diff options
| -rw-r--r-- | docs/Changelog.md | 2 | ||||
| -rw-r--r-- | llvm_mode/afl-llvm-rt.o.c | 5 | ||||
| -rw-r--r-- | src/afl-forkserver.c | 2 |
3 files changed, 7 insertions, 2 deletions
diff --git a/docs/Changelog.md b/docs/Changelog.md index 0a482614..abfd4386 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -31,6 +31,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>. as it is faster and provides better coverage. The original afl instrumentation can be set via AFL_LLVM_INSTRUMENT=AFL. This is automatically done when the WHITELIST feature is used. + - PCGUARD mode is now even better because we made it collision free - plus + it has a fixed map size, so it is also faster! :) - some targets want a ld variant for LD that is not gcc/clang but ld, added afl-ld-lto to solve this - lowered minimum required llvm version to 3.4 (except LLVMInsTrim, which diff --git a/llvm_mode/afl-llvm-rt.o.c b/llvm_mode/afl-llvm-rt.o.c index 17b70f26..b815fc1f 100644 --- a/llvm_mode/afl-llvm-rt.o.c +++ b/llvm_mode/afl-llvm-rt.o.c @@ -183,6 +183,9 @@ static void __afl_map_shm(void) { if (__afl_final_loc) { + if (__afl_final_loc % 8) + __afl_final_loc = (((__afl_final_loc + 7) >> 3) << 3); + __afl_map_size = __afl_final_loc; if (__afl_final_loc > MAP_SIZE) { @@ -871,7 +874,7 @@ void __sanitizer_cov_trace_pc_guard_init(uint32_t *start, uint32_t *stop) { while (start < stop) { if (R(100) < inst_ratio) - *start = R(MAP_SIZE - 1) + 1; + *start = ++__afl_final_loc; else *start = 0; diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index b2734335..bb7a6797 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -569,7 +569,7 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, if (unlikely(tmp_map_size % 8)) { // should not happen - WARNF("Target reported non-aligned map size of %ud", tmp_map_size); + WARNF("Target reported non-aligned map size of %u", tmp_map_size); tmp_map_size = (((tmp_map_size + 8) >> 3) << 3); } |