about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/afl-fuzz-queue.c34
1 files changed, 15 insertions, 19 deletions
diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c
index 928cdb62..9a0d199e 100644
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@@ -45,25 +45,19 @@ inline u32 select_next_queue_entry(afl_state_t *afl) {
 double compute_weight(afl_state_t *afl, struct queue_entry *q,
                       double avg_exec_us, double avg_bitmap_size) {
 
-  u32 hits;
+  double weight = 1.0;
 
   if (likely(afl->schedule >= FAST && afl->schedule <= RARE)) {
 
-    hits = afl->n_fuzz[q->n_fuzz_entry];
-    if (hits == 0) { hits = 1; }
-
-  } else {
-
-    hits = 1;
+    u32 hits = afl->n_fuzz[q->n_fuzz_entry];
+    if (likely(hits)) { weight *= log10(hits) + 1; }
 
   }
 
-  double weight = 1.0;
   weight *= avg_exec_us / q->exec_us;
-  weight *= log(q->bitmap_size) / avg_bitmap_size;
-  weight /= log10(hits) + 1;
+  weight *= (log(q->bitmap_size) / avg_bitmap_size);
 
-  if (q->favored) weight *= 5;
+  if (unlikely(q->favored)) weight *= 5;
 
   return weight;
 
@@ -210,11 +204,13 @@ void create_alias_table(afl_state_t *afl) {
       struct queue_entry *q = afl->queue_buf[i];
       fprintf(
           f,
-          "entry=%u name=%s variable=%s disabled=%s len=%u exec_us=%u "
+          "entry=%u name=%s favored=%s variable=%s disabled=%s len=%u "
+          "exec_us=%u "
           "bitmap_size=%u bitsmap_size=%u tops=%u weight=%f perf_score=%f\n",
-          i, q->fname, q->var_behavior ? "true" : "false",
-          q->disabled ? "true" : "false", q->len, (u32)q->exec_us,
-          q->bitmap_size, q->bitsmap_size, q->tc_ref, q->weight, q->perf_score);
+          i, q->fname, q->favored ? "true" : "false",
+          q->var_behavior ? "true" : "false", q->disabled ? "true" : "false",
+          q->len, (u32)q->exec_us, q->bitmap_size, q->bitsmap_size, q->tc_ref,
+          q->weight, q->perf_score);
 
     }
 
@@ -226,10 +222,10 @@ void create_alias_table(afl_state_t *afl) {
 #endif
 
   /*
-  fprintf(stderr, "  entry  alias  probability  perf_score   filename\n");
-  for (u32 i = 0; i < n; ++i)
-    fprintf(stderr, "  %5u  %5u  %11u  %0.9f  %s\n", i, afl->alias_table[i],
-            afl->alias_probability[i], afl->queue_buf[i]->perf_score,
+  fprintf(stderr, "  entry  alias  probability  perf_score   weight
+  filename\n"); for (u32 i = 0; i < n; ++i) fprintf(stderr, "  %5u  %5u  %11u
+  %0.9f  %0.9f  %s\n", i, afl->alias_table[i], afl->alias_probability[i],
+  afl->queue_buf[i]->perf_score, afl->queue_buf[i]->weight,
             afl->queue_buf[i]->fname);
   */
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-16 08:47:22 +0000