diff options
| author | van Hauser <vh@thc.org> | 2020-04-10 22:33:11 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-04-10 22:33:11 +0200 |
| commit | 3a509c61689112cc321c4c78f058014abff66c8a (patch) | |
| tree | 741ceff34f03b66c6455fafdb3694ea4ba6f8c28 /src/afl-fuzz-queue.c | |
| parent | 6dcbc4dff4bc9f5357bbf0c72ec6f3a0f937c2d0 (diff) | |
| download | afl++-3a509c61689112cc321c4c78f058014abff66c8a.tar.gz | |
LTO optimization, variable map size, autodictionary (#307)
* lto module clean-up
* step 1/3
* step 1/3 completed
* if tmp is ever made non-static
* parts 2 and 3 - autodictionary is complete
* variable map_size support
* variable map size: changed overlooked functions
* remove debug for autodict
* 64 bit alignment of map size
* fix review comments
* force 64 bit alignment on both sides
* typo
Diffstat (limited to 'src/afl-fuzz-queue.c')
| -rw-r--r-- | src/afl-fuzz-queue.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 174d7d92..346c2639 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -195,7 +195,7 @@ void update_bitmap_score(afl_state_t *afl, struct queue_entry *q) { /* For every byte set in afl->fsrv.trace_bits[], see if there is a previous winner, and how it compares to us. */ - for (i = 0; i < MAP_SIZE; ++i) + for (i = 0; i < afl->fsrv.map_size; ++i) if (afl->fsrv.trace_bits[i]) { @@ -248,8 +248,10 @@ void update_bitmap_score(afl_state_t *afl, struct queue_entry *q) { if (!q->trace_mini) { - q->trace_mini = ck_alloc(MAP_SIZE >> 3); - minimize_bits(q->trace_mini, afl->fsrv.trace_bits); + u32 len = (afl->fsrv.map_size >> 3); + if (len == 0) len = 1; + q->trace_mini = ck_alloc(len); + minimize_bits(afl, q->trace_mini, afl->fsrv.trace_bits); } @@ -268,14 +270,17 @@ void update_bitmap_score(afl_state_t *afl, struct queue_entry *q) { void cull_queue(afl_state_t *afl) { struct queue_entry *q; - u8 temp_v[MAP_SIZE >> 3]; + u32 len = (afl->fsrv.map_size >> 3); u32 i; + u8 temp_v[MAP_SIZE >> 3]; + + if (len == 0) len = 1; if (afl->dumb_mode || !afl->score_changed) return; afl->score_changed = 0; - memset(temp_v, 255, MAP_SIZE >> 3); + memset(temp_v, 255, len); afl->queued_favored = 0; afl->pending_favored = 0; @@ -292,10 +297,10 @@ void cull_queue(afl_state_t *afl) { /* Let's see if anything in the bitmap isn't captured in temp_v. If yes, and if it has a afl->top_rated[] contender, let's use it. */ - for (i = 0; i < MAP_SIZE; ++i) + for (i = 0; i < afl->fsrv.map_size; ++i) if (afl->top_rated[i] && (temp_v[i >> 3] & (1 << (i & 7)))) { - u32 j = MAP_SIZE >> 3; + u32 j = len; /* Remove all bits belonging to the current entry from temp_v. */ |