5 files changed, 98 insertions, 37 deletions
diff --git a/src/afl-fuzz-globals.c b/src/afl-fuzz-globals.c
index 01b242b8..a8c17922 100644
--- a/src/afl-fuzz-globals.c
+++ b/src/afl-fuzz-globals.c
@@ -260,6 +260,7 @@ PyObject *py_functions[PY_FUNC_COUNT];
 #endif
 
 #ifdef _AFL_DOCUMENT_MUTATIONS
-  u8 do_document;
-  u32 document_counter;
+u8  do_document;
+u32 document_counter;
 #endif
+
diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c
index de16f901..12dcafae 100644
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@@ -32,9 +32,7 @@
 
 void bind_to_free_cpu(void) {
 
-  DIR*           d;
-  struct dirent* de;
-  cpu_set_t      c;
+  cpu_set_t c;
 
   u8  cpu_used[4096] = {0};
   u32 i;
@@ -48,6 +46,9 @@ void bind_to_free_cpu(void) {
 
   }
 
+#if defined(__linux__)
+  DIR*           d;
+  struct dirent* de;
   d = opendir("/proc");
 
   if (!d) {
@@ -112,6 +113,36 @@ void bind_to_free_cpu(void) {
   }
 
   closedir(d);
+#elif defined(__FreeBSD__)
+  struct kinfo_proc* procs;
+  size_t             nprocs;
+  size_t             proccount;
+  int                s_name[] = {CTL_KERN, KERN_PROC, KERN_PROC_ALL};
+  size_t             s_name_l = sizeof(s_name) / sizeof(s_name[0]);
+
+  if (sysctl(s_name, s_name_l, NULL, &nprocs, NULL, 0) != 0) return;
+  proccount = nprocs / sizeof(*procs);
+  nprocs = nprocs * 4 / 3;
+
+  procs = ck_alloc(nprocs);
+  if (sysctl(s_name, s_name_l, procs, &nprocs, NULL, 0) != 0) {
+
+    ck_free(procs);
+    return;
+
+  }
+
+  for (i = 0; i < proccount; i++) {
+
+    if (procs[i].ki_oncpu < sizeof(cpu_used)) cpu_used[procs[i].ki_oncpu] = 1;
+
+  }
+
+  ck_free(procs);
+#else
+#warning \
+    "For this platform we do not have free CPU binding code yet. If poxxible, please supply a PR to https://github.com/vanhauser-thc/AFLplusplus"
+#endif
 
   for (i = 0; i < cpu_core_count; ++i)
     if (!cpu_used[i]) break;
@@ -138,7 +169,14 @@ void bind_to_free_cpu(void) {
   CPU_ZERO(&c);
   CPU_SET(i, &c);
 
+#if defined(__linux__)
   if (sched_setaffinity(0, sizeof(c), &c)) PFATAL("sched_setaffinity failed");
+#elif defined(__FreeBSD__)
+  if (pthread_setaffinity_np(pthread_self(), sizeof(c), &c))
+    PFATAL("pthread_setaffinity failed");
+#else
+  // this will need something for other platforms
+#endif
 
 }
 
@@ -786,7 +824,8 @@ double get_runnable_processes(void) {
 
   static double res;
 
-#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__)
+#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || \
+    defined(__NetBSD__)
 
   /* I don't see any portable sysctl or so that would quickly give us the
      number of runnable processes; the 1-minute load average can be a
@@ -827,7 +866,7 @@ double get_runnable_processes(void) {
 
   }
 
-#endif                        /* ^(__APPLE__ || __FreeBSD__ || __OpenBSD__ || __NetBSD__) */
+#endif          /* ^(__APPLE__ || __FreeBSD__ || __OpenBSD__ || __NetBSD__) */
 
   return res;
 
@@ -1481,7 +1520,7 @@ void check_cpu_governor(void) {
   FATAL("Suboptimal CPU scaling governor");
 
 #elif defined __APPLE__
-  u64   min = 0, max = 0;
+  u64 min = 0, max = 0;
   size_t mlen = sizeof(min);
   if (getenv("AFL_SKIP_CPUFREQ")) return;
 
@@ -1513,6 +1552,7 @@ void check_cpu_governor(void) {
        min / 1024, max / 1024);
   FATAL("Suboptimal CPU scaling governor");
 #endif
+
 }
 
 /* Count the number of logical CPU cores. */
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c
index 7db25254..31d58a10 100644
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@@ -4231,7 +4231,6 @@ pacemaker_fuzzing:
 
 #define core_fuzzing(a) common_fuzzing((a), MOpt_globals_core)
 
-
 void pso_updating(void) {
 
   g_now += 1;
@@ -4314,17 +4313,25 @@ u8 fuzz_one(char** argv) {
 
 #ifdef _AFL_DOCUMENT_MUTATIONS
   if (do_document == 0) {
-    char *fn = alloc_printf("%s/mutations", out_dir);
+
+    char* fn = alloc_printf("%s/mutations", out_dir);
     if (fn) {
-      do_document = mkdir(fn, 0700); // if it exists we do not care
+
+      do_document = mkdir(fn, 0700);  // if it exists we do not care
       do_document = 1;
       ck_free(fn);
+
     } else
+
       PFATAL("malloc()");
+
   } else {
+
     do_document = 2;
     stop_soon = 2;
+
   }
+
 #endif
 
   if (limit_time_sig == 0) {
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c
index c0fa928e..46d12423 100644
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@@ -178,15 +178,21 @@ u8 run_target(char** argv, u32 timeout) {
     if ((res = read(fsrv_st_fd, &status, 4)) != 4) {
 
       if (stop_soon) return 0;
-      SAYF("\n" cLRD "[-] " cRST
-           "Unable to communicate with fork server. Some possible reasons:\n\n" 
-           "    - You've run out of memory. Use -m to increase the the memory limit\n"
-           "      to something higher than %lld.\n"
-           "    - The binary or one of the libraries it uses manages to create\n"
-           "      threads before the forkserver initializes.\n"
-           "    - The binary, at least in some circumstances, exits in a way that\n"
-           "      also kills the parent process - raise() could be the culprit.\n\n"
-	   "If all else fails you can disable the fork server via AFL_NO_FORKSRV=1.\n", mem_limit);
+      SAYF(
+          "\n" cLRD "[-] " cRST
+          "Unable to communicate with fork server. Some possible reasons:\n\n"
+          "    - You've run out of memory. Use -m to increase the the memory "
+          "limit\n"
+          "      to something higher than %lld.\n"
+          "    - The binary or one of the libraries it uses manages to create\n"
+          "      threads before the forkserver initializes.\n"
+          "    - The binary, at least in some circumstances, exits in a way "
+          "that\n"
+          "      also kills the parent process - raise() could be the "
+          "culprit.\n\n"
+          "If all else fails you can disable the fork server via "
+          "AFL_NO_FORKSRV=1.\n",
+          mem_limit);
       RPFATAL(res, "Unable to communicate with fork server");
 
     }
@@ -261,15 +267,23 @@ void write_to_testcase(void* mem, u32 len) {
   s32 fd = out_fd;
 
 #ifdef _AFL_DOCUMENT_MUTATIONS
-  s32 doc_fd;
-  char *fn = alloc_printf("%s/mutations/%09u:%s", out_dir, document_counter++, describe_op(0));
+  s32   doc_fd;
+  char* fn = alloc_printf("%s/mutations/%09u:%s", out_dir, document_counter++,
+                          describe_op(0));
   if (fn != NULL) {
+
     if ((doc_fd = open(fn, O_WRONLY | O_CREAT | O_TRUNC, 0600)) >= 0) {
-      if (write(doc_fd, mem, len) != len) PFATAL("write to mutation file failed: %s", fn);
+
+      if (write(doc_fd, mem, len) != len)
+        PFATAL("write to mutation file failed: %s", fn);
       close(doc_fd);
+
     }
+
     ck_free(fn);
+
   }
+
 #endif
 
   if (out_file) {
diff --git a/src/afl-gotcpu.c b/src/afl-gotcpu.c
index ece5a850..bdb727de 100644
--- a/src/afl-gotcpu.c
+++ b/src/afl-gotcpu.c
@@ -54,16 +54,16 @@
 
 #if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__)
 #define HAVE_AFFINITY 1
-# if defined(__FreeBSD__)
-#   include <pthread.h>
-#   include <pthread_np.h>
-#   include <sys/cpuset.h>
-#   define cpu_set_t cpuset_t
-# elif defined(__NetBSD__)
-#   include <pthread.h>
-#   include <sched.h>
-# endif
-#endif                                      /* __linux__ || __FreeBSD__ || __NetBSD__ */
+#if defined(__FreeBSD__)
+#include <pthread.h>
+#include <pthread_np.h>
+#include <sys/cpuset.h>
+#define cpu_set_t cpuset_t
+#elif defined(__NetBSD__)
+#include <pthread.h>
+#include <sched.h>
+#endif
+#endif                            /* __linux__ || __FreeBSD__ || __NetBSD__ */
 
 /* Get unix time in microseconds. */
 
@@ -163,18 +163,17 @@ int main(int argc, char** argv) {
 
     if (!fr) {
 
-      u32       util_perc;
+      u32 util_perc;
 #if defined(__linux__) || defined(__FreeBSD__)
       cpu_set_t c;
 
       CPU_ZERO(&c);
       CPU_SET(i, &c);
 #elif defined(__NetBSD__)
-      cpuset_t *c;
+      cpuset_t* c;
 
       c = cpuset_create();
-      if (c == NULL)
-        PFATAL("cpuset_create failed");
+      if (c == NULL) PFATAL("cpuset_create failed");
 
       cpuset_set(i, c);
 #endif