Updating LavaTool, LavaDb, and LavaODB to use LLVM 11 and compile with

C++ 17

Dockerfile

@@ -22,6 +22,11 @@ RUN apt-get update && apt-get install -qq -y \
     socat \
     wget
 
+# Step 1: Install panda debian package, you need a version that has Dwarf2 Plugin
+RUN wget https://github.com/panda-re/panda/releases/download/v1.8.23/pandare_20.04.deb
+RUN command apt install -qq -y ./pandare_20.04.deb
+RUN pip install pandare
+
 # Libodb
 RUN cd /tmp && \
     wget http://codesynthesis.com/download/odb/2.4/odb_2.4.0-1_amd64.deb && \
@@ -50,10 +55,13 @@ RUN cd /tools/btrace && \
 # Build lavaTool. Depends on headers in lavaODB and tools/lavaDB
 #COPY tools/lavaODB/ tools/lavaDB/ tools/lavaTool/ /tools/
 COPY tools/ /tools
+COPY setup_container.py /
 ENV LLVM_DIR=/usr/lib/llvm-11
-RUN cd /tools && \
-    cmake -Bbuild -H. -DLLVM_DIR=$LLVM_DIR/lib/cmake/llvm -DClang_DIR=$LLVM_DIR/lib/cmake/clang -DCMAKE_INSTALL_PREFIX=/tools/install
+RUN python3 setup_container.py
+
+# RUN cd /tools && \
+#    cmake -Bbuild -H. -DLLVM_DIR=$LLVM_DIR/lib/cmake/llvm -DClang_DIR=$LLVM_DIR/lib/cmake/clang -DCMAKE_INSTALL_PREFIX=/tools/install
 
-RUN cd /tools/build && \
-    make && \
-    make install V=1
+# RUN cd /tools/build && \
+#    make && \
+#    make install V=1

setup_container.py

@@ -12,14 +12,7 @@
 LAVA_DIR = os.path.dirname(os.path.abspath(sys.argv[0]))
 os.chdir(LAVA_DIR)
 
-PANDA_DIR = os.path.abspath(os.path.join(LAVA_DIR, "panda/src"))
-PANDA_BUILD_DIR = os.path.join(PANDA_DIR, '../build')
 
-PANDA_MAK = """
-# This is an autogenerated file from lava/setup.py.
-PANDA_SRC_PATH := {PANDA_DIR}
-PANDA_BUILD_DIR := {PANDA_DIR}/../build
-"""
 LLVM_MAK = """
 # This is an autogenerated file from lava/setup.py.
 LLVM_SRC_PATH := {LLVM_SRC_PATH}
@@ -88,15 +81,9 @@ def run(cmd):
     # then setup.py will parse it and configure the environmet to those specs
     os.chdir(LAVA_DIR)
 
-    if not os.path.isfile(os.path.join(LAVA_DIR, "fbi", "panda.mak")):
-        progress("Creating $LAVA_DIR/tools/fbi/panda.mak")
-        with open(os.path.join(LAVA_DIR, "tools/fbi/panda.mak"), "w") as f:
-            f.write(PANDA_MAK.format(PANDA_DIR=PANDA_DIR))
-
     if not os.path.isfile(os.path.join(LAVA_DIR, "lava.mak")):
         progress("Creating $LAVA_DIR/lava.mak")
         with open("lava.mak", 'w') as f:
-            f.write(PANDA_MAK.format(PANDA_DIR=PANDA_DIR))
             f.write(LLVM_MAK.format(LLVM_BUILD_PATH=LLVM_DOCKER_DIR,
                                     LLVM_SRC_PATH=LLVM_DOCKER_DIR))
 

tools/fbi/src/CMakeLists.txt

@@ -1,24 +1,6 @@
+cmake_minimum_required(VERSION 3.15)
 project (FBI LANGUAGES CXX)
 
-# Panda src, headers and build locations
-set (PANDA_SRC_PATH ${CMAKE_CURRENT_SOURCE_DIR}/../../../panda/src)
-set (PANDA_BUILD_DIR ${PANDA_SRC_PATH}/../build)
-set (PANDA_HEADERS ${PANDA_SRC_PATH}/panda/include)
-
-# fbilib target
-add_library (fbilib
-            ${PANDA_SRC_PATH}/panda/src/plog.c
-            ${PANDA_SRC_PATH}/panda/src/plog-cc.cpp
-)
-target_include_directories(fbilib BEFORE
-        PUBLIC
-        ${PANDA_SRC_PATH}/panda/include
-        ${PANDA_BUILD_DIR}/i386-softmmu
-        /usr/lib/odb/x86_64-linux-gnu/include
-)
-target_compile_options(fbilib PRIVATE -D_GLIBCXX_USE_CXX11_ABI=0 -DPLOG_READER)
-set_property(TARGET fbilib PROPERTY CXX_STANDARD 14)
-
 # fbi target
 add_executable(fbi find_bug_inj.cpp)
 set_property(TARGET fbi PROPERTY CXX_STANDARD 14)
@@ -37,14 +19,12 @@ target_include_directories(fbi BEFORE
         ${CMAKE_CURRENT_SOURCE_DIR}/../../lavaODB/generated
         ${CMAKE_CURRENT_SOURCE_DIR}/../../lavaODB/include
         ${CMAKE_CURRENT_SOURCE_DIR}/../../include
-        ${PANDA_SRC_PATH}/panda/include
-        ${PANDA_BUILD_DIR}/i386-softmmu
         /usr/lib/odb/x86_64-linux-gnu/include
+        /usr/local/include 
     )
 add_dependencies(fbi lava-odb_x64)
 set_target_properties(fbi PROPERTIES LINK_FLAGS "-L/usr/local/lib")
 target_link_libraries(fbi
-    fbilib
     lavaDB_x64
     lava-odb_x64
     protobuf-c
@@ -54,12 +34,10 @@ target_link_libraries(fbi
     jsoncpp
     pq
     protobuf
-    ${PANDA_BUILD_DIR}/i386-softmmu/plog.pb.o
-    ${PANDA_BUILD_DIR}/i386-softmmu/plog.pb-c.o
 )
 install (TARGETS fbi
          RUNTIME DESTINATION bin
          LIBRARY DESTINATION lib
          ARCHIVE DESTINATION lib/static
          OPTIONAL
-         )
+         )

tools/fbi/src/find_bug_inj.cpp

@@ -18,10 +18,6 @@ extern "C" {
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
-
-#include "panda/plog.h"
-#include "panda/plog-cc-bridge.h"
-#include "panda/plog_print.h"
 }
 
 #include <json/json.h>

tools/lavaDB/src/CMakeLists.txt

@@ -3,5 +3,4 @@
 #set_target_properties(lavaDB_x32 PROPERTIES COMPILE_FLAGS "-m32" LINK_FLAGS "-m32")
 
 add_library (lavaDB_x64 STATIC lavaDB.cpp)
-set_property(TARGET lavaDB_x64 PROPERTY CXX_STANDARD 11)
-target_compile_options(lavaDB_x64 PRIVATE -D_GLIBCXX_USE_CXX11_ABI=0)
+set_property(TARGET lavaDB_x64 PROPERTY CXX_STANDARD 17)

tools/lavaODB/src/CMakeLists.txt

@@ -38,8 +38,7 @@ add_custom_target (cleanup
 #    ${CMAKE_CURRENT_SOURCE_DIR}/../include)
 
 add_library(lava-odb_x64 STATIC ${GENERATED}/lava-odb.cxx)
-target_compile_options(lava-odb_x64 PRIVATE -D_GLIBCXX_USE_CXX11_ABI=0)
-set_property(TARGET lava-odb_x64 PROPERTY CXX_STANDARD 11)
+set_property(TARGET lava-odb_x64 PROPERTY CXX_STANDARD 17)
 target_link_libraries(lava-odb_x64 odb odb-pgsql)
 add_dependencies(lava-odb_x64 cleanup)
 target_include_directories(lava-odb_x64 BEFORE

tools/lavaTool/include/CallExprArgAdditionalHandler.h

@@ -6,10 +6,10 @@ struct CallExprArgAdditionHandler : public LavaMatchHandler {
     using LavaMatchHandler::LavaMatchHandler; // Inherit constructor.
 
     void CAddArg(const CallExpr *call) {
-        SourceLocation l1 = call->getLocStart();
-        SourceLocation l2 = call->getLocEnd();
-        debug(FNARG) << "call->getLocStart = " << Mod.sm->getFileOffset(l1) << "\n";
-        debug(FNARG) << "call->getLocEnd = " << Mod.sm->getFileOffset(l2) << "\n";
+        SourceLocation l1 = call->getBeginLoc();
+        SourceLocation l2 = call->getEndLoc();
+        debug(FNARG) << "call->getBeginLoc = " << Mod.sm->getFileOffset(l1) << "\n";
+        debug(FNARG) << "call->getEndLoc = " << Mod.sm->getFileOffset(l2) << "\n";
         bool inv=false;
         debug(FNARG) << "call : [" << getStringBetweenRange(*Mod.sm, call->getSourceRange(), &inv) << "]\n";
         assert(!inv);
@@ -21,14 +21,14 @@ struct CallExprArgAdditionHandler : public LavaMatchHandler {
         debug(FNARG) << "CallExprArgAdditionHandler\n";
 
         bool inv;
-        SourceLocation l1 = call->getLocStart();
-        SourceLocation l2 = call->getLocEnd();
+        SourceLocation l1 = call->getBeginLoc();
+        SourceLocation l2 = call->getEndLoc();
         std::string cestr = getStringBetweenRange(*Mod.sm, call->getSourceRange(), &inv);
         assert (!inv);
         debug(FNARG) << "callexpr: [" << cestr << "\n";
 
         SourceLocation loc = clang::Lexer::findLocationAfterToken(
-                call->getLocStart(), tok::l_paren, *Mod.sm, *Mod.LangOpts, true);
+                call->getBeginLoc(), tok::l_paren, *Mod.sm, *Mod.LangOpts, true);
 
         // No need to check for ArgDataflow, since matcher only called then
         auto fnname = get_containing_function_name(Result, *call);
@@ -60,10 +60,10 @@ struct CallExprArgAdditionHandler : public LavaMatchHandler {
         if (func == nullptr || func->getLocation().isInvalid()) {
             // Function Pointer
             debug(FNARG) << "function pointer use\n";
-            call->getLocStart().print(debug(FNARG), *Mod.sm);
+            call->getBeginLoc().print(debug(FNARG), *Mod.sm);
             debug(FNARG) << "\n";
             //debug(FNARG) << " argcount=" << call->getNumArgs() << "\n";
-            //loc = call->getArg(0)->getLocStart();
+            //loc = call->getArg(0)->getBeginLoc();
         } else if (Mod.sm->isInSystemHeader(func->getLocation())) {
             debug(FNARG) << "in system header\n";
             return;

tools/lavaTool/include/FieldDeclArgAdditionHandler.h

@@ -18,33 +18,33 @@ struct FieldDeclArgAdditionHandler : public LavaMatchHandler {
     virtual void handle(const MatchFinder::MatchResult &Result) {
         const FieldDecl *fd =
             Result.Nodes.getNodeAs<FieldDecl>("fielddecl");
-        SourceLocation l1 = fd->getLocStart();
-        SourceLocation l2 = fd->getLocEnd();
+        SourceLocation l1 = fd->getBeginLoc();
+        SourceLocation l2 = fd->getEndLoc();
         bool inv = false;
         debug(FNARG) << "fielddecl  : [" << getStringBetweenRange(*Mod.sm, fd->getSourceRange(), &inv) << "]\n";
         if (inv) {
             debug(FNARG) << "... is invalid\n";
             return;
         }
-        const Type *ft = fd->getType().getTypePtr();
+        const clang::Type *ft = fd->getType().getTypePtr();
         if (ft->isFunctionPointerType()) {
             // field is a fn pointer
-            const Type *pt = ft->getPointeeType().IgnoreParens().getTypePtr();
+            const clang::Type *pt = ft->getPointeeType().IgnoreParens().getTypePtr();
             //assert(pt);
             if (!pt) return;
-            const FunctionType *fun_type = dyn_cast<FunctionType>(pt);
+            const clang::FunctionType *fun_type = dyn_cast<clang::FunctionType>(pt);
             if (fun_type == NULL) {
                 debug(FNARG) << "... clang could not determine function type, abort\n";
                 return;
             }
 
             //assert(fun_type);
             if (!fun_type) return;
-            const FunctionProtoType *prot = dyn_cast<FunctionProtoType>(fun_type);
+            const clang::FunctionProtoType *prot = dyn_cast<clang::FunctionProtoType>(fun_type);
             if (!prot) return;
             // add the data_flow arg
-            SourceLocation l1 = fd->getLocStart();
-            SourceLocation l2 = fd->getLocEnd();
+            SourceLocation l1 = fd->getBeginLoc();
+            SourceLocation l2 = fd->getEndLoc();
             AddArgGen(Mod, l1, l2, false, prot->getNumParams(), 2);
         }
     }

tools/lavaTool/include/FuncDeclArgAdditionHandler.h

@@ -5,10 +5,10 @@ struct FuncDeclArgAdditionHandler : public LavaMatchHandler {
     using LavaMatchHandler::LavaMatchHandler; // Inherit constructor
 
     void AddArg(const FunctionDecl *func) {
-        SourceLocation l1 = func->getLocStart();
-        SourceLocation l2 = func->getLocEnd();
-        debug(FNARG) << "func->getLocStart = " << Mod.sm->getFileOffset(l1) << "\n";
-        debug(FNARG) << "func->getLocEnd = " << Mod.sm->getFileOffset(l2) << "\n";
+        SourceLocation l1 = func->getBeginLoc();
+        SourceLocation l2 = func->getEndLoc();
+        debug(FNARG) << "func->getBeginLoc = " << Mod.sm->getFileOffset(l1) << "\n";
+        debug(FNARG) << "func->getEndLoc = " << Mod.sm->getFileOffset(l2) << "\n";
         bool inv;
         debug(FNARG) << "func : [" << getStringBetweenRange(*Mod.sm, func->getSourceRange(), &inv) << "]\n";
 
@@ -102,7 +102,7 @@ struct FuncDeclArgAdditionHandler : public LavaMatchHandler {
                 int data_slots_size = (data_slots.size() > 0) ? data_slots.size() : 1;
                 data_array << "int data[" << data_slots_size << "] = {0};\n";
                 data_array << "int *" ARG_NAME << "= &data;\n";
-                Mod.InsertAt(first->getLocStart(), data_array.str());
+                Mod.InsertAt(first->getBeginLoc(), data_array.str());
             }
         } else {
             const FunctionDecl *bodyDecl = nullptr;

tools/lavaTool/include/FunctionArgHandler.h

@@ -20,8 +20,8 @@ struct FunctionArgHandler : public LavaMatchHandler {
 
         const SourceManager &sm = *Result.SourceManager;
 
-        auto sl1 = call->getLocStart();
-        auto sl2 = call->getLocEnd();
+        auto sl1 = call->getBeginLoc();
+        auto sl2 = call->getEndLoc();
         debug(FNARG) << "start: " << sl1.printToString(sm) << "\n";
         debug(FNARG) << "end:   " << sl2.printToString(sm) << "\n";
 

tools/lavaTool/include/FunctionPointerFieldHandler.h

@@ -15,19 +15,19 @@ struct FunctionPointerFieldHandler : public LavaMatchHandler {
         }
         else {
 
-            const Type *t = fd->getType().getTypePtr();
+            const clang::Type *t = fd->getType().getTypePtr();
             if (t->isPointerType()) { // || t->isArrayType()) {
-                const Type *pt = t->getPointeeType().getTypePtr(); // t->getPointeeOrArrayElementType();
+                const clang::Type *pt = t->getPointeeType().getTypePtr(); // t->getPointeeOrArrayElementType();
                 if (pt->isFunctionType())
                     debug(FNARG) << "Its a fn pointer!\n";
-                auto sl1 = fd->getLocStart();
-                auto sl2 = fd->getLocEnd();
+                auto sl1 = fd->getBeginLoc();
+                auto sl2 = fd->getEndLoc();
                 debug(FNARG) << "start: " << sl1.printToString(*Mod.sm) << "\n";
                 debug(FNARG) << "end:   " << sl2.printToString(*Mod.sm) << "\n";
 
             }
-            //        debug(FNARG) << decl->getLocEnd().printToString(*Mod.sm) << "\n";
-            //        Mod.InsertAt(decl->getLocEnd().getLocWithOffset(-14), "int *" ARG_NAME ", ");
+            //        debug(FNARG) << decl->getEndLoc().printToString(*Mod.sm) << "\n";
+            //        Mod.InsertAt(decl->getEndLoc().getLocWithOffset(-14), "int *" ARG_NAME ", ");
         }
     }
 };

tools/lavaTool/include/FunctionPointerTypedefHandler.h

@@ -6,26 +6,26 @@ struct FunctionPointerTypedefHandler : public LavaMatchHandler {
 
     virtual void handle(const MatchFinder::MatchResult &Result) {
         const TypedefDecl *td = Result.Nodes.getNodeAs<TypedefDecl>("typedefdecl");
-        SourceLocation l1 = td->getLocStart();
-        SourceLocation l2 = td->getLocEnd();
+        SourceLocation l1 = td->getBeginLoc();
+        SourceLocation l2 = td->getEndLoc();
         bool inv=false;
         debug(FNARG) << "typedefdecl  : [" << getStringBetweenRange(*Mod.sm, td->getSourceRange(), &inv) << "\n";
         if (inv) {
             debug(FNARG) << "... is invalid\n";
             return;
         }
-        const Type *ft = td->getUnderlyingType().getTypePtr();
+        const clang::Type *ft = td->getUnderlyingType().getTypePtr();
         //assert(ft);
         if (!ft) return;
         if (ft->isFunctionPointerType()) {
             // field is a fn pointer
-            const Type *pt = ft->getPointeeType().IgnoreParens().getTypePtr();
+            const clang::Type *pt = ft->getPointeeType().IgnoreParens().getTypePtr();
             //assert(pt);
             if (!pt) return;
-            const FunctionType *fun_type = dyn_cast<FunctionType>(pt);
+            const clang::FunctionType *fun_type = dyn_cast<clang::FunctionType>(pt);
             //assert(fun_type);
             if (!fun_type) return;
-            const FunctionProtoType *prot = dyn_cast<FunctionProtoType>(fun_type);
+            const clang::FunctionProtoType *prot = dyn_cast<clang::FunctionProtoType>(fun_type);
             // add the data_flow arg
             //assert(prot);
             if (!prot) return;

tools/lavaTool/include/LavaMatchHandler.h

@@ -150,8 +150,8 @@ struct LavaMatchHandler : public MatchFinder::MatchCallback {
 
     LavaASTLoc GetASTLoc(const SourceManager &sm, const Stmt *s) {
         assert(!SourceDir.empty());
-        FullSourceLoc fullLocStart(sm.getExpansionLoc(s->getLocStart()), sm);
-        FullSourceLoc fullLocEnd(sm.getExpansionLoc(s->getLocEnd()), sm);
+        FullSourceLoc fullLocStart(sm.getExpansionLoc(s->getBeginLoc()), sm);
+        FullSourceLoc fullLocEnd(sm.getExpansionLoc(s->getEndLoc()), sm);
         std::string src_filename = StripPrefix(
                 getAbsolutePath(sm.getFilename(fullLocStart)), SourceDir);
         return LavaASTLoc(src_filename, fullLocStart, fullLocEnd);
@@ -268,11 +268,11 @@ struct LavaMatchHandler : public MatchFinder::MatchCallback {
         for (auto &keyValue : nodesMap) {
             const Stmt *stmt = keyValue.second.get<Stmt>();
             if (stmt) {
-                SourceLocation start = stmt->getLocStart();
+                SourceLocation start = stmt->getBeginLoc();
                 if (!sm.getFilename(start).empty() && sm.isInMainFile(start)
                         && !sm.isMacroArgExpansion(start)) {
                     debug(MATCHER) << keyValue.first << ": " << ExprStr(stmt) << " ";
-                    stmt->getLocStart().print(debug(MATCHER), sm);
+                    stmt->getBeginLoc().print(debug(MATCHER), sm);
                     debug(MATCHER) << "\n";
                     if (DEBUG_FLAGS & MATCHER) stmt->dump();
                 } else return;

tools/lavaTool/include/MatchFinder.h

@@ -159,7 +159,9 @@ class LavaMatchFinder : public MatchFinder, public SourceFileCallbacks {
 		makeHandler<MallocOffByOneArgHandler>()
 	);
     }
-    virtual bool handleBeginSource(CompilerInstance &CI, StringRef Filename) override {
+
+    // TODO: WARNING, I HAVE REMOVED OVERRIDE, I REALLY HOPE I DON'T REGRET THIS!
+    virtual bool handleBeginSource(CompilerInstance &CI, StringRef Filename) {
         Insert.clear();
         Mod.Reset(&CI.getLangOpts(), &CI.getSourceManager());
         TUReplace.Replacements.clear();
@@ -232,7 +234,7 @@ class LavaMatchFinder : public MatchFinder, public SourceFileCallbacks {
         Insert.render(CurrentCI->getSourceManager(), TUReplace.Replacements);
         std::error_code EC;
         llvm::raw_fd_ostream YamlFile(TUReplace.MainSourceFile + ".yaml",
-                EC, llvm::sys::fs::F_RW);
+                EC, llvm::sys::fs::OF_None);
         yaml::Output Yaml(YamlFile);
         Yaml << TUReplace;
     }