diff options
| author | vanhauser-thc <vh@thc.org> | 2021-02-07 09:42:28 +0100 |
|---|---|---|
| committer | vanhauser-thc <vh@thc.org> | 2021-02-07 09:42:28 +0100 |
| commit | c2c65fd9c1cc3604200bc6ae62e2a1a7e6950a0e (patch) | |
| tree | 398dda81023771cf7df5d757fcb89064ea0f90e4 | |
| parent | 0ad56167c53ae660d40ccc6cdedb39f0a52eefcd (diff) | |
| download | afl++-c2c65fd9c1cc3604200bc6ae62e2a1a7e6950a0e.tar.gz | |
mark llvm 13 as unsupported (yet)
| -rw-r--r-- | GNUmakefile.llvm | 2 | ||||
| -rw-r--r-- | README.md | 3 | ||||
| -rw-r--r-- | qemu_mode/libqasan/dlmalloc.c | 5 |
3 files changed, 9 insertions, 1 deletions
diff --git a/GNUmakefile.llvm b/GNUmakefile.llvm index a9092579..d3691658 100644 --- a/GNUmakefile.llvm +++ b/GNUmakefile.llvm @@ -43,7 +43,7 @@ endif LLVMVER = $(shell $(LLVM_CONFIG) --version 2>/dev/null | sed 's/git//' | sed 's/svn//' ) LLVM_MAJOR = $(shell $(LLVM_CONFIG) --version 2>/dev/null | sed 's/\..*//' ) LLVM_MINOR = $(shell $(LLVM_CONFIG) --version 2>/dev/null | sed 's/.*\.//' | sed 's/git//' | sed 's/svn//' | sed 's/ .*//' ) -LLVM_UNSUPPORTED = $(shell $(LLVM_CONFIG) --version 2>/dev/null | egrep -q '^3\.[0-3]|^19' && echo 1 || echo 0 ) +LLVM_UNSUPPORTED = $(shell $(LLVM_CONFIG) --version 2>/dev/null | egrep -q '^3\.[0-3]|^1[3-9]' && echo 1 || echo 0 ) LLVM_NEW_API = $(shell $(LLVM_CONFIG) --version 2>/dev/null | egrep -q '^1[0-9]' && echo 1 || echo 0 ) LLVM_10_OK = $(shell $(LLVM_CONFIG) --version 2>/dev/null | egrep -q '^1[1-9]|^10\.[1-9]|^10\.0.[1-9]' && echo 1 || echo 0 ) LLVM_HAVE_LTO = $(shell $(LLVM_CONFIG) --version 2>/dev/null | egrep -q '^1[1-9]' && echo 1 || echo 0 ) @@ -730,6 +730,9 @@ campaigns as these are much shorter runnings. 1. Always: * LTO has a much longer compile time which is diametrical to short fuzzing - hence use afl-clang-fast instead. + * If you compile with CMPLOG then you can save fuzzing time and reuse that + compiled target for both the -c option and the main fuzz target. + This will impact the speed by ~15% though. * `AFL_FAST_CAL` - Enable fast calibration, this halfs the time the saturated corpus needs to be loaded. * `AFL_CMPLOG_ONLY_NEW` - only perform cmplog on new found paths, not the diff --git a/qemu_mode/libqasan/dlmalloc.c b/qemu_mode/libqasan/dlmalloc.c index ce94451d..3c7dcea8 100644 --- a/qemu_mode/libqasan/dlmalloc.c +++ b/qemu_mode/libqasan/dlmalloc.c @@ -3908,6 +3908,7 @@ static void internal_malloc_stats(mstate m) { \ } else if (RTCHECK(B == smallbin_at(M, I) || \ \ + \ (ok_address(M, B) && B->fd == P))) { \ \ F->bk = B; \ @@ -4119,6 +4120,7 @@ static void internal_malloc_stats(mstate m) { \ } else \ \ + \ CORRUPTION_ERROR_ACTION(M); \ if (R != 0) { \ \ @@ -4135,6 +4137,7 @@ static void internal_malloc_stats(mstate m) { \ } else \ \ + \ CORRUPTION_ERROR_ACTION(M); \ \ } \ @@ -4147,12 +4150,14 @@ static void internal_malloc_stats(mstate m) { \ } else \ \ + \ CORRUPTION_ERROR_ACTION(M); \ \ } \ \ } else \ \ + \ CORRUPTION_ERROR_ACTION(M); \ \ } \ |