Skip to content

Commit cea4817

Browse files
addisoncrumpaddisoncrump
committed
remaining generic updates
1 parent 24722cf commit cea4817

File tree

28 files changed

+493
-233
lines changed

28 files changed

+493
-233
lines changed

fuzzers/forkserver_libafl_cc/src/main.rs

+6-5
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ use libafl::{
1212
inputs::BytesInput,
1313
monitors::SimpleMonitor,
1414
mutators::{scheduled::havoc_mutations, tokens_mutations, StdScheduledMutator, Tokens},
15-
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver},
15+
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver, TrackingHinted},
1616
schedulers::{IndexesLenTimeMinimizerScheduler, QueueScheduler},
1717
stages::mutational::StdMutationalStage,
1818
state::{HasCorpus, HasMetadata, StdState},
@@ -100,8 +100,9 @@ pub fn main() {
100100
let shmem_buf = shmem.as_mut_slice();
101101

102102
// Create an observation channel using the signals map
103-
let edges_observer =
104-
unsafe { HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)) };
103+
let edges_observer = unsafe {
104+
HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)).track_indices()
105+
};
105106

106107
// Create an observation channel to keep track of the execution time
107108
let time_observer = TimeObserver::new("time");
@@ -110,7 +111,7 @@ pub fn main() {
110111
// This one is composed by two Feedbacks in OR
111112
let mut feedback = feedback_or!(
112113
// New maximization map feedback linked to the edges observer and the feedback state
113-
MaxMapFeedback::tracking(&edges_observer, true, false),
114+
MaxMapFeedback::new(&edges_observer),
114115
// Time feedback, this one does not need a feedback state
115116
TimeFeedback::with_observer(&time_observer)
116117
);
@@ -150,7 +151,7 @@ pub fn main() {
150151
let mut mgr = SimpleEventManager::new(monitor);
151152

152153
// A minimization+queue policy to get testcasess from the corpus
153-
let scheduler = IndexesLenTimeMinimizerScheduler::new(QueueScheduler::new());
154+
let scheduler = IndexesLenTimeMinimizerScheduler::new(&edges_observer, QueueScheduler::new());
154155

155156
// A fuzzer with feedbacks and a corpus scheduler
156157
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

fuzzers/forkserver_simple/src/main.rs

+6-5
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ use libafl::{
1212
inputs::BytesInput,
1313
monitors::SimpleMonitor,
1414
mutators::{scheduled::havoc_mutations, tokens_mutations, StdScheduledMutator, Tokens},
15-
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver},
15+
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver, TrackingHinted},
1616
schedulers::{IndexesLenTimeMinimizerScheduler, QueueScheduler},
1717
stages::mutational::StdMutationalStage,
1818
state::{HasCorpus, HasMetadata, StdState},
@@ -100,8 +100,9 @@ pub fn main() {
100100
let shmem_buf = shmem.as_mut_slice();
101101

102102
// Create an observation channel using the signals map
103-
let edges_observer =
104-
unsafe { HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)) };
103+
let edges_observer = unsafe {
104+
HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)).track_indices()
105+
};
105106

106107
// Create an observation channel to keep track of the execution time
107108
let time_observer = TimeObserver::new("time");
@@ -110,7 +111,7 @@ pub fn main() {
110111
// This one is composed by two Feedbacks in OR
111112
let mut feedback = feedback_or!(
112113
// New maximization map feedback linked to the edges observer and the feedback state
113-
MaxMapFeedback::tracking(&edges_observer, true, false),
114+
MaxMapFeedback::new(&edges_observer),
114115
// Time feedback, this one does not need a feedback state
115116
TimeFeedback::with_observer(&time_observer)
116117
);
@@ -150,7 +151,7 @@ pub fn main() {
150151
let mut mgr = SimpleEventManager::new(monitor);
151152

152153
// A minimization+queue policy to get testcasess from the corpus
153-
let scheduler = IndexesLenTimeMinimizerScheduler::new(QueueScheduler::new());
154+
let scheduler = IndexesLenTimeMinimizerScheduler::new(&edges_observer, QueueScheduler::new());
154155

155156
// A fuzzer with feedbacks and a corpus scheduler
156157
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

fuzzers/frida_gdiplus/src/fuzzer.rs

+16-10
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ use libafl::{
2626
scheduled::{havoc_mutations, tokens_mutations, StdScheduledMutator},
2727
token_mutations::{I2SRandReplace, Tokens},
2828
},
29-
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver},
29+
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver, TrackingHinted},
3030
schedulers::{IndexesLenTimeMinimizerScheduler, QueueScheduler},
3131
stages::{ShadowTracingStage, StdMutationalStage},
3232
state::{HasCorpus, HasMetadata, StdState},
@@ -113,7 +113,8 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
113113
"edges",
114114
frida_helper.map_mut_ptr().unwrap(),
115115
MAP_SIZE,
116-
));
116+
))
117+
.track_indices();
117118

118119
// Create an observation channel to keep track of the execution time
119120
let time_observer = TimeObserver::new("time");
@@ -122,7 +123,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
122123
// This one is composed by two Feedbacks in OR
123124
let mut feedback = feedback_or!(
124125
// New maximization map feedback linked to the edges observer and the feedback state
125-
MaxMapFeedback::tracking(&edges_observer, true, false),
126+
MaxMapFeedback::new(&edges_observer),
126127
// Time feedback, this one does not need a feedback state
127128
TimeFeedback::with_observer(&time_observer)
128129
);
@@ -171,7 +172,8 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
171172
let mutator = StdScheduledMutator::new(havoc_mutations().merge(tokens_mutations()));
172173

173174
// A minimization+queue policy to get testcasess from the corpus
174-
let scheduler = IndexesLenTimeMinimizerScheduler::new(QueueScheduler::new());
175+
let scheduler =
176+
IndexesLenTimeMinimizerScheduler::new(&edges_observer, QueueScheduler::new());
175177

176178
// A fuzzer with feedbacks and a corpus scheduler
177179
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);
@@ -229,7 +231,8 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
229231
"edges",
230232
frida_helper.map_mut_ptr().unwrap(),
231233
MAP_SIZE,
232-
));
234+
))
235+
.track_indices();
233236

234237
// Create an observation channel to keep track of the execution time
235238
let time_observer = TimeObserver::new("time");
@@ -238,7 +241,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
238241
// This one is composed by two Feedbacks in OR
239242
let mut feedback = feedback_or!(
240243
// New maximization map feedback linked to the edges observer and the feedback state
241-
MaxMapFeedback::tracking(&edges_observer, true, false),
244+
MaxMapFeedback::new(&edges_observer),
242245
// Time feedback, this one does not need a feedback state
243246
TimeFeedback::with_observer(&time_observer)
244247
);
@@ -286,7 +289,8 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
286289
let mutator = StdScheduledMutator::new(havoc_mutations().merge(tokens_mutations()));
287290

288291
// A minimization+queue policy to get testcasess from the corpus
289-
let scheduler = IndexesLenTimeMinimizerScheduler::new(QueueScheduler::new());
292+
let scheduler =
293+
IndexesLenTimeMinimizerScheduler::new(&edges_observer, QueueScheduler::new());
290294

291295
// A fuzzer with feedbacks and a corpus scheduler
292296
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);
@@ -360,7 +364,8 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
360364
"edges",
361365
frida_helper.map_mut_ptr().unwrap(),
362366
MAP_SIZE,
363-
));
367+
))
368+
.track_indices();
364369

365370
// Create an observation channel to keep track of the execution time
366371
let time_observer = TimeObserver::new("time");
@@ -369,7 +374,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
369374
// This one is composed by two Feedbacks in OR
370375
let mut feedback = feedback_or!(
371376
// New maximization map feedback linked to the edges observer and the feedback state
372-
MaxMapFeedback::tracking(&edges_observer, true, false),
377+
MaxMapFeedback::new(&edges_observer),
373378
// Time feedback, this one does not need a feedback state
374379
TimeFeedback::with_observer(&time_observer)
375380
);
@@ -417,7 +422,8 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
417422
let mutator = StdScheduledMutator::new(havoc_mutations().merge(tokens_mutations()));
418423

419424
// A minimization+queue policy to get testcasess from the corpus
420-
let scheduler = IndexesLenTimeMinimizerScheduler::new(QueueScheduler::new());
425+
let scheduler =
426+
IndexesLenTimeMinimizerScheduler::new(&edges_observer, QueueScheduler::new());
421427

422428
// A fuzzer with feedbacks and a corpus scheduler
423429
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

fuzzers/fuzzbench/src/lib.rs

+7-7
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ use libafl::{
2828
scheduled::havoc_mutations, token_mutations::I2SRandReplace, tokens_mutations,
2929
StdMOptMutator, StdScheduledMutator, Tokens,
3030
},
31-
observers::{HitcountsMapObserver, TimeObserver},
31+
observers::{HitcountsMapObserver, TimeObserver, TrackingHinted},
3232
schedulers::{
3333
powersched::PowerSchedule, IndexesLenTimeMinimizerScheduler, StdWeightedScheduler,
3434
},
@@ -242,14 +242,15 @@ fn fuzz(
242242

243243
// Create an observation channel using the coverage map
244244
// We don't use the hitcounts (see the Cargo.toml, we use pcguard_edges)
245-
let edges_observer = HitcountsMapObserver::new(unsafe { std_edges_map_observer("edges") });
245+
let edges_observer =
246+
HitcountsMapObserver::new(unsafe { std_edges_map_observer("edges") }).track_indices();
246247

247248
// Create an observation channel to keep track of the execution time
248249
let time_observer = TimeObserver::new("time");
249250

250251
let cmplog_observer = CmpLogObserver::new("cmplog", true);
251252

252-
let map_feedback = MaxMapFeedback::tracking(&edges_observer, true, false);
253+
let map_feedback = MaxMapFeedback::new(&edges_observer);
253254

254255
let calibration = CalibrationStage::new(&map_feedback);
255256

@@ -307,11 +308,10 @@ fn fuzz(
307308
let power = StdPowerMutationalStage::new(mutator);
308309

309310
// A minimization+queue policy to get testcasess from the corpus
310-
let scheduler = IndexesLenTimeMinimizerScheduler::new(StdWeightedScheduler::with_schedule(
311-
&mut state,
311+
let scheduler = IndexesLenTimeMinimizerScheduler::new(
312312
&edges_observer,
313-
Some(PowerSchedule::FAST),
314-
));
313+
StdWeightedScheduler::with_schedule(&mut state, &edges_observer, Some(PowerSchedule::FAST)),
314+
);
315315

316316
// A fuzzer with feedbacks and a corpus scheduler
317317
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

fuzzers/fuzzbench_ctx/src/lib.rs

+7-7
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ use libafl::{
2828
scheduled::havoc_mutations, token_mutations::I2SRandReplace, tokens_mutations,
2929
StdMOptMutator, StdScheduledMutator, Tokens,
3030
},
31-
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver},
31+
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver, TrackingHinted},
3232
schedulers::{
3333
powersched::PowerSchedule, IndexesLenTimeMinimizerScheduler, StdWeightedScheduler,
3434
},
@@ -249,14 +249,15 @@ fn fuzz(
249249
"edges",
250250
OwnedMutSlice::from_raw_parts_mut(edges_map_mut_ptr(), EDGES_MAP_SIZE),
251251
)
252-
});
252+
})
253+
.track_indices();
253254

254255
// Create an observation channel to keep track of the execution time
255256
let time_observer = TimeObserver::new("time");
256257

257258
let cmplog_observer = CmpLogObserver::new("cmplog", true);
258259

259-
let map_feedback = MaxMapFeedback::tracking(&edges_observer, true, false);
260+
let map_feedback = MaxMapFeedback::new(&edges_observer);
260261

261262
let calibration = CalibrationStage::new(&map_feedback);
262263

@@ -314,11 +315,10 @@ fn fuzz(
314315
let power = StdPowerMutationalStage::new(mutator);
315316

316317
// A minimization+queue policy to get testcasess from the corpus
317-
let scheduler = IndexesLenTimeMinimizerScheduler::new(StdWeightedScheduler::with_schedule(
318-
&mut state,
318+
let scheduler = IndexesLenTimeMinimizerScheduler::new(
319319
&edges_observer,
320-
Some(PowerSchedule::FAST),
321-
));
320+
StdWeightedScheduler::with_schedule(&mut state, &edges_observer, Some(PowerSchedule::FAST)),
321+
);
322322

323323
// A fuzzer with feedbacks and a corpus scheduler
324324
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

fuzzers/fuzzbench_forkserver/src/main.rs

+14-8
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,9 @@ use libafl::{
2121
scheduled::havoc_mutations, token_mutations::I2SRandReplace, tokens_mutations,
2222
StdMOptMutator, StdScheduledMutator, Tokens,
2323
},
24-
observers::{HitcountsMapObserver, StdCmpValuesObserver, StdMapObserver, TimeObserver},
24+
observers::{
25+
HitcountsMapObserver, StdCmpValuesObserver, StdMapObserver, TimeObserver, TrackingHinted,
26+
},
2527
schedulers::{
2628
powersched::PowerSchedule, IndexesLenTimeMinimizerScheduler, StdWeightedScheduler,
2729
},
@@ -248,13 +250,14 @@ fn fuzz(
248250
std::env::set_var("AFL_MAP_SIZE", format!("{}", MAP_SIZE));
249251

250252
// Create an observation channel using the hitcounts map of AFL++
251-
let edges_observer =
252-
unsafe { HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)) };
253+
let edges_observer = unsafe {
254+
HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)).track_indices()
255+
};
253256

254257
// Create an observation channel to keep track of the execution time
255258
let time_observer = TimeObserver::new("time");
256259

257-
let map_feedback = MaxMapFeedback::tracking(&edges_observer, true, false);
260+
let map_feedback = MaxMapFeedback::new(&edges_observer);
258261

259262
let calibration = CalibrationStage::new(&map_feedback);
260263

@@ -300,11 +303,14 @@ fn fuzz(
300303
let power = StdPowerMutationalStage::new(mutator);
301304

302305
// A minimization+queue policy to get testcasess from the corpus
303-
let scheduler = IndexesLenTimeMinimizerScheduler::new(StdWeightedScheduler::with_schedule(
304-
&mut state,
306+
let scheduler = IndexesLenTimeMinimizerScheduler::new(
305307
&edges_observer,
306-
Some(PowerSchedule::EXPLORE),
307-
));
308+
StdWeightedScheduler::with_schedule(
309+
&mut state,
310+
&edges_observer,
311+
Some(PowerSchedule::EXPLORE),
312+
),
313+
);
308314

309315
// A fuzzer with feedbacks and a corpus scheduler
310316
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

fuzzers/fuzzbench_forkserver_cmplog/src/main.rs

+12-8
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ use libafl::{
2121
scheduled::havoc_mutations, token_mutations::AFLppRedQueen, tokens_mutations,
2222
StdMOptMutator, Tokens,
2323
},
24-
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver},
24+
observers::{HitcountsMapObserver, StdMapObserver, TimeObserver, TrackingHinted},
2525
schedulers::{
2626
powersched::PowerSchedule, IndexesLenTimeMinimizerScheduler, StdWeightedScheduler,
2727
},
@@ -251,13 +251,14 @@ fn fuzz(
251251
std::env::set_var("AFL_MAP_SIZE", format!("{MAP_SIZE}"));
252252

253253
// Create an observation channel using the hitcounts map of AFL++
254-
let edges_observer =
255-
unsafe { HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)) };
254+
let edges_observer = unsafe {
255+
HitcountsMapObserver::new(StdMapObserver::new("shared_mem", shmem_buf)).track_indices()
256+
};
256257

257258
// Create an observation channel to keep track of the execution time
258259
let time_observer = TimeObserver::new("time");
259260

260-
let map_feedback = MaxMapFeedback::tracking(&edges_observer, true, false);
261+
let map_feedback = MaxMapFeedback::new(&edges_observer);
261262

262263
let calibration = CalibrationStage::new(&map_feedback);
263264

@@ -303,11 +304,14 @@ fn fuzz(
303304
let power = StdPowerMutationalStage::new(mutator);
304305

305306
// A minimization+queue policy to get testcasess from the corpus
306-
let scheduler = IndexesLenTimeMinimizerScheduler::new(StdWeightedScheduler::with_schedule(
307-
&mut state,
307+
let scheduler = IndexesLenTimeMinimizerScheduler::new(
308308
&edges_observer,
309-
Some(PowerSchedule::EXPLORE),
310-
));
309+
StdWeightedScheduler::with_schedule(
310+
&mut state,
311+
&edges_observer,
312+
Some(PowerSchedule::EXPLORE),
313+
),
314+
);
311315

312316
// A fuzzer with feedbacks and a corpus scheduler
313317
let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective);

0 commit comments

Comments
 (0)