diff --git a/bindings/pylibafl/src/lib.rs b/bindings/pylibafl/src/lib.rs index 2bb8f11e2c..914fca662b 100644 --- a/bindings/pylibafl/src/lib.rs +++ b/bindings/pylibafl/src/lib.rs @@ -46,9 +46,9 @@ class BaseStage: return Stage.new_py(self) class BaseMutator: - def mutate(self, state, input, stage_idx): + def mutate(self, state, input): pass - def post_exec(self, state, stage_idx, corpus_idx): + def post_exec(self, state, corpus_idx): pass def as_mutator(self): return Mutator.new_py(self) diff --git a/fuzzers/push_stage_harness/src/main.rs b/fuzzers/push_stage_harness/src/main.rs index 201a3a860c..27c78c26ef 100644 --- a/fuzzers/push_stage_harness/src/main.rs +++ b/fuzzers/push_stage_harness/src/main.rs @@ -31,10 +31,11 @@ fn signals_set(idx: usize) { unsafe { SIGNALS[idx] = 1 }; } -#[allow(clippy::similar_names)] +#[allow(clippy::similar_names, clippy::manual_assert)] pub fn main() { // Create an observation channel using the signals map - let observer = unsafe { StdMapObserver::new("signals", &mut SIGNALS) }; + let observer = + unsafe { StdMapObserver::from_mut_ptr("signals", SIGNALS.as_mut_ptr(), SIGNALS.len()) }; // Feedback to rate the interestingness of an input let mut feedback = MaxMapFeedback::new(&observer); @@ -90,8 +91,6 @@ pub fn main() { let exit_kind = Rc::new(Cell::new(None)); - let stage_idx = 0; - let observers = tuple_list!(observer); let shared_state = PushStageSharedState::new(fuzzer, state, observers, mgr); @@ -101,7 +100,6 @@ pub fn main() { mutator, Rc::new(RefCell::new(Some(shared_state))), exit_kind.clone(), - stage_idx, ); // Loop, the input, getting a new entry from the push stage each iteration. diff --git a/fuzzers/tutorial/src/mutator.rs b/fuzzers/tutorial/src/mutator.rs index ce9d85ad51..09ebbb3454 100644 --- a/fuzzers/tutorial/src/mutator.rs +++ b/fuzzers/tutorial/src/mutator.rs @@ -19,12 +19,7 @@ impl Mutator for LainMutator where S: HasRand, { - fn mutate( - &mut self, - state: &mut S, - input: &mut PacketData, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut PacketData) -> Result { // Lain uses its own instance of StdRand, but we want to keep it in sync with LibAFL's state. self.inner.rng_mut().set_seed(state.rand_mut().next()); input.mutate(&mut self.inner, None); diff --git a/libafl/src/mutators/encoded_mutations.rs b/libafl/src/mutators/encoded_mutations.rs index 3c5b9215f0..9a29945bff 100644 --- a/libafl/src/mutators/encoded_mutations.rs +++ b/libafl/src/mutators/encoded_mutations.rs @@ -25,12 +25,7 @@ use crate::{ pub struct EncodedRandMutator; impl Mutator for EncodedRandMutator { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { if input.codes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -60,12 +55,7 @@ impl EncodedRandMutator { pub struct EncodedIncMutator; impl Mutator for EncodedIncMutator { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { if input.codes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -95,12 +85,7 @@ impl EncodedIncMutator { pub struct EncodedDecMutator; impl Mutator for EncodedDecMutator { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { if input.codes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -130,12 +115,7 @@ impl EncodedDecMutator { pub struct EncodedAddMutator; impl Mutator for EncodedAddMutator { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { if input.codes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -169,12 +149,7 @@ impl EncodedAddMutator { pub struct EncodedDeleteMutator; impl Mutator for EncodedDeleteMutator { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { let size = input.codes().len(); if size <= 2 { return Ok(MutationResult::Skipped); @@ -212,12 +187,7 @@ impl Mutator for EncodedInsertCopyMutator where S: HasRand + HasMaxSize, { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { let max_size = state.max_size(); let size = input.codes().len(); if size == 0 { @@ -272,12 +242,7 @@ impl EncodedInsertCopyMutator { pub struct EncodedCopyMutator; impl Mutator for EncodedCopyMutator { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { let size = input.codes().len(); if size <= 1 { return Ok(MutationResult::Skipped); @@ -317,12 +282,7 @@ impl Mutator for EncodedCrossoverInsertMutator where S: UsesInput + HasRand + HasCorpus + HasMaxSize, { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { let size = input.codes().len(); // We don't want to use the testcase we're already using for splicing @@ -391,12 +351,7 @@ impl Mutator for EncodedCrossoverReplaceMutator where S: UsesInput + HasRand + HasCorpus, { - fn mutate( - &mut self, - state: &mut S, - input: &mut EncodedInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut EncodedInput) -> Result { let size = input.codes().len(); if size == 0 { return Ok(MutationResult::Skipped); diff --git a/libafl/src/mutators/gramatron.rs b/libafl/src/mutators/gramatron.rs index 231523b3e7..6deee6f93b 100644 --- a/libafl/src/mutators/gramatron.rs +++ b/libafl/src/mutators/gramatron.rs @@ -36,7 +36,6 @@ where &mut self, state: &mut S, input: &mut GramatronInput, - _stage_idx: i32, ) -> Result { if !input.terminals().is_empty() { let size = state.rand_mut().below(input.terminals().len() as u64 + 1) as usize; @@ -109,7 +108,6 @@ where &mut self, state: &mut S, input: &mut GramatronInput, - _stage_idx: i32, ) -> Result { if input.terminals().is_empty() { return Ok(MutationResult::Skipped); @@ -180,7 +178,6 @@ where &mut self, state: &mut S, input: &mut GramatronInput, - _stage_idx: i32, ) -> Result { if input.terminals().is_empty() { return Ok(MutationResult::Skipped); diff --git a/libafl/src/mutators/grimoire.rs b/libafl/src/mutators/grimoire.rs index c115b9db4d..49dba54a5c 100644 --- a/libafl/src/mutators/grimoire.rs +++ b/libafl/src/mutators/grimoire.rs @@ -122,7 +122,6 @@ where &mut self, state: &mut S, generalised_meta: &mut GeneralizedInputMetadata, - _stage_idx: i32, ) -> Result { extend_with_random_generalized( state, @@ -163,7 +162,6 @@ where &mut self, state: &mut S, generalised_meta: &mut GeneralizedInputMetadata, - _stage_idx: i32, ) -> Result { let mut mutated = MutationResult::Skipped; @@ -236,7 +234,6 @@ where &mut self, state: &mut S, generalised_meta: &mut GeneralizedInputMetadata, - _stage_idx: i32, ) -> Result { let tokens_len = { let meta = state.metadata_map().get::(); @@ -347,7 +344,6 @@ where &mut self, state: &mut S, generalised_meta: &mut GeneralizedInputMetadata, - _stage_idx: i32, ) -> Result { let gen = generalised_meta.generalized_mut(); diff --git a/libafl/src/mutators/mod.rs b/libafl/src/mutators/mod.rs index 80ddb2207a..6828f5fbf7 100644 --- a/libafl/src/mutators/mod.rs +++ b/libafl/src/mutators/mod.rs @@ -91,12 +91,7 @@ pub enum MutationResult { /// Simple as that. pub trait Mutator: Named { /// Mutate a given input - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result; + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result; /// Post-process given the outcome of the execution /// `new_corpus_idx` will be `Some` if a new `Testcase` was created this execution. @@ -104,7 +99,6 @@ pub trait Mutator: Named { fn post_exec( &mut self, _state: &mut S, - _stage_idx: i32, _new_corpus_idx: Option, ) -> Result<(), Error> { Ok(()) @@ -120,7 +114,6 @@ pub trait MultiMutator: Named { &mut self, state: &mut S, input: &I, - stage_idx: i32, max_count: Option, ) -> Result, Error>; @@ -130,7 +123,6 @@ pub trait MultiMutator: Named { fn multi_post_exec( &mut self, _state: &mut S, - _stage_idx: i32, _new_corpus_idx: Option, ) -> Result<(), Error> { Ok(()) @@ -140,19 +132,13 @@ pub trait MultiMutator: Named { /// A `Tuple` of `Mutators` that can execute multiple `Mutators` in a row. pub trait MutatorsTuple: HasLen { /// Runs the `mutate` function on all `Mutators` in this `Tuple`. - fn mutate_all( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result; + fn mutate_all(&mut self, state: &mut S, input: &mut I) -> Result; /// Runs the `post_exec` function on all `Mutators` in this `Tuple`. /// `new_corpus_idx` will be `Some` if a new `Testcase` was created this execution. fn post_exec_all( &mut self, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error>; @@ -162,7 +148,6 @@ pub trait MutatorsTuple: HasLen { index: MutationId, state: &mut S, input: &mut I, - stage_idx: i32, ) -> Result; /// Gets the [`Mutator`] at the given index and runs the `post_exec` function on it. @@ -171,7 +156,7 @@ pub trait MutatorsTuple: HasLen { &mut self, index: usize, state: &mut S, - stage_idx: i32, + corpus_idx: Option, ) -> Result<(), Error>; @@ -184,12 +169,7 @@ pub trait MutatorsTuple: HasLen { impl MutatorsTuple for () { #[inline] - fn mutate_all( - &mut self, - _state: &mut S, - _input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate_all(&mut self, _state: &mut S, _input: &mut I) -> Result { Ok(MutationResult::Skipped) } @@ -197,7 +177,6 @@ impl MutatorsTuple for () { fn post_exec_all( &mut self, _state: &mut S, - _stage_idx: i32, _new_corpus_idx: Option, ) -> Result<(), Error> { Ok(()) @@ -209,7 +188,6 @@ impl MutatorsTuple for () { _index: MutationId, _state: &mut S, _input: &mut I, - _stage_idx: i32, ) -> Result { Ok(MutationResult::Skipped) } @@ -219,7 +197,6 @@ impl MutatorsTuple for () { &mut self, _index: usize, _state: &mut S, - _stage_idx: i32, _new_corpus_idx: Option, ) -> Result<(), Error> { Ok(()) @@ -241,14 +218,9 @@ where Head: Mutator, Tail: MutatorsTuple, { - fn mutate_all( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { - let r = self.0.mutate(state, input, stage_idx)?; - if self.1.mutate_all(state, input, stage_idx)? == MutationResult::Mutated { + fn mutate_all(&mut self, state: &mut S, input: &mut I) -> Result { + let r = self.0.mutate(state, input)?; + if self.1.mutate_all(state, input)? == MutationResult::Mutated { Ok(MutationResult::Mutated) } else { Ok(r) @@ -258,11 +230,10 @@ where fn post_exec_all( &mut self, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error> { - self.0.post_exec(state, stage_idx, new_corpus_idx)?; - self.1.post_exec_all(state, stage_idx, new_corpus_idx) + self.0.post_exec(state, new_corpus_idx)?; + self.1.post_exec_all(state, new_corpus_idx) } fn get_and_mutate( @@ -270,13 +241,11 @@ where index: MutationId, state: &mut S, input: &mut I, - stage_idx: i32, ) -> Result { if index.0 == 0 { - self.0.mutate(state, input, stage_idx) + self.0.mutate(state, input) } else { - self.1 - .get_and_mutate((index.0 - 1).into(), state, input, stage_idx) + self.1.get_and_mutate((index.0 - 1).into(), state, input) } } @@ -284,14 +253,12 @@ where &mut self, index: usize, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error> { if index == 0 { - self.0.post_exec(state, stage_idx, new_corpus_idx) + self.0.post_exec(state, new_corpus_idx) } else { - self.1 - .get_and_post_exec(index - 1, state, stage_idx, new_corpus_idx) + self.1.get_and_post_exec(index - 1, state, new_corpus_idx) } } @@ -331,22 +298,16 @@ impl MutatorsTuple for (Tail,) where Tail: MutatorsTuple, { - fn mutate_all( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { - self.0.mutate_all(state, input, stage_idx) + fn mutate_all(&mut self, state: &mut S, input: &mut I) -> Result { + self.0.mutate_all(state, input) } fn post_exec_all( &mut self, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error> { - self.0.post_exec_all(state, stage_idx, new_corpus_idx) + self.0.post_exec_all(state, new_corpus_idx) } fn get_and_mutate( @@ -354,20 +315,17 @@ where index: MutationId, state: &mut S, input: &mut I, - stage_idx: i32, ) -> Result { - self.0.get_and_mutate(index, state, input, stage_idx) + self.0.get_and_mutate(index, state, input) } fn get_and_post_exec( &mut self, index: usize, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error> { - self.0 - .get_and_post_exec(index, state, stage_idx, new_corpus_idx) + self.0.get_and_post_exec(index, state, new_corpus_idx) } fn names(&self) -> Vec<&str> { @@ -389,15 +347,10 @@ where } impl MutatorsTuple for Vec>> { - fn mutate_all( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn mutate_all(&mut self, state: &mut S, input: &mut I) -> Result { self.iter_mut() .try_fold(MutationResult::Skipped, |ret, mutator| { - if mutator.mutate(state, input, stage_idx)? == MutationResult::Mutated { + if mutator.mutate(state, input)? == MutationResult::Mutated { Ok(MutationResult::Mutated) } else { Ok(ret) @@ -408,11 +361,10 @@ impl MutatorsTuple for Vec>> { fn post_exec_all( &mut self, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error> { for mutator in self.iter_mut() { - mutator.post_exec(state, stage_idx, new_corpus_idx)?; + mutator.post_exec(state, new_corpus_idx)?; } Ok(()) } @@ -422,25 +374,23 @@ impl MutatorsTuple for Vec>> { index: MutationId, state: &mut S, input: &mut I, - stage_idx: i32, ) -> Result { let mutator = self .get_mut(index.0) .ok_or_else(|| Error::key_not_found("Mutator with id {index:?} not found."))?; - mutator.mutate(state, input, stage_idx) + mutator.mutate(state, input) } fn get_and_post_exec( &mut self, index: usize, state: &mut S, - stage_idx: i32, new_corpus_idx: Option, ) -> Result<(), Error> { let mutator = self .get_mut(index) .ok_or_else(|| Error::key_not_found("Mutator with id {index:?} not found."))?; - mutator.post_exec(state, stage_idx, new_corpus_idx) + mutator.post_exec(state, new_corpus_idx) } fn names_reversed(&self) -> Vec<&str> { @@ -501,14 +451,13 @@ pub mod pybind { &mut self, state: &mut PythonStdState, input: &mut BytesInput, - stage_idx: i32, ) -> Result { let mutated = Python::with_gil(|py| -> PyResult { self.inner .call_method1( py, "mutate", - (PythonStdStateWrapper::wrap(state), input.bytes(), stage_idx), + (PythonStdStateWrapper::wrap(state), input.bytes()), )? .extract(py) })?; @@ -522,18 +471,14 @@ pub mod pybind { fn post_exec( &mut self, state: &mut PythonStdState, - stage_idx: i32, + corpus_idx: Option, ) -> Result<(), Error> { Python::with_gil(|py| -> PyResult<()> { self.inner.call_method1( py, "post_exec", - ( - PythonStdStateWrapper::wrap(state), - stage_idx, - corpus_idx.map(|x| x.0), - ), + (PythonStdStateWrapper::wrap(state), corpus_idx.map(|x| x.0)), )?; Ok(()) })?; @@ -609,20 +554,17 @@ pub mod pybind { &mut self, state: &mut PythonStdState, input: &mut BytesInput, - stage_idx: i32, ) -> Result { - unwrap_me_mut!(self.wrapper, m, { m.mutate(state, input, stage_idx) }) + unwrap_me_mut!(self.wrapper, m, { m.mutate(state, input) }) } fn post_exec( &mut self, state: &mut PythonStdState, - stage_idx: i32, + corpus_idx: Option, ) -> Result<(), Error> { - unwrap_me_mut!(self.wrapper, m, { - m.post_exec(state, stage_idx, corpus_idx) - }) + unwrap_me_mut!(self.wrapper, m, { m.post_exec(state, corpus_idx) }) } } diff --git a/libafl/src/mutators/mopt_mutator.rs b/libafl/src/mutators/mopt_mutator.rs index 348269cead..143aaed82b 100644 --- a/libafl/src/mutators/mopt_mutator.rs +++ b/libafl/src/mutators/mopt_mutator.rs @@ -404,23 +404,13 @@ where S: HasRand + HasMetadata + HasCorpus + HasSolutions, { #[inline] - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { self.finds_before = state.corpus().count() + state.solutions().count(); - self.scheduled_mutate(state, input, stage_idx) + self.scheduled_mutate(state, input) } #[allow(clippy::cast_precision_loss)] - fn post_exec( - &mut self, - state: &mut S, - _stage_idx: i32, - _new_corpus_idx: Option, - ) -> Result<(), Error> { + fn post_exec(&mut self, state: &mut S, _new_corpus_idx: Option) -> Result<(), Error> { let before = self.finds_before; let after = state.corpus().count() + state.solutions().count(); @@ -558,12 +548,7 @@ where phantom: PhantomData, }) } - fn core_mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn core_mutate(&mut self, state: &mut S, input: &mut I) -> Result { let mut r = MutationResult::Skipped; let mopt = state.metadata_map_mut().get_mut::().unwrap(); for i in 0..mopt.operator_num { @@ -572,9 +557,7 @@ where for _i in 0..self.iterations(state, input) { let idx = self.schedule(state, input); - let outcome = self - .mutations_mut() - .get_and_mutate(idx, state, input, stage_idx)?; + let outcome = self.mutations_mut().get_and_mutate(idx, state, input)?; if outcome == MutationResult::Mutated { r = MutationResult::Mutated; } @@ -588,12 +571,7 @@ where Ok(r) } - fn pilot_mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn pilot_mutate(&mut self, state: &mut S, input: &mut I) -> Result { let mut r = MutationResult::Skipped; let swarm_now; { @@ -608,9 +586,7 @@ where for _i in 0..self.iterations(state, input) { let idx = self.schedule(state, input); - let outcome = self - .mutations_mut() - .get_and_mutate(idx, state, input, stage_idx)?; + let outcome = self.mutations_mut().get_and_mutate(idx, state, input)?; if outcome == MutationResult::Mutated { r = MutationResult::Mutated; } @@ -675,16 +651,11 @@ where .unwrap() } - fn scheduled_mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn scheduled_mutate(&mut self, state: &mut S, input: &mut I) -> Result { let mode = self.mode; match mode { - MOptMode::Corefuzzing => self.core_mutate(state, input, stage_idx), - MOptMode::Pilotfuzzing => self.pilot_mutate(state, input, stage_idx), + MOptMode::Corefuzzing => self.core_mutate(state, input), + MOptMode::Pilotfuzzing => self.pilot_mutate(state, input), } } } diff --git a/libafl/src/mutators/multi.rs b/libafl/src/mutators/multi.rs index b6a9847cdb..05ceccf969 100644 --- a/libafl/src/mutators/multi.rs +++ b/libafl/src/mutators/multi.rs @@ -40,24 +40,18 @@ where &mut self, state: &mut S, input: &mut MultipartInput, - stage_idx: i32, ) -> Result { if input.parts().is_empty() { Ok(MutationResult::Skipped) } else { let selected = state.rand_mut().below(input.parts().len() as u64) as usize; let mutated = input.part_mut(selected).unwrap(); - self.mutate(state, mutated, stage_idx) + self.mutate(state, mutated) } } - fn post_exec( - &mut self, - state: &mut S, - stage_idx: i32, - new_corpus_idx: Option, - ) -> Result<(), Error> { - M::post_exec(self, state, stage_idx, new_corpus_idx) + fn post_exec(&mut self, state: &mut S, new_corpus_idx: Option) -> Result<(), Error> { + M::post_exec(self, state, new_corpus_idx) } } @@ -129,7 +123,6 @@ where &mut self, state: &mut S, input: &mut MultipartInput, - _stage_idx: i32, ) -> Result { // we can eat the slight bias; number of parts will be small let name_choice = state.rand_mut().next() as usize; @@ -234,7 +227,6 @@ where &mut self, state: &mut S, input: &mut MultipartInput, - _stage_idx: i32, ) -> Result { // we can eat the slight bias; number of parts will be small let name_choice = state.rand_mut().next() as usize; diff --git a/libafl/src/mutators/mutations.rs b/libafl/src/mutators/mutations.rs index f979ab81e0..c0d57f5e21 100644 --- a/libafl/src/mutators/mutations.rs +++ b/libafl/src/mutators/mutations.rs @@ -122,12 +122,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -162,12 +157,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -200,12 +190,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -239,12 +224,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -278,12 +258,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -317,12 +292,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().is_empty() { Ok(MutationResult::Skipped) } else { @@ -365,7 +335,7 @@ macro_rules! add_mutator_impl { &mut self, state: &mut S, input: &mut I, - _stage_idx: i32, + ) -> Result { if input.bytes().len() < size_of::<$size>() { Ok(MutationResult::Skipped) @@ -428,12 +398,7 @@ macro_rules! interesting_mutator_impl { I: HasBytesVec, { #[allow(clippy::cast_sign_loss)] - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { if input.bytes().len() < size_of::<$size>() { Ok(MutationResult::Skipped) } else { @@ -480,12 +445,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size <= 2 { return Ok(MutationResult::Skipped); @@ -522,12 +482,7 @@ where S: HasRand + HasMaxSize, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let max_size = state.max_size(); let size = input.bytes().len(); if size == 0 || size >= max_size { @@ -573,12 +528,7 @@ where S: HasRand + HasMaxSize, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let max_size = state.max_size(); let size = input.bytes().len(); if size == 0 || size >= max_size { @@ -631,12 +581,7 @@ where S: HasRand + HasMaxSize, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let max_size = state.max_size(); let size = input.bytes().len(); if size >= max_size { @@ -689,12 +634,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size == 0 { return Ok(MutationResult::Skipped); @@ -732,12 +672,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size == 0 { return Ok(MutationResult::Skipped); @@ -775,12 +710,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size <= 1 { return Ok(MutationResult::Skipped); @@ -822,12 +752,7 @@ where S: HasRand + HasMaxSize, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size <= 1 || size >= state.max_size() { return Ok(MutationResult::Skipped); @@ -887,12 +812,7 @@ where S: HasRand, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size <= 1 { return Ok(MutationResult::Skipped); @@ -1125,12 +1045,7 @@ where S: HasCorpus + HasRand + HasMaxSize, I: Input + HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut S::Input, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut S::Input) -> Result { let size = input.bytes().len(); let max_size = state.max_size(); if size >= max_size { @@ -1213,12 +1128,7 @@ where S: HasCorpus + HasRand, I: Input + HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut S::Input, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut S::Input) -> Result { let size = input.bytes().len(); if size == 0 { return Ok(MutationResult::Skipped); @@ -1295,12 +1205,7 @@ where S::Input: HasBytesVec, { #[allow(clippy::cast_sign_loss)] - fn mutate( - &mut self, - state: &mut S, - input: &mut S::Input, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut S::Input) -> Result { // We don't want to use the testcase we're already using for splicing let idx = random_corpus_id!(state.corpus(), state.rand_mut()); if let Some(cur) = state.corpus().current() { @@ -1508,7 +1413,7 @@ mod tests { for input in &inputs { let mut mutant = input.clone(); match mutations - .get_and_mutate(idx.into(), &mut state, &mut mutant, 0) + .get_and_mutate(idx.into(), &mut state, &mut mutant) .unwrap() { MutationResult::Mutated => new_testcases.push(mutant), @@ -1534,7 +1439,7 @@ mod tests { for _ in 0..iters { let mut mutated = base.clone(); - if mutator.mutate(&mut state, &mut mutated, 0)? == MutationResult::Skipped { + if mutator.mutate(&mut state, &mut mutated)? == MutationResult::Skipped { continue; } let mut gaps = 0; @@ -1588,7 +1493,7 @@ mod tests { for _ in 0..iters { let mut mutated = base.clone(); - if mutator.mutate(&mut state, &mut mutated, 0)? == MutationResult::Skipped { + if mutator.mutate(&mut state, &mut mutated)? == MutationResult::Skipped { continue; } let mut expansion = 0; @@ -1637,7 +1542,7 @@ mod tests { for _ in 0..iters { let mut mutated = base.clone(); - if mutator.mutate(&mut state, &mut mutated, 0)? == MutationResult::Skipped { + if mutator.mutate(&mut state, &mut mutated)? == MutationResult::Skipped { continue; } let mut inserted = 0; @@ -1687,7 +1592,7 @@ mod tests { for _ in 0..iters { let mut mutated = base.clone(); - if mutator.mutate(&mut state, &mut mutated, 0)? == MutationResult::Skipped { + if mutator.mutate(&mut state, &mut mutated)? == MutationResult::Skipped { continue; } let mut inserted = 10; diff --git a/libafl/src/mutators/nautilus.rs b/libafl/src/mutators/nautilus.rs index d6b64808f9..7637dec32b 100644 --- a/libafl/src/mutators/nautilus.rs +++ b/libafl/src/mutators/nautilus.rs @@ -35,7 +35,6 @@ impl Mutator for NautilusRandomMutator<'_> { &mut self, _state: &mut S, input: &mut NautilusInput, - _stage_idx: i32, ) -> Result { // TODO get rid of tmp let mut tmp = vec![]; @@ -96,7 +95,6 @@ impl Mutator for NautilusRecursionMutator<'_> { &mut self, _state: &mut S, input: &mut NautilusInput, - _stage_idx: i32, ) -> Result { // TODO don't calc recursions here if let Some(ref mut recursions) = input.tree.calc_recursions(self.ctx) { @@ -162,7 +160,6 @@ where &mut self, state: &mut S, input: &mut NautilusInput, - _stage_idx: i32, ) -> Result { let meta = state .metadata_map() diff --git a/libafl/src/mutators/scheduled.rs b/libafl/src/mutators/scheduled.rs index a862a2a55e..eeee1b94b1 100644 --- a/libafl/src/mutators/scheduled.rs +++ b/libafl/src/mutators/scheduled.rs @@ -93,19 +93,12 @@ where /// New default implementation for mutate. /// Implementations must forward `mutate()` to this method - fn scheduled_mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn scheduled_mutate(&mut self, state: &mut S, input: &mut I) -> Result { let mut r = MutationResult::Skipped; let num = self.iterations(state, input); for _ in 0..num { let idx = self.schedule(state, input); - let outcome = self - .mutations_mut() - .get_and_mutate(idx, state, input, stage_idx)?; + let outcome = self.mutations_mut().get_and_mutate(idx, state, input)?; if outcome == MutationResult::Mutated { r = MutationResult::Mutated; } @@ -157,13 +150,8 @@ where S: HasRand, { #[inline] - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { - self.scheduled_mutate(state, input, stage_idx) + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { + self.scheduled_mutate(state, input) } } @@ -391,21 +379,11 @@ where S: HasRand + HasCorpus, SM: ScheduledMutator, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { - self.scheduled_mutate(state, input, stage_idx) + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { + self.scheduled_mutate(state, input) } - fn post_exec( - &mut self, - state: &mut S, - _stage_idx: i32, - corpus_idx: Option, - ) -> Result<(), Error> { + fn post_exec(&mut self, state: &mut S, corpus_idx: Option) -> Result<(), Error> { if let Some(idx) = corpus_idx { let mut testcase = (*state.corpus_mut().get(idx)?).borrow_mut(); let mut log = Vec::::new(); @@ -456,21 +434,14 @@ where state.rand_mut().below(MT::LEN as u64).into() } - fn scheduled_mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_idx: i32, - ) -> Result { + fn scheduled_mutate(&mut self, state: &mut S, input: &mut I) -> Result { let mut r = MutationResult::Skipped; let num = self.iterations(state, input); self.mutation_log.clear(); for _ in 0..num { let idx = self.schedule(state, input); self.mutation_log.push(idx); - let outcome = self - .mutations_mut() - .get_and_mutate(idx, state, input, stage_idx)?; + let outcome = self.mutations_mut().get_and_mutate(idx, state, input)?; if outcome == MutationResult::Mutated { r = MutationResult::Mutated; } @@ -542,7 +513,7 @@ mod tests { rand.set_seed(5); let mut splice = SpliceMutator::new(); - splice.mutate(&mut state, &mut input, 0).unwrap(); + splice.mutate(&mut state, &mut input).unwrap(); log::trace!("{:?}", input.bytes()); @@ -584,8 +555,8 @@ mod tests { let mut equal_in_a_row = 0; - for i in 0..42 { - havoc.mutate(&mut state, &mut input, i).unwrap(); + for _ in 0..42 { + havoc.mutate(&mut state, &mut input).unwrap(); // Make sure we actually mutate something, at least sometimes equal_in_a_row = if input == input_prior { diff --git a/libafl/src/mutators/string.rs b/libafl/src/mutators/string.rs index ed8cb66097..9217737663 100644 --- a/libafl/src/mutators/string.rs +++ b/libafl/src/mutators/string.rs @@ -49,12 +49,7 @@ impl MutatedTransformPost for StringIdentificationMetadata where S: HasTestcase, { - fn post_exec( - self, - state: &mut S, - _stage_idx: i32, - corpus_idx: Option, - ) -> Result<(), Error> { + fn post_exec(self, state: &mut S, corpus_idx: Option) -> Result<(), Error> { if let Some(corpus_idx) = corpus_idx { let mut tc = state.testcase_mut(corpus_idx)?; tc.add_metadata(self); @@ -284,12 +279,7 @@ impl Mutator for StringCategoryRandMutator where S: HasRand + HasMaxSize, { - fn mutate( - &mut self, - state: &mut S, - input: &mut UnicodeInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut UnicodeInput) -> Result { if input.0.bytes().is_empty() { return Ok(MutationResult::Skipped); } @@ -347,12 +337,7 @@ impl Mutator for StringSubcategoryRandMutator where S: HasRand + HasMaxSize, { - fn mutate( - &mut self, - state: &mut S, - input: &mut UnicodeInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut UnicodeInput) -> Result { if input.0.bytes().is_empty() { return Ok(MutationResult::Skipped); } @@ -398,12 +383,7 @@ impl Mutator for StringCategoryTokenReplaceMutator where S: HasRand + HasMaxSize + HasMetadata, { - fn mutate( - &mut self, - state: &mut S, - input: &mut UnicodeInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut UnicodeInput) -> Result { if input.0.bytes().is_empty() { return Ok(MutationResult::Skipped); } @@ -462,12 +442,7 @@ impl Mutator for StringSubcategoryTokenReplaceMutator where S: HasRand + HasMaxSize + HasMetadata, { - fn mutate( - &mut self, - state: &mut S, - input: &mut UnicodeInput, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut UnicodeInput) -> Result { if input.0.bytes().is_empty() { return Ok(MutationResult::Skipped); } @@ -544,7 +519,7 @@ mod test { for _ in 0..(1 << 12) { let metadata = extract_metadata(bytes.bytes()); let mut input = (bytes, metadata); - let _ = mutator.mutate(&mut state, &mut input, 0); + let _ = mutator.mutate(&mut state, &mut input); println!("{:?}", core::str::from_utf8(input.0.bytes()).unwrap()); bytes = input.0; } @@ -576,7 +551,7 @@ mod test { for _ in 0..(1 << 12) { let metadata = extract_metadata(bytes.bytes()); let mut input = (bytes, metadata); - let _ = mutator.mutate(&mut state, &mut input, 0); + let _ = mutator.mutate(&mut state, &mut input); println!("{:?}", core::str::from_utf8(input.0.bytes()).unwrap()); bytes = input.0; } diff --git a/libafl/src/mutators/token_mutations.rs b/libafl/src/mutators/token_mutations.rs index d72af63896..270f581ca4 100644 --- a/libafl/src/mutators/token_mutations.rs +++ b/libafl/src/mutators/token_mutations.rs @@ -23,6 +23,7 @@ use serde::{Deserialize, Serialize}; #[cfg(feature = "std")] use crate::mutators::str_decode; use crate::{ + corpus::{CorpusId, HasCurrentCorpusIdx}, inputs::{HasBytesVec, UsesInput}, mutators::{ buffer_self_copy, mutations::buffer_copy, MultiMutator, MutationResult, Mutator, Named, @@ -306,12 +307,7 @@ where S: HasMetadata + HasRand + HasMaxSize, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let max_size = state.max_size(); let tokens_len = { let Some(meta) = state.metadata_map().get::() else { @@ -373,12 +369,7 @@ where S: UsesInput + HasMetadata + HasRand + HasMaxSize, I: HasBytesVec, { - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size == 0 { return Ok(MutationResult::Skipped); @@ -437,12 +428,7 @@ where I: HasBytesVec, { #[allow(clippy::too_many_lines)] - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - _stage_idx: i32, - ) -> Result { + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { let size = input.bytes().len(); if size == 0 { return Ok(MutationResult::Skipped); @@ -629,6 +615,9 @@ pub struct AFLppRedQueen { enable_transform: bool, enable_arith: bool, text_type: TextType, + /// We use this variable to check if we scheduled a new `corpus_idx` + /// - and, hence, need to recalculate `text_type` + last_corpus_idx: Option, } impl AFLppRedQueen { @@ -1095,7 +1084,7 @@ impl AFLppRedQueen { impl MultiMutator for AFLppRedQueen where - S: UsesInput + HasMetadata + HasRand + HasMaxSize + HasCorpus, + S: UsesInput + HasMetadata + HasRand + HasMaxSize + HasCorpus + HasCurrentCorpusIdx, I: HasBytesVec + From>, { #[allow(clippy::needless_range_loop)] @@ -1104,7 +1093,6 @@ where &mut self, state: &mut S, input: &I, - stage_idx: i32, max_count: Option, ) -> Result, Error> { // TODO @@ -1144,8 +1132,10 @@ where // println!("orig: {:#?} new: {:#?}", orig_cmpvals, new_cmpvals); // Compute when mutating it for the 1st time. - if stage_idx == 0 { + let current_corpus_idx = state.current_corpus_idx()?.ok_or_else(|| Error::key_not_found("No corpus-idx is currently being fuzzed, but called AFLppRedQueen::multi_mutated()."))?; + if self.last_corpus_idx.is_none() || self.last_corpus_idx.unwrap() != current_corpus_idx { self.text_type = check_if_text(orig_bytes, orig_bytes.len()); + self.last_corpus_idx = Some(current_corpus_idx); } // println!("approximate size: {cmp_len} x {input_len}"); for cmp_idx in 0..cmp_len { @@ -1696,6 +1686,7 @@ impl AFLppRedQueen { enable_transform: false, enable_arith: false, text_type: TextType::None, + last_corpus_idx: None, } } @@ -1706,6 +1697,7 @@ impl AFLppRedQueen { enable_transform: transform, enable_arith: arith, text_type: TextType::None, + last_corpus_idx: None, } } diff --git a/libafl/src/mutators/tuneable.rs b/libafl/src/mutators/tuneable.rs index 1a5b949941..d5c02dc486 100644 --- a/libafl/src/mutators/tuneable.rs +++ b/libafl/src/mutators/tuneable.rs @@ -112,13 +112,8 @@ where S: HasRand + HasMetadata, { #[inline] - fn mutate( - &mut self, - state: &mut S, - input: &mut I, - stage_id: i32, - ) -> Result { - self.scheduled_mutate(state, input, stage_id) + fn mutate(&mut self, state: &mut S, input: &mut I) -> Result { + self.scheduled_mutate(state, input) } } diff --git a/libafl/src/stages/mutational.rs b/libafl/src/stages/mutational.rs index f22b7ada91..0f6a453e42 100644 --- a/libafl/src/stages/mutational.rs +++ b/libafl/src/stages/mutational.rs @@ -29,12 +29,7 @@ use crate::{monitors::PerfFeature, state::HasClientPerfMonitor}; pub trait MutatedTransformPost: Sized { /// Perform any post-execution steps necessary for the transformed input (e.g., updating metadata) #[inline] - fn post_exec( - self, - state: &mut S, - stage_idx: i32, - new_corpus_idx: Option, - ) -> Result<(), Error> { + fn post_exec(self, state: &mut S, new_corpus_idx: Option) -> Result<(), Error> { Ok(()) } } @@ -123,11 +118,11 @@ where drop(testcase); mark_feature_time!(state, PerfFeature::GetInputFromCorpus); - for i in 0..num { + for _ in 0..num { let mut input = input.clone(); start_timer!(state); - let mutated = self.mutator_mut().mutate(state, &mut input, i as i32)?; + let mutated = self.mutator_mut().mutate(state, &mut input)?; mark_feature_time!(state, PerfFeature::Mutate); if mutated == MutationResult::Skipped { @@ -139,8 +134,8 @@ where let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, untransformed)?; start_timer!(state); - self.mutator_mut().post_exec(state, i as i32, corpus_idx)?; - post.post_exec(state, i as i32, corpus_idx)?; + self.mutator_mut().post_exec(state, corpus_idx)?; + post.post_exec(state, corpus_idx)?; mark_feature_time!(state, PerfFeature::MutatePostExec); } @@ -354,14 +349,14 @@ where }; drop(testcase); - let generated = self.mutator.multi_mutate(state, &input, 0, None)?; + let generated = self.mutator.multi_mutate(state, &input, None)?; // println!("Generated {}", generated.len()); - for (i, new_input) in generated.into_iter().enumerate() { + for new_input in generated { // Time is measured directly the `evaluate_input` function let (untransformed, post) = new_input.try_transform_into(state)?; let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, untransformed)?; - self.mutator.multi_post_exec(state, i as i32, corpus_idx)?; - post.post_exec(state, i as i32, corpus_idx)?; + self.mutator.multi_post_exec(state, corpus_idx)?; + post.post_exec(state, corpus_idx)?; } // println!("Found {}", found); diff --git a/libafl/src/stages/push/mutational.rs b/libafl/src/stages/push/mutational.rs index f82ff27f9e..47ff29453a 100644 --- a/libafl/src/stages/push/mutational.rs +++ b/libafl/src/stages/push/mutational.rs @@ -53,8 +53,6 @@ where testcases_to_do: usize, testcases_done: usize, - stage_idx: i32, - mutator: M, psh: PushStageHelper, @@ -150,9 +148,7 @@ where mark_feature_time!(state, PerfFeature::GetInputFromCorpus); start_timer!(state); - self.mutator - .mutate(state, &mut input, self.stage_idx) - .unwrap(); + self.mutator.mutate(state, &mut input).unwrap(); mark_feature_time!(state, PerfFeature::Mutate); self.push_stage_helper_mut() @@ -176,8 +172,7 @@ where fuzzer.process_execution(state, event_mgr, last_input, observers, &exit_kind, true)?; start_timer!(state); - self.mutator - .post_exec(state, self.stage_idx, self.current_corpus_idx)?; + self.mutator.post_exec(state, self.current_corpus_idx)?; mark_feature_time!(state, PerfFeature::MutatePostExec); self.testcases_done += 1; @@ -234,7 +229,6 @@ where mutator: M, shared_state: Rc>>>, exit_kind: Rc>>, - stage_idx: i32, ) -> Self { Self { mutator, @@ -242,7 +236,6 @@ where current_corpus_idx: None, // todo testcases_to_do: 0, testcases_done: 0, - stage_idx, } } } diff --git a/libafl/src/stages/tmin.rs b/libafl/src/stages/tmin.rs index 271456e7ed..65594f257d 100644 --- a/libafl/src/stages/tmin.rs +++ b/libafl/src/stages/tmin.rs @@ -100,7 +100,7 @@ where state.set_max_size(before_len); start_timer!(state); - let mutated = self.mutator_mut().mutate(state, &mut input, i as i32)?; + let mutated = self.mutator_mut().mutate(state, &mut input)?; mark_feature_time!(state, PerfFeature::Mutate); if mutated == MutationResult::Skipped { @@ -148,7 +148,7 @@ where }; start_timer!(state); - self.mutator_mut().post_exec(state, i as i32, corpus_idx)?; + self.mutator_mut().post_exec(state, corpus_idx)?; mark_feature_time!(state, PerfFeature::MutatePostExec); i = next_i; diff --git a/libafl/src/stages/tuneable.rs b/libafl/src/stages/tuneable.rs index 496c8016ca..9c386d4aa6 100644 --- a/libafl/src/stages/tuneable.rs +++ b/libafl/src/stages/tuneable.rs @@ -195,36 +195,36 @@ where (Some(fuzz_time), Some(iters)) => { // perform n iterations or fuzz for provided time, whichever comes first let start_time = current_time(); - for i in 1..=iters { + for _ in 1..=iters { if current_time() - start_time >= fuzz_time { break; } - self.perform_mutation(fuzzer, executor, state, manager, &input, i)?; + self.perform_mutation(fuzzer, executor, state, manager, &input)?; } } (Some(fuzz_time), None) => { // fuzz for provided time let start_time = current_time(); - for i in 1.. { + for _ in 1.. { if current_time() - start_time >= fuzz_time { break; } - self.perform_mutation(fuzzer, executor, state, manager, &input, i)?; + self.perform_mutation(fuzzer, executor, state, manager, &input)?; } } (None, Some(iters)) => { // perform n iterations - for i in 1..=iters { - self.perform_mutation(fuzzer, executor, state, manager, &input, i)?; + for _ in 1..=iters { + self.perform_mutation(fuzzer, executor, state, manager, &input)?; } } (None, None) => { // fall back to random let iters = self.iterations(state)? - self.execs_since_progress_start(state)?; - for i in 1..=iters { - self.perform_mutation(fuzzer, executor, state, manager, &input, i)?; + for _ in 1..=iters { + self.perform_mutation(fuzzer, executor, state, manager, &input)?; } } } @@ -444,14 +444,11 @@ where state: &mut Z::State, manager: &mut EM, input: &I, - stage_idx: u64, ) -> Result<(), Error> { let mut input = input.clone(); start_timer!(state); - let mutated = self - .mutator_mut() - .mutate(state, &mut input, stage_idx as i32)?; + let mutated = self.mutator_mut().mutate(state, &mut input)?; mark_feature_time!(state, PerfFeature::Mutate); if mutated == MutationResult::Skipped { @@ -463,9 +460,8 @@ where let (_, corpus_idx) = fuzzer.evaluate_input(state, executor, manager, untransformed)?; start_timer!(state); - self.mutator_mut() - .post_exec(state, stage_idx as i32, corpus_idx)?; - post.post_exec(state, stage_idx as i32, corpus_idx)?; + self.mutator_mut().post_exec(state, corpus_idx)?; + post.post_exec(state, corpus_idx)?; mark_feature_time!(state, PerfFeature::MutatePostExec); Ok(()) diff --git a/libafl_targets/src/libfuzzer/mutators.rs b/libafl_targets/src/libfuzzer/mutators.rs index ed2f81d772..d0ebd2b617 100644 --- a/libafl_targets/src/libfuzzer/mutators.rs +++ b/libafl_targets/src/libfuzzer/mutators.rs @@ -87,7 +87,6 @@ struct MutatorProxy<'a, M, MT, S> { /// The result of mutation, to be propagated to the mutational stage result: Rc>>, /// Stage index, which is used by libafl mutator implementations - stage_idx: i32, phantom: PhantomData<(&'a mut (), MT)>, } @@ -97,13 +96,11 @@ impl<'a, M, MT, S> MutatorProxy<'a, M, MT, S> { state: &'a mut S, mutator: &Rc>, result: &Rc>>, - stage_idx: i32, ) -> Self { Self { state: Rc::new(RefCell::new(state)), mutator: Rc::downgrade(mutator), result: result.clone(), - stage_idx, phantom: PhantomData, } } @@ -126,7 +123,6 @@ impl<'a, M, MT, S> MutatorProxy<'a, M, MT, S> { false }, mutator: self.mutator.clone(), - stage_idx: self.stage_idx, result: self.result.clone(), phantom: PhantomData, } @@ -143,7 +139,7 @@ struct WeakMutatorProxy { /// A weak reference to the mutator mutator: Weak>, /// The stage index to provide to the mutator, when executed. - stage_idx: i32, + /// The result of mutation, to be propagated to the mutational stage result: Rc>>, phantom: PhantomData<(MT, S)>, @@ -165,7 +161,7 @@ where BytesInput::from(unsafe { core::slice::from_raw_parts(data, size) }); let old = state.max_size(); state.set_max_size(max_size); - let res = mutator.scheduled_mutate(state, &mut intermediary, self.stage_idx); + let res = mutator.scheduled_mutate(state, &mut intermediary); state.set_max_size(old); let succeeded = res.is_ok(); @@ -295,13 +291,8 @@ where SM: ScheduledMutator + 'static, { #[inline] - fn mutate( - &mut self, - state: &mut S, - input: &mut S::Input, - stage_idx: i32, - ) -> Result { - self.scheduled_mutate(state, input, stage_idx) + fn mutate(&mut self, state: &mut S, input: &mut S::Input) -> Result { + self.scheduled_mutate(state, input) } } @@ -325,7 +316,6 @@ where &mut self, state: &mut S, input: &mut S::Input, - stage_idx: i32, ) -> Result { let seed = state.rand_mut().next(); let target = input.bytes(); @@ -335,7 +325,7 @@ where // we assume that the fuzzer did not use this mutator, but instead utilised their own let result = Rc::new(RefCell::new(Ok(MutationResult::Mutated))); - let proxy = MutatorProxy::new(state, &self.mutator, &result, stage_idx); + let proxy = MutatorProxy::new(state, &self.mutator, &result); let old = MUTATOR.with(|mutator| { let mut mutator = mutator.borrow_mut(); mutator.replace(Box::new(proxy.weak())) @@ -375,13 +365,8 @@ where SM: ScheduledMutator + 'static, { #[inline] - fn mutate( - &mut self, - state: &mut S, - input: &mut S::Input, - stage_idx: i32, - ) -> Result { - self.scheduled_mutate(state, input, stage_idx) + fn mutate(&mut self, state: &mut S, input: &mut S::Input) -> Result { + self.scheduled_mutate(state, input) } } @@ -405,7 +390,6 @@ where &mut self, state: &mut S, input: &mut S::Input, - stage_idx: i32, ) -> Result { // We don't want to use the testcase we're already using for splicing let idx = random_corpus_id!(state.corpus(), state.rand_mut()); @@ -426,7 +410,7 @@ where // we assume that the fuzzer did not use this mutator, but instead utilised their own let result = Rc::new(RefCell::new(Ok(MutationResult::Mutated))); - let proxy = MutatorProxy::new(state, &self.mutator, &result, stage_idx); + let proxy = MutatorProxy::new(state, &self.mutator, &result); let old = MUTATOR.with(|mutator| { let mut mutator = mutator.borrow_mut(); mutator.replace(Box::new(proxy.weak()))