diff options
| author | van Hauser <vh@thc.org> | 2023-09-12 08:35:44 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-12 08:35:44 +0000 |
| commit | 7d2122e0596132f9344a5d0896020ebc79cd33db (patch) | |
| tree | d881b11261251705b3a1c48def8c1cdae5766828 /src/afl-fuzz-queue.c | |
| parent | 0688c779ec543c4f5f84363b06c72ac11a14f716 (diff) | |
| parent | 4f4ce24690c682af500ee235c57055d87dfb9c9d (diff) | |
| download | afl++-7d2122e0596132f9344a5d0896020ebc79cd33db.tar.gz | |
Merge pull request #1860 from AFLplusplus/dev
push to stable
Diffstat (limited to 'src/afl-fuzz-queue.c')
| -rw-r--r-- | src/afl-fuzz-queue.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 793bec90..4b9627f7 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -80,6 +80,7 @@ double compute_weight(afl_state_t *afl, struct queue_entry *q, if (unlikely(weight < 0.1)) { weight = 0.1; } if (unlikely(q->favored)) { weight *= 5; } if (unlikely(!q->was_fuzzed)) { weight *= 2; } + if (unlikely(q->fs_redundant)) { weight *= 0.8; } return weight; @@ -830,6 +831,8 @@ void cull_queue(afl_state_t *afl) { /* Let's see if anything in the bitmap isn't captured in temp_v. If yes, and if it has a afl->top_rated[] contender, let's use it. */ + afl->smallest_favored = -1; + for (i = 0; i < afl->fsrv.map_size; ++i) { if (afl->top_rated[i] && (temp_v[i >> 3] & (1 << (i & 7)))) { @@ -853,7 +856,16 @@ void cull_queue(afl_state_t *afl) { afl->top_rated[i]->favored = 1; ++afl->queued_favored; - if (!afl->top_rated[i]->was_fuzzed) { ++afl->pending_favored; } + if (!afl->top_rated[i]->was_fuzzed) { + + ++afl->pending_favored; + if (unlikely(afl->smallest_favored < 0)) { + + afl->smallest_favored = (s64)afl->top_rated[i]->id; + + } + + } } @@ -871,6 +883,8 @@ void cull_queue(afl_state_t *afl) { } + afl->reinit_table = 1; + } /* Calculate case desirability score to adjust the length of havoc fuzzing. |