Tristan Ravitch has a nice tool on github called Whole Program LLVM, or WWLVM (Whole Library LLVM), and talks about it in a recent blog post, using it to find defects in libOTR. From the github readme:

“WLLVM provides tools for building whole-program (or whole-library) LLVM bitcode files from an unmodified C or C++ source package. It currently runs on *nix platforms such as Linux, FreeBSD, and Mac OS X. WLLVM provides python-based compiler wrappers that work in two steps. The wrappers first invoke the compiler as normal. Then, for each object file, they call a bitcode compiler to produce LLVM bitcode. The wrappers also store the location of the generated bitcode file in a dedicated section of the object file. When object files are linked together, the contents of the dedicated sections are concatenated (so we don’t lose the locations of any of the constituent bitcode files). After the build completes, one can use an WLLVM utility to read the contents of the dedicated section and link all of the bitcode into a single whole-program bitcode file. This utility works for both executable and native libraries. Currently, WLLVM works with either clang or the gcc dragonegg plugin. This two-phase build process is necessary to be a drop-in replacement for gcc or g++ in any build system. Using the LTO framework in gcc and the gold linker plugin works in many cases, but fails in the presence of static libraries in builds. WLLVM’s approach has the distinct advantage of generating working binaries, in case some part of a build process requires that. […]”

Hacking for Charity: Automated Bug-finding in LibOTR

https://github.com/travitch/whole-program-llvm

This project is not new, I just noticed it. 🙂 It isn’t Avatar/S2E, but it also interesting. I wonder if anyone is using this to test virtualized versions of coreboot, U-Boot, UEFI, SeaBIOS, and other firmware code?