Small refactoring of nits in #635 (#636)

* fix * more * fmt * fix * fix * fix * fix * fmt * fmt * fix
2022-05-20 14:26:28 +09:00 · 2022-05-20 14:26:28 +09:00 · 5570601fea
commit 5570601fea
parent 4eba9323c5
3 changed files with 21 additions and 10 deletions
--- a/libafl/src/bolts/cli.rs
+++ b/libafl/src/bolts/cli.rs
@ -124,7 +124,7 @@ pub struct FuzzerOptions {
    pub stdout: String,

    /// the name of the configuration to use
-    #[clap(short, long, default_value = "default configuration")]
+    #[clap(long, default_value = "default configuration")]
    pub configuration: String,

    /// enable Address Sanitizer (ASAN)
@ -278,7 +278,7 @@ pub struct FuzzerOptions {
    /// Spawn a client in each of the provided cores. Use 'all' to select all available
    /// cores. 'none' to run a client without binding to any core.
    /// ex: '1,2-4,6' selects the cores 1, 2, 3, 4, and 6.
-    #[clap(long, default_value = "0", parse(try_from_str = Cores::from_cmdline))]
+    #[clap(short = 'c', long, default_value = "0", parse(try_from_str = Cores::from_cmdline))]
    pub cores: Cores,

    /// port on which the broker should listen
--- a/libafl/src/bolts/mod.rs
+++ b/libafl/src/bolts/mod.rs
@ -110,6 +110,23 @@ pub fn current_time() -> time::Duration {
    time::Duration::from_millis(millis)
 }

+/// Given a u64 number, return a hashed number using this mixing function
+/// This function is used to hash an address into a more random number (used in `libafl_frida`).
+/// Mixing function: <http://mostlymangling.blogspot.com/2018/07/on-mixing-functions-in-fast-splittable.html>
+#[inline]
+#[must_use]
+pub fn xxh3_rrmxmx_mixer(v: u64) -> u64 {
+    let tmp = (v >> 32) + ((v & 0xffffffff) << 32);
+    let bitflip = 0x1cad21f72c81017c ^ 0xdb979082e96dd4de;
+    let mut h64 = tmp ^ bitflip;
+    h64 = h64.rotate_left(49) & h64.rotate_left(24);
+    h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
+    h64 ^= (h64 >> 35) + 8;
+    h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
+    h64 ^= h64 >> 28;
+    h64
+}
+
 /// Gets current nanoseconds since [`UNIX_EPOCH`]
 #[must_use]
 #[inline]
--- a/libafl_frida/src/coverage_rt.rs
+++ b/libafl_frida/src/coverage_rt.rs
@ -14,6 +14,7 @@ use frida_gum::instruction_writer::{Aarch64Register, IndexMode};
 use frida_gum::{instruction_writer::InstructionWriter, stalker::StalkerOutput};

 use crate::helper::FridaRuntime;
+use libafl::bolts::xxh3_rrmxmx_mixer;

 /// (Default) map size for frida coverage reporting
 pub const MAP_SIZE: usize = 64 * 1024;
@ -154,14 +155,7 @@ impl CoverageRuntime {
    /// Emits coverage mapping into the current basic block.
    #[inline]
    pub fn emit_coverage_mapping(&mut self, address: u64, output: &StalkerOutput) {
-        let tmp = (address >> 32) + ((address & 0xffffffff) << 32);
-        let bitflip = 0x1cad21f72c81017c ^ 0xdb979082e96dd4de;
-        let mut h64 = tmp ^ bitflip;
-        h64 = h64.rotate_left(49) & h64.rotate_left(24);
-        h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
-        h64 ^= (h64 >> 35) + 8;
-        h64 = h64.wrapping_mul(0x9FB21C651E98DF25);
-        h64 ^= h64 >> 28;
+        let h64 = xxh3_rrmxmx_mixer(address);

        let writer = output.writer();
        #[allow(clippy::cast_possible_wrap)] // gum redzone size is u32, we need an offset as i32.