From 109755208e37bad2674f0d4bc3fc6ce7529d48fb Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Mon, 10 Jul 2023 17:33:26 +0200 Subject: [PATCH] Revert "Make harness function take mut ref (#1338)" (#1358) This reverts commit fe6daecf0bb178cd19970ae81c797443fd8cd88f. --- .../baby_fuzzer/listing-03/src/main.rs | 2 +- .../baby_fuzzer/listing-04/src/main.rs | 2 +- .../baby_fuzzer/listing-05/src/main.rs | 2 +- .../baby_fuzzer/listing-06/src/main.rs | 2 +- fuzzers/baby_fuzzer/src/main.rs | 2 +- fuzzers/baby_fuzzer_gramatron/src/main.rs | 2 +- fuzzers/baby_fuzzer_grimoire/src/main.rs | 2 +- fuzzers/baby_fuzzer_minimizing/src/main.rs | 2 +- fuzzers/baby_fuzzer_nautilus/src/main.rs | 2 +- .../baby_fuzzer_swap_differential/src/main.rs | 4 +- fuzzers/baby_fuzzer_tokens/src/main.rs | 2 +- fuzzers/baby_fuzzer_wasm/src/lib.rs | 2 +- .../baby_fuzzer_with_forkexecutor/src/main.rs | 2 +- fuzzers/baby_no_std/src/main.rs | 2 +- .../c_code_with_fork_executor/src/main.rs | 2 +- .../src/main.rs | 2 +- .../rust_code_with_fork_executor/src/main.rs | 2 +- .../src/main.rs | 2 +- fuzzers/frida_executable_libpng/src/fuzzer.rs | 4 +- fuzzers/frida_gdiplus/src/fuzzer.rs | 2 +- fuzzers/frida_libpng/src/fuzzer.rs | 2 +- fuzzers/fuzzbench/src/lib.rs | 2 +- fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs | 2 +- fuzzers/fuzzbench_qemu/src/fuzzer.rs | 2 +- fuzzers/fuzzbench_text/src/lib.rs | 4 +- fuzzers/libafl_atheris/src/lib.rs | 4 +- fuzzers/libfuzzer_libmozjpeg/src/lib.rs | 2 +- fuzzers/libfuzzer_libpng/src/lib.rs | 2 +- .../libfuzzer_libpng_accounting/src/lib.rs | 2 +- .../libfuzzer_libpng_centralized/src/lib.rs | 2 +- fuzzers/libfuzzer_libpng_cmin/src/lib.rs | 2 +- fuzzers/libfuzzer_libpng_ctx/src/lib.rs | 2 +- fuzzers/libfuzzer_libpng_launcher/src/lib.rs | 2 +- fuzzers/libfuzzer_libpng_norestart/src/lib.rs | 2 +- .../libfuzzer_libpng_tcp_manager/src/lib.rs | 2 +- fuzzers/libfuzzer_reachability/src/lib.rs | 2 +- fuzzers/libfuzzer_stb_image/src/main.rs | 2 +- .../fuzzer/src/main.rs | 2 +- fuzzers/libfuzzer_windows_asan/src/lib.rs | 2 +- fuzzers/nautilus_sync/src/lib.rs | 2 +- fuzzers/push_harness/src/main.rs | 2 +- fuzzers/qemu_coverage/src/fuzzer.rs | 2 +- fuzzers/qemu_launcher/src/fuzzer.rs | 2 +- fuzzers/qemu_systemmode/src/fuzzer.rs | 2 +- fuzzers/tutorial/src/lib.rs | 2 +- libafl/src/bolts/minibsod.rs | 4 +- libafl/src/bolts/shmem.rs | 33 ++--- libafl/src/corpus/minimizer.rs | 2 +- libafl/src/events/llmp.rs | 2 +- libafl/src/executors/combined.rs | 2 +- libafl/src/executors/command.rs | 6 +- libafl/src/executors/differential.rs | 2 +- libafl/src/executors/forkserver.rs | 4 +- libafl/src/executors/inprocess.rs | 118 ++++++++---------- libafl/src/executors/mod.rs | 18 +-- libafl/src/executors/shadow.rs | 5 +- libafl/src/executors/timeout.rs | 6 +- libafl/src/executors/with_observers.rs | 2 +- libafl/src/fuzzer/mod.rs | 14 +-- libafl/src/lib.rs | 2 +- libafl/src/mutators/mutations.rs | 10 +- libafl/src/mutators/token_mutations.rs | 4 +- libafl/src/schedulers/ecofuzz.rs | 4 +- libafl/src/stages/calibrate.rs | 4 +- libafl/src/stages/colorization.rs | 2 +- libafl/src/stages/generalization.rs | 2 +- libafl/src/stages/mod.rs | 4 +- libafl/src/stages/tmin.rs | 6 +- libafl/src/stages/tracing.rs | 29 ++--- libafl_frida/src/alloc.rs | 9 +- libafl_frida/src/asan/errors.rs | 10 +- libafl_frida/src/coverage_rt.rs | 6 +- libafl_frida/src/executor.rs | 22 ++-- libafl_nyx/src/executor.rs | 2 +- libafl_qemu/src/asan.rs | 6 +- libafl_qemu/src/drcov.rs | 6 +- libafl_qemu/src/elf.rs | 2 +- libafl_qemu/src/emu.rs | 12 +- libafl_qemu/src/executor.rs | 32 ++--- libafl_qemu/src/snapshot.rs | 4 +- libafl_sugar/src/inmemory.rs | 2 +- libafl_sugar/src/qemu.rs | 2 +- libafl_targets/src/sancov_8bit.rs | 2 +- libafl_targets/src/sancov_pcguard.rs | 4 +- libafl_tinyinst/src/executor.rs | 2 +- .../gramatron/construct_automata/src/main.rs | 4 +- 86 files changed, 247 insertions(+), 263 deletions(-) diff --git a/docs/listings/baby_fuzzer/listing-03/src/main.rs b/docs/listings/baby_fuzzer/listing-03/src/main.rs index 61523ba8ed..b6396a4987 100644 --- a/docs/listings/baby_fuzzer/listing-03/src/main.rs +++ b/docs/listings/baby_fuzzer/listing-03/src/main.rs @@ -6,7 +6,7 @@ use libafl::{ }; fn main() { - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); if buf.len() > 0 && buf[0] == 'a' as u8 { diff --git a/docs/listings/baby_fuzzer/listing-04/src/main.rs b/docs/listings/baby_fuzzer/listing-04/src/main.rs index ba29664b75..62498db481 100644 --- a/docs/listings/baby_fuzzer/listing-04/src/main.rs +++ b/docs/listings/baby_fuzzer/listing-04/src/main.rs @@ -17,7 +17,7 @@ use std::path::PathBuf; /* ANCHOR_END: use */ fn main() { - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); if buf.len() > 0 && buf[0] == 'a' as u8 { diff --git a/docs/listings/baby_fuzzer/listing-05/src/main.rs b/docs/listings/baby_fuzzer/listing-05/src/main.rs index 644fda0d2a..930cebd0be 100644 --- a/docs/listings/baby_fuzzer/listing-05/src/main.rs +++ b/docs/listings/baby_fuzzer/listing-05/src/main.rs @@ -28,7 +28,7 @@ fn signals_set(idx: usize) { fn main() { // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); // set SIGNALS[0] diff --git a/docs/listings/baby_fuzzer/listing-06/src/main.rs b/docs/listings/baby_fuzzer/listing-06/src/main.rs index e314a49dc7..16819e24f4 100644 --- a/docs/listings/baby_fuzzer/listing-06/src/main.rs +++ b/docs/listings/baby_fuzzer/listing-06/src/main.rs @@ -29,7 +29,7 @@ fn signals_set(idx: usize) { fn main() { // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); // set SIGNALS[0] diff --git a/fuzzers/baby_fuzzer/src/main.rs b/fuzzers/baby_fuzzer/src/main.rs index 1bc592a828..8305cffecd 100644 --- a/fuzzers/baby_fuzzer/src/main.rs +++ b/fuzzers/baby_fuzzer/src/main.rs @@ -34,7 +34,7 @@ fn signals_set(idx: usize) { #[allow(clippy::similar_names, clippy::manual_assert)] pub fn main() { // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/baby_fuzzer_gramatron/src/main.rs b/fuzzers/baby_fuzzer_gramatron/src/main.rs index 726c7ff993..b718b11845 100644 --- a/fuzzers/baby_fuzzer_gramatron/src/main.rs +++ b/fuzzers/baby_fuzzer_gramatron/src/main.rs @@ -49,7 +49,7 @@ pub fn main() { let mut bytes = vec![]; // The closure that we want to fuzz - let mut harness = |input: &mut GramatronInput| { + let mut harness = |input: &GramatronInput| { input.unparse(&mut bytes); unsafe { println!(">>> {}", std::str::from_utf8_unchecked(&bytes)); diff --git a/fuzzers/baby_fuzzer_grimoire/src/main.rs b/fuzzers/baby_fuzzer_grimoire/src/main.rs index 541e8e5283..59aa1b956e 100644 --- a/fuzzers/baby_fuzzer_grimoire/src/main.rs +++ b/fuzzers/baby_fuzzer_grimoire/src/main.rs @@ -65,7 +65,7 @@ pub fn main() { } // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target_bytes = input.target_bytes(); let bytes = target_bytes.as_slice(); diff --git a/fuzzers/baby_fuzzer_minimizing/src/main.rs b/fuzzers/baby_fuzzer_minimizing/src/main.rs index ad3bbf785b..1c716fd2b0 100644 --- a/fuzzers/baby_fuzzer_minimizing/src/main.rs +++ b/fuzzers/baby_fuzzer_minimizing/src/main.rs @@ -16,7 +16,7 @@ fn signals_set(idx: usize) { #[allow(clippy::similar_names)] pub fn main() -> Result<(), Error> { // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/baby_fuzzer_nautilus/src/main.rs b/fuzzers/baby_fuzzer_nautilus/src/main.rs index 035bde28f2..a9680f83e7 100644 --- a/fuzzers/baby_fuzzer_nautilus/src/main.rs +++ b/fuzzers/baby_fuzzer_nautilus/src/main.rs @@ -38,7 +38,7 @@ pub fn main() { let mut bytes = vec![]; // The closure that we want to fuzz - let mut harness = |input: &mut NautilusInput| { + let mut harness = |input: &NautilusInput| { input.unparse(&context, &mut bytes); unsafe { println!(">>> {}", std::str::from_utf8_unchecked(&bytes)); diff --git a/fuzzers/baby_fuzzer_swap_differential/src/main.rs b/fuzzers/baby_fuzzer_swap_differential/src/main.rs index 0b1fa1b592..1e8f39767d 100644 --- a/fuzzers/baby_fuzzer_swap_differential/src/main.rs +++ b/fuzzers/baby_fuzzer_swap_differential/src/main.rs @@ -67,7 +67,7 @@ use slicemap::{HitcountsMapObserver, EDGES}; #[allow(clippy::too_many_lines)] pub fn main() { // The closure that we want to fuzz - let mut first_harness = |input: &mut BytesInput| { + let mut first_harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); if unsafe { inspect_first(buf.as_ptr(), buf.len()) } { @@ -76,7 +76,7 @@ pub fn main() { ExitKind::Ok } }; - let mut second_harness = |input: &mut BytesInput| { + let mut second_harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); if unsafe { inspect_second(buf.as_ptr(), buf.len()) } { diff --git a/fuzzers/baby_fuzzer_tokens/src/main.rs b/fuzzers/baby_fuzzer_tokens/src/main.rs index c45de92483..b6ad7a9891 100644 --- a/fuzzers/baby_fuzzer_tokens/src/main.rs +++ b/fuzzers/baby_fuzzer_tokens/src/main.rs @@ -57,7 +57,7 @@ pub fn main() { } // The closure that we want to fuzz - let mut harness = |input: &mut EncodedInput| { + let mut harness = |input: &EncodedInput| { decoded_bytes.clear(); encoder_decoder.decode(input, &mut decoded_bytes).unwrap(); unsafe { diff --git a/fuzzers/baby_fuzzer_wasm/src/lib.rs b/fuzzers/baby_fuzzer_wasm/src/lib.rs index f15301ab14..110abe8b74 100644 --- a/fuzzers/baby_fuzzer_wasm/src/lib.rs +++ b/fuzzers/baby_fuzzer_wasm/src/lib.rs @@ -44,7 +44,7 @@ pub fn fuzz() { }; // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/baby_fuzzer_with_forkexecutor/src/main.rs b/fuzzers/baby_fuzzer_with_forkexecutor/src/main.rs index 6eae77d5b5..346ae7f249 100644 --- a/fuzzers/baby_fuzzer_with_forkexecutor/src/main.rs +++ b/fuzzers/baby_fuzzer_with_forkexecutor/src/main.rs @@ -37,7 +37,7 @@ pub fn main() { }; // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/baby_no_std/src/main.rs b/fuzzers/baby_no_std/src/main.rs index 80aebd81cd..852a70b490 100644 --- a/fuzzers/baby_no_std/src/main.rs +++ b/fuzzers/baby_no_std/src/main.rs @@ -69,7 +69,7 @@ pub extern "C" fn external_current_millis() -> u64 { #[no_mangle] pub extern "C" fn main(_argc: isize, _argv: *const *const u8) -> isize { // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/backtrace_baby_fuzzers/c_code_with_fork_executor/src/main.rs b/fuzzers/backtrace_baby_fuzzers/c_code_with_fork_executor/src/main.rs index 8aa9ba4673..22b1216b7a 100644 --- a/fuzzers/backtrace_baby_fuzzers/c_code_with_fork_executor/src/main.rs +++ b/fuzzers/backtrace_baby_fuzzers/c_code_with_fork_executor/src/main.rs @@ -38,7 +38,7 @@ pub fn main() { let mut shmem_provider = StdShMemProvider::new().unwrap(); unsafe { create_shmem_array() }; let map_ptr = unsafe { get_ptr() }; - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); unsafe { c_harness(buf.as_ptr()) } diff --git a/fuzzers/backtrace_baby_fuzzers/c_code_with_inprocess_executor/src/main.rs b/fuzzers/backtrace_baby_fuzzers/c_code_with_inprocess_executor/src/main.rs index 5574832112..5521e6a19d 100644 --- a/fuzzers/backtrace_baby_fuzzers/c_code_with_inprocess_executor/src/main.rs +++ b/fuzzers/backtrace_baby_fuzzers/c_code_with_inprocess_executor/src/main.rs @@ -28,7 +28,7 @@ extern "C" { #[allow(clippy::similar_names)] pub fn main() { - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); unsafe { c_harness(buf.as_ptr()) } diff --git a/fuzzers/backtrace_baby_fuzzers/rust_code_with_fork_executor/src/main.rs b/fuzzers/backtrace_baby_fuzzers/rust_code_with_fork_executor/src/main.rs index 22648c3f89..9329645df9 100644 --- a/fuzzers/backtrace_baby_fuzzers/rust_code_with_fork_executor/src/main.rs +++ b/fuzzers/backtrace_baby_fuzzers/rust_code_with_fork_executor/src/main.rs @@ -39,7 +39,7 @@ pub fn main() { }; // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/backtrace_baby_fuzzers/rust_code_with_inprocess_executor/src/main.rs b/fuzzers/backtrace_baby_fuzzers/rust_code_with_inprocess_executor/src/main.rs index 1952faba73..2833f29ad4 100644 --- a/fuzzers/backtrace_baby_fuzzers/rust_code_with_inprocess_executor/src/main.rs +++ b/fuzzers/backtrace_baby_fuzzers/rust_code_with_inprocess_executor/src/main.rs @@ -32,7 +32,7 @@ fn signals_set(idx: usize) { #[allow(clippy::similar_names)] pub fn main() { // The closure that we want to fuzz - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); signals_set(0); diff --git a/fuzzers/frida_executable_libpng/src/fuzzer.rs b/fuzzers/frida_executable_libpng/src/fuzzer.rs index 900331d588..9a71c883e8 100644 --- a/fuzzers/frida_executable_libpng/src/fuzzer.rs +++ b/fuzzers/frida_executable_libpng/src/fuzzer.rs @@ -55,7 +55,7 @@ pub unsafe fn lib(main: extern "C" fn(i32, *const *const u8, *const *const u8) - let options = parse_args(); - let mut frida_harness = |input: &mut BytesInput| { + let mut frida_harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); let len = buf.len().to_string(); @@ -87,7 +87,7 @@ pub unsafe fn lib(main: extern "C" fn(i32, *const *const u8, *const *const u8) - #[allow(clippy::too_many_lines, clippy::too_many_arguments)] unsafe fn fuzz( options: &FuzzerOptions, - mut frida_harness: &dyn Fn(&mut BytesInput) -> ExitKind, + mut frida_harness: &dyn Fn(&BytesInput) -> ExitKind, ) -> Result<(), Error> { // 'While the stats are state, they are usually used in the broker - which is likely never restarted let monitor = MultiMonitor::new(|s| println!("{s}")); diff --git a/fuzzers/frida_gdiplus/src/fuzzer.rs b/fuzzers/frida_gdiplus/src/fuzzer.rs index 2cb0c20a58..d8ab41cdb0 100644 --- a/fuzzers/frida_gdiplus/src/fuzzer.rs +++ b/fuzzers/frida_gdiplus/src/fuzzer.rs @@ -85,7 +85,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { unsafe extern "C" fn(data: *const u8, size: usize) -> i32, > = lib.get(options.harness_function.as_bytes()).unwrap(); - let mut frida_harness = |input: &mut BytesInput| { + let mut frida_harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); (target_func)(buf.as_ptr(), buf.len()); diff --git a/fuzzers/frida_libpng/src/fuzzer.rs b/fuzzers/frida_libpng/src/fuzzer.rs index 60ddf5a4a2..b46b516b09 100644 --- a/fuzzers/frida_libpng/src/fuzzer.rs +++ b/fuzzers/frida_libpng/src/fuzzer.rs @@ -82,7 +82,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { unsafe extern "C" fn(data: *const u8, size: usize) -> i32, > = lib.get(options.harness_function.as_bytes()).unwrap(); - let mut frida_harness = |input: &mut BytesInput| { + let mut frida_harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); (target_func)(buf.as_ptr(), buf.len()); diff --git a/fuzzers/fuzzbench/src/lib.rs b/fuzzers/fuzzbench/src/lib.rs index 39fcf0f1ce..eef5e6f119 100644 --- a/fuzzers/fuzzbench/src/lib.rs +++ b/fuzzers/fuzzbench/src/lib.rs @@ -317,7 +317,7 @@ fn fuzz( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs index 0b1106991d..6baac70420 100644 --- a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs @@ -305,7 +305,7 @@ fn fuzz( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let mut buf = target.as_slice(); let mut len = buf.len(); diff --git a/fuzzers/fuzzbench_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_qemu/src/fuzzer.rs index 972a7808e2..e872e38281 100644 --- a/fuzzers/fuzzbench_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_qemu/src/fuzzer.rs @@ -317,7 +317,7 @@ fn fuzz( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let mut buf = target.as_slice(); let mut len = buf.len(); diff --git a/fuzzers/fuzzbench_text/src/lib.rs b/fuzzers/fuzzbench_text/src/lib.rs index 8c87048d15..b59cf7c4e6 100644 --- a/fuzzers/fuzzbench_text/src/lib.rs +++ b/fuzzers/fuzzbench_text/src/lib.rs @@ -384,7 +384,7 @@ fn fuzz_binary( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); @@ -609,7 +609,7 @@ fn fuzz_text( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libafl_atheris/src/lib.rs b/fuzzers/libafl_atheris/src/lib.rs index a7466699aa..8d99f52ac3 100644 --- a/fuzzers/libafl_atheris/src/lib.rs +++ b/fuzzers/libafl_atheris/src/lib.rs @@ -249,7 +249,7 @@ pub fn LLVMFuzzerRunDriver( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); harness_fn(buf.as_ptr(), buf.len()); @@ -269,7 +269,7 @@ pub fn LLVMFuzzerRunDriver( ); // Secondary harness due to mut ownership - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); harness_fn(buf.as_ptr(), buf.len()); diff --git a/fuzzers/libfuzzer_libmozjpeg/src/lib.rs b/fuzzers/libfuzzer_libmozjpeg/src/lib.rs index e9170607a6..034194c204 100644 --- a/fuzzers/libfuzzer_libmozjpeg/src/lib.rs +++ b/fuzzers/libfuzzer_libmozjpeg/src/lib.rs @@ -133,7 +133,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_libpng/src/lib.rs b/fuzzers/libfuzzer_libpng/src/lib.rs index c2fbb71702..35b5fe5db5 100644 --- a/fuzzers/libfuzzer_libpng/src/lib.rs +++ b/fuzzers/libfuzzer_libpng/src/lib.rs @@ -157,7 +157,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); #[cfg(feature = "crash")] diff --git a/fuzzers/libfuzzer_libpng_accounting/src/lib.rs b/fuzzers/libfuzzer_libpng_accounting/src/lib.rs index 5d53b56ecc..ce62e5ed7d 100644 --- a/fuzzers/libfuzzer_libpng_accounting/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_accounting/src/lib.rs @@ -198,7 +198,7 @@ pub fn libafl_main() { let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_libpng_centralized/src/lib.rs b/fuzzers/libfuzzer_libpng_centralized/src/lib.rs index ed6b926727..f5bb6c3b36 100644 --- a/fuzzers/libfuzzer_libpng_centralized/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_centralized/src/lib.rs @@ -230,7 +230,7 @@ pub fn libafl_main() { let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_libpng_cmin/src/lib.rs b/fuzzers/libfuzzer_libpng_cmin/src/lib.rs index 40b21cbd74..1fc59e6bf2 100644 --- a/fuzzers/libfuzzer_libpng_cmin/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_cmin/src/lib.rs @@ -156,7 +156,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); #[cfg(feature = "crash")] diff --git a/fuzzers/libfuzzer_libpng_ctx/src/lib.rs b/fuzzers/libfuzzer_libpng_ctx/src/lib.rs index 31f388f10f..9ae48549c8 100644 --- a/fuzzers/libfuzzer_libpng_ctx/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_ctx/src/lib.rs @@ -189,7 +189,7 @@ pub fn libafl_main() { let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs index 2a342b07a5..ffef102464 100644 --- a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs @@ -194,7 +194,7 @@ pub fn libafl_main() { let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_libpng_norestart/src/lib.rs b/fuzzers/libfuzzer_libpng_norestart/src/lib.rs index fa42f48fab..cabc4a5354 100644 --- a/fuzzers/libfuzzer_libpng_norestart/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_norestart/src/lib.rs @@ -215,7 +215,7 @@ pub fn libafl_main() { let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_libpng_tcp_manager/src/lib.rs b/fuzzers/libfuzzer_libpng_tcp_manager/src/lib.rs index 208c5210cd..882dac2530 100644 --- a/fuzzers/libfuzzer_libpng_tcp_manager/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_tcp_manager/src/lib.rs @@ -155,7 +155,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); #[cfg(feature = "crash")] diff --git a/fuzzers/libfuzzer_reachability/src/lib.rs b/fuzzers/libfuzzer_reachability/src/lib.rs index 8b1e87f474..ad6d049605 100644 --- a/fuzzers/libfuzzer_reachability/src/lib.rs +++ b/fuzzers/libfuzzer_reachability/src/lib.rs @@ -112,7 +112,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_stb_image/src/main.rs b/fuzzers/libfuzzer_stb_image/src/main.rs index 9b70d6d0fd..e80360a11b 100644 --- a/fuzzers/libfuzzer_stb_image/src/main.rs +++ b/fuzzers/libfuzzer_stb_image/src/main.rs @@ -115,7 +115,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs index 00894c1621..ac514f3c54 100644 --- a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs +++ b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs @@ -153,7 +153,7 @@ fn fuzz( let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/libfuzzer_windows_asan/src/lib.rs b/fuzzers/libfuzzer_windows_asan/src/lib.rs index ff09b37cc6..0cb39415a7 100644 --- a/fuzzers/libfuzzer_windows_asan/src/lib.rs +++ b/fuzzers/libfuzzer_windows_asan/src/lib.rs @@ -122,7 +122,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/fuzzers/nautilus_sync/src/lib.rs b/fuzzers/nautilus_sync/src/lib.rs index e21929c07d..e94302a65a 100644 --- a/fuzzers/nautilus_sync/src/lib.rs +++ b/fuzzers/nautilus_sync/src/lib.rs @@ -135,7 +135,7 @@ pub fn libafl_main() { let mut bytes = vec![]; // The closure that we want to fuzz - let mut harness = |input: &mut NautilusInput| { + let mut harness = |input: &NautilusInput| { input.unparse(&context, &mut bytes); libfuzzer_test_one_input(&bytes); ExitKind::Ok diff --git a/fuzzers/push_harness/src/main.rs b/fuzzers/push_harness/src/main.rs index 4a0da50f94..a2ad03f20d 100644 --- a/fuzzers/push_harness/src/main.rs +++ b/fuzzers/push_harness/src/main.rs @@ -32,7 +32,7 @@ fn signals_set(idx: usize) { #[allow(clippy::similar_names)] fn input_generator() { // The closure that produced the input for the generator - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { // The `yield_` switches execution context back to the loop in `main`. // When `resume` is called, we return to this function. yield_(input); diff --git a/fuzzers/qemu_coverage/src/fuzzer.rs b/fuzzers/qemu_coverage/src/fuzzer.rs index 2279c71c20..c69192960b 100644 --- a/fuzzers/qemu_coverage/src/fuzzer.rs +++ b/fuzzers/qemu_coverage/src/fuzzer.rs @@ -203,7 +203,7 @@ pub fn fuzz() { let input_addr = emu.map_private(0, 4096, MmapPerms::ReadWrite).unwrap(); println!("Placing input at {input_addr:#x}"); - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target .as_slice() diff --git a/fuzzers/qemu_launcher/src/fuzzer.rs b/fuzzers/qemu_launcher/src/fuzzer.rs index 7ab9a44dd7..e422e8727b 100644 --- a/fuzzers/qemu_launcher/src/fuzzer.rs +++ b/fuzzers/qemu_launcher/src/fuzzer.rs @@ -210,7 +210,7 @@ pub fn fuzz() { let input_addr = emu.map_private(0, 4096, MmapPerms::ReadWrite).unwrap(); println!("Placing input at {input_addr:#x}"); - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target .as_slice() diff --git a/fuzzers/qemu_systemmode/src/fuzzer.rs b/fuzzers/qemu_systemmode/src/fuzzer.rs index fe64aa5606..74fbd0b1dd 100644 --- a/fuzzers/qemu_systemmode/src/fuzzer.rs +++ b/fuzzers/qemu_systemmode/src/fuzzer.rs @@ -99,7 +99,7 @@ pub fn fuzz() { let snap = emu.create_fast_snapshot(true); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let mut buf = target.as_slice(); let len = buf.len(); diff --git a/fuzzers/tutorial/src/lib.rs b/fuzzers/tutorial/src/lib.rs index ff76a480cb..725b732890 100644 --- a/fuzzers/tutorial/src/lib.rs +++ b/fuzzers/tutorial/src/lib.rs @@ -56,7 +56,7 @@ pub fn libafl_main() { /// The actual fuzzer fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Result<(), Error> { // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut PacketData| { + let mut harness = |input: &PacketData| { let target = input.target_bytes(); let buf = target.as_slice(); libfuzzer_test_one_input(buf); diff --git a/libafl/src/bolts/minibsod.rs b/libafl/src/bolts/minibsod.rs index c3397de308..f312ba39ae 100644 --- a/libafl/src/bolts/minibsod.rs +++ b/libafl/src/bolts/minibsod.rs @@ -54,11 +54,11 @@ pub fn dump_registers( writer: &mut BufWriter, ucontext: &ucontext_t, ) -> Result<(), std::io::Error> { - for reg in 0..31_usize { + for reg in 0..31 { write!( writer, "x{:02}: 0x{:016x} ", - reg, ucontext.uc_mcontext.regs[reg] + reg, ucontext.uc_mcontext.regs[reg as usize] )?; if reg % 4 == 3 { writeln!(writer)?; diff --git a/libafl/src/bolts/shmem.rs b/libafl/src/bolts/shmem.rs index cd0ac56601..530129dbd3 100644 --- a/libafl/src/bolts/shmem.rs +++ b/libafl/src/bolts/shmem.rs @@ -2,8 +2,6 @@ //! too.) use alloc::{rc::Rc, string::ToString}; -#[cfg(feature = "std")] -use core::num::TryFromIntError; use core::{ cell::RefCell, fmt::{self, Debug, Display}, @@ -1444,34 +1442,23 @@ impl std::io::Seek for ShMemCursor { std::io::SeekFrom::Start(s) => s, std::io::SeekFrom::End(offset) => { let map_len = self.inner.as_slice().len(); - let signed_pos: i64 = map_len.try_into().map_err(|e: TryFromIntError| { - std::io::Error::new(std::io::ErrorKind::Other, e) - })?; - let effective = signed_pos.checked_add(offset).ok_or_else(|| { - std::io::Error::new(std::io::ErrorKind::Other, "Invalid offset") - })?; + i64::try_from(map_len).unwrap(); + let signed_pos = i64::try_from(map_len).unwrap(); + let effective = signed_pos.checked_add(offset).unwrap(); assert!(effective >= 0); - effective.try_into().map_err(|e: TryFromIntError| { - std::io::Error::new(std::io::ErrorKind::Other, e) - })? + effective.try_into().unwrap() } std::io::SeekFrom::Current(offset) => { let current_pos = self.pos; - let signed_pos: i64 = current_pos.try_into().map_err(|e: TryFromIntError| { - std::io::Error::new(std::io::ErrorKind::Other, e) - })?; - let effective = signed_pos.checked_add(offset).ok_or_else(|| { - std::io::Error::new(std::io::ErrorKind::Other, "Invalid offset") - })?; + i64::try_from(current_pos).unwrap(); + let signed_pos = i64::try_from(current_pos).unwrap(); + let effective = signed_pos.checked_add(offset).unwrap(); assert!(effective >= 0); - effective.try_into().map_err(|e: TryFromIntError| { - std::io::Error::new(std::io::ErrorKind::Other, e) - })? + effective.try_into().unwrap() } }; - self.pos = effective_new_pos - .try_into() - .map_err(|e: TryFromIntError| std::io::Error::new(std::io::ErrorKind::Other, e))?; + usize::try_from(effective_new_pos).unwrap(); + self.pos = effective_new_pos as usize; Ok(effective_new_pos) } } diff --git a/libafl/src/corpus/minimizer.rs b/libafl/src/corpus/minimizer.rs index f11dea72eb..7ab506fa64 100644 --- a/libafl/src/corpus/minimizer.rs +++ b/libafl/src/corpus/minimizer.rs @@ -128,7 +128,7 @@ where // Execute the input; we cannot rely on the metadata already being present. executor.observers_mut().pre_exec_all(state, &input)?; - let kind = executor.run_target(fuzzer, state, manager, &mut input.clone())?; + let kind = executor.run_target(fuzzer, state, manager, &input)?; executor .observers_mut() .post_exec_all(state, &input, &kind)?; diff --git a/libafl/src/events/llmp.rs b/libafl/src/events/llmp.rs index fa7e71f33f..278b780949 100644 --- a/libafl/src/events/llmp.rs +++ b/libafl/src/events/llmp.rs @@ -1770,7 +1770,7 @@ mod tests { let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); - let mut harness = |_buf: &mut BytesInput| ExitKind::Ok; + let mut harness = |_buf: &BytesInput| ExitKind::Ok; let mut executor = InProcessExecutor::new( &mut harness, tuple_list!(), diff --git a/libafl/src/executors/combined.rs b/libafl/src/executors/combined.rs index f28e81a294..708baa8c7f 100644 --- a/libafl/src/executors/combined.rs +++ b/libafl/src/executors/combined.rs @@ -52,7 +52,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let ret = self.primary.run_target(fuzzer, state, mgr, input); self.primary.post_run_reset(); diff --git a/libafl/src/executors/command.rs b/libafl/src/executors/command.rs index 1d2aea7c5c..256ab875bf 100644 --- a/libafl/src/executors/command.rs +++ b/libafl/src/executors/command.rs @@ -323,7 +323,7 @@ where _fuzzer: &mut Z, _state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { use std::os::unix::prelude::ExitStatusExt; @@ -712,7 +712,7 @@ mod tests { &mut NopFuzzer::new(), &mut NopState::new(), &mut mgr, - &mut BytesInput::new(b"test".to_vec()), + &BytesInput::new(b"test".to_vec()), ) .unwrap(); } @@ -740,7 +740,7 @@ mod tests { &mut NopFuzzer::new(), &mut NopState::new(), &mut mgr, - &mut BytesInput::new(b"test".to_vec()), + &BytesInput::new(b"test".to_vec()), ) .unwrap(); } diff --git a/libafl/src/executors/differential.rs b/libafl/src/executors/differential.rs index 3777ec1dc9..850a246115 100644 --- a/libafl/src/executors/differential.rs +++ b/libafl/src/executors/differential.rs @@ -68,7 +68,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { self.observers(); // update in advance let observers = self.observers.get_mut(); diff --git a/libafl/src/executors/forkserver.rs b/libafl/src/executors/forkserver.rs index c725041a61..99545f9e3b 100644 --- a/libafl/src/executors/forkserver.rs +++ b/libafl/src/executors/forkserver.rs @@ -429,7 +429,7 @@ where _fuzzer: &mut Z, _state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let mut exit_kind = ExitKind::Ok; @@ -1091,7 +1091,7 @@ where _fuzzer: &mut Z, _state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let mut exit_kind = ExitKind::Ok; diff --git a/libafl/src/executors/inprocess.rs b/libafl/src/executors/inprocess.rs index e92cc37d13..6dba53d80b 100644 --- a/libafl/src/executors/inprocess.rs +++ b/libafl/src/executors/inprocess.rs @@ -56,27 +56,22 @@ use crate::{ Error, }; -/// [`InProcessExecutor`] calls a target function as a mutable reference to a closure with a -/// mutable reference to the input as an argument to allow the harness to mutate the input +/// The process executor simply calls a target function, as mutable reference to a closure pub type InProcessExecutor<'a, H, OT, S> = GenericInProcessExecutor; -/// [`OwnedInProcessExecutor`] calls a boxed target function as a mutable reference -/// to a closure with a mutable reference to the input as an argument to allow the -/// harness to mutate the input +/// The process executor simply calls a target function, as boxed `FnMut` trait object pub type OwnedInProcessExecutor = GenericInProcessExecutor< - dyn FnMut(&mut ::Input) -> ExitKind, - Box::Input) -> ExitKind>, + dyn FnMut(&::Input) -> ExitKind, + Box::Input) -> ExitKind>, OT, S, >; -/// The [`GenericInProcessExecutor`] calls a target function as a mutable reference -/// to a closure with a mutable reference to the input as an argument to allow the -/// harness to mutate the input, and returns afterwards +/// The inmem executor simply calls a target function, then returns afterwards. #[allow(dead_code)] pub struct GenericInProcessExecutor where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, HB: BorrowMut, OT: ObserversTuple, S: UsesInput, @@ -92,7 +87,7 @@ where impl Debug for GenericInProcessExecutor where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, HB: BorrowMut, OT: ObserversTuple, S: UsesInput, @@ -107,7 +102,7 @@ where impl UsesState for GenericInProcessExecutor where - H: ?Sized + FnMut(&mut S::Input) -> ExitKind, + H: ?Sized + FnMut(&S::Input) -> ExitKind, HB: BorrowMut, OT: ObserversTuple, S: UsesInput, @@ -117,7 +112,7 @@ where impl UsesObservers for GenericInProcessExecutor where - H: ?Sized + FnMut(&mut S::Input) -> ExitKind, + H: ?Sized + FnMut(&S::Input) -> ExitKind, HB: BorrowMut, OT: ObserversTuple, S: UsesInput, @@ -127,7 +122,7 @@ where impl Executor for GenericInProcessExecutor where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, HB: BorrowMut, EM: UsesState, OT: ObserversTuple, @@ -139,7 +134,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { self.handlers .pre_run_target(self, fuzzer, state, mgr, input); @@ -151,9 +146,27 @@ where } } +impl HasObservers for GenericInProcessExecutor +where + H: FnMut(&S::Input) -> ExitKind + ?Sized, + HB: BorrowMut, + OT: ObserversTuple, + S: UsesInput, +{ + #[inline] + fn observers(&self) -> &OT { + &self.observers + } + + #[inline] + fn observers_mut(&mut self) -> &mut OT { + &mut self.observers + } +} + impl GenericInProcessExecutor where - H: FnMut(&mut ::Input) -> ExitKind + ?Sized, + H: FnMut(&::Input) -> ExitKind + ?Sized, HB: BorrowMut, OT: ObserversTuple, S: HasSolutions + HasClientPerfMonitor + HasCorpus + HasExecutions, @@ -161,8 +174,7 @@ where /// Create a new in mem executor. /// Caution: crash and restart in one of them will lead to odd behavior if multiple are used, /// depending on different corpus or state. - /// * `harness_fn` - the harness, executing the function. The harness may also mutate the - /// input. + /// * `harness_fn` - the harness, executing the function /// * `observers` - the observers observing the target during execution /// This may return an error on unix, if signal handler setup fails pub fn new( @@ -231,24 +243,6 @@ where } } -impl HasObservers for GenericInProcessExecutor -where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, - HB: BorrowMut, - OT: ObserversTuple, - S: UsesInput, -{ - #[inline] - fn observers(&self) -> &OT { - &self.observers - } - - #[inline] - fn observers_mut(&mut self) -> &mut OT { - &mut self.observers - } -} - /// The struct has [`InProcessHandlers`]. #[cfg(windows)] pub trait HasInProcessHandlers { @@ -259,7 +253,7 @@ pub trait HasInProcessHandlers { #[cfg(windows)] impl HasInProcessHandlers for GenericInProcessExecutor where - H: FnMut(&mut ::Input) -> ExitKind + ?Sized, + H: FnMut(&::Input) -> ExitKind + ?Sized, HB: BorrowMut, OT: ObserversTuple, S: HasSolutions + HasClientPerfMonitor + HasCorpus + HasExecutions, @@ -1615,12 +1609,10 @@ extern "C" { const ITIMER_REAL: libc::c_int = 0; /// [`InProcessForkExecutor`] is an executor that forks the current process before each execution. -/// It is the same as [`InProcessForkExecutor`] except that it allows the harness input to be -/// mutated. #[cfg(all(feature = "std", unix))] pub struct InProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1636,7 +1628,7 @@ where #[cfg(all(feature = "std", unix))] pub struct TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1655,7 +1647,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> Debug for InProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1671,7 +1663,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> Debug for TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1700,7 +1692,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> UsesState for InProcessForkExecutor<'a, H, OT, S, SP> where - H: ?Sized + FnMut(&mut S::Input) -> ExitKind, + H: ?Sized + FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1711,7 +1703,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> UsesState for TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where - H: ?Sized + FnMut(&mut S::Input) -> ExitKind, + H: ?Sized + FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1723,7 +1715,7 @@ where impl<'a, EM, H, OT, S, SP, Z> Executor for InProcessForkExecutor<'a, H, OT, S, SP> where EM: UsesState, - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1736,7 +1728,7 @@ where _fuzzer: &mut Z, state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { unsafe { self.shmem_provider.pre_fork()?; @@ -1791,7 +1783,7 @@ where impl<'a, EM, H, OT, S, SP, Z> Executor for TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where EM: UsesState, - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -1804,7 +1796,7 @@ where _fuzzer: &mut Z, state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { unsafe { self.shmem_provider.pre_fork()?; @@ -1893,7 +1885,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> InProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, OT: ObserversTuple, S: UsesInput + HasCorpus, SP: ShMemProvider, @@ -1942,7 +1934,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, S: UsesInput + HasCorpus, OT: ObserversTuple, SP: ShMemProvider, @@ -2053,7 +2045,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> UsesObservers for InProcessForkExecutor<'a, H, OT, S, SP> where - H: ?Sized + FnMut(&mut S::Input) -> ExitKind, + H: ?Sized + FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -2064,7 +2056,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> UsesObservers for TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where - H: ?Sized + FnMut(&mut S::Input) -> ExitKind, + H: ?Sized + FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, @@ -2075,7 +2067,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> HasObservers for InProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, S: UsesInput, OT: ObserversTuple, SP: ShMemProvider, @@ -2094,7 +2086,7 @@ where #[cfg(all(feature = "std", unix))] impl<'a, H, OT, S, SP> HasObservers for TimeoutInProcessForkExecutor<'a, H, OT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind + ?Sized, + H: FnMut(&S::Input) -> ExitKind + ?Sized, S: UsesInput, OT: ObserversTuple, SP: ShMemProvider, @@ -2222,7 +2214,7 @@ mod tests { #[test] fn test_inmem_exec() { - let mut harness = |_buf: &mut NopInput| ExitKind::Ok; + let mut harness = |_buf: &NopInput| ExitKind::Ok; let mut in_process_executor = InProcessExecutor::<_, _, _> { harness_fn: &mut harness, @@ -2230,13 +2222,13 @@ mod tests { handlers: InProcessHandlers::nop(), phantom: PhantomData, }; - let mut input = NopInput {}; + let input = NopInput {}; in_process_executor .run_target( &mut NopFuzzer::new(), &mut NopState::new(), &mut NopEventManager::new(), - &mut input, + &input, ) .unwrap(); } @@ -2256,7 +2248,7 @@ mod tests { let provider = StdShMemProvider::new().unwrap(); - let mut harness = |_buf: &mut NopInput| ExitKind::Ok; + let mut harness = |_buf: &NopInput| ExitKind::Ok; let mut in_process_fork_executor = InProcessForkExecutor::<_, (), _, _> { harness_fn: &mut harness, shmem_provider: provider, @@ -2264,12 +2256,12 @@ mod tests { handlers: InChildProcessHandlers::nop(), phantom: PhantomData, }; - let mut input = NopInput {}; + let input = NopInput {}; let mut fuzzer = NopFuzzer::new(); let mut state = NopState::new(); let mut mgr = SimpleEventManager::printing(); in_process_fork_executor - .run_target(&mut fuzzer, &mut state, &mut mgr, &mut input) + .run_target(&mut fuzzer, &mut state, &mut mgr, &input) .unwrap(); } } @@ -2311,7 +2303,7 @@ pub mod pybind { ) -> Self { Self { inner: OwnedInProcessExecutor::new( - Box::new(move |input: &mut BytesInput| { + Box::new(move |input: &BytesInput| { Python::with_gil(|py| -> PyResult<()> { let args = (PyBytes::new(py, input.bytes()),); harness.call1(py, args)?; diff --git a/libafl/src/executors/mod.rs b/libafl/src/executors/mod.rs index 66d3f426cc..bf4e5e44b4 100644 --- a/libafl/src/executors/mod.rs +++ b/libafl/src/executors/mod.rs @@ -3,7 +3,7 @@ pub mod inprocess; pub use inprocess::InProcessExecutor; #[cfg(all(feature = "std", feature = "fork", unix))] -pub use inprocess::{InProcessForkExecutor, TimeoutInProcessForkExecutor}; +pub use inprocess::InProcessForkExecutor; pub mod differential; pub use differential::DiffExecutor; @@ -121,7 +121,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result; /// Wraps this Executor with the given [`ObserversTuple`] to implement [`HasObservers`]. @@ -167,7 +167,7 @@ where _fuzzer: &mut Z, _state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { if input.target_bytes().as_slice().is_empty() { Err(Error::empty("Input Empty")) @@ -186,8 +186,8 @@ mod test { #[test] fn nop_executor() { - let mut empty_input = BytesInput::new(vec![]); - let mut nonempty_input = BytesInput::new(vec![1u8]); + let empty_input = BytesInput::new(vec![]); + let nonempty_input = BytesInput::new(vec![1u8]); let mut executor = NopExecutor { phantom: PhantomData, }; @@ -200,7 +200,7 @@ mod test { &mut fuzzer, &mut state, &mut NopEventManager::new(), - &mut empty_input, + &empty_input, ) .unwrap_err(); executor @@ -208,7 +208,7 @@ mod test { &mut fuzzer, &mut state, &mut NopEventManager::new(), - &mut nonempty_input, + &nonempty_input, ) .unwrap(); } @@ -352,7 +352,7 @@ pub mod pybind { fuzzer: &mut PythonStdFuzzer, state: &mut Self::State, mgr: &mut PythonEventManager, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let ek = Python::with_gil(|py| -> PyResult<_> { let ek: PythonExitKind = self @@ -475,7 +475,7 @@ pub mod pybind { fuzzer: &mut PythonStdFuzzer, state: &mut Self::State, mgr: &mut PythonEventManager, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { unwrap_me_mut!(self.wrapper, e, { e.run_target(fuzzer, state, mgr, input) }) } diff --git a/libafl/src/executors/shadow.rs b/libafl/src/executors/shadow.rs index 161774d77d..bf749268c7 100644 --- a/libafl/src/executors/shadow.rs +++ b/libafl/src/executors/shadow.rs @@ -68,10 +68,9 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { - let mut input = input.clone(); - self.executor.run_target(fuzzer, state, mgr, &mut input) + self.executor.run_target(fuzzer, state, mgr, input) } } diff --git a/libafl/src/executors/timeout.rs b/libafl/src/executors/timeout.rs index bf44fed37c..740c4be288 100644 --- a/libafl/src/executors/timeout.rs +++ b/libafl/src/executors/timeout.rs @@ -385,7 +385,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { unsafe { let data = &mut GLOBAL_STATE; @@ -460,7 +460,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { unsafe { if self.batch_mode { @@ -533,7 +533,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { unsafe { setitimer(ITIMER_REAL, &mut self.itimerval, null_mut()); diff --git a/libafl/src/executors/with_observers.rs b/libafl/src/executors/with_observers.rs index b636a40007..e36e8e8130 100644 --- a/libafl/src/executors/with_observers.rs +++ b/libafl/src/executors/with_observers.rs @@ -28,7 +28,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { self.executor.run_target(fuzzer, state, mgr, input) } diff --git a/libafl/src/fuzzer/mod.rs b/libafl/src/fuzzer/mod.rs index 84e83ae92f..5fd55b5771 100644 --- a/libafl/src/fuzzer/mod.rs +++ b/libafl/src/fuzzer/mod.rs @@ -458,14 +458,14 @@ where state: &mut Self::State, executor: &mut E, manager: &mut EM, - mut input: ::Input, + input: ::Input, send_events: bool, ) -> Result<(ExecuteInputResult, Option), Error> where E: Executor + HasObservers, EM: EventFirer, { - let exit_kind = self.execute_input(state, executor, manager, &mut input)?; + let exit_kind = self.execute_input(state, executor, manager, &input)?; let observers = executor.observers(); self.scheduler.on_evaluation(state, &input, observers)?; @@ -503,9 +503,9 @@ where state: &mut CS::State, executor: &mut E, manager: &mut EM, - mut input: ::Input, + input: ::Input, ) -> Result { - let exit_kind = self.execute_input(state, executor, manager, &mut input)?; + let exit_kind = self.execute_input(state, executor, manager, &input)?; let observers = executor.observers(); // Always consider this to be "interesting" @@ -649,7 +649,7 @@ where state: &mut CS::State, executor: &mut E, event_mgr: &mut EM, - input: &mut ::Input, + input: &::Input, ) -> Result where E: Executor + HasObservers, @@ -688,7 +688,7 @@ where state: &mut Self::State, executor: &mut E, event_mgr: &mut EM, - input: &mut ::Input, + input: &::Input, ) -> Result; } @@ -707,7 +707,7 @@ where state: &mut CS::State, executor: &mut E, event_mgr: &mut EM, - input: &mut ::Input, + input: &::Input, ) -> Result { start_timer!(state); executor.observers_mut().pre_exec_all(state, input)?; diff --git a/libafl/src/lib.rs b/libafl/src/lib.rs index f41830d0b2..2bb0915903 100644 --- a/libafl/src/lib.rs +++ b/libafl/src/lib.rs @@ -502,7 +502,7 @@ mod tests { let scheduler = RandScheduler::new(); let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); - let mut harness = |_buf: &mut BytesInput| ExitKind::Ok; + let mut harness = |_buf: &BytesInput| ExitKind::Ok; let mut executor = InProcessExecutor::new( &mut harness, tuple_list!(), diff --git a/libafl/src/mutators/mutations.rs b/libafl/src/mutators/mutations.rs index a3e2c344d9..55a8c51db3 100644 --- a/libafl/src/mutators/mutations.rs +++ b/libafl/src/mutators/mutations.rs @@ -1239,20 +1239,20 @@ impl CrossoverReplaceMutator { } /// Returns the first and last diff position between the given vectors, stopping at the min len -fn locate_diffs(this: &[u8], other: &[u8]) -> Result<(i64, i64), Error> { +fn locate_diffs(this: &[u8], other: &[u8]) -> (i64, i64) { let mut first_diff: i64 = -1; let mut last_diff: i64 = -1; for (i, (this_el, other_el)) in this.iter().zip(other.iter()).enumerate() { #[allow(clippy::cast_possible_wrap)] if this_el != other_el { if first_diff < 0 { - first_diff = i.try_into()?; + first_diff = i as i64; } - last_diff = i.try_into()?; + last_diff = i as i64; } } - Ok((first_diff, last_diff)) + (first_diff, last_diff) } /// Splice mutation for inputs with a bytes vector @@ -1285,7 +1285,7 @@ where let mut counter: u32 = 0; loop { - let (f, l) = locate_diffs(input.bytes(), other.bytes())?; + let (f, l) = locate_diffs(input.bytes(), other.bytes()); if f != l && f >= 0 && l >= 2 { break (f as u64, l as u64); diff --git a/libafl/src/mutators/token_mutations.rs b/libafl/src/mutators/token_mutations.rs index 321a9d7cda..3fc9457de5 100644 --- a/libafl/src/mutators/token_mutations.rs +++ b/libafl/src/mutators/token_mutations.rs @@ -1867,13 +1867,13 @@ mod tests { #[test] fn test_read_tokens() { let _res = fs::remove_file("test.tkns"); - let data = r#" + let data = r###" # comment token1@123="AAA" token1="A\x41A" "A\AA" token2="B" - "#; + "###; fs::write("test.tkns", data).expect("Unable to write test.tkns"); let tokens = Tokens::from_file("test.tkns").unwrap(); log::info!("Token file entries: {:?}", tokens.tokens()); diff --git a/libafl/src/schedulers/ecofuzz.rs b/libafl/src/schedulers/ecofuzz.rs index 131bcd8cc0..cddfec41c2 100644 --- a/libafl/src/schedulers/ecofuzz.rs +++ b/libafl/src/schedulers/ecofuzz.rs @@ -148,8 +148,10 @@ where for id in state.corpus().ids() { let was_fuzzed = state.testcase(id)?.scheduled_count() > 0; if !was_fuzzed { + let selection = Some(id); state.metadata_mut::()?.state = EcoState::Exploration; - return Ok(id); + #[allow(clippy::unnecessary_literal_unwrap)] // false positive + return Ok(selection.expect("Error in the algorithm, this cannot be None")); } } diff --git a/libafl/src/stages/calibrate.rs b/libafl/src/stages/calibrate.rs index a9e5671790..84b863fbba 100644 --- a/libafl/src/stages/calibrate.rs +++ b/libafl/src/stages/calibrate.rs @@ -122,7 +122,7 @@ where let mut start = current_time(); - let exit_kind = executor.run_target(fuzzer, state, mgr, &mut input.clone())?; + let exit_kind = executor.run_target(fuzzer, state, mgr, &input)?; let mut total_time = if exit_kind == ExitKind::Ok { current_time() - start } else { @@ -158,7 +158,7 @@ where executor.observers_mut().pre_exec_all(state, &input)?; start = current_time(); - let exit_kind = executor.run_target(fuzzer, state, mgr, &mut input.clone())?; + let exit_kind = executor.run_target(fuzzer, state, mgr, &input)?; if exit_kind != ExitKind::Ok { if !has_errors { mgr.log( diff --git a/libafl/src/stages/colorization.rs b/libafl/src/stages/colorization.rs index 13065c0a49..9f26aaab56 100644 --- a/libafl/src/stages/colorization.rs +++ b/libafl/src/stages/colorization.rs @@ -302,7 +302,7 @@ where ) -> Result { executor.observers_mut().pre_exec_all(state, &input)?; - let exit_kind = executor.run_target(fuzzer, state, manager, &mut input.clone())?; + let exit_kind = executor.run_target(fuzzer, state, manager, &input)?; let observer = executor .observers() diff --git a/libafl/src/stages/generalization.rs b/libafl/src/stages/generalization.rs index 6fc8cad736..8ab9d53aea 100644 --- a/libafl/src/stages/generalization.rs +++ b/libafl/src/stages/generalization.rs @@ -354,7 +354,7 @@ where mark_feature_time!(state, PerfFeature::PreExecObservers); start_timer!(state); - let exit_kind = executor.run_target(fuzzer, state, manager, &mut input.clone())?; + let exit_kind = executor.run_target(fuzzer, state, manager, input)?; mark_feature_time!(state, PerfFeature::TargetExecution); *state.executions_mut() += 1; diff --git a/libafl/src/stages/mod.rs b/libafl/src/stages/mod.rs index ee790cc0ec..5e82155b5a 100644 --- a/libafl/src/stages/mod.rs +++ b/libafl/src/stages/mod.rs @@ -276,14 +276,14 @@ where push_stage.init(fuzzer, state, event_mgr, executor.observers_mut())?; loop { - let mut input = + let input = match push_stage.pre_exec(fuzzer, state, event_mgr, executor.observers_mut()) { Some(Ok(next_input)) => next_input, Some(Err(err)) => return Err(err), None => break, }; - let exit_kind = fuzzer.execute_input(state, executor, event_mgr, &mut input)?; + let exit_kind = fuzzer.execute_input(state, executor, event_mgr, &input)?; push_stage.post_exec( fuzzer, diff --git a/libafl/src/stages/tmin.rs b/libafl/src/stages/tmin.rs index f52e735473..52985cb136 100644 --- a/libafl/src/stages/tmin.rs +++ b/libafl/src/stages/tmin.rs @@ -78,7 +78,7 @@ where let base_hash = hasher.finish(); mark_feature_time!(state, PerfFeature::GetInputFromCorpus); - fuzzer.execute_input(state, executor, manager, &mut base)?; + fuzzer.execute_input(state, executor, manager, &base)?; let observers = executor.observers(); let mut feedback = self.create_feedback(observers); @@ -106,7 +106,7 @@ where let corpus_idx = if input.len() < before_len { // run the input - let exit_kind = fuzzer.execute_input(state, executor, manager, &mut input)?; + let exit_kind = fuzzer.execute_input(state, executor, manager, &input)?; let observers = executor.observers(); // let the fuzzer process this execution -- it's possible that we find something @@ -156,7 +156,7 @@ where base.hash(&mut hasher); let new_hash = hasher.finish(); if base_hash != new_hash { - let exit_kind = fuzzer.execute_input(state, executor, manager, &mut base)?; + let exit_kind = fuzzer.execute_input(state, executor, manager, &base)?; let observers = executor.observers(); *state.executions_mut() += 1; // assumption: this input should not be marked interesting because it was not diff --git a/libafl/src/stages/tracing.rs b/libafl/src/stages/tracing.rs index 548c3905ca..8edcd7885f 100644 --- a/libafl/src/stages/tracing.rs +++ b/libafl/src/stages/tracing.rs @@ -62,9 +62,9 @@ where mark_feature_time!(state, PerfFeature::PreExecObservers); start_timer!(state); - let exit_kind = - self.tracer_executor - .run_target(fuzzer, state, manager, &mut input.clone())?; + let exit_kind = self + .tracer_executor + .run_target(fuzzer, state, manager, &input)?; mark_feature_time!(state, PerfFeature::TargetExecution); *state.executions_mut() += 1; @@ -138,8 +138,7 @@ where ) -> Result<(), Error> { // First run with the un-mutated input - let original_unmutated_input = state.corpus().cloned_input_for_id(corpus_idx)?; - let mut unmutated_input = state.corpus().cloned_input_for_id(corpus_idx)?; + let unmutated_input = state.corpus().cloned_input_for_id(corpus_idx)?; if let Some(name) = &self.cmplog_observer_name { if let Some(ob) = self @@ -157,19 +156,17 @@ where self.tracer_executor .observers_mut() - .pre_exec_all(state, &original_unmutated_input)?; + .pre_exec_all(state, &unmutated_input)?; let exit_kind = self.tracer_executor - .run_target(fuzzer, state, manager, &mut unmutated_input)?; + .run_target(fuzzer, state, manager, &unmutated_input)?; *state.executions_mut() += 1; - self.tracer_executor.observers_mut().post_exec_all( - state, - &original_unmutated_input, - &exit_kind, - )?; + self.tracer_executor + .observers_mut() + .post_exec_all(state, &unmutated_input, &exit_kind)?; // Second run with the mutated input let mutated_input = match state.metadata_map().get::() { @@ -195,9 +192,9 @@ where .observers_mut() .pre_exec_all(state, &mutated_input)?; - let exit_kind = - self.tracer_executor - .run_target(fuzzer, state, manager, &mut mutated_input.clone())?; + let exit_kind = self + .tracer_executor + .run_target(fuzzer, state, manager, &mutated_input)?; *state.executions_mut() += 1; @@ -283,7 +280,7 @@ where mark_feature_time!(state, PerfFeature::PreExecObservers); start_timer!(state); - let exit_kind = executor.run_target(fuzzer, state, manager, &mut input.clone())?; + let exit_kind = executor.run_target(fuzzer, state, manager, &input)?; mark_feature_time!(state, PerfFeature::TargetExecution); *state.executions_mut() += 1; diff --git a/libafl_frida/src/alloc.rs b/libafl_frida/src/alloc.rs index b6e35dbe88..fe7bb00fca 100644 --- a/libafl_frida/src/alloc.rs +++ b/libafl_frida/src/alloc.rs @@ -385,13 +385,14 @@ impl Allocator { metadatas.sort_by(|a, b| a.address.cmp(&b.address)); let mut offset_to_closest = i64::max_value(); let mut closest = None; - let ptr: i64 = ptr.try_into().unwrap(); for metadata in metadatas { - let address: i64 = metadata.address.try_into().unwrap(); let new_offset = if hint_base == metadata.address { - (ptr - address).abs() + (ptr as i64 - metadata.address as i64).abs() } else { - std::cmp::min(offset_to_closest, (ptr - address).abs()) + std::cmp::min( + offset_to_closest, + (ptr as i64 - metadata.address as i64).abs(), + ) }; if new_offset < offset_to_closest { offset_to_closest = new_offset; diff --git a/libafl_frida/src/asan/errors.rs b/libafl_frida/src/asan/errors.rs index 0bc0488823..4be258c9de 100644 --- a/libafl_frida/src/asan/errors.rs +++ b/libafl_frida/src/asan/errors.rs @@ -251,13 +251,14 @@ impl AsanErrors { cs.set_skipdata(true).expect("failed to set skipdata"); let start_pc = error.pc - 4 * 5; - for insn in &*cs + for insn in cs .disasm_count( unsafe { std::slice::from_raw_parts(start_pc as *mut u8, 4 * 11) }, start_pc as u64, 11, ) .expect("failed to disassemble instructions") + .iter() { if insn.address() as usize == error.pc { output @@ -275,9 +276,7 @@ impl AsanErrors { #[allow(clippy::non_ascii_literal)] writeln!(output, "{:━^100}", " ALLOCATION INFO ").unwrap(); - let fault_address: i64 = fault_address.try_into().unwrap(); - let metadata_address: i64 = error.metadata.address.try_into().unwrap(); - let offset: i64 = fault_address - (metadata_address + 0x1000); + let offset: i64 = fault_address as i64 - (error.metadata.address + 0x1000) as i64; let direction = if offset > 0 { "right" } else { "left" }; writeln!( output, @@ -506,13 +505,14 @@ impl AsanErrors { cs.set_skipdata(true).expect("failed to set skipdata"); let start_pc = pc; - for insn in &*cs + for insn in cs .disasm_count( unsafe { std::slice::from_raw_parts(start_pc as *mut u8, 4 * 11) }, start_pc as u64, 11, ) .expect("failed to disassemble instructions") + .iter() { if insn.address() as usize == pc { output diff --git a/libafl_frida/src/coverage_rt.rs b/libafl_frida/src/coverage_rt.rs index 6efeea0a18..a55e42b999 100644 --- a/libafl_frida/src/coverage_rt.rs +++ b/libafl_frida/src/coverage_rt.rs @@ -150,7 +150,7 @@ impl CoverageRuntime { ; mov QWORD [rsp-0x98], rbx // Load the previous_pc - ; mov rax, QWORD prev_loc_ptr as _ + ; mov rax, QWORD prev_loc_ptr as *mut u64 as _ ; mov rax, QWORD [rax] // Calculate the edge id @@ -158,7 +158,7 @@ impl CoverageRuntime { ; xor rax, rbx // Load the map byte address - ; mov rbx, QWORD map_addr_ptr as _ + ; mov rbx, QWORD map_addr_ptr as *mut [u8; MAP_SIZE] as _ ; add rax, rbx // Update the map byte @@ -168,7 +168,7 @@ impl CoverageRuntime { ; mov BYTE [rax],bl // Update the previous_pc value - ; mov rax, QWORD prev_loc_ptr as _ + ; mov rax, QWORD prev_loc_ptr as *mut u64 as _ ; mov ebx, WORD (h64 >> 1) as i32 ; mov QWORD [rax], rbx diff --git a/libafl_frida/src/executor.rs b/libafl_frida/src/executor.rs index 6650e41e82..85f92753eb 100644 --- a/libafl_frida/src/executor.rs +++ b/libafl_frida/src/executor.rs @@ -24,12 +24,10 @@ use crate::helper::{FridaInstrumentationHelper, FridaRuntimeTuple}; #[cfg(windows)] use crate::windows_hooks::initialize; -/// The [`FridaInProcessExecutor`] is an [`Executor`] that executes the target in the -/// same process, usinig [`frida`](https://frida.re/) for binary-only instrumentation. It is -/// the same as [`FridaInProcessExecutor`] except it allows mutating the input +/// The [`FridaInProcessExecutor`] is an [`Executor`] that executes the target in the same process, usinig [`frida`](https://frida.re/) for binary-only instrumentation. pub struct FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S::Input: HasTargetBytes, S: UsesInput, OT: ObserversTuple, @@ -46,7 +44,7 @@ where impl<'a, 'b, 'c, H, OT, RT, S> Debug for FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, S::Input: HasTargetBytes, OT: ObserversTuple, @@ -64,7 +62,7 @@ impl<'a, 'b, 'c, EM, H, OT, RT, S, Z> Executor for FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where EM: UsesState, - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, S::Input: HasTargetBytes, OT: ObserversTuple, @@ -78,7 +76,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { self.helper.pre_exec(input)?; if self.helper.stalker_enabled() { @@ -108,7 +106,7 @@ where impl<'a, 'b, 'c, H, OT, RT, S> UsesObservers for FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, S: UsesInput, S::Input: HasTargetBytes, @@ -118,7 +116,7 @@ where impl<'a, 'b, 'c, H, OT, RT, S> UsesState for FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, S: UsesInput, S::Input: HasTargetBytes, @@ -128,7 +126,7 @@ where impl<'a, 'b, 'c, H, OT, RT, S> HasObservers for FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S::Input: HasTargetBytes, S: UsesInput, OT: ObserversTuple, @@ -146,7 +144,7 @@ where impl<'a, 'b, 'c, H, OT, S, RT> FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, S::Input: HasTargetBytes, OT: ObserversTuple, @@ -201,7 +199,7 @@ where impl<'a, 'b, 'c, H, OT, RT, S> HasInProcessHandlers for FridaInProcessExecutor<'a, 'b, 'c, H, OT, RT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput + HasClientPerfMonitor + HasSolutions + HasCorpus + HasExecutions, S::Input: HasTargetBytes, OT: ObserversTuple, diff --git a/libafl_nyx/src/executor.rs b/libafl_nyx/src/executor.rs index 76ef54fe5f..0e500b455f 100644 --- a/libafl_nyx/src/executor.rs +++ b/libafl_nyx/src/executor.rs @@ -57,7 +57,7 @@ where _fuzzer: &mut Z, _state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let input_owned = input.target_bytes(); let input = input_owned.as_slice(); diff --git a/libafl_qemu/src/asan.rs b/libafl_qemu/src/asan.rs index ccdfecaaaf..65456196e5 100644 --- a/libafl_qemu/src/asan.rs +++ b/libafl_qemu/src/asan.rs @@ -395,7 +395,7 @@ impl AsanGiovese { if self.snapshot_shadow { let set = self.dirty_shadow.lock().unwrap(); - for &page in &*set { + for &page in set.iter() { let data = Self::get_shadow_page(emu, page).to_vec(); self.saved_shadow.insert(page, data); } @@ -425,7 +425,7 @@ impl AsanGiovese { if self.snapshot_shadow { let mut set = self.dirty_shadow.lock().unwrap(); - for &page in &*set { + for &page in set.iter() { let original = self.saved_shadow.get(&page); if let Some(data) = original { let cur = Self::get_shadow_page(emu, page); @@ -472,7 +472,7 @@ pub fn init_with_asan( |e: &str| "LD_PRELOAD=".to_string() + &asan_lib + " " + &e["LD_PRELOAD=".len()..]; let mut added = false; - for (k, v) in &mut *env { + for (k, v) in env.iter_mut() { if k == "QEMU_SET_ENV" { let mut new_v = vec![]; for e in v.split(',') { diff --git a/libafl_qemu/src/drcov.rs b/libafl_qemu/src/drcov.rs index 4e8057aee4..17ddabe4e1 100644 --- a/libafl_qemu/src/drcov.rs +++ b/libafl_qemu/src/drcov.rs @@ -102,8 +102,8 @@ where if self.full_trace { if DRCOV_IDS.lock().unwrap().as_ref().unwrap().len() > self.drcov_len { let mut drcov_vec = Vec::::new(); - for id in DRCOV_IDS.lock().unwrap().as_ref().unwrap() { - 'pcs_full: for (pc, idm) in DRCOV_MAP.lock().unwrap().as_ref().unwrap() { + for id in DRCOV_IDS.lock().unwrap().as_ref().unwrap().iter() { + 'pcs_full: for (pc, idm) in DRCOV_MAP.lock().unwrap().as_ref().unwrap().iter() { let mut module_found = false; for module in self.module_mapping.iter() { let (range, (_, _)) = module; @@ -141,7 +141,7 @@ where } else { if DRCOV_MAP.lock().unwrap().as_ref().unwrap().len() > self.drcov_len { let mut drcov_vec = Vec::::new(); - 'pcs: for (pc, _) in DRCOV_MAP.lock().unwrap().as_ref().unwrap() { + 'pcs: for (pc, _) in DRCOV_MAP.lock().unwrap().as_ref().unwrap().iter() { let mut module_found = false; for module in self.module_mapping.iter() { let (range, (_, _)) = module; diff --git a/libafl_qemu/src/elf.rs b/libafl_qemu/src/elf.rs index 5917872894..bfc42e5328 100644 --- a/libafl_qemu/src/elf.rs +++ b/libafl_qemu/src/elf.rs @@ -41,7 +41,7 @@ impl<'a> EasyElf<'a> { #[must_use] pub fn resolve_symbol(&self, name: &str, load_addr: GuestAddr) -> Option { - for sym in &self.elf.syms { + for sym in self.elf.syms.iter() { if let Some(sym_name) = self.elf.strtab.get_at(sym.st_name) { if sym_name == name { return if sym.st_value == 0 { diff --git a/libafl_qemu/src/emu.rs b/libafl_qemu/src/emu.rs index cf0360320f..53ae0352b4 100644 --- a/libafl_qemu/src/emu.rs +++ b/libafl_qemu/src/emu.rs @@ -739,10 +739,18 @@ impl Emulator { envp.push(null()); unsafe { #[cfg(emulation_mode = "usermode")] - qemu_user_init(argc, argv.as_ptr(), envp.as_ptr()); + qemu_user_init( + argc, + argv.as_ptr() as *const *const u8, + envp.as_ptr() as *const *const u8, + ); #[cfg(emulation_mode = "systemmode")] { - qemu_init(argc, argv.as_ptr(), envp.as_ptr()); + qemu_init( + argc, + argv.as_ptr() as *const *const u8, + envp.as_ptr() as *const *const u8, + ); libc::atexit(qemu_cleanup_atexit); libafl_qemu_sys::syx_snapshot_init(); } diff --git a/libafl_qemu/src/executor.rs b/libafl_qemu/src/executor.rs index b074571030..918f467651 100644 --- a/libafl_qemu/src/executor.rs +++ b/libafl_qemu/src/executor.rs @@ -21,7 +21,7 @@ use crate::{emu::Emulator, helper::QemuHelperTuple, hooks::QemuHooks}; pub struct QemuExecutor<'a, H, OT, QT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -33,7 +33,7 @@ where impl<'a, H, OT, QT, S> Debug for QemuExecutor<'a, H, OT, QT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -48,7 +48,7 @@ where impl<'a, H, OT, QT, S> QemuExecutor<'a, H, OT, QT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -101,7 +101,7 @@ where impl<'a, EM, H, OT, QT, S, Z> Executor for QemuExecutor<'a, H, OT, QT, S> where EM: UsesState, - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -112,7 +112,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let emu = Emulator::new_empty(); if self.first_exec { @@ -133,7 +133,7 @@ where impl<'a, H, OT, QT, S> UsesState for QemuExecutor<'a, H, OT, QT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, QT: QemuHelperTuple, S: UsesInput, @@ -143,7 +143,7 @@ where impl<'a, H, OT, QT, S> UsesObservers for QemuExecutor<'a, H, OT, QT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, QT: QemuHelperTuple, S: UsesInput, @@ -153,7 +153,7 @@ where impl<'a, H, OT, QT, S> HasObservers for QemuExecutor<'a, H, OT, QT, S> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -172,7 +172,7 @@ where #[cfg(feature = "fork")] pub struct QemuForkExecutor<'a, H, OT, QT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -186,7 +186,7 @@ where #[cfg(feature = "fork")] impl<'a, H, OT, QT, S, SP> Debug for QemuForkExecutor<'a, H, OT, QT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, @@ -203,7 +203,7 @@ where #[cfg(feature = "fork")] impl<'a, H, OT, QT, S, SP> QemuForkExecutor<'a, H, OT, QT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput + HasCorpus, OT: ObserversTuple, QT: QemuHelperTuple, @@ -268,7 +268,7 @@ where impl<'a, EM, H, OT, QT, S, Z, SP> Executor for QemuForkExecutor<'a, H, OT, QT, S, SP> where EM: EventManager, Z, State = S>, - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput + HasClientPerfMonitor + HasMetadata + HasExecutions, OT: ObserversTuple, QT: QemuHelperTuple, @@ -280,7 +280,7 @@ where fuzzer: &mut Z, state: &mut Self::State, mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { let emu = Emulator::new_empty(); if self.first_exec { @@ -302,7 +302,7 @@ where #[cfg(feature = "fork")] impl<'a, H, OT, QT, S, SP> UsesObservers for QemuForkExecutor<'a, H, OT, QT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, QT: QemuHelperTuple, S: UsesInput, @@ -314,7 +314,7 @@ where #[cfg(feature = "fork")] impl<'a, H, OT, QT, S, SP> UsesState for QemuForkExecutor<'a, H, OT, QT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, OT: ObserversTuple, QT: QemuHelperTuple, S: UsesInput, @@ -326,7 +326,7 @@ where #[cfg(feature = "fork")] impl<'a, H, OT, QT, S, SP> HasObservers for QemuForkExecutor<'a, H, OT, QT, S, SP> where - H: FnMut(&mut S::Input) -> ExitKind, + H: FnMut(&S::Input) -> ExitKind, S: UsesInput, OT: ObserversTuple, QT: QemuHelperTuple, diff --git a/libafl_qemu/src/snapshot.rs b/libafl_qemu/src/snapshot.rs index deecf8775a..530d1a10d7 100644 --- a/libafl_qemu/src/snapshot.rs +++ b/libafl_qemu/src/snapshot.rs @@ -211,7 +211,7 @@ impl QemuSnapshotHelper { { let new_maps = self.new_maps.get_mut().unwrap(); - for acc in &mut self.accesses { + for acc in self.accesses.iter_mut() { unsafe { &mut (*acc.get()) }.dirty.retain(|page| { if let Some(info) = self.pages.get_mut(page) { // TODO avoid duplicated memcpy @@ -251,7 +251,7 @@ impl QemuSnapshotHelper { self.reset_maps(emulator); // This one is after that we remapped potential regions mapped at snapshot time but unmapped during execution - for acc in &mut self.accesses { + for acc in self.accesses.iter_mut() { for page in unsafe { &(*acc.get()).dirty } { for entry in self .maps diff --git a/libafl_sugar/src/inmemory.rs b/libafl_sugar/src/inmemory.rs index 154c697b42..b86310756c 100644 --- a/libafl_sugar/src/inmemory.rs +++ b/libafl_sugar/src/inmemory.rs @@ -193,7 +193,7 @@ where let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); (harness_bytes)(buf); diff --git a/libafl_sugar/src/qemu.rs b/libafl_sugar/src/qemu.rs index 45626bbc14..7f32deefbf 100644 --- a/libafl_sugar/src/qemu.rs +++ b/libafl_sugar/src/qemu.rs @@ -204,7 +204,7 @@ where let mut fuzzer = StdFuzzer::new(scheduler, feedback, objective); // The wrapped harness function, calling out to the LLVM-style harness - let mut harness = |input: &mut BytesInput| { + let mut harness = |input: &BytesInput| { let target = input.target_bytes(); let buf = target.as_slice(); (harness_bytes)(buf); diff --git a/libafl_targets/src/sancov_8bit.rs b/libafl_targets/src/sancov_8bit.rs index 937879807b..1a745bcb96 100644 --- a/libafl_targets/src/sancov_8bit.rs +++ b/libafl_targets/src/sancov_8bit.rs @@ -165,7 +165,7 @@ mod observers { let mut hasher = RandomState::with_seeds(0, 0, 0, 0).build_hasher(); for map in unsafe { &COUNTERS_MAPS } { let slice = map.as_slice(); - let ptr = slice.as_ptr(); + let ptr = slice.as_ptr() as *const u8; let map_size = slice.len() / core::mem::size_of::(); unsafe { hasher.write(from_raw_parts(ptr, map_size)); diff --git a/libafl_targets/src/sancov_pcguard.rs b/libafl_targets/src/sancov_pcguard.rs index 975de65051..41a4e48964 100644 --- a/libafl_targets/src/sancov_pcguard.rs +++ b/libafl_targets/src/sancov_pcguard.rs @@ -22,11 +22,11 @@ pub unsafe extern "C" fn __sanitizer_cov_trace_pc_guard(guard: *mut u32) { { #[cfg(feature = "sancov_pcguard_edges")] { - (EDGES_MAP_PTR).add(pos).write(1); + (EDGES_MAP_PTR as *mut u8).add(pos).write(1); } #[cfg(feature = "sancov_pcguard_hitcounts")] { - let addr = (EDGES_MAP_PTR).add(pos); + let addr = (EDGES_MAP_PTR as *mut u8).add(pos); let val = addr.read().wrapping_add(1); addr.write(val); } diff --git a/libafl_tinyinst/src/executor.rs b/libafl_tinyinst/src/executor.rs index a60e256b0f..ca01384a58 100644 --- a/libafl_tinyinst/src/executor.rs +++ b/libafl_tinyinst/src/executor.rs @@ -54,7 +54,7 @@ where _fuzzer: &mut Z, _state: &mut Self::State, _mgr: &mut EM, - input: &mut Self::Input, + input: &Self::Input, ) -> Result { match &self.map { Some(_) => { diff --git a/utils/gramatron/construct_automata/src/main.rs b/utils/gramatron/construct_automata/src/main.rs index 7a74067845..ff0c7d2df2 100644 --- a/utils/gramatron/construct_automata/src/main.rs +++ b/utils/gramatron/construct_automata/src/main.rs @@ -208,7 +208,7 @@ fn postprocess(pda: &[Transition], stack_limit: usize) -> Automaton { //let mut culled_pda_unique = HashSet::new(); for final_state in &finals { - for transition in pda { + for transition in pda.iter() { if transition.dest == *final_state && transition.stack.len() > 0 { blocklist.insert(transition.dest); } else { @@ -267,7 +267,7 @@ fn postprocess(pda: &[Transition], stack_limit: usize) -> Automaton { } } else { // Running FSA construction in exact approximation mode and postprocessing it like so - for transition in pda { + for transition in pda.iter() { num_transition += 1; let state = transition.source; if state >= memoized.len() {