cmplog and value profile MSVC fixes

libafl_targets/src/cmplog.c

@@ -6,6 +6,12 @@
 #define CMPLOG_KIND_INS 0
 #define CMPLOG_KIND_RTN 1
 
+#ifdef _WIN32
+#define RETADDR (uintptr_t)_ReturnAddress()
+#else
+#define RETADDR (uintptr_t)__builtin_return_address(0)
+#endif
+
 typedef struct CmpLogHeader {
     uint16_t hits;
     uint8_t shape;
@@ -31,6 +37,11 @@ extern uint8_t libafl_cmplog_enabled;
   #pragma weak __sanitizer_cov_trace_const_cmp2 = __sanitizer_cov_trace_cmp2
   #pragma weak __sanitizer_cov_trace_const_cmp4 = __sanitizer_cov_trace_cmp4
   #pragma weak __sanitizer_cov_trace_const_cmp8 = __sanitizer_cov_trace_cmp8
+#elif defined(_MSC_VER)
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp1=__sanitizer_cov_trace_cmp1")
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp2=__sanitizer_cov_trace_cmp2")
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp4=__sanitizer_cov_trace_cmp4")
+  #pragma comment(linker, "/alternatename:__sanitizer_cov_trace_const_cmp8=__sanitizer_cov_trace_cmp8")
 #else
 void __sanitizer_cov_trace_const_cmp1(uint8_t arg1, uint8_t arg2) __attribute__((alias("__sanitizer_cov_trace_cmp1")));
 void __sanitizer_cov_trace_const_cmp2(uint16_t arg1, uint16_t arg2)
@@ -41,11 +52,12 @@ void __sanitizer_cov_trace_const_cmp8(uint64_t arg1, uint64_t arg2)
     __attribute__((alias("__sanitizer_cov_trace_cmp8")));
 #endif
 
+
 void __sanitizer_cov_trace_cmp1(uint8_t arg1, uint8_t arg2) {
 
   if (!libafl_cmplog_enabled) return;
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= CMPLOG_MAP_W - 1;
   
@@ -72,7 +84,7 @@ void __sanitizer_cov_trace_cmp2(uint16_t arg1, uint16_t arg2) {
 
   if (!libafl_cmplog_enabled) return;
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= CMPLOG_MAP_W - 1;
   
@@ -99,7 +111,7 @@ void __sanitizer_cov_trace_cmp4(uint32_t arg1, uint32_t arg2) {
 
   if (!libafl_cmplog_enabled) return;
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= CMPLOG_MAP_W - 1;
   
@@ -125,7 +137,7 @@ void __sanitizer_cov_trace_cmp8(uint64_t arg1, uint64_t arg2) {
 
   if (!libafl_cmplog_enabled) return;
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= CMPLOG_MAP_W - 1;
   
@@ -159,7 +171,7 @@ void __sanitizer_cov_trace_switch(uint64_t val, uint64_t *cases) {
 
   for (uint64_t i = 0; i < cases[0]; i++) {
 
-    uintptr_t k = (uintptr_t)__builtin_return_address(0) + i;
+    uintptr_t k = RETADDR + i;
     k = (k >> 4) ^ (k << 8);
     k &= CMPLOG_MAP_W - 1;
 

libafl_targets/src/lib.rs

@@ -5,16 +5,21 @@ pub mod pcguard;
 #[cfg(any(feature = "pcguard_edges", feature = "pcguard_hitcounts"))]
 pub use pcguard::*;
 
-#[cfg(feature = "value_profile")]
-pub mod value_profile;
-#[cfg(feature = "value_profile")]
-pub use value_profile::*;
-
 #[cfg(feature = "libfuzzer")]
 pub mod libfuzzer;
 #[cfg(feature = "libfuzzer")]
 pub use libfuzzer::*;
 
+#[cfg(all(feature = "value_profile", feature = "cmplog"))]
+compile_error!(
+    "the libafl_targets `value_profile` and `cmplog` features are mutually exclusive."
+);
+
+#[cfg(feature = "value_profile")]
+pub mod value_profile;
+#[cfg(feature = "value_profile")]
+pub use value_profile::*;
+
 #[cfg(feature = "cmplog")]
 pub mod cmplog;
 #[cfg(feature = "cmplog")]

libafl_targets/src/value_profile.c

@@ -7,6 +7,12 @@
 
 extern uint8_t libafl_cmp_map[MAP_SIZE];
 
+#ifdef _WIN32
+#define RETADDR (uintptr_t)_ReturnAddress()
+#else
+#define RETADDR (uintptr_t)__builtin_return_address(0)
+#endif
+
 #ifdef __GNUC__
 #define MAX(a, b)           \
   ({                        \
@@ -20,6 +26,12 @@ extern uint8_t libafl_cmp_map[MAP_SIZE];
 #define MAX(a, b) (((a) > (b)) ? (a) : (b)) 
 #endif
 
+#ifdef _MSC_VER
+#include <intrin.h>
+#define __builtin_popcount __popcnt
+#define __builtin_popcountll __popcnt64
+#endif
+
 #if defined(__APPLE__)
   #pragma weak __sanitizer_cov_trace_const_cmp1 = __sanitizer_cov_trace_cmp1
   #pragma weak __sanitizer_cov_trace_const_cmp2 = __sanitizer_cov_trace_cmp2
@@ -42,7 +54,7 @@ void __sanitizer_cov_trace_const_cmp8(uint64_t arg1, uint64_t arg2)
 
 void __sanitizer_cov_trace_cmp1(uint8_t arg1, uint8_t arg2) {
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= MAP_SIZE - 1;
   libafl_cmp_map[k] = MAX(libafl_cmp_map[k], (__builtin_popcount(~(arg1 ^ arg2))));
@@ -51,7 +63,7 @@ void __sanitizer_cov_trace_cmp1(uint8_t arg1, uint8_t arg2) {
 
 void __sanitizer_cov_trace_cmp2(uint16_t arg1, uint16_t arg2) {
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= MAP_SIZE - 1;
   libafl_cmp_map[k] = MAX(libafl_cmp_map[k], (__builtin_popcount(~(arg1 ^ arg2))));
@@ -60,7 +72,7 @@ void __sanitizer_cov_trace_cmp2(uint16_t arg1, uint16_t arg2) {
 
 void __sanitizer_cov_trace_cmp4(uint32_t arg1, uint32_t arg2) {
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= MAP_SIZE - 1;
   libafl_cmp_map[k] = MAX(libafl_cmp_map[k], (__builtin_popcount(~(arg1 ^ arg2))));
@@ -69,7 +81,7 @@ void __sanitizer_cov_trace_cmp4(uint32_t arg1, uint32_t arg2) {
 
 void __sanitizer_cov_trace_cmp8(uint64_t arg1, uint64_t arg2) {
 
-  uintptr_t k = (uintptr_t)__builtin_return_address(0);
+  uintptr_t k = RETADDR;
   k = (k >> 4) ^ (k << 8);
   k &= MAP_SIZE - 1;
   libafl_cmp_map[k] = MAX(libafl_cmp_map[k], (__builtin_popcountll(~(arg1 ^ arg2))));
@@ -78,7 +90,7 @@ void __sanitizer_cov_trace_cmp8(uint64_t arg1, uint64_t arg2) {
 
 void __sanitizer_cov_trace_switch(uint64_t val, uint64_t *cases) {
 
-  uintptr_t rt = (uintptr_t)__builtin_return_address(0);
+  uintptr_t rt = RETADDR;
   if (cases[1] == 64) {
 
     for (uint64_t i = 0; i < cases[0]; i++) {