From 67d87dd2a9dbc393b56162e77ff3178f4e3f59fa Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sun, 14 Jun 2020 15:26:43 +0000 Subject: Porting to Haiku. getrusage does not implement resident memory gathering, no shm api neither. --- src/afl-showmap.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/afl-showmap.c') diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 560c8cf6..70a30ce4 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -56,7 +56,9 @@ #include #include +#ifndef USEMMAP #include +#endif #include #include #include -- cgit 1.4.1 From dc002b4b3544d79d846723b445549400935aca64 Mon Sep 17 00:00:00 2001 From: Dominik Maier Date: Mon, 15 Jun 2020 11:08:24 +0200 Subject: code format --- gcc_plugin/afl-gcc-rt.o.c | 2 +- include/afl-fuzz.h | 2 +- src/afl-analyze.c | 2 +- src/afl-fuzz-one.c | 6 +++--- src/afl-fuzz-stats.c | 6 +++--- src/afl-fuzz.c | 10 ++++------ src/afl-showmap.c | 2 +- src/afl-tmin.c | 2 +- 8 files changed, 15 insertions(+), 17 deletions(-) (limited to 'src/afl-showmap.c') diff --git a/gcc_plugin/afl-gcc-rt.o.c b/gcc_plugin/afl-gcc-rt.o.c index 5c94f68a..49a03cae 100644 --- a/gcc_plugin/afl-gcc-rt.o.c +++ b/gcc_plugin/afl-gcc-rt.o.c @@ -36,7 +36,7 @@ #include #ifndef USEMMAP -#include + #include #endif #include #include diff --git a/include/afl-fuzz.h b/include/afl-fuzz.h index 2f712806..f6158014 100644 --- a/include/afl-fuzz.h +++ b/include/afl-fuzz.h @@ -67,7 +67,7 @@ #include #include #ifndef USEMMAP -#include + #include #endif #include #include diff --git a/src/afl-analyze.c b/src/afl-analyze.c index cf5e9b16..f9ba8860 100644 --- a/src/afl-analyze.c +++ b/src/afl-analyze.c @@ -52,7 +52,7 @@ #include #include #ifndef USEMMAP -#include + #include #endif #include #include diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c index a247a837..fc5760cc 100644 --- a/src/afl-fuzz-one.c +++ b/src/afl-fuzz-one.c @@ -3852,7 +3852,7 @@ pacemaker_fuzzing: afl->extras[j].len > len - i || !memcmp(afl->extras[j].data, out_buf + i, afl->extras[j].len) || (eff_map && !memchr(eff_map + EFF_APOS(i), 1, - EFF_SPAN_ALEN(i, afl->extras[j].len)))) { + EFF_SPAN_ALEN(i, afl->extras[j].len)))) { afl->stage_max--; continue; @@ -3960,7 +3960,7 @@ pacemaker_fuzzing: !memcmp(afl->a_extras[j].data, out_buf + i, afl->a_extras[j].len) || (eff_map && !memchr(eff_map + EFF_APOS(i), 1, - EFF_SPAN_ALEN(i, afl->a_extras[j].len)))) { + EFF_SPAN_ALEN(i, afl->a_extras[j].len)))) { afl->stage_max--; continue; @@ -3986,7 +3986,7 @@ pacemaker_fuzzing: afl->stage_finds[STAGE_EXTRAS_AO] += new_hit_cnt - orig_hit_cnt; afl->stage_cycles[STAGE_EXTRAS_AO] += afl->stage_max; - // AFLpp: Never read: skip_extras_v2: + // AFLpp: Never read: skip_extras_v2: // new_hit_cnt = afl->queued_paths + afl->unique_crashes; } diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c index de58f277..28473c0c 100644 --- a/src/afl-fuzz-stats.c +++ b/src/afl-fuzz-stats.c @@ -124,11 +124,11 @@ void write_stats_file(afl_state_t *afl, double bitmap_cvg, double stability, afl->last_hang_time / 1000, afl->fsrv.total_execs - afl->last_crash_execs, afl->fsrv.exec_tmout, afl->slowest_exec_ms, #ifndef __HAIKU__ -#ifdef __APPLE__ + #ifdef __APPLE__ (unsigned long int)(rus.ru_maxrss >> 20), -#else + #else (unsigned long int)(rus.ru_maxrss >> 10), -#endif + #endif #else -1UL, #endif diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c index b84585bb..cefcd73f 100644 --- a/src/afl-fuzz.c +++ b/src/afl-fuzz.c @@ -33,16 +33,14 @@ extern u64 time_spent_working; static void at_exit() { - int i; + int i; char *ptr = getenv("__AFL_TARGET_PID1"); - if (ptr && *ptr && (i = atoi(ptr)) > 0) - kill(i, SIGKILL); + if (ptr && *ptr && (i = atoi(ptr)) > 0) kill(i, SIGKILL); ptr = getenv("__AFL_TARGET_PID2"); - if (ptr && *ptr && (i = atoi(ptr)) > 0) - kill(i, SIGKILL); + if (ptr && *ptr && (i = atoi(ptr)) > 0) kill(i, SIGKILL); // anything else? shared memory? @@ -1259,7 +1257,7 @@ int main(int argc, char **argv_orig, char **envp) { OKF("Cmplog forkserver successfully started"); } - + atexit(at_exit); perform_dry_run(afl); diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 70a30ce4..7b46cd2b 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -57,7 +57,7 @@ #include #include #ifndef USEMMAP -#include + #include #endif #include #include diff --git a/src/afl-tmin.c b/src/afl-tmin.c index 5a28ba79..9df5112b 100644 --- a/src/afl-tmin.c +++ b/src/afl-tmin.c @@ -55,7 +55,7 @@ #include #include #ifndef USEMMAP -#include + #include #endif #include #include -- cgit 1.4.1 From 87f127722c5dd9d503c9b9acab9aceb0fd573da5 Mon Sep 17 00:00:00 2001 From: aflpp Date: Mon, 22 Jun 2020 08:28:41 +0200 Subject: fix afl-cmin.bash --- afl-cmin.bash | 2 +- docs/Changelog.md | 1 + src/afl-showmap.c | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) (limited to 'src/afl-showmap.c') diff --git a/afl-cmin.bash b/afl-cmin.bash index bdef1edc..3e29aa5c 100755 --- a/afl-cmin.bash +++ b/afl-cmin.bash @@ -245,7 +245,7 @@ if [ ! "$STDIN_FILE" = "" ]; then fi if [ "$AFL_PATH" = "" ]; then - SHOWMAP="${0%/afl-cmin}/afl-showmap" + SHOWMAP="${0%/afl-cmin.bash}/afl-showmap" else SHOWMAP="$AFL_PATH/afl-showmap" fi diff --git a/docs/Changelog.md b/docs/Changelog.md index bc91f2ee..ce6c9ed5 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -48,6 +48,7 @@ sending a mail to . - persistent mode shared memory testcase handover (instead of via files/stdin) - 10-100% performance increase - General support for 64 bit PowerPC, RiscV, Sparc etc. + - fix afl-cmin.bash - slightly better performance compilation options for afl++ and targets - fixed afl-gcc/afl-as that could break on fast systems reusing pids in the same second diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 7b46cd2b..6a26a949 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -559,7 +559,7 @@ static void usage(u8 *argv0) { "size\n" " the target was compiled for\n" "AFL_PRELOAD: LD_PRELOAD / DYLD_INSERT_LIBRARIES settings for target\n" - "AFL_QUIET: do not print extra informational output", + "AFL_QUIET: do not print extra informational output\n", argv0, MEM_LIMIT, doc_path); exit(1); -- cgit 1.4.1 From 37edfe2de9387d460dbb8e945e22122fd9ab8e1c Mon Sep 17 00:00:00 2001 From: van Hauser Date: Mon, 22 Jun 2020 19:56:34 +0200 Subject: shmem support for afl-tmin and afl-showmap --- src/afl-showmap.c | 42 ++++++++++++++++++++++++++++++++++++++++++ src/afl-tmin.c | 29 +++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+) (limited to 'src/afl-showmap.c') diff --git a/src/afl-showmap.c b/src/afl-showmap.c index 6a26a949..f1926b05 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -566,6 +566,17 @@ static void usage(u8 *argv0) { } +static sharedmem_t *deinit_shmem(afl_forkserver_t *fsrv, + sharedmem_t * shm_fuzz) { + + afl_shm_deinit(shm_fuzz); + fsrv->support_shmem_fuzz = 0; + fsrv->shmem_fuzz = NULL; + ck_free(shm_fuzz); + return NULL; + +} + /* Main entry point */ int main(int argc, char **argv_orig, char **envp) { @@ -775,6 +786,17 @@ int main(int argc, char **argv_orig, char **envp) { check_environment_vars(envp); + if (getenv("AFL_DEBUG")) { + + SAYF(cMGN "[D]" cRST); + for (int i = 0; i < argc; i++) + SAYF(" %s", argv[i]); + SAYF("\n"); + + } + + // if (afl->shmem_testcase_mode) { setup_testcase_shmem(afl); } + sharedmem_t shm = {0}; fsrv->trace_bits = afl_shm_init(&shm, map_size, 0); setup_signal_handlers(); @@ -829,6 +851,20 @@ int main(int argc, char **argv_orig, char **envp) { } + sharedmem_t *shm_fuzz = ck_alloc(sizeof(sharedmem_t)); + u8 * map = afl_shm_init(shm_fuzz, MAX_FILE + sizeof(u32), 1); + if (!map) { FATAL("BUG: Zero return from afl_shm_init."); } +#ifdef USEMMAP + setenv(SHM_FUZZ_ENV_VAR, shm_fuzz->g_shm_file_path, 1); +#else + u8 *shm_str = alloc_printf("%d", shm_fuzz->shm_id); + setenv(SHM_FUZZ_ENV_VAR, shm_str, 1); + ck_free(shm_str); +#endif + fsrv->support_shmem_fuzz = 1; + fsrv->shmem_fuzz_len = (u32 *)map; + fsrv->shmem_fuzz = map + sizeof(u32); + if (in_dir) { DIR * dir_in, *dir_out; @@ -897,6 +933,9 @@ int main(int argc, char **argv_orig, char **envp) { afl_fsrv_start(fsrv, use_argv, &stop_soon, get_afl_env("AFL_DEBUG_CHILD_OUTPUT") ? 1 : 0); + if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + while (done == 0 && (dir_ent = readdir(dir_in))) { if (dir_ent->d_name[0] == '.') { @@ -966,7 +1005,10 @@ int main(int argc, char **argv_orig, char **envp) { if (fsrv->target_path) { ck_free(fsrv->target_path); } + if (fsrv->use_shmem_fuzz) shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + afl_fsrv_deinit(fsrv); + if (stdin_file) { ck_free(stdin_file); } argv_cpy_free(argv); diff --git a/src/afl-tmin.c b/src/afl-tmin.c index 9df5112b..8b028327 100644 --- a/src/afl-tmin.c +++ b/src/afl-tmin.c @@ -802,6 +802,17 @@ static void usage(u8 *argv0) { } +static sharedmem_t *deinit_shmem(afl_forkserver_t *fsrv, + sharedmem_t * shm_fuzz) { + + afl_shm_deinit(shm_fuzz); + fsrv->support_shmem_fuzz = 0; + fsrv->shmem_fuzz = NULL; + ck_free(shm_fuzz); + return NULL; + +} + /* Main entry point */ int main(int argc, char **argv_orig, char **envp) { @@ -1052,11 +1063,28 @@ int main(int argc, char **argv_orig, char **envp) { SAYF("\n"); + sharedmem_t *shm_fuzz = ck_alloc(sizeof(sharedmem_t)); + u8 * map = afl_shm_init(shm_fuzz, MAX_FILE + sizeof(u32), 1); + if (!map) { FATAL("BUG: Zero return from afl_shm_init."); } +#ifdef USEMMAP + setenv(SHM_FUZZ_ENV_VAR, shm_fuzz->g_shm_file_path, 1); +#else + u8 *shm_str = alloc_printf("%d", shm_fuzz->shm_id); + setenv(SHM_FUZZ_ENV_VAR, shm_str, 1); + ck_free(shm_str); +#endif + fsrv->support_shmem_fuzz = 1; + fsrv->shmem_fuzz_len = (u32 *)map; + fsrv->shmem_fuzz = map + sizeof(u32); + read_initial_file(); afl_fsrv_start(fsrv, use_argv, &stop_soon, get_afl_env("AFL_DEBUG_CHILD_OUTPUT") ? 1 : 0); + if (fsrv->support_shmem_fuzz && !fsrv->use_shmem_fuzz) + shm_fuzz = deinit_shmem(fsrv, shm_fuzz); + ACTF("Performing dry run (mem limit = %llu MB, timeout = %u ms%s)...", fsrv->mem_limit, fsrv->exec_tmout, edges_only ? ", edges only" : ""); @@ -1111,6 +1139,7 @@ int main(int argc, char **argv_orig, char **envp) { OKF("We're done here. Have a nice day!\n"); afl_shm_deinit(&shm); + if (fsrv->use_shmem_fuzz) shm_fuzz = deinit_shmem(fsrv, shm_fuzz); afl_fsrv_deinit(fsrv); if (fsrv->target_path) { ck_free(fsrv->target_path); } if (mask_bitmap) { ck_free(mask_bitmap); } -- cgit 1.4.1 From ea1222b33fb5e97165f649168b812d83ed1ed8c4 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Mon, 22 Jun 2020 21:40:02 +0200 Subject: old compiler fix --- src/afl-showmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/afl-showmap.c') diff --git a/src/afl-showmap.c b/src/afl-showmap.c index f1926b05..de25e427 100644 --- a/src/afl-showmap.c +++ b/src/afl-showmap.c @@ -789,7 +789,7 @@ int main(int argc, char **argv_orig, char **envp) { if (getenv("AFL_DEBUG")) { SAYF(cMGN "[D]" cRST); - for (int i = 0; i < argc; i++) + for (i = 0; i < argc; i++) SAYF(" %s", argv[i]); SAYF("\n"); -- cgit 1.4.1