little more speed for queue analysis

5 files changed, 10 insertions, 8 deletions

diff --git a/README.md b/README.md
index a6afe73a..1e9b61f1 100644
--- a/README.md
+++ b/README.md
@@ -4,9 +4,9 @@
 
   ![Travis State](https://api.travis-ci.com/AFLplusplus/AFLplusplus.svg?branch=master)
 
-  Release Version: [2.63c](https://github.com/AFLplusplus/AFLplusplus/releases)
+  Release Version: [2.64c](https://github.com/AFLplusplus/AFLplusplus/releases)
 
-  Github Version: 2.63d
+  Github Version: 2.64d
 
   includes all necessary/interesting changes from Google's afl 2.56b
 
diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index fbf3aa2d..fdfe3789 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -608,9 +608,10 @@ typedef struct afl_state {
   u8 *   ex_buf;
   size_t ex_size;
 
+  /* this is a fixed buffer of size map_size that can be used by any function if they do not call another function */
   u8 *   map_tmp_buf;
-  size_t map_tmp_size;
-
+  size_t map_tmp_len;
+  
 } afl_state_t;
 
 /* A global pointer to all instances is needed (for now) for signals to arrive
diff --git a/include/config.h b/include/config.h
index fae97a42..1de9973b 100644
--- a/include/config.h
+++ b/include/config.h
@@ -28,7 +28,7 @@
 /* Version string: */
 
 // c = release, d = volatile github dev, e = experimental branch
-#define VERSION "++2.63d"
+#define VERSION "++2.64c"
 
 /******************************************************
  *                                                    *
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c
index 96711cbc..121eb3f1 100644
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@@ -271,12 +271,10 @@ void cull_queue(afl_state_t *afl) {
   struct queue_entry *q;
   u32                 len = (afl->fsrv.map_size >> 3);
   u32                 i;
-  u8 *                temp_v;
+  u8 *                temp_v = afl->map_tmp_buf;
 
   if (afl->dumb_mode || !afl->score_changed) return;
 
-  temp_v = ck_maybe_grow((void **)&afl->map_tmp_buf, &afl->map_tmp_size, afl->fsrv.map_size >> 3);
-
   afl->score_changed = 0;
 
   memset(temp_v, 255, len);
diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c
index 72bdd91e..0904604c 100644
--- a/src/afl-fuzz-state.c
+++ b/src/afl-fuzz-state.c
@@ -107,6 +107,8 @@ void afl_state_init(afl_state_t *afl, uint32_t map_size) {
   afl->clean_trace = ck_alloc(map_size);
   afl->clean_trace_custom = ck_alloc(map_size);
   afl->first_trace = ck_alloc(map_size);
+  afl->map_tmp_buf = ck_alloc(map_size);
+  afl->map_tmp_len = map_size;
 
   afl->fsrv.use_stdin = 1;
   afl->fsrv.map_size = map_size;
@@ -389,6 +391,7 @@ void afl_state_deinit(afl_state_t *afl) {
   ck_free(afl->clean_trace);
   ck_free(afl->clean_trace_custom);
   ck_free(afl->first_trace);
+  ck_free(afl->map_tmp_buf);
 
   list_remove(&afl_states, afl);