6 files changed, 46 insertions, 19 deletions

diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h
index 428bfa8e..2203cfdf 100644
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@@ -614,11 +614,6 @@ typedef struct afl_state {
 
 } afl_state_t;
 
-/* A global pointer to all instances is needed (for now) for signals to arrive
- */
-
-extern list_t afl_states;
-
 struct custom_mutator {
 
   const char *name;
@@ -800,6 +795,14 @@ struct custom_mutator {
 
 void afl_state_init(afl_state_t *, uint32_t map_size);
 void afl_state_deinit(afl_state_t *);
+
+/* Set stop_soon flag on all childs, kill all childs */
+void afl_states_stop(void);
+/* Set clear_screen flag on all states */
+void afl_states_clear_screen(void);
+/* Sets the skip flag on all states */
+void afl_states_request_skip(void);
+
 void read_afl_environment(afl_state_t *, char **);
 
 /**** Prototypes ****/
diff --git a/include/common.h b/include/common.h
index 70ff0744..4aed9572 100644
--- a/include/common.h
+++ b/include/common.h
@@ -115,7 +115,7 @@ u8 *u_stringify_time_diff(u8 *buf, u64 cur_ms, u64 event_ms);
 u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms,
                volatile u8 *stop_soon_p);
 
-u32 get_map_size();
+u32 get_map_size(void);
 
 #endif
 
diff --git a/src/afl-common.c b/src/afl-common.c
index 8ae03113..dda62219 100644
--- a/src/afl-common.c
+++ b/src/afl-common.c
@@ -918,7 +918,7 @@ u32 read_timed(s32 fd, void *buf, size_t len, u32 timeout_ms,
 
 }
 
-u32 get_map_size() {
+u32 get_map_size(void) {
 
   uint32_t map_size = MAP_SIZE;
   char *   ptr;
diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c
index 4dd31ac9..32481887 100644
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@@ -1903,7 +1903,7 @@ void fix_up_sync(afl_state_t *afl) {
 
 static void handle_resize(int sig) {
 
-  LIST_FOREACH(&afl_states, afl_state_t, { el->clear_screen = 1; });
+  afl_states_clear_screen();
 
 }
 
@@ -1954,14 +1954,7 @@ void check_asan_opts(void) {
 
 static void handle_stop_sig(int sig) {
 
-  LIST_FOREACH(&afl_states, afl_state_t, {
-
-    el->stop_soon = 1;
-
-    if (el->fsrv.child_pid > 0) kill(el->fsrv.child_pid, SIGKILL);
-    if (el->fsrv.fsrv_pid > 0) kill(el->fsrv.fsrv_pid, SIGKILL);
-
-  });
+  afl_states_stop();
 
 }
 
@@ -1969,7 +1962,7 @@ static void handle_stop_sig(int sig) {
 
 static void handle_skipreq(int sig) {
 
-  LIST_FOREACH(&afl_states, afl_state_t, { el->skip_requested = 1; });
+  afl_states_request_skip();
 
 }
 
diff --git a/src/afl-fuzz-state.c b/src/afl-fuzz-state.c
index af6fc11f..4f5389e3 100644
--- a/src/afl-fuzz-state.c
+++ b/src/afl-fuzz-state.c
@@ -71,7 +71,7 @@ static void init_mopt_globals(afl_state_t *afl) {
 /* A global pointer to all instances is needed (for now) for signals to arrive
  */
 
-list_t afl_states = {.element_prealloc_count = 0};
+static list_t afl_states = {.element_prealloc_count = 0};
 
 /* Initializes an afl_state_t. */
 
@@ -398,3 +398,34 @@ void afl_state_deinit(afl_state_t *afl) {
 
 }
 
+void afl_states_stop(void) {
+
+  /* We may be inside a signal handler.
+   Set flags first, send kill signals to child proceses later. */
+  LIST_FOREACH(&afl_states, afl_state_t, {
+
+    el->stop_soon = 1;
+
+  });
+
+  LIST_FOREACH(&afl_states, afl_state_t, {
+
+    if (el->fsrv.child_pid > 0) kill(el->fsrv.child_pid, SIGKILL);
+    if (el->fsrv.fsrv_pid > 0) kill(el->fsrv.fsrv_pid, SIGKILL);
+
+  });
+
+}
+
+void afl_states_clear_screen(void) {
+
+  LIST_FOREACH(&afl_states, afl_state_t, { el->clear_screen = 1; });
+
+}
+
+void afl_states_request_skip(void) {
+
+  LIST_FOREACH(&afl_states, afl_state_t, { el->skip_requested = 1; });
+
+}
+
diff --git a/test/unittests/unit_list.c b/test/unittests/unit_list.c
index 90700a11..df4864e4 100644
--- a/test/unittests/unit_list.c
+++ b/test/unittests/unit_list.c
@@ -40,7 +40,7 @@ int __wrap_printf(const char *format, ...) {
     return 1;
 }
 
-list_t testlist;
+static list_t testlist = {.element_prealloc_count = 0};
 
 static void test_contains(void **state) {