linpng example compiles

afl/src/engines/mod.rs

@@ -89,7 +89,8 @@ where
                 println!("Loading file {:?} ...", &path);
                 let bytes = std::fs::read(&path)?;
                 let input = BytesInput::new(bytes);
-                let fitness = self.evaluate_input(&input, engine.executor_mut(), corpus, manager)?;
+                let fitness =
+                    self.evaluate_input(&input, engine.executor_mut(), corpus, manager)?;
                 if self.add_if_interesting(corpus, input, fitness)?.is_none() {
                     println!("File {:?} was not interesting, skipped.", &path);
                 }

afl/src/executors/inmemory.rs

@@ -1,5 +1,5 @@
-use os_signals::set_oncrash_ptrs;
 use core::marker::PhantomData;
+use os_signals::set_oncrash_ptrs;
 
 use crate::{
     corpus::Corpus,
@@ -45,27 +45,22 @@ where
     I: Input + HasTargetBytes,
     OT: ObserversTuple,
 {
-    
     fn pre_exec<R, FT, C, EM>(
         &mut self,
         state: &State<I, R, FT>,
         corpus: &C,
         event_mgr: &mut EM,
         input: &I,
-    ) -> Result<(), AflError> where
+    ) -> Result<(), AflError>
-        R: Rand ,
+    where
+        R: Rand,
         FT: FeedbacksTuple<I>,
         C: Corpus<I, R>,
         EM: EventManager<I>,
-        {
+    {
-      #[cfg(unix)]
+        #[cfg(unix)]
         unsafe {
-            set_oncrash_ptrs::<EM, C, OT, FT, I, R>(
+            set_oncrash_ptrs::<EM, C, OT, FT, I, R>(state, corpus, event_mgr, input);
-                state,
-                corpus,
-                event_mgr,
-                input,
-            );
         }
         Ok(())
     }
@@ -76,11 +71,13 @@ where
         _corpus: &C,
         _event_mgr: &mut EM,
         _input: &I,
-    ) -> Result<(), AflError> where
+    ) -> Result<(), AflError>
-        R: Rand ,
+    where
+        R: Rand,
         FT: FeedbacksTuple<I>,
         C: Corpus<I, R>,
-        EM: EventManager<I>, {
+        EM: EventManager<I>,
+    {
         #[cfg(unix)]
         unsafe {
             reset_oncrash_ptrs::<EM, C, OT, FT, I, R>();
@@ -89,10 +86,7 @@ where
     }
 
     #[inline]
-    fn run_target(
+    fn run_target(&mut self, input: &I) -> Result<ExitKind, AflError> {
-        &mut self,
-        input: &I,
-    ) -> Result<ExitKind, AflError> {
         let bytes = input.target_bytes();
         let ret = (self.harness_fn)(self, bytes.as_slice());
         Ok(ret)
@@ -145,11 +139,13 @@ where
         _state: &State<I, R, FT>,
         _corpus: &C,
         _event_mgr: &mut EM,
-    ) -> Self where
+    ) -> Self
-        R: Rand ,
+    where
+        R: Rand,
         FT: FeedbacksTuple<I>,
         C: Corpus<I, R>,
-        EM: EventManager<I>, {
+        EM: EventManager<I>,
+    {
         #[cfg(feature = "std")]
         unsafe {
             setup_crash_handlers::<EM, C, OT, FT, I, R>();
@@ -159,7 +155,7 @@ where
             harness_fn,
             observers,
             name,
-            phantom: PhantomData
+            phantom: PhantomData,
         }
     }
 }
@@ -203,13 +199,8 @@ pub mod unix_signals {
     };
 
     use crate::{
-        corpus::Corpus,
+        corpus::Corpus, engines::State, events::EventManager, feedbacks::FeedbacksTuple,
-        engines::State,
+        inputs::Input, observers::ObserversTuple, utils::Rand,
-        events::EventManager,
-        feedbacks::FeedbacksTuple,
-        inputs::Input,
-        observers::ObserversTuple,
-        utils::Rand,
     };
 
     /// Pointers to values only needed on crash. As the program will not continue after a crash,

afl/src/executors/mod.rs

@@ -6,14 +6,14 @@ pub mod runtime;
 use core::marker::PhantomData;
 
 use crate::{
-    engines::State,
     corpus::Corpus,
-    feedbacks::FeedbacksTuple,
+    engines::State,
     events::EventManager,
-    utils::Rand,
+    feedbacks::FeedbacksTuple,
     inputs::{HasTargetBytes, Input},
     observers::ObserversTuple,
     tuples::{MatchNameAndType, MatchType, Named, TupleList},
+    utils::Rand,
     AflError,
 };
 
@@ -84,11 +84,15 @@ where
         _corpus: &C,
         _event_mgr: &mut EM,
         _input: &I,
-    ) -> Result<(), AflError> where
+    ) -> Result<(), AflError>
-        R: Rand ,
+    where
+        R: Rand,
         FT: FeedbacksTuple<I>,
         C: Corpus<I, R>,
-        EM: EventManager<I>, { Ok(()) }
+        EM: EventManager<I>,
+    {
+        Ok(())
+    }
 
     fn post_exec<R, FT, C, EM>(
         &mut self,
@@ -96,18 +100,18 @@ where
         _corpus: &C,
         _event_mgr: &mut EM,
         _input: &I,
-    ) -> Result<(), AflError> where
+    ) -> Result<(), AflError>
-        R: Rand ,
+    where
+        R: Rand,
         FT: FeedbacksTuple<I>,
         C: Corpus<I, R>,
-        EM: EventManager<I>, { Ok(()) }
+        EM: EventManager<I>,
+    {
+        Ok(())
+    }
 
     /// Instruct the target about the input and run
-    fn run_target(
+    fn run_target(&mut self, input: &I) -> Result<ExitKind, AflError>;
-        &mut self,
-        input: &I
-    ) -> Result<ExitKind, AflError>;
-    
 }
 
 pub trait ExecutorsTuple<I>: MatchType + MatchNameAndType

afl/src/stages/mutational.rs

@@ -61,7 +61,8 @@ where
             self.mutator_mut()
                 .mutate(rand, corpus, &mut input_mut, i as i32)?;
 
-            let fitness = state.evaluate_input(&input_mut, engine.executor_mut(), corpus, manager)?;
+            let fitness =
+                state.evaluate_input(&input_mut, engine.executor_mut(), corpus, manager)?;
 
             self.mutator_mut()
                 .post_exec(fitness, &input_mut, i as i32)?;

fuzzers/libfuzzer_libpng/src/mod.rs

@@ -16,7 +16,7 @@ use afl::{
     executors::{inmemory::InMemoryExecutor, Executor, ExitKind},
     feedbacks::MaxMapFeedback,
     generators::RandPrintablesGenerator,
-    inputs::BytesInput,
+    inputs::{BytesInput, Input},
     mutators::{scheduled::HavocBytesMutator, HasMaxSize},
     observers::StdMapObserver,
     stages::mutational::StdMutationalStage,
@@ -48,7 +48,11 @@ extern "C" {
 }
 
 /// The wrapped harness function, calling out to the llvm-style libfuzzer harness
-fn harness<I>(_executor: &dyn Executor<I>, buf: &[u8]) -> ExitKind {
+fn harness<E, I>(_executor: &E, buf: &[u8]) -> ExitKind
+where
+    E: Executor<I>,
+    I: Input,
+{
     unsafe {
         LLVMFuzzerTestOneInput(buf.as_ptr(), buf.len());
     }
@@ -208,12 +212,8 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
     // We reset the sender, the next sender and receiver (after crash) will reuse the page from the initial message.
     unsafe { sender.reset_last_page() };
 
-    // Create the engine
+    /*
-    let executor = InMemoryExecutor::<_, _, _, LlmpEventManager<_, _, _>, _, _>::new(
+    move |exit_kind, input, state, corpus, mgr| {
-        "Libfuzzer",
-        harness,
-        tuple_list!(edges_observer),
-        Box::new(move |exit_kind, input, state, corpus, mgr| {
             match exit_kind {
                 ExitKind::Timeout => mgr.timeout(input).expect(&format!(
                     "Error sending Timeout event for input {:?}",
@@ -228,7 +228,14 @@ fn fuzz(input: Option<Vec<PathBuf>>, broker_port: u16) -> Result<(), AflError> {
             let state_corpus_serialized = serialize_state_corpus_mgr(state, corpus, mgr).unwrap();
             println!("bar: {:?}", &state_corpus_serialized);
             sender.send_buf(0x1, &state_corpus_serialized).unwrap();
-        }),
+        }
+    */
+
+    // Create the engine
+    let executor = InMemoryExecutor::new(
+        "Libfuzzer",
+        harness,
+        tuple_list!(edges_observer),
         &state,
         &corpus,
         &mut mgr,