I am working on LLVM obfuscation project. I have written a llvm pass(lets say flow flattening pass) which i am running on source (test.c) with following command:
clang -emit-llvm test.c -c -o test.bc
opt -load ../../.. LLVMFlattening.so -fla <test.bc>/dev/null
But i have seen that in O-LLVM project they achieved same thing using:
clang -emit-llvm test.c -c -o test.bc -mllvm -fla
Can someone tell me what is -mllvm here and how this changed to a simple command?
-mllvm means Additional arguments to forward to LLVM's option processing. Therefore -mllvm -fla will pass -fla to the LLVM's option processing.
Clang and LLVM could run seperately. If you want clang to run llvm, and also have some options which you want llvm to aware. -mllvm is what you need.
Defautly, LLVM does not turn on all the transformation passes. With -fla, LLVM will turn on the pass registered with command line argument fla by call function RegisterPass<typename passName>.
In your command line, opt's -load option is used to load plugin. If you want to use the simple command line as expect. Your pass need to be linked into the opt binary. This could be done in the following two ways:
(Without modify the existing LLVM source tree): Add your only pass's source by adding CMakeLists.txt mentioned in this link
Directly copy your pass source code folder into <LLVM root>/lib/Transform directory. And modify the <LLVM root>/lib/Transform/CMakeLists.txt, add add_subdirectory(<pass name>) line just like others.
I'm working on O-LLVM rencently, and came into the same problem. Here is my solution:
1.add static cl::opt<bool> YOUR_FLA("fla", cl::init(false),"info...") to PassManagerBuilder.cpp
2.add function Pass *createYOUR_FLA(bool flag) in your obfuscation pass source code
3.add MPM.add(createYOUR_FLA(YOUR_FLA)); to function populateModulePassManager in PassManagerBuilder.cpp
The solution above works with my simple pass.
Related
I am trying to get exploded graph from one of the debug checkers called
debug.ViewExplodedGraph.
So I run command
clang -cc1 -analyze -analyzer-checker=debug.ViewExplodedGraph someprogram.c
It run successfully, but graph file no where to be found .
Where can we see the generated file?
I guess you should build the clang yourself. Then use the debug mode 'clang', call the command. The system clang is in release mode.
I use the system clang, it outputs nothing. But I use the clang that I build, it output something.
➜ bin ./clang -cc1 -analyze -analyzer-checker=debug.ViewExplodedGraph ~/Desktop/clang_test/test.c
Writing '/var/folders/_6/5wkxc9p92t94vdh0kyq2qyh40000gn/T/ExprEngine-9e6797.dot'... done.
Trying 'open' program... Remember to erase graph file: /var/folders/_6/5wkxc9p92t94vdh0kyq2qyh40000gn/T/ExprEngine-9e6797.dot
Warning: viewing graph requires assertions
➜ bin clang -cc1 -analyze -analyzer-checker=debug.ViewExplodedGraph ~/Desktop/clang_test/test.c
Warning: viewing graph requires assertions
cd to T folder
➜ T dot -Tsvg ExprEngine-9e6797.dot -o ~/Desktop/test.svg
then use chrome open test.svg
I have been using clang-3.5 to happily build bitcode versions of musl libc and
use the result to produce nice stand alone executables.
Recent attempts with clang-3.8 have not been so happy. It seems that
the bitcode clang-3.8 generates uses functions defined in
compiler-rt/lib/builtins
Typical examples of functions I find polluting the bitcode are mulxc3, mulsc3, and muldc3. I can solve this by linking against libgcc, or even the llvm alternative if I had any clear idea of what that was. Though I would rather prevent the problem from happening in the first place.
I have seen mention of flags like rtlib=compiler-rt etc, but have found precious little documentation on the subject.
So here are some simple questions.
Is it possible to prevent clang from using the compiler-rt/lib/builtins
in the emitted bitcode? Or if not
Does llvm produce a version of libgcc that I could use. Actually I would
probably build a bitcode version of it, but that is besides the point.
Love to hear some guidance on this.
Added 12/8/2016: So I will illustrate my issues with a particular workflow that
people can reproduce if they wish, or, more likely, just point out where I am being stupid.
So start by checking out:
musllv
and follow the instructions in the README.to compile (here I am using clang-3.8 on ubuntu 14.04)
WLLVM_CONFIGURE_ONLY=1 CC=wllvm ./configure --target=LLVM --build=LLVM
make
cd lib
extract-bc -b libc.a
you will also need the bitcode of a simple executable. I will use nweb.c here.
wllvm nweb.c -o nweb
extract-bc nweb
Now we can do things like:
clang -static -nostdlib nweb.bc libc.a.bc crt1.o libc.a -o nweb
This workflow goes smoothly for clang-3.5 but for clang-3.8 we get:
clang -static -nostdlib nweb.bc libc.a.bc crt1.o libc.a -o nweb
/tmp/libc-f734a3.o: In function `cpowl':
libc.a.bc:(.text+0xbb9a): undefined reference to `__mulxc3'
/tmp/libc-f734a3.o: In function `cpowf':
libc.a.bc:(.text+0x38f7d): undefined reference to `__mulsc3'
/tmp/libc-f734a3.o: In function `csqrt':
libc.a.bc:(.text+0x78fc3): undefined reference to `__muldc3'
/tmp/libc-f734a3.o: In function `cpow':
libc.a.bc:(.text+0xafafc): undefined reference to `__muldc3'
clang-3.8: error: linker command failed with exit code 1 (use -v to seeinvocation)
So as #paul-brannan points out we could try
clang -static -nostdlib --rtlib=compiler-rt nweb.bc libc.a.bc crt1.o libc.a -o nweb
But this is where I am probably being stupid, because I get:
clang-3.8: warning: argument unused during compilation: '--rtlib=compiler-rt'
irregardless of whether I use it as a linking or compiling flag.
OK so I finally managed to make headway on this. I built llvm-3.8.1 together with the compiler-rt project using wllvm and wllvm++.
One of the build products was libclang_rt.builtins-x86_64.a,
and from this archive I was able to extract the bitcode module
libclang_rt.builtins-x86_64.bc
using the command:
extract-bc -b libclang_rt.builtins-x86_64.a
This bitcode module has definitions for those pesky instrinsics like
__mulxc3, __mulsc3, and __muldc3.
Hallelujah!
I have been trying to enable the gold linker on FreeBSD to use the link time optimizations. I made gold from the binutils under /usr/ports. After building binutils using make -k install clean i got ld under /usr/bin and in the directory /usr/local/bin i got ld, ld.gold and ld.bfd.
Now while trying to use link time optimization for the simple example programs here http://llvm.org/docs/GoldPlugin.html (a.c and b.c under the heading 'Examples of Link Time Optimization') i entered the four commands as follows:
clang -flto a.c -c -o a.o
ar q a.a a.o
clang b.c -c -o b.o
clang -flto a.a b.o -o main
I got the following error:
usr/bin/ld: unrecogonized option '-plugin'
usr/bin/ld: use the --help option for usage information
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Is there the problem with the linker that ld.gold is not being called. Should I replace the ld with ld.gold? Does the linker looks in the right directiry for the .so plugins?
The LLVMgold.so and libLTO.so shared objects are in the directory /usr/local/llvm-devel/lib/.
I cannot find the directory where clang is installed. I am not sure where to make the bfd-plugins directory and add the symlinks to LLVMgold.so and libLTO.so.
I am using freebsd 10.1 release. How to enable the gold linker for link time optimizations?
also how can I enable it to be the default linker?
You may want to use ld.gold instead of ld. It is installed at /usr/local/bin/ld.gold. If you are using a Makefile, it would work by setting LD variable to ld.gold, either by modifying your Makefile or specifying it on command line. Example in case you are using lang/clang37:
gmake all CC=clang37 LD=ld.gold
EDIT:
It would be even more neat if you add -fuse-ld=gold to your LDFLAGS:
LDFLAGS=-fuse-ld=gold
I'm not sure ld.bfd allows plugins, but I could be wrong.
Your /usr/bin/ld should be a symlink to whatever linker you want. You can change which linker is used by using binutils-config. Check the man-page here: http://www.linuxhowtos.org/manpages/8/binutils-config.htm. I realise this is a Linux link, but it's directed at binutils itself rather than linux-specifically.
It should be something along the lines binutils-config --gold.
On my Gentoo box it is binutils --linker=gold
EDIT: As pointed out, binutils-config doesn't work on BSD it seems. You can still manually update the symlinks though, the downside is that there might be a few of them.
You can find out which ld is used by your compiler by using gcc -print-prog-name=ld or clang -print-prog-name=ld. The file printed should be a symlink you can re-create to point to ld.gold as oposed to ld.bfd.
clang has an option, -x, which can be used to specify the language of subsequent source files passed to it. This caused problems when used like this:
clang -x c++ one.cc a.o b.o c.o
clang will try to interpret the object files a.o, b.o, c.o as source code.
Is there a way to cancel the effect of the -x option so I can pass object files on the same command line?
clang -x c++ one.cc SOMEOPTION a.o b.o c.o
What should SOMEOPTION be to allow clang to interpret the .o files as object files?
I need to use this convoluted command line because I am using a system that calls the compiler automatically to compile some code it generates and there are limits to how much it can be hacked.
could you put the arguments the other way 'round
clang a.o b.o c.o -x c++ one.cc
or compile each file and then link them in a later run
clang -x c++ one.cc -o one.cc.o
clang a.o b.o c.o one.cc.o
This is how in my experience it is actualy used.
I am trying to configure util-linux to cross compile using arm-none-linux-gnueabi from CodeSourcery. My only problem so far is that it can't find my ncurses library which I compiled.
How can I add a directory to the ld search path? I've tried adding to my LIBRARY_PATH and LD_LIBRARY_PATH variables, but neither does anything. I know that I can add the -L flag to gcc and it will add to the linker path, but is there any way to do this globally, so that I can do it once, and not have to worry about it again?
Here is the output of arm-none-linux-gnueabi-gcc -print-search-dirs | grep libraries | sed 's/:/\n/g':
libraries
=/tools/bin/../lib/gcc/arm-none-linux-gnueabi/4.6.1/
/tools/bin/../lib/gcc/
/tools/bin/../lib/gcc/arm-none-linux-gnueabi/4.6.1/../../../../arm-none-linux-gnueabi/lib/arm-none-linux-gnueabi/4.6.1/
/tools/bin/../lib/gcc/arm-none-linux-gnueabi/4.6.1/../../../../arm-none-linux-gnueabi/lib/
/tools/bin/../arm-none-linux-gnueabi/libc/lib/arm-none-linux-gnueabi/4.6.1/
/tools/bin/../arm-none-linux-gnueabi/libc/lib/
/tools/bin/../arm-none-linux-gnueabi/libc/usr/lib/arm-none-linux-gnueabi/4.6.1/
/tools/bin/../arm-none-linux-gnueabi/libc/usr/lib/
I would like to add /arm/usr/lib and /arm/usr/local/lib to my ld search path.
If you need output from any other commands, just ask!
EDIT: I just found out about the CFLAGS environment variable--do all configure scripts/makefiles honor it?
Thank you!
If the ncurses library you compiled are going to be linked to the ARM binary you are cross-compiling you can not use LD_LIBRARY_PATH! LD_LIBRARY_PATH is only used by the current run-time and is in no way used by the compiler or linker when building your application.
The use of CFLAGS depends on creator of Makefile. CFLAGS are not automatically used even if they are defined as an environment variable. Only tools like the autoconf tools can pick them up from the environment and use them automagically. In the Makefiles find something like:
$(CC) $(CFLAGS) ....
if this fragment exists then the Makefile uses the CFLAGS variable. LDFLAGS is the more appropriate environment variable to use for link-time options.