Finalize macOS support for libafl_libfuzzer (#1843)

* libafl_targets: on macOS, do not provide a default implementation for weak functions * libafl_libfuzzer: update README to talk about macOS specifics * libafl_targets: allow __sanitizer_cov_pcs_init to be called more than once --------- Co-authored-by: Dominik Maier <domenukk@gmail.com>
2024-02-15 13:45:15 -08:00 · 2024-02-15 13:45:15 -08:00 · 50892ddc75
commit 50892ddc75
parent 0a995f241c
3 changed files with 22 additions and 9 deletions
--- a/libafl_libfuzzer/README.md
+++ b/libafl_libfuzzer/README.md
@ -51,6 +51,22 @@ As this branch generally offers the highest performance version of `libafl_libfu
 Remember to `cargo update` often if using the experimental changes, and please [submit an issue]
 if you encounter problems while using `libfuzzer-best`!

+#### macOS
+
+On macOS, you will need to add weak linking for some functions in a `build.rs` file:
+
+```rust
+fn main() {
+    for func in [
+        "_libafl_main",
+        "_LLVMFuzzerCustomMutator",
+        "_LLVMFuzzerCustomCrossOver",
+    ] {
+        println!("cargo:rustc-link-arg=-Wl,-U,{func}");
+    }
+}
+```
+
 #### Caveats

 Like harnesses built with `libfuzzer-sys`, Rust targets which build other libraries (e.g. C/C++ FFI) may not
--- a/libafl_targets/src/common.h
+++ b/libafl_targets/src/common.h
@ -140,14 +140,11 @@ typedef uint128_t         u128;
 #else

  #if defined(__APPLE__)
-    // On Apple, weak_import and weak attrs behave differently to linux.
-
-    #define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN)                        \
-      __attribute__((weak, visibility("default"))) RETURN_TYPE NAME FUNC_SIG { \
-        return (RETURN_TYPE)0;                                                 \
-      }
-
    #define EXT_FUNC_IMPL(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
+      EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN)
+
+    // Declare these symbols as weak to allow them to be optionally defined.
+    #define EXT_FUNC(NAME, RETURN_TYPE, FUNC_SIG, WARN) \
      __attribute__((weak, visibility("default"))) RETURN_TYPE NAME FUNC_SIG

    // Weakly defined globals
--- a/libafl_targets/src/sancov_cmp.rs
+++ b/libafl_targets/src/sancov_cmp.rs
@ -34,11 +34,11 @@ extern "C" {
 unsafe extern "C" fn __sanitizer_cov_pcs_init(pcs_beg: *const usize, pcs_end: *const usize) {
    // "The Unsafe Code Guidelines also notably defines that usize and isize are respectively compatible with uintptr_t and intptr_t defined in C."
    assert!(
-        PCS_BEG.is_null(),
+        pcs_beg == PCS_BEG || PCS_BEG.is_null(),
        "__sanitizer_cov_pcs_init can be called only once."
    );
    assert!(
-        PCS_END.is_null(),
+        pcs_end == PCS_END || PCS_END.is_null(),
        "__sanitizer_cov_pcs_init can be called only once."
    );