diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-cc.c | 5 | ||||
| -rw-r--r-- | src/afl-common.c | 47 | ||||
| -rw-r--r-- | src/afl-forkserver.c | 3 | ||||
| -rw-r--r-- | src/afl-fuzz-queue.c | 3 | ||||
| -rw-r--r-- | src/afl-fuzz-run.c | 1 | ||||
| -rw-r--r-- | src/afl-fuzz-stats.c | 18 | ||||
| -rw-r--r-- | src/afl-showmap.c | 25 |
7 files changed, 47 insertions, 55 deletions
diff --git a/src/afl-cc.c b/src/afl-cc.c index c872b2eb..7afab850 100644 --- a/src/afl-cc.c +++ b/src/afl-cc.c @@ -2366,8 +2366,7 @@ static void add_aflpplib(aflcc_state_t *aflcc) { insert_param(aflcc, afllib); #ifdef __APPLE__ - insert_param(aflcc, "-Wl,-undefined"); - insert_param(aflcc, "dynamic_lookup"); + insert_param(aflcc, "-Wl,-undefined,dynamic_lookup"); #endif } @@ -2844,7 +2843,7 @@ static void maybe_usage(aflcc_state_t *aflcc, int argc, char **argv) { " The best is LTO but it often needs RANLIB and AR settings outside " "of afl-cc.\n\n"); -#if LLVM_MAJOR > 10 || (LLVM_MAJOR == 10 && LLVM_MINOR > 0) +#if LLVM_MAJOR >= 11 || (LLVM_MAJOR == 10 && LLVM_MINOR > 0) #define NATIVE_MSG \ " LLVM-NATIVE: use llvm's native PCGUARD instrumentation (less " \ "performant)\n" diff --git a/src/afl-common.c b/src/afl-common.c index 9a27824d..efdb5d60 100644 --- a/src/afl-common.c +++ b/src/afl-common.c @@ -59,27 +59,6 @@ u8 last_intr = 0; #define AFL_PATH "/usr/local/lib/afl/" #endif -/* - Some BSD (i.e.: FreeBSD) offer the FAST clock source as - * equivalent to Linux COARSE clock source. Aliasing COARSE to - * FAST on such systems when COARSE is not already defined. - * - macOS has no support of CLOCK_MONOTONIC_COARSE clock type. - */ -#if defined(OS_DARWIN) || defined(OS_SUNOS) || defined(__APPLE__) || \ - defined(__sun) || defined(__NetBSD__) - #define CLOCK_MONOTONIC_COARSE CLOCK_MONOTONIC -#elif defined(OS_FREEBSD) - #define CLOCK_MONOTONIC_COARSE CLOCK_MONOTONIC_FAST -#endif - -/* Convert seconds to milliseconds. */ -#define SEC_TO_MS(sec) ((sec) * 1000) -/* Convert seconds to microseconds. */ -#define SEC_TO_US(sec) ((sec) * 1000000) -/* Convert nanoseconds to milliseconds. */ -#define NS_TO_MS(ns) ((ns) / 1000000) -/* Convert nanoseconds to microseconds. */ -#define NS_TO_US(ns) ((ns) / 1000) - void *afl_memmem(const void *haystack, size_t haystacklen, const void *needle, size_t needlelen) { @@ -997,33 +976,25 @@ void read_bitmap(u8 *fname, u8 *map, size_t len) { inline u64 get_cur_time(void) { - struct timespec ts; - int rc = clock_gettime(CLOCK_MONOTONIC_COARSE, &ts); - if (rc == -1) { + struct timeval tv; + struct timezone tz; - PFATAL("Failed to obtain timestamp (errno = %i: %s)\n", errno, - strerror(errno)); + gettimeofday(&tv, &tz); - } - - return SEC_TO_MS((uint64_t)ts.tv_sec) + NS_TO_MS((uint64_t)ts.tv_nsec); + return (tv.tv_sec * 1000ULL) + (tv.tv_usec / 1000); } /* Get unix time in microseconds */ -u64 get_cur_time_us(void) { +inline u64 get_cur_time_us(void) { - struct timespec ts; - int rc = clock_gettime(CLOCK_MONOTONIC_COARSE, &ts); - if (rc == -1) { + struct timeval tv; + struct timezone tz; - PFATAL("Failed to obtain timestamp (errno = %i: %s)\n", errno, - strerror(errno)); - - } + gettimeofday(&tv, &tz); - return SEC_TO_US((uint64_t)ts.tv_sec) + NS_TO_US((uint64_t)ts.tv_nsec); + return (tv.tv_sec * 1000000ULL) + tv.tv_usec; } diff --git a/src/afl-forkserver.c b/src/afl-forkserver.c index beb6bdeb..a082982c 100644 --- a/src/afl-forkserver.c +++ b/src/afl-forkserver.c @@ -578,7 +578,8 @@ void afl_fsrv_start(afl_forkserver_t *fsrv, char **argv, void *nyx_config = fsrv->nyx_handlers->nyx_config_load(fsrv->target_path); fsrv->nyx_handlers->nyx_config_set_workdir_path(nyx_config, workdir_path); - fsrv->nyx_handlers->nyx_config_set_input_buffer_size(nyx_config, fsrv->max_length); + fsrv->nyx_handlers->nyx_config_set_input_buffer_size(nyx_config, + fsrv->max_length); fsrv->nyx_handlers->nyx_config_set_input_buffer_write_protection(nyx_config, true); diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 2318df60..784b377a 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -1301,7 +1301,8 @@ inline u8 *queue_testcase_get(afl_state_t *afl, struct queue_entry *q) { static u32 do_once = 0; // because even threaded we would want this. WIP while (unlikely( - afl->q_testcase_cache_size + len >= afl->q_testcase_max_cache_size || + (afl->q_testcase_cache_size + len >= afl->q_testcase_max_cache_size && + afl->q_testcase_cache_count > 1) || afl->q_testcase_cache_count >= afl->q_testcase_max_cache_entries - 1)) { /* We want a max number of entries to the cache that we learn. diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index b62db1ea..4e2cceff 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -1195,3 +1195,4 @@ common_fuzz_stuff(afl_state_t *afl, u8 *out_buf, u32 len) { return 0; } + diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index ffe56cde..eafeebba 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -322,7 +322,8 @@ void write_stats_file(afl_state_t *afl, u32 t_bytes, double bitmap_cvg, if (getrusage(RUSAGE_CHILDREN, &rus)) { rus.ru_maxrss = 0; } #endif u64 runtime_ms = afl->prev_run_time + cur_time - afl->start_time; - u64 overhead_ms = (afl->calibration_time_us + afl->sync_time_us + afl->trim_time_us) / 1000; + u64 overhead_ms = + (afl->calibration_time_us + afl->sync_time_us + afl->trim_time_us) / 1000; if (!runtime_ms) { runtime_ms = 1; } fprintf( @@ -632,7 +633,8 @@ void show_stats_normal(afl_state_t *afl) { if (afl->most_time_key && afl->queue_cycle) { - if (afl->most_time * 1000 + afl->sync_time_us / 1000 < cur_ms - afl->start_time) { + if (afl->most_time * 1000 + afl->sync_time_us / 1000 < + cur_ms - afl->start_time) { afl->most_time_key = 2; afl->stop_soon = 2; @@ -1329,7 +1331,9 @@ void show_stats_normal(afl_state_t *afl) { sprintf(tmp, "disabled, "); - } else if (unlikely(!afl->bytes_trim_out)) { + } else if (unlikely(!afl->bytes_trim_out || + + afl->bytes_trim_in <= afl->bytes_trim_out)) { sprintf(tmp, "n/a, "); @@ -1346,7 +1350,9 @@ void show_stats_normal(afl_state_t *afl) { strcat(tmp, "disabled"); - } else if (unlikely(!afl->blocks_eff_total)) { + } else if (unlikely(!afl->blocks_eff_total || + + afl->blocks_eff_select >= afl->blocks_eff_total)) { strcat(tmp, "n/a"); @@ -1462,7 +1468,8 @@ void show_stats_pizza(afl_state_t *afl) { if (afl->most_time_key && afl->queue_cycle) { - if (afl->most_time * 1000 + afl->sync_time_us / 1000 < cur_ms - afl->start_time) { + if (afl->most_time * 1000 + afl->sync_time_us / 1000 < + cur_ms - afl->start_time) { afl->most_time_key = 2; afl->stop_soon = 2; @@ -2503,3 +2510,4 @@ void update_sync_time(afl_state_t *afl, u64 *time) { *time = cur; } + diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 7e875040..1712e634 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -225,8 +225,13 @@ static void at_exit_handler(void) { if (remove_shm) { + remove_shm = false; if (shm.map) afl_shm_deinit(&shm); - if (fsrv->use_shmem_fuzz) deinit_shmem(fsrv, shm_fuzz); + if ((shm_fuzz && shm_fuzz->shmemfuzz_mode) || fsrv->use_shmem_fuzz) { + + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + + } } @@ -1527,6 +1532,8 @@ int main(int argc, char **argv_orig, char **envp) { /* initialize cmplog_mode */ shm_fuzz->cmplog_mode = 0; + atexit(at_exit_handler); + u8 *map = afl_shm_init(shm_fuzz, MAX_FILE + sizeof(u32), 1); shm_fuzz->shmemfuzz_mode = true; if (!map) { FATAL("BUG: Zero return from afl_shm_init."); } @@ -1676,8 +1683,6 @@ int main(int argc, char **argv_orig, char **envp) { } - atexit(at_exit_handler); - if (get_afl_env("AFL_DEBUG")) { int j = optind; @@ -1694,9 +1699,12 @@ int main(int argc, char **argv_orig, char **envp) { map_size = fsrv->map_size; - if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) + if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) { + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + } + if (in_dir) { if (execute_testcases(in_dir) == 0) { @@ -1728,9 +1736,12 @@ int main(int argc, char **argv_orig, char **envp) { } else { - if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) + if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) { + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + } + #ifdef __linux__ if (!fsrv->nyx_mode) { @@ -1777,9 +1788,9 @@ int main(int argc, char **argv_orig, char **envp) { } - remove_shm = 0; + remove_shm = false; afl_shm_deinit(&shm); - if (fsrv->use_shmem_fuzz) shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + if (fsrv->use_shmem_fuzz) { shm_fuzz = deinit_shmem(fsrv, shm_fuzz); } u32 ret; |