diff options
| author | vanhauser-thc <vh@thc.org> | 2021-04-09 12:22:16 +0200 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2021-04-09 12:22:16 +0200 |
| commit | c19d1f0c7519fe7d1234e695c497a78f24aaf8b7 (patch) | |
| tree | 2e28cf8bbf588e451aaf0f9da8d0fd5b89da6c68 | |
| parent | 019b26de58a4e7eb4b95aab6425beba4efb853f4 (diff) | |
| download | afl++-c19d1f0c7519fe7d1234e695c497a78f24aaf8b7.tar.gz | |
update grammar-mutator, show better fuzzing strategy yields
| -rw-r--r-- | TODO.md | 1 | ||||
| -rw-r--r-- | custom_mutators/grammar_mutator/GRAMMAR_VERSION | 2 | ||||
| m--------- | custom_mutators/grammar_mutator/grammar_mutator | 0 | ||||
| -rw-r--r-- | docs/Changelog.md | 1 | ||||
| -rw-r--r-- | src/afl-fuzz-stats.c | 72 |
5 files changed, 48 insertions, 28 deletions
@@ -2,6 +2,7 @@ ## Roadmap 3.00+ + - align map to 64 bytes but keep real IDs - Update afl->pending_not_fuzzed for MOpt - CPU affinity for many cores? There seems to be an issue > 96 cores - afl-plot to support multiple plot_data diff --git a/custom_mutators/grammar_mutator/GRAMMAR_VERSION b/custom_mutators/grammar_mutator/GRAMMAR_VERSION index a3fe6bb1..c7c1948d 100644 --- a/custom_mutators/grammar_mutator/GRAMMAR_VERSION +++ b/custom_mutators/grammar_mutator/GRAMMAR_VERSION @@ -1 +1 @@ -b3c4fcf +a2d4e4a diff --git a/custom_mutators/grammar_mutator/grammar_mutator b/custom_mutators/grammar_mutator/grammar_mutator -Subproject b3c4fcfa6ae28918bc410f7747135eafd4fb726 +Subproject a2d4e4ab966f0581219fbb282f5ac8c89e85ead diff --git a/docs/Changelog.md b/docs/Changelog.md index 072320dc..4139a9b3 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -20,6 +20,7 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. to allow replay of non-reproducable crashes, see AFL_PERSISTENT_RECORD in config.h and docs/envs.h - default cmplog level (-l) is now 2, better efficiency. + - better fuzzing strategy yields for enabled options - ensure one fuzzer sync per cycle - fix afl_custom_queue_new_entry original file name when syncing from fuzzers diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index 2c814d90..b9a94ac3 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -861,9 +861,9 @@ void show_stats(afl_state_t *afl) { " fuzzing strategy yields " bSTG bH10 bHT bH10 bH5 bHB bH bSTOP cCYA " path geometry " bSTG bH5 bH2 bVL "\n"); - if (afl->skip_deterministic) { + if (likely(afl->skip_deterministic)) { - strcpy(tmp, "n/a, n/a, n/a"); + strcpy(tmp, "disabled (default, enable with -D)"); } else { @@ -881,7 +881,7 @@ void show_stats(afl_state_t *afl) { " levels : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->max_depth)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_FLIP8]), @@ -897,7 +897,7 @@ void show_stats(afl_state_t *afl) { " pending : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->pending_not_fuzzed)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_ARITH8]), @@ -913,7 +913,7 @@ void show_stats(afl_state_t *afl) { " pend fav : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->pending_favored)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_INTEREST8]), @@ -929,7 +929,7 @@ void show_stats(afl_state_t *afl) { " own finds : " cRST "%-10s" bSTG bV "\n", tmp, u_stringify_int(IB(0), afl->queued_discovered)); - if (!afl->skip_deterministic) { + if (unlikely(!afl->skip_deterministic)) { sprintf(tmp, "%s/%s, %s/%s, %s/%s", u_stringify_int(IB(0), afl->stage_finds[STAGE_EXTRAS_UO]), @@ -974,35 +974,52 @@ void show_stats(afl_state_t *afl) { : cRST), tmp); - if (afl->shm.cmplog_mode) { + if (unlikely(afl->afl_env.afl_python_module)) { - sprintf(tmp, "%s/%s, %s/%s, %s/%s, %s/%s", + sprintf(tmp, "%s/%s, ", u_stringify_int(IB(0), afl->stage_finds[STAGE_PYTHON]), - u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON]), - u_stringify_int(IB(2), afl->stage_finds[STAGE_CUSTOM_MUTATOR]), - u_stringify_int(IB(3), afl->stage_cycles[STAGE_CUSTOM_MUTATOR]), + u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON])); + + } else { + + strcpy(tmp, "unused, "); + + } + + if (unlikely(afl->afl_env.afl_custom_mutator_library)) { + + sprintf(tmp, "%s%s/%s, ", tmp, + u_stringify_int(IB(2), afl->stage_finds[STAGE_PYTHON]), + u_stringify_int(IB(3), afl->stage_cycles[STAGE_PYTHON])); + + } else { + + strcat(tmp, "unused, "); + + } + + if (unlikely(afl->shm.cmplog_mode)) { + + sprintf(tmp, "%s%s/%s, %s/%s", tmp, u_stringify_int(IB(4), afl->stage_finds[STAGE_COLORIZATION]), u_stringify_int(IB(5), afl->stage_cycles[STAGE_COLORIZATION]), u_stringify_int(IB(6), afl->stage_finds[STAGE_ITS]), u_stringify_int(IB(7), afl->stage_cycles[STAGE_ITS])); - SAYF(bV bSTOP " custom/rq : " cRST "%-36s " bSTG bVR bH20 bH2 bH bRB "\n", - tmp); - } else { - sprintf(tmp, "%s/%s, %s/%s", - u_stringify_int(IB(0), afl->stage_finds[STAGE_PYTHON]), - u_stringify_int(IB(1), afl->stage_cycles[STAGE_PYTHON]), - u_stringify_int(IB(2), afl->stage_finds[STAGE_CUSTOM_MUTATOR]), - u_stringify_int(IB(3), afl->stage_cycles[STAGE_CUSTOM_MUTATOR])); - - SAYF(bV bSTOP " py/custom : " cRST "%-36s " bSTG bVR bH20 bH2 bH bRB "\n", - tmp); + strcat(tmp, "unused, unused "); } - if (!afl->bytes_trim_out) { + SAYF(bV bSTOP "py/custom/rq : " cRST "%-36s " bSTG bVR bH20 bH2 bH bRB "\n", + tmp); + + if (likely(afl->disable_trim)) { + + sprintf(tmp, "disabled, "); + + } else if (unlikely(!afl->bytes_trim_out)) { sprintf(tmp, "n/a, "); @@ -1015,12 +1032,13 @@ void show_stats(afl_state_t *afl) { } - if (!afl->blocks_eff_total) { + if (likely(afl->skip_deterministic)) { - u8 tmp2[128]; + strcat(tmp, "disabled"); - sprintf(tmp2, "n/a"); - strcat(tmp, tmp2); + } else if (unlikely(!afl->blocks_eff_total)) { + + strcat(tmp, "n/a"); } else { |