From a809c3c50ce32fde390769b607b020dd68730474 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Sun, 3 Sep 2023 11:22:54 +0200 Subject: less impact --- src/afl-fuzz-queue.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'src/afl-fuzz-queue.c') diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 14ba1ace..5f915c9a 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -826,6 +826,8 @@ void cull_queue(afl_state_t *afl) { /* Let's see if anything in the bitmap isn't captured in temp_v. If yes, and if it has a afl->top_rated[] contender, let's use it. */ + afl->smallest_favored = -1; + for (i = 0; i < afl->fsrv.map_size; ++i) { if (afl->top_rated[i] && (temp_v[i >> 3] & (1 << (i & 7)))) { @@ -849,7 +851,16 @@ void cull_queue(afl_state_t *afl) { afl->top_rated[i]->favored = 1; ++afl->queued_favored; - if (!afl->top_rated[i]->was_fuzzed) { ++afl->pending_favored; } + if (!afl->top_rated[i]->was_fuzzed) { + + ++afl->pending_favored; + if (unlikely(afl->smallest_favored > (s64)afl->top_rated[i]->id)) { + + afl->smallest_favored = (s64)afl->top_rated[i]->id; + + } + + } } -- cgit v1.2.3 From cd6b89eb74cc501a67b1c14a4433a496b2053eec Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Sun, 3 Sep 2023 13:54:54 +0200 Subject: nit --- src/afl-fuzz-queue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/afl-fuzz-queue.c') diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 5f915c9a..2b102879 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -854,7 +854,7 @@ void cull_queue(afl_state_t *afl) { if (!afl->top_rated[i]->was_fuzzed) { ++afl->pending_favored; - if (unlikely(afl->smallest_favored > (s64)afl->top_rated[i]->id)) { + if (unlikely(afl->smallest_favored < 0)) { afl->smallest_favored = (s64)afl->top_rated[i]->id; -- cgit v1.2.3 From 87b33740ea426bac276a9eb4bc5f201bd396b6dc Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 4 Sep 2023 13:38:09 +0200 Subject: ensure table reinit, downgrade redundant --- src/afl-fuzz-queue.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/afl-fuzz-queue.c') diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index 14ba1ace..78c1d654 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -80,6 +80,7 @@ double compute_weight(afl_state_t *afl, struct queue_entry *q, if (unlikely(weight < 0.1)) { weight = 0.1; } if (unlikely(q->favored)) { weight *= 5; } if (unlikely(!q->was_fuzzed)) { weight *= 2; } + if (unlikely(q->fs_redundant)) { weight *= 0.2; } return weight; @@ -867,6 +868,8 @@ void cull_queue(afl_state_t *afl) { } + afl->reinit_table = 1; + } /* Calculate case desirability score to adjust the length of havoc fuzzing. -- cgit v1.2.3 From 6c7c4b821adae1ed244973127426ef2e966f6350 Mon Sep 17 00:00:00 2001 From: vanhauser-thc Date: Mon, 11 Sep 2023 14:56:34 +0200 Subject: reweight redundant --- src/afl-fuzz-queue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/afl-fuzz-queue.c') diff --git a/src/afl-fuzz-queue.c b/src/afl-fuzz-queue.c index ce9718b0..4b9627f7 100644 --- a/src/afl-fuzz-queue.c +++ b/src/afl-fuzz-queue.c @@ -80,7 +80,7 @@ double compute_weight(afl_state_t *afl, struct queue_entry *q, if (unlikely(weight < 0.1)) { weight = 0.1; } if (unlikely(q->favored)) { weight *= 5; } if (unlikely(!q->was_fuzzed)) { weight *= 2; } - if (unlikely(q->fs_redundant)) { weight *= 0.2; } + if (unlikely(q->fs_redundant)) { weight *= 0.8; } return weight; -- cgit v1.2.3