Skip to content

Commit

Permalink
Merge branch 'AFLplusplus:main' into intel_pt
Browse files Browse the repository at this point in the history
  • Loading branch information
Marcondiro authored Sep 9, 2024
2 parents 15f1fa9 + 25624d8 commit 09a1a33
Show file tree
Hide file tree
Showing 21 changed files with 195 additions and 128 deletions.
1 change: 1 addition & 0 deletions fuzzers/baby/baby_no_std/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ use static_alloc::Bump;
#[global_allocator]
static A: Bump<[u8; 512 * 1024 * 1024]> = Bump::uninit();

#[cfg(not(test))]
#[panic_handler]
fn panic(_info: &PanicInfo) -> ! {
#[cfg(unix)]
Expand Down
10 changes: 5 additions & 5 deletions fuzzers/others/sqlite_centralized_multi_machine/build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,14 @@ if [ ! -d "sqlite3" ]; then
find ./sqlite3 -name "*.test" -exec cp {} corpus/ \;
fi

if [ "$1" = "release" ]; then
cargo build --release
else
if [ "$1" = "d" ]; then
cargo build
else
cargo build --release
fi

export CC=`pwd`/target/debug/libafl_cc
export CXX=`pwd`/target/debug/libafl_cxx
export CC=`pwd`/target/release/libafl_cc
export CXX=`pwd`/target/release/libafl_cxx
export CFLAGS='--libafl'
export CXXFLAGS='--libafl'
export CFLAGS="$CFLAGS -DSQLITE_MAX_LENGTH=128000000 \
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
#!/bin/bash

./ossfuzz --cores 4-7 --input ./corpus
./ossfuzz --cores 0-1 --input ./corpus
6 changes: 3 additions & 3 deletions libafl/src/events/llmp/restarting.rs
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ where
fn on_restart(&mut self, state: &mut S) -> Result<(), Error> {
state.on_restart()?;

// First, reset the page to 0 so the next iteration can read read from the beginning of this page
// First, reset the page to 0 so the next iteration can read from the beginning of this page
self.staterestorer.reset();
self.staterestorer.save(&(
if self.save_state.on_restart() {
Expand Down Expand Up @@ -595,7 +595,7 @@ where
}
};

// If this guy wants to fork, then ignore sigit
// If this guy wants to fork, then ignore sigint
#[cfg(any(windows, not(feature = "fork")))]
unsafe {
#[cfg(windows)]
Expand All @@ -614,7 +614,7 @@ where
#[cfg(any(windows, not(feature = "fork")))]
let child_status = child_status.code().unwrap_or_default();

compiler_fence(Ordering::SeqCst);
compiler_fence(Ordering::SeqCst); // really useful?

if child_status == CTRL_C_EXIT || staterestorer.wants_to_exit() {
// if ctrl-c is pressed, we end up in this branch
Expand Down
11 changes: 5 additions & 6 deletions libafl/src/events/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,9 @@ pub use broker_hooks::*;
#[cfg(feature = "std")]
pub use launcher::*;
#[cfg(all(unix, feature = "std"))]
use libafl_bolts::os::unix_signals::{siginfo_t, ucontext_t, Handler, Signal, CTRL_C_EXIT};
use libafl_bolts::os::unix_signals::{siginfo_t, ucontext_t, Handler, Signal};
#[cfg(all(unix, feature = "std"))]
use libafl_bolts::os::CTRL_C_EXIT;
use libafl_bolts::{
current_time,
tuples::{Handle, MatchNameRef},
Expand Down Expand Up @@ -86,10 +88,7 @@ impl Handler for ShutdownSignalData {
_info: &mut siginfo_t,
_context: Option<&mut ucontext_t>,
) {
// println!("in handler! {}", std::process::id());
unsafe {
// println!("Exiting from the handler....");

#[cfg(unix)]
libc::_exit(CTRL_C_EXIT);

Expand Down Expand Up @@ -117,7 +116,7 @@ use crate::events::multi_machine::NodeId;
#[cfg(feature = "introspection")]
use crate::monitors::ClientPerfMonitor;
use crate::{
inputs::UsesInput, observers::TimeObserver, stages::HasCurrentStage, state::UsesState,
inputs::UsesInput, observers::TimeObserver, stages::HasCurrentStageId, state::UsesState,
};

/// The log event severity
Expand Down Expand Up @@ -546,7 +545,7 @@ where
/// Restartable trait
pub trait EventRestarter: UsesState {
/// For restarting event managers, implement a way to forward state to their next peers.
/// You *must* ensure that [`HasCurrentStage::on_restart`] will be invoked in this method, by you
/// You *must* ensure that [`HasCurrentStageId::on_restart`] will be invoked in this method, by you
/// or an internal [`EventRestarter`], before the state is saved for recovery.
#[inline]
fn on_restart(&mut self, state: &mut Self::State) -> Result<(), Error> {
Expand Down
2 changes: 1 addition & 1 deletion libafl/src/feedbacks/map.rs
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ where
}

/// A testcase metadata holding a list of indexes of a map
#[derive(Debug, Serialize, Deserialize)]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[cfg_attr(
any(not(feature = "serdeany_autoreg"), miri),
allow(clippy::unsafe_derive_deserialize)
Expand Down
10 changes: 5 additions & 5 deletions libafl/src/fuzzer/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ use crate::{
mark_feature_time,
observers::ObserversTuple,
schedulers::Scheduler,
stages::{HasCurrentStage, StagesTuple},
stages::{HasCurrentStageId, StagesTuple},
start_timer,
state::{
HasCorpus, HasCurrentTestcase, HasExecutions, HasLastFoundTime, HasLastReportTime,
Expand Down Expand Up @@ -242,8 +242,8 @@ where
) -> Result<(), Error> {
let monitor_timeout = STATS_TIMEOUT_DEFAULT;
loop {
// log::info!("Starting another fuzz_loop");
manager.maybe_report_progress(state, monitor_timeout)?;

self.fuzz_one(stages, executor, state, manager)?;
}
}
Expand Down Expand Up @@ -769,7 +769,7 @@ where
+ HasTestcase
+ HasLastReportTime
+ HasCurrentCorpusId
+ HasCurrentStage,
+ HasCurrentStageId,
ST: StagesTuple<E, EM, Self::State, Self>,
{
fn fuzz_one(
Expand Down Expand Up @@ -940,7 +940,7 @@ pub mod test {
use crate::{
corpus::CorpusId,
events::{EventProcessor, ProgressReporter},
stages::{HasCurrentStage, StagesTuple},
stages::{HasCurrentStageId, StagesTuple},
state::{HasExecutions, HasLastReportTime, State, UsesState},
Fuzzer, HasMetadata,
};
Expand Down Expand Up @@ -977,7 +977,7 @@ pub mod test {
E: UsesState,
EM: ProgressReporter<State = Self::State> + EventProcessor<E, Self>,
ST: StagesTuple<E, EM, Self::State, Self>,
Self::State: HasMetadata + HasExecutions + HasLastReportTime + HasCurrentStage,
Self::State: HasMetadata + HasExecutions + HasLastReportTime + HasCurrentStageId,
{
fn fuzz_one(
&mut self,
Expand Down
3 changes: 2 additions & 1 deletion libafl/src/observers/map/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -82,8 +82,9 @@ pub use owned_map::*;
/// # InMemoryCorpus::<BytesInput>::new(),
/// # InMemoryCorpus::new(),
/// # &mut feedback,
/// # &mut ()
/// # &mut (),
/// # ).unwrap();
///
/// # feedback.init_state(&mut state).unwrap();
///
/// let scheduler = IndexesLenTimeMinimizerScheduler::new(&edges_observer, QueueScheduler::new());
Expand Down
5 changes: 2 additions & 3 deletions libafl/src/stages/calibrate.rs
Original file line number Diff line number Diff line change
Expand Up @@ -260,16 +260,15 @@ where
let observers = executor.observers();
let map = observers[&self.map_observer_handle].as_ref();

let mut bitmap_size = map.count_bytes();
let bitmap_size = map.count_bytes();

if bitmap_size < 1 {
return Err(Error::invalid_corpus(
"This testcase doesnot trigger trigger any edges. Check your instrumentation!"
"This testcase does not trigger any edges. Check your instrumentation!"
.to_string(),
));
}

bitmap_size = bitmap_size.max(1); // just don't make it 0 because we take log2 of it later.
let psmeta = state
.metadata_map_mut()
.get_mut::<SchedulerMetadata>()
Expand Down
14 changes: 7 additions & 7 deletions libafl/src/stages/logics.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
use core::marker::PhantomData;

use crate::{
stages::{HasCurrentStage, HasNestedStageStatus, Stage, StageId, StagesTuple},
stages::{HasCurrentStageId, HasNestedStageStatus, Stage, StageId, StagesTuple},
state::UsesState,
Error,
};
Expand Down Expand Up @@ -61,7 +61,7 @@ where
state: &mut Self::State,
manager: &mut EM,
) -> Result<(), Error> {
while state.current_stage_idx()?.is_some()
while state.current_stage_id()?.is_some()
|| (self.closure)(fuzzer, executor, state, manager)?
{
self.stages.perform_all(fuzzer, executor, state, manager)?;
Expand Down Expand Up @@ -126,7 +126,7 @@ where
state: &mut Self::State,
manager: &mut EM,
) -> Result<(), Error> {
if state.current_stage_idx()?.is_some() || (self.closure)(fuzzer, executor, state, manager)?
if state.current_stage_id()?.is_some() || (self.closure)(fuzzer, executor, state, manager)?
{
self.if_stages
.perform_all(fuzzer, executor, state, manager)?;
Expand Down Expand Up @@ -192,29 +192,29 @@ where
state: &mut Self::State,
manager: &mut EM,
) -> Result<(), Error> {
let current = state.current_stage_idx()?;
let current = state.current_stage_id()?;

let fresh = current.is_none();
let closure_return = fresh && (self.closure)(fuzzer, executor, state, manager)?;

if current == Some(StageId(0)) || closure_return {
if fresh {
state.set_current_stage_idx(StageId(0))?;
state.set_current_stage_id(StageId(0))?;
}
state.enter_inner_stage()?;
self.if_stages
.perform_all(fuzzer, executor, state, manager)?;
} else {
if fresh {
state.set_current_stage_idx(StageId(1))?;
state.set_current_stage_id(StageId(1))?;
}
state.enter_inner_stage()?;
self.else_stages
.perform_all(fuzzer, executor, state, manager)?;
}

state.exit_inner_stage()?;
state.clear_stage()?;
state.clear_stage_id()?;

Ok(())
}
Expand Down
30 changes: 15 additions & 15 deletions libafl/src/stages/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ where
E: UsesState<State = S>,
EM: UsesState<State = S>,
Z: UsesState<State = S>,
S: UsesInput + HasCurrentStage,
S: UsesInput + HasCurrentStageId,
{
/// Performs all `Stages` in this tuple.
fn perform_all(
Expand All @@ -152,7 +152,7 @@ where
E: UsesState<State = S>,
EM: UsesState<State = S>,
Z: UsesState<State = S>,
S: UsesInput + HasCurrentStage,
S: UsesInput + HasCurrentStageId,
{
fn perform_all(
&mut self,
Expand All @@ -161,7 +161,7 @@ where
stage: &mut S,
_: &mut EM,
) -> Result<(), Error> {
if stage.current_stage_idx()?.is_some() {
if stage.current_stage_id()?.is_some() {
Err(Error::illegal_state(
"Got to the end of the tuple without completing resume.",
))
Expand All @@ -178,7 +178,7 @@ where
E: UsesState<State = Head::State>,
EM: UsesState<State = Head::State> + EventProcessor<E, Z>,
Z: UsesState<State = Head::State>,
Head::State: HasCurrentStage,
Head::State: HasCurrentStageId,
{
/// Performs all stages in the tuple,
/// Checks after every stage if state wants to stop
Expand All @@ -190,7 +190,7 @@ where
state: &mut Head::State,
manager: &mut EM,
) -> Result<(), Error> {
match state.current_stage_idx()? {
match state.current_stage_id()? {
Some(idx) if idx < StageId(Self::LEN) => {
// do nothing; we are resuming
}
Expand All @@ -200,19 +200,19 @@ where

stage.perform_restartable(fuzzer, executor, state, manager)?;

state.clear_stage()?;
state.clear_stage_id()?;
}
Some(idx) if idx > StageId(Self::LEN) => {
unreachable!("We should clear the stage index before we get here...");
}
// this is None, but the match can't deduce that
_ => {
state.set_current_stage_idx(StageId(Self::LEN))?;
state.set_current_stage_id(StageId(Self::LEN))?;

let stage = &mut self.0;
stage.perform_restartable(fuzzer, executor, state, manager)?;

state.clear_stage()?;
state.clear_stage_id()?;
}
}

Expand All @@ -237,7 +237,7 @@ where
E: UsesState<State = Head::State>,
EM: UsesState<State = Head::State>,
Z: UsesState<State = Head::State>,
Head::State: HasCurrentStage,
Head::State: HasCurrentStageId,
{
fn into_vec_reversed(
self,
Expand Down Expand Up @@ -286,7 +286,7 @@ where
E: UsesState<State = S>,
EM: UsesState<State = S> + EventProcessor<E, Z>,
Z: UsesState<State = S>,
S: UsesInput + HasCurrentStage + State,
S: UsesInput + HasCurrentStageId + State,
{
/// Performs all stages in the `Vec`
/// Checks after every stage if state wants to stop
Expand Down Expand Up @@ -592,15 +592,15 @@ impl fmt::Display for StageId {
}

/// Trait for types which track the current stage
pub trait HasCurrentStage {
pub trait HasCurrentStageId {
/// Set the current stage; we have started processing this stage
fn set_current_stage_idx(&mut self, idx: StageId) -> Result<(), Error>;
fn set_current_stage_id(&mut self, id: StageId) -> Result<(), Error>;

/// Clear the current stage; we are done processing this stage
fn clear_stage(&mut self) -> Result<(), Error>;
fn clear_stage_id(&mut self) -> Result<(), Error>;

/// Fetch the current stage -- typically used after a state recovery or transfer
fn current_stage_idx(&self) -> Result<Option<StageId>, Error>;
fn current_stage_id(&self) -> Result<Option<StageId>, Error>;

/// Notify of a reset from which we may recover
fn on_restart(&mut self) -> Result<(), Error> {
Expand All @@ -610,7 +610,7 @@ pub trait HasCurrentStage {

/// Trait for types which track nested stages. Stages which themselves contain stage tuples should
/// ensure that they constrain the state with this trait accordingly.
pub trait HasNestedStageStatus: HasCurrentStage {
pub trait HasNestedStageStatus: HasCurrentStageId {
/// Enter a stage scope, potentially resuming to an inner stage status. Returns Ok(true) if
/// resumed.
fn enter_inner_stage(&mut self) -> Result<(), Error>;
Expand Down
Loading

0 comments on commit 09a1a33

Please sign in to comment.