SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to 0.11.1

Browse Source
This commit is contained in:
Alwin Berger 2023-09-05 15:33:42 +02:00
parent 92da68af6f
commit 6dafc4f9d6
11 changed files with 54 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
fuzzers/FRET/Cargo.toml
View File

@ -33,6 +33,7 @@ debug = true
[dependencies]
libafl = { path = "../../libafl/" }
libafl_bolts = { path = "../../libafl_bolts/" }
libafl_qemu = { path = "../../libafl_qemu/", features = ["arm", "systemmode"] }
serde = { version = "1.0", default-features = false, features = ["alloc"] } # serialization lib
hashbrown = { version = "0.12", features = ["serde", "ahash-compile-time-rng"] } # A faster hashmap, nostd compatible

16
fuzzers/FRET/src/clock.rs
View File

@ -1,21 +1,22 @@
use hashbrown::{hash_map::Entry, HashMap};
use libafl_bolts::{
current_nanos,
rands::StdRand,
tuples::{tuple_list,MatchName},
impl_serdeany,
Named,
};
use libafl::{
bolts::{
current_nanos,
rands::StdRand,
tuples::{tuple_list},
},
executors::{ExitKind},
fuzzer::{StdFuzzer},
inputs::{BytesInput, HasTargetBytes},
observers::{Observer,VariableMapObserver},
state::{StdState, HasNamedMetadata},
Error,
observers::ObserversTuple, prelude::UsesInput, impl_serdeany,
observers::ObserversTuple, prelude::UsesInput,
};
use serde::{Deserialize, Serialize};
use std::{cell::UnsafeCell, cmp::max, env, fs::OpenOptions, io::Write, time::Instant};
use libafl::bolts::tuples::Named;
use libafl_qemu::{
emu,
@ -33,7 +34,6 @@ use libafl::corpus::testcase::Testcase;
use core::{fmt::Debug, time::Duration};
// use libafl::feedbacks::FeedbackState;
// use libafl::state::HasFeedbackStates;
use libafl::bolts::tuples::MatchName;
use std::time::{SystemTime, UNIX_EPOCH};
pub static mut FUZZ_START_TIMESTAMP : SystemTime = UNIX_EPOCH;

21
fuzzers/FRET/src/fuzzer.rs
View File

@ -3,18 +3,19 @@
use core::time::Duration;
use std::{env, path::PathBuf, process::{self, abort}, io::{Read, Write}, fs::{self, OpenOptions}, cmp::{min, max}, mem::transmute_copy, collections::btree_map::Range, ptr::addr_of_mut};
use libafl_bolts::{
core_affinity::Cores,
current_nanos,
rands::StdRand,
shmem::{ShMemProvider, StdShMemProvider},
tuples::tuple_list,
AsSlice,
AsMutSlice
};
use libafl::{
bolts::{
core_affinity::Cores,
current_nanos,
launcher::Launcher,
rands::StdRand,
shmem::{ShMemProvider, StdShMemProvider},
tuples::tuple_list,
AsSlice,
},
corpus::{Corpus, InMemoryCorpus, OnDiskCorpus},
events::EventConfig,
events::launcher::Launcher,
executors::{ExitKind, TimeoutExecutor},
feedback_or,
feedback_or_fast,
@ -26,7 +27,7 @@ use libafl::{
schedulers::{IndexesLenTimeMinimizerScheduler, QueueScheduler},
state::{HasCorpus, StdState, HasMetadata, HasNamedMetadata},
Error,
prelude::{SimpleMonitor, SimpleEventManager, AsMutSlice, RandBytesGenerator, Generator, SimpleRestartingEventManager, HasBytesVec, minimizer::TopRatedsMetadata, havoc_mutations, StdScheduledMutator, HitcountsMapObserver, CorpusId}, Evaluator, stages::StdMutationalStage,
prelude::{SimpleMonitor, SimpleEventManager, RandBytesGenerator, Generator, SimpleRestartingEventManager, HasBytesVec, minimizer::TopRatedsMetadata, havoc_mutations, StdScheduledMutator, HitcountsMapObserver, CorpusId}, Evaluator, stages::StdMutationalStage,
};
use libafl_qemu::{
edges::{self, edges_map_mut_slice, MAX_EDGES_NUM}, edges::QemuEdgeCoverageHelper, elf::EasyElf, emu::Emulator, GuestPhysAddr, QemuExecutor,

7
fuzzers/FRET/src/mutational.rs
View File

@ -4,15 +4,18 @@
use core::marker::PhantomData;
use std::cmp::{max, min};
use libafl_bolts::rands::{
StdRand, RandomSeed,
Rand
};
use libafl::{
bolts::rands::Rand,
corpus::{Corpus, self},
fuzzer::Evaluator,
mark_feature_time,
stages::{Stage},
start_timer,
state::{HasClientPerfMonitor, HasCorpus, HasRand, UsesState, HasMetadata},
Error, prelude::{HasBytesVec, UsesInput, new_hash_feedback, StdRand, RandomSeed, MutationResult, Mutator, CorpusId},
Error, prelude::{HasBytesVec, UsesInput, new_hash_feedback, MutationResult, Mutator, CorpusId},
};
use crate::{systemstate::{FreeRTOSSystemStateMetadata, RefinedFreeRTOSSystemState}, fuzzer::DO_NUM_INTERRUPT, clock::IcHist};

6
fuzzers/FRET/src/systemstate/feedbacks.rs
View File

@ -1,19 +1,19 @@
use libafl::SerdeAny;
use libafl::bolts::ownedref::OwnedSlice;
use libafl_bolts::ownedref::OwnedSlice;
use libafl::inputs::BytesInput;
use libafl::prelude::UsesInput;
use libafl::state::HasNamedMetadata;
use std::path::PathBuf;
use crate::clock::QemuClockObserver;
use libafl::corpus::Testcase;
use libafl::bolts::tuples::MatchName;
use libafl_bolts::tuples::MatchName;
use std::collections::hash_map::DefaultHasher;
use std::hash::Hasher;
use std::hash::Hash;
use libafl::events::EventFirer;
use libafl::state::HasClientPerfMonitor;
use libafl::feedbacks::Feedback;
use libafl::bolts::tuples::Named;
use libafl_bolts::Named;
use libafl::Error;
use hashbrown::HashMap;
use libafl::{executors::ExitKind, inputs::Input, observers::ObserversTuple, state::HasMetadata};

18
fuzzers/FRET/src/systemstate/graph.rs
View File

@ -2,8 +2,8 @@
use libafl::SerdeAny;
/// Feedbacks organizing SystemStates as a graph
use libafl::inputs::HasBytesVec;
use libafl::bolts::rands::RandomSeed;
use libafl::bolts::rands::StdRand;
use libafl_bolts::rands::RandomSeed;
use libafl_bolts::rands::StdRand;
use libafl::mutators::Mutator;
use libafl::mutators::MutationResult;
use libafl::prelude::HasTargetBytes;
@ -16,21 +16,21 @@ use libafl::state::HasSolutions;
use libafl::state::HasRand;
use crate::worst::MaxExecsLenFavFactor;
use libafl::schedulers::MinimizerScheduler;
use libafl::bolts::HasRefCnt;
use libafl::bolts::AsSlice;
use libafl::bolts::ownedref::OwnedSlice;
use libafl_bolts::HasRefCnt;
use libafl_bolts::AsSlice;
use libafl_bolts::ownedref::OwnedSlice;
use libafl::inputs::BytesInput;
use std::path::PathBuf;
use crate::clock::QemuClockObserver;
use libafl::corpus::Testcase;
use libafl::bolts::tuples::MatchName;
use libafl_bolts::tuples::MatchName;
use std::collections::hash_map::DefaultHasher;
use std::hash::Hasher;
use std::hash::Hash;
use libafl::events::EventFirer;
use libafl::state::HasClientPerfMonitor;
use libafl::feedbacks::Feedback;
use libafl::bolts::tuples::Named;
use libafl_bolts::Named;
use libafl::Error;
use hashbrown::HashMap;
use libafl::{executors::ExitKind, inputs::Input, observers::ObserversTuple, state::HasMetadata};
@ -44,7 +44,7 @@ use petgraph::graph::NodeIndex;
use petgraph::Direction;
use std::cmp::Ordering;
use libafl::bolts::rands::Rand;
use libafl_bolts::rands::Rand;
//============================= Data Structures
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, Default)]
@ -148,7 +148,7 @@ impl HasRefCnt for SysGraphMetadata {
}
}
libafl::impl_serdeany!(SysGraphMetadata);
libafl_bolts::impl_serdeany!(SysGraphMetadata);
pub type GraphMaximizerCorpusScheduler<CS> =
MinimizerScheduler<CS, MaxExecsLenFavFactor<<CS as UsesState>::State>,SysGraphMetadata>;

6
fuzzers/FRET/src/systemstate/mod.rs
View File

@ -1,7 +1,7 @@
//! systemstate referes to the State of a FreeRTOS fuzzing target
use std::collections::hash_map::DefaultHasher;
use libafl::bolts::HasRefCnt;
use libafl::bolts::AsSlice;
use libafl_bolts::HasRefCnt;
use libafl_bolts::AsSlice;
use std::hash::Hasher;
use std::hash::Hash;
use hashbrown::HashMap;
@ -164,4 +164,4 @@ impl HasRefCnt for FreeRTOSSystemStateMetadata {
}
}
libafl::impl_serdeany!(FreeRTOSSystemStateMetadata);
libafl_bolts::impl_serdeany!(FreeRTOSSystemStateMetadata);

7
fuzzers/FRET/src/systemstate/observers.rs
View File

@ -1,8 +1,9 @@
// use crate::systemstate::IRQ_INPUT_BYTES_NUMBER;
use libafl::prelude::{ExitKind, AsSlice};
use libafl::prelude::ExitKind;
use libafl::{inputs::HasTargetBytes, prelude::UsesInput};
use libafl::bolts::HasLen;
use libafl::bolts::tuples::Named;
use libafl_bolts::HasLen;
use libafl_bolts::Named;
use libafl_bolts::AsSlice;
use libafl::Error;
use libafl::observers::Observer;
use hashbrown::HashMap;

4
fuzzers/FRET/src/systemstate/schedulers.rs
View File

@ -6,13 +6,13 @@ use std::{cmp::{max, min}, mem::swap, borrow::BorrowMut};
use serde::{Deserialize, Serialize};
use libafl_bolts::{rands::Rand, serdeany::SerdeAny, AsSlice, HasRefCnt, HasLen};
use libafl::{
bolts::{rands::Rand, serdeany::SerdeAny, AsSlice, HasRefCnt},
corpus::{Corpus, Testcase},
inputs::UsesInput,
schedulers::{Scheduler, TestcaseScore, minimizer::DEFAULT_SKIP_NON_FAVORED_PROB },
state::{HasCorpus, HasMetadata, HasRand, UsesState, State},
Error, SerdeAny, prelude::{HasLen, CorpusId},
Error, SerdeAny, prelude::CorpusId,
};

11
fuzzers/FRET/src/worst.rs
View File

@ -4,7 +4,7 @@ use libafl::inputs::BytesInput;
use libafl::inputs::HasTargetBytes;
use libafl::feedbacks::MapIndexesMetadata;
use libafl::corpus::Testcase;
use libafl::prelude::{UsesInput, AsSlice};
use libafl::prelude::{UsesInput};
use core::marker::PhantomData;
use libafl::schedulers::{MinimizerScheduler, TestcaseScore};
use std::path::PathBuf;
@ -22,11 +22,12 @@ use libafl::observers::MapObserver;
use serde::{Deserialize, Serialize};
use std::cmp;
use libafl_bolts::{
Named,
HasLen,
AsSlice,
};
use libafl::{
bolts::{
tuples::Named,
HasLen,
},
observers::Observer,
Error,
};

4
libafl/src/fuzzer/mod.rs
View File

@ -261,7 +261,7 @@ where
while std::time::Instant::now().duration_since(starttime) < time {
ret = Some(self.fuzz_one(stages, executor, state, manager)?);
last = manager.maybe_report_progress(state, last, monitor_timeout)?;
manager.maybe_report_progress(state, monitor_timeout)?;
}
// If we would assume the fuzzer loop will always exit after this, we could do this here:
@ -295,7 +295,7 @@ where
while std::time::Instant::now() < time {
ret = Some(self.fuzz_one(stages, executor, state, manager)?);
last = manager.maybe_report_progress(state, last, monitor_timeout)?;
manager.maybe_report_progress(state, monitor_timeout)?;
}
// If we would assume the fuzzer loop will always exit after this, we could do this here: