that However, I can't get even a straightforward
This is when I afl-build
to its attrs. |
I'm pretty sure were still going to need to bind the afl tools to their underlying compilers, if you run |
The way I do this is by making a shell like so:
Note the pkgs.clang_9. I've looked at the documentation about this and there are ways to pass these dependencies through, but I wasn't sure if we should do so. It looks like
s.a.: https://nixos.org/nixpkgs/manual/#ssec-stdenv-dependencies Maybe just putting clang_9 in the Edit: yeah, I think it should be in buildInputs. Will try shortly. |
Even if you are able to pass these extras through, these will be runtime-resolved dependencies (if you coincidentally end up with the another We also shouldn't unnecessarily spew our dependencies into the package user's runtime env, because it makes using more than one package which has taken this attitude at the same time almost impossible. |
Ah yes, thanks for the insights! You're completely right, I didn't think through that the implicit dependency (without having the correct env variables set) during runtime makes the package impure. However, I do think that there's a runtime dependency on clang (and AFL assumes the version that it's built with, too, as far as I can see. Some optimizations are enabled/disabled based on the version of the compiler used). So I'm not sure if we shouldn't pass it through, because otherwise you'll always have to specify the correct version of clang, I think. That doesn't make the package more friendly to use and I'm not sure why it'd be beneficial if you could use afl without having clang in your environment. |
You shouldn't have to - unless for some reason you need to also call the unwrapped It's certainly worked for me in quite heavy use for most of a year now. It's helped by the fact that |
Applying the following patch adds the full path to the clang binary inside the built binary. However, AFL_PATH should still be set as well (to prevent any issues with loading the shared libs). Maybe the hack you used is the best method after all, not sure.
I've also found out that AFL (depending on what you build) links |
Ah I hadn't considered patching the source - there's definitely a neatness to it. It should be possible to patch
the only disadvantage of this I see is it being more sensitive to source changes, which we're kind of invulnerable to using wrappers. But then again, using wrappers adds a few runtime weirdness possibilities... 🤷 |
As for |
I've pushed new changes with the source changes. I've removed the symlinks from afl-clang to afl-clang-fast. I've applied the getenv("AFL_PATH") patch as well. |
Neat - do we need to do similar for |
Yes, we'd need to do the same. One advantage of doing it this way is that you can still pass the AFL_CC and AFL_CXX to the compilers. Will look into doing the same for gcc now. Do we want to support
Edit: started discussion about this upstream as well AFLplusplus/AFLplusplus#184 (comment) Edit2: A patch has been applied for I think this makes the whole thing ready for review. I can't seem to test the 32-bit binaries, as I get failures that show that |
6d08bec
to
23d650f
Compare
Updated together with maintainers.ris / @risicle.
This seems to be working... think this is ready? |
One annoying bug 2.64 has is AFLplusplus/AFLplusplus#342 unfortunately the patch won't apply cleanly. Will have to wait for 2.65. |
Let's do that then. It's quite a fast-moving target so it's hard to keep track of all changes and ensure everything works as intended. |
:high-five: |
Motivation for this change
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
-> There are no dependencies./result/bin/
)nix path-info -S
before and after)cc: @risicle