AFL binary instrumentation

Related tags

Deep Learningbinaryinstrumentationfuzzingaflafl-fuzzbinary-rewritinge9patch
Overview

E9AFL --- Binary AFL

E9AFL inserts American Fuzzy Lop (AFL) instrumentation into x86_64 Linux binaries. This allows binaries to be fuzzed without the need for recompilation.

E9AFL uses E9Patch to insert the AFL instrumentation via static binary rewriting.

Building

To build E9AFL, simply run the build.sh script:

    $ ./build.sh

Usage

First, install afl-fuzz:

    $ sudo apt-get install afl

To use E9AFL, simply run the command:

    $ ./e9afl /path/to/binary

This will generate an AFL-instrumented binary.afl which can be used with afl-fuzz. See the example below.

Example

To fuzz the binutils readelf program:

    $ ./e9afl readelf
    $ mkdir -p input
    $ mkdir -p output
    $ head -n 1 `which ls` > input/exe
    $ afl-fuzz -i input/ -o output/ -- ./readelf.afl -a @@

If all goes well the output should look something like this:

AFL example

Troubleshooting

Some instrumented binaries may crash during AFL initialization:

    PROGRAM ABORT : Fork server crashed ...

This is often caused by an insufficient memory limit. See AFL's -m option for more information.

Bugs

Please report bugs here.

License

GLPv3

Comments
  • Memory limit is too restrictive - every possible binaries showing same info.. looks like there is some other issue.

    Memory limit is too restrictive - every possible binaries showing same info.. looks like there is some other issue.

    $ afl-fuzz -m 850 -i input/ -o output/ -- ./test_binary.afl afl-fuzz 2.52b by [email protected] [+] You have 8 CPU cores and 2 runnable tasks (utilization: 25%). [+] Try parallel jobs - see /usr/share/doc/afl-doc/docs/parallel_fuzzing.txt. [] Checking CPU core loadout... [+] Found a free CPU core, binding to #0. [] Checking core_pattern... [] Checking CPU scaling governor... [] Setting up output directories... [+] Output directory exists but deemed OK to reuse. [] Deleting old session data... [+] Output dir cleanup successful. [] Scanning 'input/'... [+] No auto-generated dictionary tokens to reuse. [] Creating hard links for all input files... [] Validating target binary... [] Attempting dry run with 'id:000000,orig:exe'... [] Spinning up the fork server...

    [-] Whoops, the target binary crashed suddenly, before receiving any input from the fuzzer! There are several probable explanations:

    - The current memory limit (850 MB) is too restrictive, causing the
  target to hit an OOM condition in the dynamic linker. Try bumping up
  the limit with the -m setting in the command line. A simple way confirm
  this diagnosis would be:

  ( ulimit -Sv $[849 << 10]; /path/to/fuzzed_app )

  Tip: you can use http://jwilk.net/software/recidivm to quickly
  estimate the required amount of virtual memory for the binary.

- The binary is just buggy and explodes entirely on its own. If so, you
  need to fix the underlying problem or find a better replacement.

- Less likely, there is a horrible bug in the fuzzer. If other options
  fail, poke <[email protected]> for troubleshooting tips.

    [-] PROGRAM ABORT : Fork server crashed with signal 11 Location : init_forkserver(), afl-fuzz.c:2201

    opened by rohith-krishnan 4
  • Fork server crashed with signal 11 while fuzz jhead

    Fork server crashed with signal 11 while fuzz jhead

    Hello, I used E9AFL to conduct experiments on jHEAD project:https://github.com/Matthias-Wandel/jhead。 I followed the normal procedure and encountered the following error:

    [email protected]:~/fuzz/e9afl-jhead# ./afl-fuzz -i in -o out -- ./jhead.afl @@
afl-fuzz 2.57b by <[email protected]>
[+] You have 16 CPU cores and 1 runnable tasks (utilization: 6%).
[+] Try parallel jobs - see docs/parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #0.
[*] Checking core_pattern...
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'in'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Validating target binary...
[*] Attempting dry run with 'id:000000,orig:badyear.jpg'...
[*] Spinning up the fork server...

[-] Whoops, the target binary crashed suddenly, before receiving any input
    from the fuzzer! There are several probable explanations:

    - The current memory limit (50.0 MB) is too restrictive, causing the
      target to hit an OOM condition in the dynamic linker. Try bumping up
      the limit with the -m setting in the command line. A simple way confirm
      this diagnosis would be:

      ( ulimit -Sv $[49 << 10]; /path/to/fuzzed_app )

      Tip: you can use http://jwilk.net/software/recidivm to quickly
      estimate the required amount of virtual memory for the binary.

    - The binary is just buggy and explodes entirely on its own. If so, you
      need to fix the underlying problem or find a better replacement.

    - Less likely, there is a horrible bug in the fuzzer. If other options
      fail, poke <[email protected]> for troubleshooting tips.

[-] PROGRAM ABORT : Fork server crashed with signal 11
         Location : init_forkserver(), afl-fuzz.c:2230

[email protected]:~/fuzz/e9afl-jhead# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 127896
max locked memory       (kbytes, -l) 65536
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 127896
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited
[email protected]:~/fuzz/e9afl-jhead#
    opened by Sunxingzhezhexingsun 3
  • Build Failures

    Build Failures

    Hello,

    I would like to start using this program but ran into several build errors - would it be possible to publish a formal list of dependencies, if any?

    opened by mav8557 3
  • e9tool command failed with status (33792)

    e9tool command failed with status (33792)

    I got the following error when trying to input a binary named test. I'm on ParrotOS if that is relevant.

    $e9afl test "/usr/share/e9afl/e9tool" -E '".plt"' -E '".plt.got"' -O2 --option --mem-granularity=4096 -o "test.afl" -M 'plugin("/usr/share/e9afl/e9AFLPlugin.so").match()' -P 'plugin("/usr/share/e9afl/e9AFLPlugin.so").patch()' -- "test" Illegal instruction error : e9tool command failed with status (33792)

    opened by FlorinelPetrean 2
  • Illegal instruction (core dumped)

    Illegal instruction (core dumped)

    When using e9afl to instrument mruby, the program reports an illegal instruction aborted.

    Invalid instructions at 0x7ffff7cbcd97

    After some digging, I found that the illegal instruction is incsspq in __longjmp (glibc/sysdeps/x86-64/longjmp.s)]. Using gdb for debugging, I found out that %fs:[0x48]=0 (feature_1 in tcbhead_t) in a normal program (not instrumented). However, in the instrumented program, %fs:[0x48]=0x4a1b, which leads to the execution of incsspq and leads to the illegal instruction problem (https://github.com/bminor/glibc/blob/ca4d3ea5130d66e66c5af14e958e99341bf20689/sysdeps/x86_64/__longjmp.S#L57-L58). According to the comments in glibc/sysdeps/x86-64/longjmp.s, this value of %fs:[0x48] marks the shadow stack as enabled. I have no idea why this happened, can you give me some insights?

    The following archive contains the normal and instrumented programs plus the input to reproduce this problem. mruby.zip

    [email protected]:e9afl$ ./e9afl mruby_trace                                                                                                                            
"install/e9tool" -E '".plt"' -E '".plt.got"' -O2 --option --mem-granularity=4096 -o "mruby_trace.afl" -M 'plugin("install/e9AFLPlugin.so").match()' -P 'plugin("install/e9AFLPlugin.so").patch()' --plugin="install/e9AFLPlugin.so":--counter=classic --plugin="install/e9AFLPlugin.so":-Oblock=default --plugin="/home/user/docker_share/tools/e9afl/install/e9AFLPlugin.so":-Oselect=default --plugin="install/e9AFLPlugin.so":--path='install' --option --log=false -- "mruby_trace"                                                                                                                                                                                                                     
-----------------------------------------------                                                                                                                                                                                                          
mode                  = Linux ELF executable                                                                                                                                                                                                             
input_binary          = mruby_trace                                                                                                                                                          
output_binary         = mruby_trace.afl                                                                                                                                                                                                                  
num_patched           = 10015 / 10015 (100.00%)                                                                                                                                                                                                          
num_patched_B1        = 8936 / 10015 (89.23%)                                                                                                                                                                                                            
num_patched_B2        = 1078 / 10015 (10.76%)                                                                                                                                                                                                            
num_patched_T1        = 1 / 10015 (0.01%)                                                                                                                                                                                                                
num_patched_T2        = 0 / 10015 (0.00%)                                                                                                                                                                                                                
num_patched_T3        = 0 / 10015 (0.00%)                                                                                                                                                                                                                
num_virtual_mappings  = 373                                                                                                                                                                                                                              
num_physical_mappings = 248 (66.49%)                                                                                                                                                                                                                     
num_virtual_bytes     = 1527808                                                                                                                                                                                                                          
num_physical_bytes    = 1015808 (66.49%)                                                                                                                                                                                                                 
input_file_size       = 1738472                                                                                                                                                                                                                          
output_file_size      = 3210016 (184.65%)                                                                                                                                                                                                                
time_elapsed          = 346ms                                                                                                                                                                                                                            
memory_used           = 28468KB

    pwndbg> p/x *(tcbhead_t*) $fs_base                                    │pwndbg> p/x *(tcbhead_t*) $fs_base                                   │·················································································································································
                                                                      │$2 = {                                                               │·················································································································································
$2 = {                                                                │  tcb = 0x7ffff7c77740,                                              │·················································································································································
  tcb = 0x7ffff7c77740,                                               │  dtv = 0x7ffff7c780a0,                                              │·················································································································································
  dtv = 0x7ffff7c780a0,                                               │  self = 0x7ffff7c77740,                                             │·················································································································································
  self = 0x7ffff7c77740,                                              │  multiple_threads = 0x0,                                            │·················································································································································
  multiple_threads = 0x0,                                             │  gscope_flag = 0x0,                                                 │·················································································································································
  gscope_flag = 0x0,                                                  │  sysinfo = 0x0,                                                     │·················································································································································
  sysinfo = 0x0,                                                      │  stack_guard = 0x75556eb3f83c8600,                                  │·················································································································································
  stack_guard = 0x882e160064f5cc00,                                   │  pointer_guard = 0x48fa0123fae3d9a4,                                │·················································································································································
  pointer_guard = 0x7501990f9f69f8be,                                 │  vgetcpu_cache = {0x0, 0x0},                                        │·················································································································································
  vgetcpu_cache = {0x0, 0x0},                                         │  feature_1 = 0x4a1b,                                                │·················································································································································
  feature_1 = 0x0,                                                    │  __glibc_unused1 = 0x0,                                             │·················································································································································
  __glibc_unused1 = 0x0,                                              │  __private_tm = {0x0, 0x0, 0x0, 0x0},                               │·················································································································································
  __private_tm = {0x0, 0x0, 0x0, 0x0},                                │  __private_ss = 0x0,                                                │·················································································································································
  __private_ss = 0x0,                                                 │  ssp_base = 0x0,                                                    │·················································································································································
  ssp_base = 0x0,                                                     │  __glibc_unused2 = {{{                                              │·················································································································································
  __glibc_unused2 = {{{                                               │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }, {                                                           │·················································································································································
      }, {                                                            │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }, {                                                           │·················································································································································
      }, {                                                            │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }, {                                                           │·················································································································································
      }, {                                                            │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }}, {{                                                         │·················································································································································
      }}, {{                                                          │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }, {                                                           │·················································································································································
      }, {                                                            │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }, {                                                           │·················································································································································
      }, {                                                            │        i = {0x0, 0x0, 0x0, 0x0}                                     │·················································································································································
        i = {0x0, 0x0, 0x0, 0x0}                                      │      }, {                                                           │·················································································································································
      }, {                                                            │        i = {0x0, 0x0, 0x0, 0x0}
    opened by 0xdd96 1
  • Building issue in Ubuntu 20.10

    Building issue in Ubuntu 20.10

    Hey,

    I'm getting some errors while building e9afl on my Ubuntu 20.10 Here is the errors:

    $ ./build.sh
./build.sh: extracting e9patch-7773cc7b3a5117144bde42649e535c01af832ecf.zip...
Archive:  e9patch-7773cc7b3a5117144bde42649e535c01af832ecf.zip
7773cc7b3a5117144bde42649e535c01af832ecf
replace e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/LICENSE? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/LICENSE  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/Makefile  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/Makefile.zydis  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/README.md  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/build.sh  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/doc/e9patch-programming-guide.md  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/doc/e9tool-user-guide.md  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/e9compile.sh  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/args.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/counter.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/delay.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/hello.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/limit.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/nop.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/plugins/example.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/print.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/state.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/stdlib.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/trap.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9alloc.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9alloc.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9api.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9api.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9elf.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9elf.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9emit.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9emit.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9json.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9json.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9loader.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9loader.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9mapping.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9mapping.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9optimize.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9optimize.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9patch.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9patch.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9rbtree.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9tactics.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9tactics.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9trampoline.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9trampoline.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9x86_64.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9patch/e9x86_64.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9cfg.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9csv.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9frontend.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9frontend.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9metadata.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9parser.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9plugin.h  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9tool.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9types.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/src/e9tool/e9x86_64.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/14.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/14.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/15.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/15.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/17.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/17.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/17_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/17_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/18.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/18.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/Makefile  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/README.md  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/after.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/after.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/asm.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/asm.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/asm_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/asm_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cfg.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cfg.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cfg_pie.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cfg_pie.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cmp.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cmp.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cmp_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cmp_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cond_0.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cond_0.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cond_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/cond_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/condjump.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/condjump.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/condjump_0.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/condjump_0.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/condjump_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/condjump_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/control.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/control.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/csv.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/csv.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/data.csv  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/dl.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/dst_zero.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/dst_zero.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_10.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_10.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_11.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_11.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_12.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_12.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_13.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_13.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_3.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_3.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_4.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_4.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_5.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_5.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_6.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_6.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_7.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_7.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_8.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_8.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_9.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/example_9.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/exit.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/exit.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/false.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/false.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/imm_by_ptr.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/imm_by_ptr.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/inst.c  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jmp_notake.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jmp_notake.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jmp_take.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jmp_take.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jump.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jump.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jump_1.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/jump_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/libdl.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/libdl.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/libdl_1.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/libdl_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/libdl_2.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/libdl_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_3.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_3.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_4.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_4.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_5.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/memory_5.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/mnemonic.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/mnemonic.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_2.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_3.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_3.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_4.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_4.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_bug.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/naked_bug.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/next.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/next.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_0.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_0.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_3.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_3.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_s.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/optimize_s.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/passthru.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/passthru.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/patch.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/print.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/print.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/print_intel.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/print_intel.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/print_pie.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/print_pie.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rax.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rax.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rax_by_ptr.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rax_by_ptr.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/read_write.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/read_write.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/reads_rflags.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/reads_rflags.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/regs.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/regs.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/regs_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/regs_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/regtest.cpp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rip_rsp_rflags.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rip_rsp_rflags.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rip_to_rsp.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rip_to_rsp.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rotate.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/rotate.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/size.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/size.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/size_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/size_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/skip.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/skip.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/src_dst.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/src_dst.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/sse.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/sse.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/stack_overflow.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/stack_overflow.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/static.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/static.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/static_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/static_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/static_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/static_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/string.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/string.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/string_1.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/string_1.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/sum.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/sum.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/swap.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/swap.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/swap_2.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/swap_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/syscall.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/syscall.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/target.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/target.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/test.s  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/test_libc.s  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/trap.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/trap.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/trunc32.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/trunc32.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/types.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/types.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/write_bug.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/write_bug.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/xmm.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/xmm.in  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/zero.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/zero.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/zero_flags.exp  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/zero_flags.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/zero_flags_2.exp  
 extracting: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/regtest/zero_flags_2.in  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/stresstest/Makefile  
  inflating: e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/test/stresstest/stresstest.sh  
./build.sh: building e9patch...
./build.sh: building e9patch and e9tool...
rm -rf src/e9patch/e9alloc.o src/e9patch/e9api.o src/e9patch/e9elf.o src/e9patch/e9emit.o src/e9patch/e9json.o src/e9patch/e9mapping.o src/e9patch/e9patch.o src/e9patch/e9optimize.o src/e9patch/e9tactics.o src/e9patch/e9trampoline.o src/e9patch/e9x86_64.o e9tool.o e9patch e9tool a.out \
        src/e9patch/e9loader.c e9loader.out e9loader.o e9loader.bin
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -I src/e9tool/ -I zydis/include/ -I zydis/dependencies/zycore/include/ -Wno-unused-function -c src/e9tool/e9tool.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG -Wno-unused-function   -c -o src/e9patch/e9alloc.o src/e9patch/e9alloc.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9api.o src/e9patch/e9api.cpp
g++ -std=c++11 -Wall -fno-stack-protector -fpie -Os -c \
        src/e9patch/e9loader.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9emit.o src/e9patch/e9emit.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9json.o src/e9patch/e9json.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9mapping.o src/e9patch/e9mapping.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9patch.o src/e9patch/e9patch.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9optimize.o src/e9patch/e9optimize.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9tactics.o src/e9patch/e9tactics.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9trampoline.o src/e9patch/e9trampoline.cpp
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9x86_64.o src/e9patch/e9x86_64.cpp
g++ -nostdlib -o e9loader.out e9loader.o -Wl,--entry=_entry
objcopy --dump-section .text=e9loader.bin e9loader.out
xxd -i e9loader.bin > src/e9patch/e9loader.c
g++ -std=c++11 -Wall -Wno-reorder -fPIC -pie -O2 -D NDEBUG   -c -o src/e9patch/e9elf.o src/e9patch/e9elf.cpp
In file included from src/e9patch/e9optimize.cpp:19:
src/e9patch/e9patch.h:244:16: error: expected ‘)’ before ‘offset’
  244 |     Instr(off_t offset, intptr_t addr, size_t size, const uint8_t *original,
      |          ~     ^~~~~~~
      |                )
src/e9patch/e9patch.h:206:18: warning: non-static const member ‘const size_t Instr::offset’ in class without a constructor [-Wuninitialized]
  206 |     const size_t offset:46;             // The instruction offset
      |                  ^~~~~~
src/e9patch/e9patch.h:207:18: warning: non-static const member ‘const size_t Instr::size’ in class without a constructor [-Wuninitialized]
  207 |     const size_t size:4;                // The instruction size (bytes)
      |                  ^~~~
src/e9patch/e9patch.h:208:18: warning: non-static const member ‘const size_t Instr::pcrel32_idx’ in class without a constructor [-Wuninitialized]
  208 |     const size_t pcrel32_idx:4;         // 32bit PC-relative imm idx (or 0)
      |                  ^~~~~~~~~~~
src/e9patch/e9patch.h:209:18: warning: non-static const member ‘const size_t Instr::pcrel8_idx’ in class without a constructor [-Wuninitialized]
  209 |     const size_t pcrel8_idx:4;          // 8bit PC-relative imm idx (or 0)
      |                  ^~~~~~~~~~
src/e9patch/e9patch.h:210:18: warning: non-static const member ‘const size_t Instr::pic’ in class without a constructor [-Wuninitialized]
  210 |     const size_t pic:1;                 // PIC? (stored here for convenience)
      |                  ^~~
src/e9patch/e9patch.h:216:20: warning: non-static const member ‘const intptr_t Instr::addr’ in class without a constructor [-Wuninitialized]
  216 |     const intptr_t addr;                // The address of the instruction
      |                    ^~~~
src/e9patch/e9patch.h:226:7: warning: non-static const member ‘const Instr::Original Instr::original’ in class without a constructor [-Wuninitialized]
  226 |     } original;
      |       ^~~~~~~~
src/e9patch/e9patch.h:238:7: warning: non-static const member ‘const Instr::Patched Instr::patched’ in class without a constructor [-Wuninitialized]
  238 |     } patched;
      |       ^~~~~~~
src/e9patch/e9patch.h:395:18: error: ‘off_t’ was not declared in this scope
  395 | typedef std::map<off_t, Instr *> InstrSet;
      |                  ^~~~~
src/e9patch/e9patch.h:395:32: error: template argument 1 is invalid
  395 | typedef std::map<off_t, Instr *> InstrSet;
      |                                ^
src/e9patch/e9patch.h:395:32: error: template argument 3 is invalid
src/e9patch/e9patch.h:395:32: error: template argument 4 is invalid
src/e9patch/e9patch.h:421:5: error: ‘off_t’ does not name a type
  421 |     off_t diff = 0;                     // Offset/address difference.
      |     ^~~~~
src/e9patch/e9optimize.cpp: In function ‘void buildEntrySet(Binary*)’:
src/e9patch/e9optimize.cpp:32:20: error: request for member ‘rbegin’ in ‘B->Binary::Is’, which is of non-class type ‘InstrSet’ {aka ‘int’}
   32 |     auto i = B->Is.rbegin();
      |                    ^~~~~~
src/e9patch/e9optimize.cpp:33:20: error: request for member ‘rend’ in ‘B->Binary::Is’, which is of non-class type ‘InstrSet’ {aka ‘int’}
   33 |     if (i == B->Is.rend())
      |                    ^~~~
src/e9patch/e9optimize.cpp:41:13: error: ‘J’ was not declared in this scope
   41 |             J = I;
      |             ^
src/e9patch/e9optimize.cpp:46:13: error: ‘J’ was not declared in this scope
   46 |             J = nullptr;
      |             ^
src/e9patch/e9optimize.cpp:47:13: error: ‘J’ was not declared in this scope
   47 |         if (J != nullptr && num <= option_Oprologue &&
      |             ^
src/e9patch/e9optimize.cpp:57:13: error: ‘J’ was not declared in this scope
   57 |             J = nullptr;
      |             ^
src/e9patch/e9optimize.cpp:60:32: error: ‘begin’ was not declared in this scope; did you mean ‘std::begin’?
   60 |     for (const auto &entry: B->Is)
      |                                ^~
      |                                std::begin
In file included from /usr/include/c++/10/deque:68,
                 from src/e9patch/e9patch.h:29,
                 from src/e9patch/e9optimize.cpp:19:
/usr/include/c++/10/bits/range_access.h:90:5: note: ‘std::begin’ declared here
   90 |     begin(_Tp (&__arr)[_Nm]) noexcept
      |     ^~~~~
src/e9patch/e9optimize.cpp:60:32: error: ‘end’ was not declared in this scope; did you mean ‘std::end’?
   60 |     for (const auto &entry: B->Is)
      |                                ^~
      |                                std::end
In file included from /usr/include/c++/10/deque:68,
                 from src/e9patch/e9patch.h:29,
                 from src/e9patch/e9optimize.cpp:19:
/usr/include/c++/10/bits/range_access.h:100:5: note: ‘std::end’ declared here
  100 |     end(_Tp (&__arr)[_Nm]) noexcept
      |     ^~~
src/e9patch/e9optimize.cpp:104:9: error: ‘off_t’ was not declared in this scope
  104 |         off_t rel = 0;
      |         ^~~~~
src/e9patch/e9optimize.cpp:109:13: error: ‘rel’ was not declared in this scope; did you mean ‘rel8’?
  109 |             rel = (off_t)rel8;
      |             ^~~
      |             rel8
src/e9patch/e9optimize.cpp:107:20: warning: unused variable ‘rel8’ [-Wunused-variable]
  107 |             int8_t rel8 = (int8_t)*(int8_t *)
      |                    ^~~~
src/e9patch/e9optimize.cpp:122:13: error: ‘rel’ was not declared in this scope; did you mean ‘rel32’?
  122 |             rel = (off_t)rel32;
      |             ^~~
      |             rel32
src/e9patch/e9optimize.cpp:120:21: warning: unused variable ‘rel32’ [-Wunused-variable]
  120 |             int32_t rel32 = (int32_t)*(int32_t *)
      |                     ^~~~~
src/e9patch/e9optimize.cpp:124:67: error: ‘rel’ was not declared in this scope
  124 |         intptr_t target = (intptr_t)I->addr + (intptr_t)I->size + rel;
      |                                                                   ^~~
src/e9patch/e9optimize.cpp: In function ‘Instr* findInstr(const Binary*, intptr_t)’:
src/e9patch/e9optimize.cpp:200:5: error: ‘off_t’ was not declared in this scope
  200 |     off_t offset = addr - B->diff;
      |     ^~~~~
src/e9patch/e9optimize.cpp:201:20: error: request for member ‘find’ in ‘B->Binary::Is’, which is of non-class type ‘const InstrSet’ {aka ‘const int’}
  201 |     auto i = B->Is.find(offset);
      |                    ^~~~
src/e9patch/e9optimize.cpp:201:25: error: ‘offset’ was not declared in this scope; did you mean ‘offsetof’?
  201 |     auto i = B->Is.find(offset);
      |                         ^~~~~~
      |                         offsetof
src/e9patch/e9optimize.cpp:202:20: error: request for member ‘end’ in ‘B->Binary::Is’, which is of non-class type ‘const InstrSet’ {aka ‘const int’}
  202 |     if (i == B->Is.end())
      |                    ^~~
src/e9patch/e9optimize.cpp: In function ‘void optimizeAllJumps(Binary*)’:
src/e9patch/e9optimize.cpp:279:32: error: ‘begin’ was not declared in this scope; did you mean ‘std::begin’?
  279 |     for (const auto &entry: B->Is)
      |                                ^~
      |                                std::begin
In file included from /usr/include/c++/10/deque:68,
                 from src/e9patch/e9patch.h:29,
                 from src/e9patch/e9optimize.cpp:19:
/usr/include/c++/10/bits/range_access.h:90:5: note: ‘std::begin’ declared here
   90 |     begin(_Tp (&__arr)[_Nm]) noexcept
      |     ^~~~~
src/e9patch/e9optimize.cpp:279:32: error: ‘end’ was not declared in this scope; did you mean ‘std::end’?
  279 |     for (const auto &entry: B->Is)
      |                                ^~
      |                                std::end
In file included from /usr/include/c++/10/deque:68,
                 from src/e9patch/e9patch.h:29,
                 from src/e9patch/e9optimize.cpp:19:
/usr/include/c++/10/bits/range_access.h:100:5: note: ‘std::end’ declared here
  100 |     end(_Tp (&__arr)[_Nm]) noexcept
      |     ^~~
make: *** [<builtin>: src/e9patch/e9optimize.o] Error 1
make: *** Waiting for unfinished jobs....
src/e9patch/e9trampoline.cpp: In function ‘const Trampoline* expandMacro(const Binary*, const Metadata*, const char*)’:
src/e9patch/e9trampoline.cpp:100:9: error: ‘ssize_t’ was not declared in this scope; did you mean ‘size_t’?
  100 |         ssize_t lo = 0, hi = (ssize_t)meta->num_entries-1;
      |         ^~~~~~~
      |         size_t
src/e9patch/e9trampoline.cpp:101:16: error: ‘lo’ was not declared in this scope
  101 |         while (lo <= hi)
      |                ^~
src/e9patch/e9trampoline.cpp:101:22: error: ‘hi’ was not declared in this scope
  101 |         while (lo <= hi)
      |                      ^~
src/e9patch/e9trampoline.cpp:103:20: error: expected ‘;’ before ‘mid’
  103 |             ssize_t mid = (lo + hi) / 2;
      |                    ^~~~
      |                    ;
src/e9patch/e9trampoline.cpp:104:50: error: ‘mid’ was not declared in this scope
  104 |             int cmp = strcmp(name, meta->entries[mid].name);
      |                                                  ^~~
src/e9patch/e9tactics.cpp: In function ‘bool patch(Binary&, Instr*, const Trampoline*)’:
src/e9patch/e9tactics.cpp:761:9: error: ‘printf’ was not declared in this scope
  761 |         printf("\33[31mX\33[0m");
      |         ^~~~~~
src/e9patch/e9tactics.cpp:29:1: note: ‘printf’ is defined in header ‘<cstdio>’; did you forget to ‘#include <cstdio>’?
   28 | #include "e9trampoline.h"
  +++ |+#include <cstdio>
   29 | 
src/e9patch/e9tactics.cpp:779:5: error: ‘printf’ was not declared in this scope
  779 |     printf("\33[32m.\33[0m");
      |     ^~~~~~
src/e9patch/e9tactics.cpp:779:5: note: ‘printf’ is defined in header ‘<cstdio>’; did you forget to ‘#include <cstdio>’?
make: *** [<builtin>: src/e9patch/e9tactics.o] Error 1
src/e9patch/e9trampoline.cpp: In function ‘void buildBytes(const Binary*, const Trampoline*, const Instr*, int32_t, const LabelSet&, Buffer&)’:
src/e9patch/e9trampoline.cpp:715:30: error: ‘ssize_t’ was not declared in this scope; did you mean ‘size_t’?
  715 |                             (ssize_t)INT32_MIN, INT32_MAX);
      |                              ^~~~~~~
      |                              size_t
make: *** [<builtin>: src/e9patch/e9trampoline.o] Error 1
./build.sh: done...!
./build.sh: e9patch has been built...
./build.sh: building the e9afl plugin...
g++ -std=c++11 -fPIC -shared -o e9AFLPlugin.so -O2 e9AFLPlugin.cpp -I .
./build.sh: building the e9afl runtime...
gcc -fno-stack-protector -fpie -O2 -Wno-unused-function -mno-mmx -mno-sse -mno-avx -mno-avx2 -mno-avx512f -msoft-float -fno-tree-vectorize -fomit-frame-pointer -c -Wall -I e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/examples/ ./afl-rt.c
gcc afl-rt.o -o afl-rt -pie -nostdlib -Wl,-z -Wl,max-page-size=4096 -Wl,--export-dynamic -Wl,--entry=0x0 -Wl,--strip-all
cp: cannot stat 'e9patch-7773cc7b3a5117144bde42649e535c01af832ecf/e9patch': No such file or directory
    opened by pventuzelo 1
  • Support AFL++

    Support AFL++

    Currently this project only supports the original AFL. It'd be nice to also support AFL++.

    ~~The AFL++ interface is differerent meaning that the current instrumented binaries are not compatible.~~

    It seems that E9AFL instrumented binaries are mostly compatible with AFL++. The main exception is the AFL_MAP_SIZE option. The current version will crash if AFL_MAP_SIZE < 0x10000.

    opened by GJDuck 0
Releases(v0.8.0)
Owner
GitHub Repository
Landmarks Recogntion Web application using Streamlit.

Landmark Recognition Web-App using Streamlit Watch Tutorial for this project Source Trained model landmarks_classifier_asia_V1/1 is taken from the Ten

Kushal Bhavsar 5 Dec 12, 2022
python 93% acc. CNN Dogs Vs Cats ( Pytorch )

English | 简体中文(测试中...敬请期待) Cnn-Classification-Dog-Vs-Cat 猫狗辨别 (pytorch版本) CNN Resnet18 的猫狗分类器,基于ResNet及其变体网路系列,对于一般的图像识别任务表现优异,模型精准度高达93%(小型样本)。 项目制作于

apple ye 1 May 22, 2022
Repo for flood prediction using LSTMs and HAND

Abstract Every year, floods cause billions of dollars’ worth of damages to life, crops, and property. With a proper early flood warning system in plac

1 Oct 27, 2021
GraphRNN: Generating Realistic Graphs with Deep Auto-regressive Models

GraphRNN: Generating Realistic Graphs with Deep Auto-regressive Model This repository is the official PyTorch implementation of GraphRNN, a graph gene

Jiaxuan 568 Dec 29, 2022
TensorFlow implementation of "A Simple Baseline for Bayesian Uncertainty in Deep Learning"

TensorFlow implementation of "A Simple Baseline for Bayesian Uncertainty in Deep Learning"

YeongHyeon Park 7 Aug 28, 2022
PyTorch-Geometric Implementation of MarkovGNN: Graph Neural Networks on Markov Diffusion

MarkovGNN This is the official PyTorch-Geometric implementation of MarkovGNN paper under the title "MarkovGNN: Graph Neural Networks on Markov Diffusi

HipGraph: High-Performance Graph Analytics and Learning 6 Sep 23, 2022
Split your patch similarly to `git add -p` but supporting multiple buckets

split-patch.py This is git add -p on steroids for patches. Given a my.patch you can run ./split-patch.py my.patch You can choose in which bucket to p

102 Oct 06, 2022
TensorFlow implementation of the paper "Hierarchical Attention Networks for Document Classification"

Hierarchical Attention Networks for Document Classification This is an implementation of the paper Hierarchical Attention Networks for Document Classi

Quoc-Tuan Truong 83 Dec 05, 2022
Code for Universal Semi-Supervised Semantic Segmentation models paper accepted in ICCV 2019

USSS_ICCV19 Code for Universal Semi Supervised Semantic Segmentation accepted to ICCV 2019. Full Paper available at https://arxiv.org/abs/1811.10323.

Tarun K 68 Nov 24, 2022
A graph adversarial learning toolbox based on PyTorch and DGL.

GraphWar: Arms Race in Graph Adversarial Learning NOTE: GraphWar is still in the early stages and the API will likely continue to change. 🚀 Installat

Jintang Li 54 Jan 05, 2023
HugsVision is a easy to use huggingface wrapper for state-of-the-art computer vision

HugsVision is an open-source and easy to use all-in-one huggingface wrapper for computer vision. The goal is to create a fast, flexible and user-frien

Labrak Yanis 166 Nov 27, 2022
PyTorch implementation for MINE: Continuous-Depth MPI with Neural Radiance Fields

MINE: Continuous-Depth MPI with Neural Radiance Fields Project Page | Video PyTorch implementation for our ICCV 2021 paper. MINE: Towards Continuous D

Zijian Feng 325 Dec 29, 2022
In this project I played with mlflow, streamlit and fastapi to create a training and prediction app on digits

Fastapi + MLflow + streamlit Setup env. I hope I covered all. pip install -r requirements.txt Start app Go in the root dir and run these Streamlit str

76 Nov 23, 2022
FairEdit: Preserving Fairness in Graph Neural Networks through Greedy Graph Editing

FairEdit Relevent Publication FairEdit: Preserving Fairness in Graph Neural Networks through Greedy Graph Editing

5 Feb 04, 2022
ARAE-Tensorflow for Discrete Sequences (Adversarially Regularized Autoencoder)

ARAE Tensorflow Code Code for the paper Adversarially Regularized Autoencoders for Generating Discrete Structures by Zhao, Kim, Zhang, Rush and LeCun

19 Nov 12, 2021
Text-to-Image generation

Generate vivid Images for Any (Chinese) text CogView is a pretrained (4B-param) transformer for text-to-image generation in general domain. Read our p

THUDM 1.3k Dec 29, 2022
Self-supervised learning optimally robust representations for domain generalization.

OptDom: Learning Optimal Representations for Domain Generalization This repository contains the official implementation for Optimal Representations fo

Yangjun Ruan 18 Aug 25, 2022
UltraPose: Synthesizing Dense Pose with 1 Billion Points by Human-body Decoupling 3D Model

UltraPose: Synthesizing Dense Pose with 1 Billion Points by Human-body Decoupling 3D Model Official repository for the ICCV 2021 paper: UltraPose: Syn

MomoAILab 92 Dec 21, 2022
Convolutional Neural Network to detect deforestation in the Amazon Rainforest

Convolutional Neural Network to detect deforestation in the Amazon Rainforest This project is part of my final work as an Aerospace Engineering studen

5 Feb 17, 2022
A curated list of awesome game datasets, and tools to artificial intelligence in games

🎮 Awesome Game Datasets In computer science, Artificial Intelligence (AI) is intelligence demonstrated by machines. Its definition, AI research as th

Leonardo Mauro 454 Jan 03, 2023