about summary refs log tree commit diff
path: root/qemu_mode
diff options
context:
space:
mode:
Diffstat (limited to 'qemu_mode')
-rw-r--r--qemu_mode/libcompcov/libcompcov.so.c92
-rw-r--r--qemu_mode/libcompcov/pmparser.h60
-rw-r--r--qemu_mode/patches/afl-qemu-floats.h8
-rw-r--r--qemu_mode/patches/afl-qemu-tcg-runtime-inl.h28
4 files changed, 94 insertions, 94 deletions
diff --git a/qemu_mode/libcompcov/libcompcov.so.c b/qemu_mode/libcompcov/libcompcov.so.c
index 8e2c279b..a2695985 100644
--- a/qemu_mode/libcompcov/libcompcov.so.c
+++ b/qemu_mode/libcompcov/libcompcov.so.c
@@ -45,15 +45,15 @@
 
 static void *__compcov_code_start, *__compcov_code_end;
 
-static u8* __compcov_afl_map;
+static u8 *__compcov_afl_map;
 
 static u32 __compcov_level;
 
-static int (*__libc_strcmp)(const char*, const char*);
-static int (*__libc_strncmp)(const char*, const char*, size_t);
-static int (*__libc_strcasecmp)(const char*, const char*);
-static int (*__libc_strncasecmp)(const char*, const char*, size_t);
-static int (*__libc_memcmp)(const void*, const void*, size_t);
+static int (*__libc_strcmp)(const char *, const char *);
+static int (*__libc_strncmp)(const char *, const char *, size_t);
+static int (*__libc_strcasecmp)(const char *, const char *);
+static int (*__libc_strncasecmp)(const char *, const char *, size_t);
+static int (*__libc_memcmp)(const void *, const void *, size_t);
 
 static int debug_fd = -1;
 
@@ -65,7 +65,7 @@ static u32 __compcov_ro_cnt;
 
 /* Check an address against the list of read-only mappings. */
 
-static u8 __compcov_is_ro(const void* ptr) {
+static u8 __compcov_is_ro(const void *ptr) {
 
   u32 i;
 
@@ -76,7 +76,7 @@ static u8 __compcov_is_ro(const void* ptr) {
 
 }
 
-static size_t __strlen2(const char* s1, const char* s2, size_t max_length) {
+static size_t __strlen2(const char *s1, const char *s2, size_t max_length) {
 
   // from https://github.com/googleprojectzero/CompareCoverage
 
@@ -103,7 +103,7 @@ static void __compcov_load(void) {
 
   }
 
-  char* id_str = getenv(SHM_ENV_VAR);
+  char *id_str = getenv(SHM_ENV_VAR);
   int   shm_id;
 
   if (id_str) {
@@ -111,7 +111,7 @@ static void __compcov_load(void) {
     shm_id = atoi(id_str);
     __compcov_afl_map = shmat(shm_id, NULL, 0);
 
-    if (__compcov_afl_map == (void*)-1) exit(1);
+    if (__compcov_afl_map == (void *)-1) exit(1);
 
   } else {
 
@@ -121,16 +121,16 @@ static void __compcov_load(void) {
 
   if (getenv("AFL_INST_LIBS")) {
 
-    __compcov_code_start = (void*)0;
-    __compcov_code_end = (void*)-1;
+    __compcov_code_start = (void *)0;
+    __compcov_code_end = (void *)-1;
     return;
 
   }
 
-  char* bin_name = getenv("AFL_COMPCOV_BINNAME");
+  char *bin_name = getenv("AFL_COMPCOV_BINNAME");
 
-  procmaps_iterator* maps = pmparser_parse(-1);
-  procmaps_struct*   maps_tmp = NULL;
+  procmaps_iterator *maps = pmparser_parse(-1);
+  procmaps_struct *maps_tmp = NULL;
 
   while ((maps_tmp = pmparser_next(maps)) != NULL) {
 
@@ -159,7 +159,7 @@ static void __compcov_load(void) {
 
 }
 
-static void __compcov_trace(u64 cur_loc, const u8* v0, const u8* v1, size_t n) {
+static void __compcov_trace(u64 cur_loc, const u8 *v0, const u8 *v1, size_t n) {
 
   size_t i;
 
@@ -167,8 +167,8 @@ static void __compcov_trace(u64 cur_loc, const u8* v0, const u8* v1, size_t n) {
 
     char debugbuf[4096];
     snprintf(debugbuf, sizeof(debugbuf), "0x%llx %s %s %lu\n", cur_loc,
-             v0 == NULL ? "(null)" : (char*)v0,
-             v1 == NULL ? "(null)" : (char*)v1, n);
+             v0 == NULL ? "(null)" : (char *)v0,
+             v1 == NULL ? "(null)" : (char *)v1, n);
     write(debug_fd, debugbuf, strlen(debugbuf));
 
   }
@@ -183,7 +183,7 @@ static void __compcov_trace(u64 cur_loc, const u8* v0, const u8* v1, size_t n) {
 
 /* Check an address against the list of read-only mappings. */
 
-static u8 __compcov_is_in_bound(const void* ptr) {
+static u8 __compcov_is_in_bound(const void *ptr) {
 
   return ptr >= __compcov_code_start && ptr < __compcov_code_end;
 
@@ -194,9 +194,9 @@ static u8 __compcov_is_in_bound(const void* ptr) {
 
 #undef strcmp
 
-int strcmp(const char* str1, const char* str2) {
+int strcmp(const char *str1, const char *str2) {
 
-  void* retaddr = __builtin_return_address(0);
+  void *retaddr = __builtin_return_address(0);
 
   if (__compcov_is_in_bound(retaddr) &&
       !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
@@ -222,9 +222,9 @@ int strcmp(const char* str1, const char* str2) {
 
 #undef strncmp
 
-int strncmp(const char* str1, const char* str2, size_t len) {
+int strncmp(const char *str1, const char *str2, size_t len) {
 
-  void* retaddr = __builtin_return_address(0);
+  void *retaddr = __builtin_return_address(0);
 
   if (__compcov_is_in_bound(retaddr) &&
       !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
@@ -251,9 +251,9 @@ int strncmp(const char* str1, const char* str2, size_t len) {
 
 #undef strcasecmp
 
-int strcasecmp(const char* str1, const char* str2) {
+int strcasecmp(const char *str1, const char *str2) {
 
-  void* retaddr = __builtin_return_address(0);
+  void *retaddr = __builtin_return_address(0);
 
   if (__compcov_is_in_bound(retaddr) &&
       !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
@@ -281,9 +281,9 @@ int strcasecmp(const char* str1, const char* str2) {
 
 #undef strncasecmp
 
-int strncasecmp(const char* str1, const char* str2, size_t len) {
+int strncasecmp(const char *str1, const char *str2, size_t len) {
 
-  void* retaddr = __builtin_return_address(0);
+  void *retaddr = __builtin_return_address(0);
 
   if (__compcov_is_in_bound(retaddr) &&
       !(__compcov_level < 2 && !__compcov_is_ro(str1) &&
@@ -312,9 +312,9 @@ int strncasecmp(const char* str1, const char* str2, size_t len) {
 
 #undef memcmp
 
-int memcmp(const void* mem1, const void* mem2, size_t len) {
+int memcmp(const void *mem1, const void *mem2, size_t len) {
 
-  void* retaddr = __builtin_return_address(0);
+  void *retaddr = __builtin_return_address(0);
 
   if (__compcov_is_in_bound(retaddr) &&
       !(__compcov_level < 2 && !__compcov_is_ro(mem1) &&
@@ -345,25 +345,25 @@ int memcmp(const void* mem1, const void* mem2, size_t len) {
 /*
  * Apache's httpd wrappers
  */
-int ap_cstr_casecmp(const char* s1, const char* s2) {
+int ap_cstr_casecmp(const char *s1, const char *s2) {
 
   return strcasecmp(s1, s2);
 
 }
 
-int ap_cstr_casecmpn(const char* s1, const char* s2, size_t n) {
+int ap_cstr_casecmpn(const char *s1, const char *s2, size_t n) {
 
   return strncasecmp(s1, s2, n);
 
 }
 
-int apr_cstr_casecmp(const char* s1, const char* s2) {
+int apr_cstr_casecmp(const char *s1, const char *s2) {
 
   return strcasecmp(s1, s2);
 
 }
 
-int apr_cstr_casecmpn(const char* s1, const char* s2, size_t n) {
+int apr_cstr_casecmpn(const char *s1, const char *s2, size_t n) {
 
   return strncasecmp(s1, s2, n);
 
@@ -372,31 +372,31 @@ int apr_cstr_casecmpn(const char* s1, const char* s2, size_t n) {
 /*
  * *SSL wrappers
  */
-int CRYPTO_memcmp(const void* m1, const void* m2, size_t len) {
+int CRYPTO_memcmp(const void *m1, const void *m2, size_t len) {
 
   return memcmp(m1, m2, len);
 
 }
 
-int OPENSSL_memcmp(const void* m1, const void* m2, size_t len) {
+int OPENSSL_memcmp(const void *m1, const void *m2, size_t len) {
 
   return memcmp(m1, m2, len);
 
 }
 
-int OPENSSL_strcasecmp(const char* s1, const char* s2) {
+int OPENSSL_strcasecmp(const char *s1, const char *s2) {
 
   return strcasecmp(s1, s2);
 
 }
 
-int OPENSSL_strncasecmp(const char* s1, const char* s2, size_t len) {
+int OPENSSL_strncasecmp(const char *s1, const char *s2, size_t len) {
 
   return strncasecmp(s1, s2, len);
 
 }
 
-int32_t memcmpct(const void* s1, const void* s2, size_t len) {
+int32_t memcmpct(const void *s1, const void *s2, size_t len) {
 
   return memcmp(s1, s2, len);
 
@@ -405,7 +405,7 @@ int32_t memcmpct(const void* s1, const void* s2, size_t len) {
 /*
  * libXML wrappers
  */
-int xmlStrncmp(const char* s1, const char* s2, int len) {
+int xmlStrncmp(const char *s1, const char *s2, int len) {
 
   if (len <= 0) { return 0; }
   if (s1 == s2) { return 0; }
@@ -415,7 +415,7 @@ int xmlStrncmp(const char* s1, const char* s2, int len) {
 
 }
 
-int xmlStrcmp(const char* s1, const char* s2) {
+int xmlStrcmp(const char *s1, const char *s2) {
 
   if (s1 == s2) { return 0; }
   if (s1 == NULL) { return -1; }
@@ -424,7 +424,7 @@ int xmlStrcmp(const char* s1, const char* s2) {
 
 }
 
-int xmlStrEqual(const char* s1, const char* s2) {
+int xmlStrEqual(const char *s1, const char *s2) {
 
   if (s1 == s2) { return 1; }
   if (s1 == NULL) { return 0; }
@@ -434,7 +434,7 @@ int xmlStrEqual(const char* s1, const char* s2) {
 
 }
 
-int xmlStrcasecmp(const char* s1, const char* s2) {
+int xmlStrcasecmp(const char *s1, const char *s2) {
 
   if (s1 == s2) { return 0; }
   if (s1 == NULL) { return -1; }
@@ -443,7 +443,7 @@ int xmlStrcasecmp(const char* s1, const char* s2) {
 
 }
 
-int xmlStrncasecmp(const char* s1, const char* s2, int len) {
+int xmlStrncasecmp(const char *s1, const char *s2, int len) {
 
   if (len <= 0) { return 0; }
   if (s1 == s2) { return 0; }
@@ -453,7 +453,7 @@ int xmlStrncasecmp(const char* s1, const char* s2, int len) {
 
 }
 
-const char* xmlStrcasestr(const char* haystack, const char* needle) {
+const char *xmlStrcasestr(const char *haystack, const char *needle) {
 
   if (haystack == NULL) { return NULL; }
   if (needle == NULL) { return NULL; }
@@ -464,13 +464,13 @@ const char* xmlStrcasestr(const char* haystack, const char* needle) {
 /*
  * Samba wrappers
  */
-int memcmp_const_time(const void* s1, const void* s2, size_t n) {
+int memcmp_const_time(const void *s1, const void *s2, size_t n) {
 
   return memcmp(s1, s2, n);
 
 }
 
-bool strcsequal(const void* s1, const void* s2) {
+bool strcsequal(const void *s1, const void *s2) {
 
   if (s1 == s2) { return true; }
   if (!s1 || !s2) { return false; }
diff --git a/qemu_mode/libcompcov/pmparser.h b/qemu_mode/libcompcov/pmparser.h
index e7fcf187..d37bfcaf 100644
--- a/qemu_mode/libcompcov/pmparser.h
+++ b/qemu_mode/libcompcov/pmparser.h
@@ -32,8 +32,8 @@ implied warranty.
  */
 typedef struct procmaps_struct {
 
-  void*         addr_start;  //< start address of the area
-  void*         addr_end;    //< end address
+  void *addr_start;  //< start address of the area
+  void *addr_end;    //< end address
   unsigned long length;      //< size of the range
 
   char  perm[5];  //< permissions rwxp
@@ -48,7 +48,7 @@ typedef struct procmaps_struct {
 
   char pathname[600];  //< the path of the file that backs the area
   // chained list
-  struct procmaps_struct* next;  //<handler of the chinaed list
+  struct procmaps_struct *next;  //<handler of the chinaed list
 
 } procmaps_struct;
 
@@ -58,8 +58,8 @@ typedef struct procmaps_struct {
  */
 typedef struct procmaps_iterator {
 
-  procmaps_struct* head;
-  procmaps_struct* current;
+  procmaps_struct *head;
+  procmaps_struct *current;
 
 } procmaps_iterator;
 
@@ -69,7 +69,7 @@ typedef struct procmaps_iterator {
  * if pid<0
  * @return an iterator over all the nodes
  */
-procmaps_iterator* pmparser_parse(int pid);
+procmaps_iterator *pmparser_parse(int pid);
 
 /**
  * pmparser_next
@@ -77,28 +77,28 @@ procmaps_iterator* pmparser_parse(int pid);
  * @param p_procmaps_it the iterator to move on step in the chained list
  * @return a procmaps structure filled with information about this VM area
  */
-procmaps_struct* pmparser_next(procmaps_iterator* p_procmaps_it);
+procmaps_struct *pmparser_next(procmaps_iterator *p_procmaps_it);
 /**
  * pmparser_free
  * @description should be called at the end to free the resources
  * @param p_procmaps_it the iterator structure returned by pmparser_parse
  */
-void pmparser_free(procmaps_iterator* p_procmaps_it);
+void pmparser_free(procmaps_iterator *p_procmaps_it);
 
 /**
  * _pmparser_split_line
  * @description internal usage
  */
-void _pmparser_split_line(char* buf, char* addr1, char* addr2, char* perm,
-                          char* offset, char* device, char* inode,
-                          char* pathname);
+void _pmparser_split_line(char *buf, char *addr1, char *addr2, char *perm,
+                          char *offset, char *device, char *inode,
+                          char *pathname);
 
 /**
  * pmparser_print
  * @param map the head of the list
  * @order the order of the area to print, -1 to print everything
  */
-void pmparser_print(procmaps_struct* map, int order);
+void pmparser_print(procmaps_struct *map, int order);
 
 /**
  * gobal variables
@@ -106,9 +106,9 @@ void pmparser_print(procmaps_struct* map, int order);
 // procmaps_struct* g_last_head=NULL;
 // procmaps_struct* g_current=NULL;
 
-procmaps_iterator* pmparser_parse(int pid) {
+procmaps_iterator *pmparser_parse(int pid) {
 
-  procmaps_iterator* maps_it = malloc(sizeof(procmaps_iterator));
+  procmaps_iterator *maps_it = malloc(sizeof(procmaps_iterator));
   char               maps_path[500];
   if (pid >= 0) {
 
@@ -120,7 +120,7 @@ procmaps_iterator* pmparser_parse(int pid) {
 
   }
 
-  FILE* file = fopen(maps_path, "r");
+  FILE *file = fopen(maps_path, "r");
   if (!file) {
 
     fprintf(stderr, "pmparser : cannot open the memory maps, %s\n",
@@ -132,24 +132,24 @@ procmaps_iterator* pmparser_parse(int pid) {
   int  ind = 0;
   char buf[PROCMAPS_LINE_MAX_LENGTH];
   // int c;
-  procmaps_struct* list_maps = NULL;
-  procmaps_struct* tmp;
-  procmaps_struct* current_node = list_maps;
+  procmaps_struct *list_maps = NULL;
+  procmaps_struct *tmp;
+  procmaps_struct *current_node = list_maps;
   char addr1[20], addr2[20], perm[8], offset[20], dev[10], inode[30],
       pathname[PATH_MAX];
   while (!feof(file)) {
 
     fgets(buf, PROCMAPS_LINE_MAX_LENGTH, file);
     // allocate a node
-    tmp = (procmaps_struct*)malloc(sizeof(procmaps_struct));
+    tmp = (procmaps_struct *)malloc(sizeof(procmaps_struct));
     // fill the node
     _pmparser_split_line(buf, addr1, addr2, perm, offset, dev, inode, pathname);
     // printf("#%s",buf);
     // printf("%s-%s %s %s %s
     // %s\t%s\n",addr1,addr2,perm,offset,dev,inode,pathname); addr_start &
     // addr_end unsigned long l_addr_start;
-    sscanf(addr1, "%lx", (long unsigned*)&tmp->addr_start);
-    sscanf(addr2, "%lx", (long unsigned*)&tmp->addr_end);
+    sscanf(addr1, "%lx", (long unsigned *)&tmp->addr_start);
+    sscanf(addr2, "%lx", (long unsigned *)&tmp->addr_end);
     // size
     tmp->length = (unsigned long)(tmp->addr_end - tmp->addr_start);
     // perm
@@ -194,10 +194,10 @@ procmaps_iterator* pmparser_parse(int pid) {
 
 }
 
-procmaps_struct* pmparser_next(procmaps_iterator* p_procmaps_it) {
+procmaps_struct *pmparser_next(procmaps_iterator *p_procmaps_it) {
 
   if (p_procmaps_it->current == NULL) return NULL;
-  procmaps_struct* p_current = p_procmaps_it->current;
+  procmaps_struct *p_current = p_procmaps_it->current;
   p_procmaps_it->current = p_procmaps_it->current->next;
   return p_current;
   /*
@@ -214,12 +214,12 @@ procmaps_struct* pmparser_next(procmaps_iterator* p_procmaps_it) {
 
 }
 
-void pmparser_free(procmaps_iterator* p_procmaps_it) {
+void pmparser_free(procmaps_iterator *p_procmaps_it) {
 
-  procmaps_struct* maps_list = p_procmaps_it->head;
+  procmaps_struct *maps_list = p_procmaps_it->head;
   if (maps_list == NULL) return;
-  procmaps_struct* act = maps_list;
-  procmaps_struct* nxt = act->next;
+  procmaps_struct *act = maps_list;
+  procmaps_struct *nxt = act->next;
   while (act != NULL) {
 
     free(act);
@@ -230,9 +230,9 @@ void pmparser_free(procmaps_iterator* p_procmaps_it) {
 
 }
 
-void _pmparser_split_line(char* buf, char* addr1, char* addr2, char* perm,
-                          char* offset, char* device, char* inode,
-                          char* pathname) {
+void _pmparser_split_line(char *buf, char *addr1, char *addr2, char *perm,
+                          char *offset, char *device, char *inode,
+                          char *pathname) {
 
   //
   int orig = 0;
diff --git a/qemu_mode/patches/afl-qemu-floats.h b/qemu_mode/patches/afl-qemu-floats.h
index f88bbf4a..2e50cf7e 100644
--- a/qemu_mode/patches/afl-qemu-floats.h
+++ b/qemu_mode/patches/afl-qemu-floats.h
@@ -64,14 +64,14 @@ union afl_float64 {
 // TODO figure out why float*_unpack_canonical does not work
 
 void afl_float_compcov_log_32(target_ulong cur_loc, float32 arg1, float32 arg2,
-                              void* status) {
+                              void *status) {
 
   cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
   cur_loc &= MAP_SIZE - 7;
 
   if (cur_loc >= afl_inst_rms) return;
 
-  // float_status* s = (float_status*)status;
+  // float_status*s = (float_status*)status;
   // FloatParts    a = float32_unpack_canonical(arg1, s);
   // FloatParts    b = float32_unpack_canonical(arg2, s);
   union afl_float32 a = {.f = arg1};
@@ -96,14 +96,14 @@ void afl_float_compcov_log_32(target_ulong cur_loc, float32 arg1, float32 arg2,
 }
 
 void afl_float_compcov_log_64(target_ulong cur_loc, float64 arg1, float64 arg2,
-                              void* status) {
+                              void *status) {
 
   cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
   cur_loc &= MAP_SIZE - 7;
 
   if (cur_loc >= afl_inst_rms) return;
 
-  // float_status* s = (float_status*)status;
+  // float_status*s = (float_status*)status;
   // FloatParts    a = float64_unpack_canonical(arg1, s);
   // FloatParts    b = float64_unpack_canonical(arg2, s);
   union afl_float64 a = {.f = arg1};
diff --git a/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h b/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
index a510ac83..04fcde4e 100644
--- a/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
+++ b/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
@@ -34,7 +34,7 @@
 #include "afl-qemu-common.h"
 #include "tcg.h"
 
-void HELPER(afl_entry_routine)(CPUArchState* env) {
+void HELPER(afl_entry_routine)(CPUArchState *env) {
 
   afl_forkserver(ENV_GET_CPU(env));
 
@@ -160,10 +160,10 @@ void HELPER(afl_cmplog_64)(target_ulong cur_loc, target_ulong arg1,
 
 #include <sys/mman.h>
 
-static int area_is_mapped(void* ptr, size_t len) {
+static int area_is_mapped(void *ptr, size_t len) {
 
-  char* p = ptr;
-  char* page = (char*)((uintptr_t)p & ~(sysconf(_SC_PAGE_SIZE) - 1));
+  char *p = ptr;
+  char *page = (char *)((uintptr_t)p & ~(sysconf(_SC_PAGE_SIZE) - 1));
 
   int r = msync(page, (p - page) + len, MS_ASYNC);
   if (r < 0) return errno != ENOMEM;
@@ -171,28 +171,28 @@ static int area_is_mapped(void* ptr, size_t len) {
 
 }
 
-void HELPER(afl_cmplog_rtn)(CPUX86State* env) {
+void HELPER(afl_cmplog_rtn)(CPUX86State *env) {
 
 #if defined(TARGET_X86_64)
 
-  void* ptr1 = g2h(env->regs[R_EDI]);
-  void* ptr2 = g2h(env->regs[R_ESI]);
+  void *ptr1 = g2h(env->regs[R_EDI]);
+  void *ptr2 = g2h(env->regs[R_ESI]);
 
 #elif defined(TARGET_I386)
 
-  target_ulong* stack = g2h(env->regs[R_ESP]);
+  target_ulong *stack = g2h(env->regs[R_ESP]);
 
   if (!area_is_mapped(stack, sizeof(target_ulong) * 2)) return;
 
   // when this hook is executed, the retaddr is not on stack yet
-  void* ptr1 = g2h(stack[0]);
-  void* ptr2 = g2h(stack[1]);
+  void *ptr1 = g2h(stack[0]);
+  void *ptr2 = g2h(stack[1]);
 
 #else
 
   // dumb code to make it compile
-  void* ptr1 = NULL;
-  void* ptr2 = NULL;
+  void *ptr1 = NULL;
+  void *ptr2 = NULL;
   return;
 
 #endif
@@ -211,9 +211,9 @@ void HELPER(afl_cmplog_rtn)(CPUX86State* env) {
   __afl_cmp_map->headers[k].shape = 31;
 
   hits &= CMP_MAP_RTN_H - 1;
-  __builtin_memcpy(((struct cmpfn_operands*)__afl_cmp_map->log[k])[hits].v0,
+  __builtin_memcpy(((struct cmpfn_operands *)__afl_cmp_map->log[k])[hits].v0,
                    ptr1, 32);
-  __builtin_memcpy(((struct cmpfn_operands*)__afl_cmp_map->log[k])[hits].v1,
+  __builtin_memcpy(((struct cmpfn_operands *)__afl_cmp_map->log[k])[hits].v1,
                    ptr2, 32);
 
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-14 05:26:18 +0000