diff options
| author | van Hauser <vh@thc.org> | 2022-09-17 11:58:41 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-17 11:58:41 +0200 |
| commit | badd9694d25ac5320b5f6d4e2ee182f59649a821 (patch) | |
| tree | 29514cbd5a4fdfc8e934f79d9da45bfcfab4d1df | |
| parent | 2f0cc088b5e8876382c586422b718d3b7ee894f6 (diff) | |
| parent | 0623a73a5cb8a0c2cff32413df9f4c5c69b8e339 (diff) | |
| download | afl++-badd9694d25ac5320b5f6d4e2ee182f59649a821.tar.gz | |
Merge pull request #1525 from AFLplusplus/dev
push to stable
| -rw-r--r-- | src/afl-cc.c | 4 | ||||
| -rw-r--r-- | src/afl-fuzz-init.c | 4 | ||||
| -rw-r--r-- | src/afl-fuzz.c | 6 | ||||
| -rw-r--r-- | src/afl-gotcpu.c | 3 | ||||
| -rw-r--r-- | utils/aflpp_driver/aflpp_driver.c | 14 |
5 files changed, 18 insertions, 13 deletions
diff --git a/src/afl-cc.c b/src/afl-cc.c index 5e7a9c9e..53fba1e7 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -668,8 +668,8 @@ static void edit_params(u32 argc, char **argv, char **envp) { #if defined(AFL_CLANG_LDPATH) && LLVM_MAJOR >= 15 // The NewPM implementation only works fully since LLVM 15. - cc_params[cc_par_cnt++] = - alloc_printf("-Wl,--load-pass-plugin=%s/SanitizerCoverageLTO.so", obj_path); + cc_params[cc_par_cnt++] = alloc_printf( + "-Wl,--load-pass-plugin=%s/SanitizerCoverageLTO.so", obj_path); #elif defined(AFL_CLANG_LDPATH) && LLVM_MAJOR >= 13 cc_params[cc_par_cnt++] = "-Wl,--lto-legacy-pass-manager"; cc_params[cc_par_cnt++] = diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c index 4ffcfd2b..e41d29fd 100644 --- a/src/afl-fuzz-init.c +++ b/src/afl-fuzz-init.c @@ -2420,7 +2420,9 @@ void get_core_count(afl_state_t *afl) { } else if ((s64)cur_runnable + 1 <= (s64)afl->cpu_core_count) { - OKF("Try parallel jobs - see %s/parallel_fuzzing.md.", doc_path); + OKF("Try parallel jobs - see " + "%s/fuzzing_in_depth.md#c-using-multiple-cores", + doc_path); } diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index 1f0fcab1..294c42f6 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -192,9 +192,9 @@ static void usage(u8 *argv0, int more_help) { "executions.\n\n" "Other stuff:\n" - " -M/-S id - distributed mode (see docs/parallel_fuzzing.md)\n" - " -M auto-sets -D, -Z (use -d to disable -D) and no " - "trimming\n" + " -M/-S id - distributed mode (-M sets -Z and disables trimming)\n" + " see docs/fuzzing_in_depth.md#c-using-multiple-cores\n" + " for effective recommendations for parallel fuzzing.\n" " -F path - sync to a foreign fuzzer queue directory (requires " "-M, can\n" " be specified up to %u times)\n" diff --git a/src/afl-gotcpu.c b/src/afl-gotcpu.c index 539206ce..eee642fb 100644 --- a/src/afl-gotcpu.c +++ b/src/afl-gotcpu.c @@ -19,7 +19,8 @@ This tool provides a fairly accurate measurement of CPU preemption rate. It is meant to complement the quick-and-dirty load average widget shown - in the afl-fuzz UI. See docs/parallel_fuzzing.md for more info. + in the afl-fuzz UI. See docs/fuzzing_in_depth.md#c-using-multiple-cores + for more info. For some work loads, the tool may actually suggest running more instances than you have CPU cores. This can happen if the tested program is spending diff --git a/utils/aflpp_driver/aflpp_driver.c b/utils/aflpp_driver/aflpp_driver.c index 52b98f41..7e553723 100644 --- a/utils/aflpp_driver/aflpp_driver.c +++ b/utils/aflpp_driver/aflpp_driver.c @@ -198,7 +198,9 @@ size_t LLVMFuzzerMutate(uint8_t *Data, size_t Size, size_t MaxSize) { } // Execute any files provided as parameters. -static int ExecuteFilesOnyByOne(int argc, char **argv) { +static int ExecuteFilesOnyByOne(int argc, char **argv, + int (*callback)(const uint8_t *data, + size_t size)) { unsigned char *buf = (unsigned char *)malloc(MAX_FILE); @@ -234,7 +236,7 @@ static int ExecuteFilesOnyByOne(int argc, char **argv) { prev_length = length; printf("Reading %zu bytes from %s\n", length, argv[i]); - LLVMFuzzerTestOneInput(buf, length); + callback(buf, length); printf("Execution successful.\n"); } @@ -312,7 +314,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, __afl_sharedmem_fuzzing = 0; __afl_manual_init(); - return ExecuteFilesOnyByOne(argc, argv); + return ExecuteFilesOnyByOne(argc, argv, callback); } else if (argc == 2 && argv[1][0] == '-') { @@ -328,7 +330,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, if (argc == 2) { __afl_manual_init(); } - return ExecuteFilesOnyByOne(argc, argv); + return ExecuteFilesOnyByOne(argc, argv, callback); } @@ -338,7 +340,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, // Call LLVMFuzzerTestOneInput here so that coverage caused by initialization // on the first execution of LLVMFuzzerTestOneInput is ignored. - LLVMFuzzerTestOneInput(dummy_input, 4); + callback(dummy_input, 4); __asan_poison_memory_region(__afl_fuzz_ptr, MAX_FILE); size_t prev_length = 0; @@ -375,7 +377,7 @@ int LLVMFuzzerRunDriver(int *argcp, char ***argvp, while (__afl_persistent_loop(N)) { - LLVMFuzzerTestOneInput(__afl_fuzz_ptr, *__afl_fuzz_len); + callback(__afl_fuzz_ptr, *__afl_fuzz_len); } |