From c68b3816fb680b635f99c337f78185e699864705 Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Fri, 19 Apr 2024 13:24:25 +0200 Subject: [PATCH] Revert splitting libafl_edges_map_max and libafl_edges_map_in_use (#2079) * fix * aa * push * fix * fmt --- fuzzers/forkserver_libafl_cc/src/main.rs | 4 ++-- fuzzers/fuzzbench_ctx/src/lib.rs | 4 ++-- fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs | 6 +++--- fuzzers/qemu_cmin/src/fuzzer.rs | 6 +++--- libafl_cc/build.rs | 15 +++++---------- libafl_cc/src/cfg.rs | 4 ++-- libafl_cc/src/ctx-pass.cc | 2 +- libafl_qemu/src/edges.rs | 6 +++--- libafl_targets/build.rs | 21 ++++++--------------- libafl_targets/src/coverage.c | 2 +- libafl_targets/src/coverage.rs | 6 +++--- libafl_targets/src/sancov_pcguard.rs | 11 ++++++----- 12 files changed, 37 insertions(+), 50 deletions(-) diff --git a/fuzzers/forkserver_libafl_cc/src/main.rs b/fuzzers/forkserver_libafl_cc/src/main.rs index 0cd37853d2..46b4b58a93 100644 --- a/fuzzers/forkserver_libafl_cc/src/main.rs +++ b/fuzzers/forkserver_libafl_cc/src/main.rs @@ -25,7 +25,7 @@ use libafl_bolts::{ tuples::{tuple_list, MatchName, Merge}, AsMutSlice, Truncate, }; -use libafl_targets::{EDGES_MAP_PTR, EDGES_MAP_SIZE_IN_USE}; +use libafl_targets::{EDGES_MAP_PTR, EDGES_MAP_SIZE}; use nix::sys::signal::Signal; /// The commandline args this fuzzer accepts @@ -86,7 +86,7 @@ struct Opt { #[allow(clippy::similar_names)] pub fn main() { - const MAP_SIZE: usize = EDGES_MAP_SIZE_IN_USE; //65536; + const MAP_SIZE: usize = EDGES_MAP_SIZE; //65536; let opt = Opt::parse(); let corpus_dirs: Vec = [opt.in_dir].to_vec(); diff --git a/fuzzers/fuzzbench_ctx/src/lib.rs b/fuzzers/fuzzbench_ctx/src/lib.rs index 553a0478ce..a2ec8919e9 100644 --- a/fuzzers/fuzzbench_ctx/src/lib.rs +++ b/fuzzers/fuzzbench_ctx/src/lib.rs @@ -55,7 +55,7 @@ use libafl_bolts::{ use libafl_targets::autotokens; use libafl_targets::{ edges_map_mut_ptr, libfuzzer_initialize, libfuzzer_test_one_input, CmpLogObserver, CtxHook, - EDGES_MAP_SIZE_IN_USE, + EDGES_MAP_SIZE, }; #[cfg(unix)] use nix::unistd::dup; @@ -250,7 +250,7 @@ fn fuzz( let edges_observer = HitcountsMapObserver::new(unsafe { StdMapObserver::from_mut_slice( "edges", - OwnedMutSlice::from_raw_parts_mut(edges_map_mut_ptr(), EDGES_MAP_SIZE_IN_USE), + OwnedMutSlice::from_raw_parts_mut(edges_map_mut_ptr(), EDGES_MAP_SIZE), ) }) .track_indices(); diff --git a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs index f69c45c24d..735867f8d4 100644 --- a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs @@ -47,7 +47,7 @@ use libafl_bolts::{ }; use libafl_qemu::{ cmplog::{CmpLogMap, CmpLogObserver, QemuCmpLogChildHelper}, - edges::{QemuEdgeCoverageChildHelper, EDGES_MAP_PTR, EDGES_MAP_SIZE_IN_USE}, + edges::{QemuEdgeCoverageChildHelper, EDGES_MAP_PTR, EDGES_MAP_SIZE}, elf::EasyElf, filter_qemu_args, hooks::QemuHooks, @@ -208,7 +208,7 @@ fn fuzz( let mut shmem_provider = StdShMemProvider::new()?; - let mut edges_shmem = shmem_provider.new_shmem(EDGES_MAP_SIZE_IN_USE).unwrap(); + let mut edges_shmem = shmem_provider.new_shmem(EDGES_MAP_SIZE).unwrap(); let edges = edges_shmem.as_mut_slice(); unsafe { EDGES_MAP_PTR = edges.as_mut_ptr() }; @@ -235,7 +235,7 @@ fn fuzz( // Create an observation channel using the coverage map let edges_observer = unsafe { - HitcountsMapObserver::new(ConstMapObserver::<_, EDGES_MAP_SIZE_IN_USE>::from_mut_ptr( + HitcountsMapObserver::new(ConstMapObserver::<_, EDGES_MAP_SIZE>::from_mut_ptr( "edges", edges.as_mut_ptr(), )) diff --git a/fuzzers/qemu_cmin/src/fuzzer.rs b/fuzzers/qemu_cmin/src/fuzzer.rs index 6ccb40c1cb..ccc0861806 100644 --- a/fuzzers/qemu_cmin/src/fuzzer.rs +++ b/fuzzers/qemu_cmin/src/fuzzer.rs @@ -28,7 +28,7 @@ use libafl_bolts::{ AsMutSlice, AsSlice, }; use libafl_qemu::{ - edges::{QemuEdgeCoverageChildHelper, EDGES_MAP_PTR, EDGES_MAP_SIZE_IN_USE}, + edges::{QemuEdgeCoverageChildHelper, EDGES_MAP_PTR, EDGES_MAP_SIZE}, elf::EasyElf, emu::Emulator, ArchExtras, CallingConvention, GuestAddr, GuestReg, MmapPerms, Qemu, QemuExitReason, @@ -158,12 +158,12 @@ pub fn fuzz() -> Result<(), Error> { }, }; - let mut edges_shmem = shmem_provider.new_shmem(EDGES_MAP_SIZE_IN_USE).unwrap(); + let mut edges_shmem = shmem_provider.new_shmem(EDGES_MAP_SIZE).unwrap(); let edges = edges_shmem.as_mut_slice(); unsafe { EDGES_MAP_PTR = edges.as_mut_ptr() }; let edges_observer = unsafe { - HitcountsMapObserver::new(ConstMapObserver::<_, EDGES_MAP_SIZE_IN_USE>::from_mut_ptr( + HitcountsMapObserver::new(ConstMapObserver::<_, EDGES_MAP_SIZE>::from_mut_ptr( "edges", edges.as_mut_ptr(), )) diff --git a/libafl_cc/build.rs b/libafl_cc/build.rs index 3b63ed86de..b176a4973a 100644 --- a/libafl_cc/build.rs +++ b/libafl_cc/build.rs @@ -238,7 +238,7 @@ fn main() { println!("cargo:rerun-if-env-changed=LLVM_CXXFLAGS"); println!("cargo:rerun-if-env-changed=LLVM_LDFLAGS"); println!("cargo:rerun-if-env-changed=LLVM_VERSION"); - println!("cargo:rerun-if-env-changed=LIBAFL_EDGES_MAP_SIZE_IN_USE"); + println!("cargo:rerun-if-env-changed=LIBAFL_EDGES_MAP_SIZE"); println!("cargo:rerun-if-env-changed=LIBAFL_ACCOUNTING_MAP_SIZE"); println!("cargo:rerun-if-env-changed=LIBAFL_DDG_MAP_SIZE"); println!("cargo:rerun-if-changed=src/common-llvm.h"); @@ -311,13 +311,10 @@ pub const LIBAFL_CC_LLVM_VERSION: Option = None; }; let mut cxxflags: Vec = cxxflags.split_whitespace().map(String::from).collect(); - let edges_map_size_in_use: usize = option_env!("LIBAFL_EDGES_MAP_SIZE_IN_USE") + let edges_map_size: usize = option_env!("LIBAFL_EDGES_MAP_SIZE") .map_or(Ok(65_536), str::parse) - .expect("Could not parse LIBAFL_EDGES_MAP_SIZE_IN_USE"); - let edges_map_size_max: usize = option_env!("LIBAFL_EDGES_MAP_SIZE_MAX") - .map_or(Ok(2_621_440), str::parse) - .expect("Could not parse LIBAFL_EDGES_MAP_SIZE_IN_USE"); - cxxflags.push(format!("-DEDGES_MAP_SIZE_IN_USE={edges_map_size_in_use}")); + .expect("Could not parse LIBAFL_EDGES_MAP_SIZE"); + cxxflags.push(format!("-DEDGES_MAP_SIZE={edges_map_size}")); let acc_map_size: usize = option_env!("LIBAFL_ACCOUNTING_MAP_SIZE") .map_or(Ok(65_536), str::parse) @@ -347,9 +344,7 @@ pub const LIBAFL_CC_LLVM_VERSION: Option = None; pub const CLANGXX_PATH: &str = {clangcpp:?}; /// The default size of the edges map the fuzzer uses - pub const EDGES_MAP_SIZE_IN_USE: usize = {edges_map_size_in_use}; - /// The real allocated size of the edges map - pub const EDGES_MAP_SIZE_MAX: usize = {edges_map_size_max}; + pub const EDGES_MAP_SIZE: usize = {edges_map_size}; /// The size of the accounting maps pub const ACCOUNTING_MAP_SIZE: usize = {acc_map_size}; diff --git a/libafl_cc/src/cfg.rs b/libafl_cc/src/cfg.rs index 9c353ffa52..5cb0176061 100644 --- a/libafl_cc/src/cfg.rs +++ b/libafl_cc/src/cfg.rs @@ -95,9 +95,9 @@ where /// Inserts an edge into CFG. #[must_use] pub fn new() -> Self { - let map_size = option_env!("LIBAFL_EDGES_MAP_SIZE_IN_USE") + let map_size = option_env!("LIBAFL_EDGES_MAP_SIZE") .map_or(Ok(65536), str::parse) - .expect("Could not parse LIBAFL_EDGES_MAP_SIZE_IN_USE"); + .expect("Could not parse LIBAFL_EDGES_MAP_SIZE"); Self { edges: (0..map_size).map(|_| None).collect(), func_to_entry_bb: HashMap::default(), diff --git a/libafl_cc/src/ctx-pass.cc b/libafl_cc/src/ctx-pass.cc index 9f70445e2f..3255331c72 100644 --- a/libafl_cc/src/ctx-pass.cc +++ b/libafl_cc/src/ctx-pass.cc @@ -64,7 +64,7 @@ using namespace llvm; -#define MAP_SIZE EDGES_MAP_SIZE_IN_USE +#define MAP_SIZE EDGES_MAP_SIZE namespace { diff --git a/libafl_qemu/src/edges.rs b/libafl_qemu/src/edges.rs index 1b82d504c0..810258fbb3 100644 --- a/libafl_qemu/src/edges.rs +++ b/libafl_qemu/src/edges.rs @@ -7,7 +7,7 @@ use libafl_qemu_sys::GuestAddr; use libafl_qemu_sys::GuestPhysAddr; pub use libafl_targets::{ edges_map_mut_ptr, edges_map_mut_slice, edges_max_num, std_edges_map_observer, EDGES_MAP, - EDGES_MAP_PTR, EDGES_MAP_PTR_NUM, EDGES_MAP_SIZE_IN_USE, MAX_EDGES_NUM, + EDGES_MAP_PTR, EDGES_MAP_PTR_NUM, EDGES_MAP_SIZE, MAX_EDGES_NUM, }; use serde::{Deserialize, Serialize}; @@ -553,7 +553,7 @@ where match meta.map.entry((src, dest)) { Entry::Occupied(e) => { let id = *e.get(); - let nxt = (id as usize + 1) & (EDGES_MAP_SIZE_IN_USE - 1); + let nxt = (id as usize + 1) & (EDGES_MAP_SIZE - 1); unsafe { MAX_EDGES_NUM = max(MAX_EDGES_NUM, nxt); } @@ -562,7 +562,7 @@ where Entry::Vacant(e) => { let id = meta.current_id; e.insert(id); - meta.current_id = (id + 1) & (EDGES_MAP_SIZE_IN_USE as u64 - 1); + meta.current_id = (id + 1) & (EDGES_MAP_SIZE as u64 - 1); unsafe { MAX_EDGES_NUM = meta.current_id as usize; } diff --git a/libafl_targets/build.rs b/libafl_targets/build.rs index fe82682723..f067940b71 100644 --- a/libafl_targets/build.rs +++ b/libafl_targets/build.rs @@ -2,7 +2,6 @@ use std::{env, fs::File, io::Write, path::Path}; -const TWO_MB: usize = 2_621_440; const SIXTY_FIVE_KB: usize = 65_536; #[rustversion::nightly] @@ -25,12 +24,9 @@ fn main() { let dest_path = Path::new(&out_dir).join("constants.rs"); let mut constants_file = File::create(dest_path).expect("Could not create file"); - let edges_map_size_max: usize = option_env!("LIBAFL_EDGES_MAP_SIZE_MAX") - .map_or(Ok(TWO_MB), str::parse) - .expect("Could not parse LIBAFL_EDGES_MAP_SIZE_MAX"); - let edges_map_size_in_use: usize = option_env!("LIBAFL_EDGES_MAP_SIZE_IN_USE") - .map_or(Ok(TWO_MB), str::parse) - .expect("Could not parse LIBAFL_EDGES_MAP_SIZE_IN_USE"); + let edges_map_size: usize = option_env!("LIBAFL_EDGES_MAP_SIZE") + .map_or(Ok(SIXTY_FIVE_KB), str::parse) + .expect("Could not parse LIBAFL_EDGES_MAP_SIZE"); let cmp_map_size: usize = option_env!("LIBAFL_CMP_MAP_SIZE") .map_or(Ok(SIXTY_FIVE_KB), str::parse) .expect("Could not parse LIBAFL_CMP_MAP_SIZE"); @@ -52,9 +48,7 @@ fn main() { "// These constants are autogenerated by build.rs /// The default size of the edges map the fuzzer uses - pub const EDGES_MAP_SIZE_IN_USE: usize = {edges_map_size_in_use}; - /// The real allocated size of the edges map - pub const EDGES_MAP_SIZE_MAX: usize = {edges_map_size_max}; + pub const EDGES_MAP_SIZE: usize = {edges_map_size}; /// The size of the cmps map pub const CMP_MAP_SIZE: usize = {cmp_map_size}; /// The width of the `CmpLog` map @@ -69,7 +63,7 @@ fn main() { ) .expect("Could not write file"); - println!("cargo:rerun-if-env-changed=LIBAFL_EDGES_MAP_SIZE_IN_USE"); + println!("cargo:rerun-if-env-changed=LIBAFL_EDGES_MAP_SIZE"); println!("cargo:rerun-if-env-changed=LIBAFL_CMP_MAP_SIZE"); println!("cargo:rerun-if-env-changed=LIBAFL_CMPLOG_MAP_W"); println!("cargo:rerun-if-env-changed=LIBAFL_CMPLOG_MAP_H"); @@ -158,10 +152,7 @@ fn main() { cc::Build::new() .file(src_dir.join("coverage.c")) - .define( - "EDGES_MAP_SIZE_MAX", - Some(&*format!("{edges_map_size_max}")), - ) + .define("EDGES_MAP_SIZE", Some(&*format!("{edges_map_size}"))) .define("ACCOUNTING_MAP_SIZE", Some(&*format!("{acc_map_size}"))) .define("DDG_MAP_SIZE", Some(&*format!("{ddg_map_size}"))) .compile("coverage"); diff --git a/libafl_targets/src/coverage.c b/libafl_targets/src/coverage.c index 727d5e1567..a0175739bf 100644 --- a/libafl_targets/src/coverage.c +++ b/libafl_targets/src/coverage.c @@ -8,7 +8,7 @@ typedef uint32_t prev_loc_t; /* Maximum K for top-K context sensitivity */ #define CTX_MAX_K 32U -extern uint8_t __afl_area_ptr_local[EDGES_MAP_SIZE_MAX]; +extern uint8_t __afl_area_ptr_local[EDGES_MAP_SIZE]; uint8_t *__afl_area_ptr = __afl_area_ptr_local; extern uint8_t __ddg_area_ptr_local[DDG_MAP_SIZE]; diff --git a/libafl_targets/src/coverage.rs b/libafl_targets/src/coverage.rs index 28fa7c1823..152997f5cd 100644 --- a/libafl_targets/src/coverage.rs +++ b/libafl_targets/src/coverage.rs @@ -5,11 +5,11 @@ use alloc::string::String; #[cfg(any(target_os = "linux", target_vendor = "apple"))] use libafl::{mutators::Tokens, Error}; -use crate::{ACCOUNTING_MAP_SIZE, DDG_MAP_SIZE, EDGES_MAP_SIZE_IN_USE, EDGES_MAP_SIZE_MAX}; +use crate::{ACCOUNTING_MAP_SIZE, DDG_MAP_SIZE, EDGES_MAP_SIZE}; /// The map for edges. #[no_mangle] -pub static mut __afl_area_ptr_local: [u8; EDGES_MAP_SIZE_MAX] = [0; EDGES_MAP_SIZE_MAX]; +pub static mut __afl_area_ptr_local: [u8; EDGES_MAP_SIZE] = [0; EDGES_MAP_SIZE]; pub use __afl_area_ptr_local as EDGES_MAP; /// The map for data dependency @@ -62,7 +62,7 @@ pub fn autotokens() -> Result { /// The size of the map for edges. #[no_mangle] -pub static mut __afl_map_size: usize = EDGES_MAP_SIZE_IN_USE; +pub static mut __afl_map_size: usize = EDGES_MAP_SIZE; pub use __afl_map_size as EDGES_MAP_PTR_NUM; use libafl::observers::StdMapObserver; use libafl_bolts::ownedref::OwnedMutSlice; diff --git a/libafl_targets/src/sancov_pcguard.rs b/libafl_targets/src/sancov_pcguard.rs index e27cc1abc0..8cfcb7e4d9 100644 --- a/libafl_targets/src/sancov_pcguard.rs +++ b/libafl_targets/src/sancov_pcguard.rs @@ -14,13 +14,14 @@ use libafl::executors::{hooks::ExecutorHook, HasObservers}; feature = "sancov_pcguard_hitcounts", feature = "sancov_ctx", feature = "sancov_ngram4", + feature = "sancov_ngram8", ))] use crate::coverage::EDGES_MAP; use crate::coverage::MAX_EDGES_NUM; #[cfg(feature = "pointer_maps")] use crate::coverage::{EDGES_MAP_PTR, EDGES_MAP_PTR_NUM}; #[cfg(feature = "sancov_ngram4")] -use crate::EDGES_MAP_SIZE_IN_USE; +use crate::EDGES_MAP_SIZE; #[cfg(all(feature = "sancov_pcguard_edges", feature = "sancov_pcguard_hitcounts"))] #[cfg(not(any(doc, feature = "clippy")))] @@ -189,7 +190,7 @@ unsafe fn update_ngram(pos: usize) -> usize { PREV_ARRAY_8.as_mut_array()[0] = pos as u32; reduced = PREV_ARRAY_8.reduce_xor() as usize; } - reduced %= EDGES_MAP_SIZE_IN_USE; + reduced %= EDGES_MAP_SIZE; reduced } @@ -218,13 +219,13 @@ pub unsafe extern "C" fn __sanitizer_cov_trace_pc_guard(guard: *mut u32) { #[cfg(any(feature = "sancov_ngram4", feature = "sancov_ngram8"))] { pos = update_ngram(pos); - // println!("Wrinting to {} {}", pos, EDGES_MAP_SIZE_IN_USE); + // println!("Wrinting to {} {}", pos, EDGES_MAP_SIZE); } #[cfg(feature = "sancov_ctx")] { pos ^= __afl_prev_ctx as usize; - // println!("Wrinting to {} {}", pos, EDGES_MAP_SIZE_IN_USE); + // println!("Wrinting to {} {}", pos, EDGES_MAP_SIZE); } #[cfg(feature = "pointer_maps")] @@ -281,7 +282,7 @@ pub unsafe extern "C" fn __sanitizer_cov_trace_pc_guard_init(mut start: *mut u32 #[cfg(not(feature = "pointer_maps"))] { MAX_EDGES_NUM = MAX_EDGES_NUM.wrapping_add(1); - assert!((MAX_EDGES_NUM <= EDGES_MAP.len()), "The number of edges reported by SanitizerCoverage exceed the size of the edges map ({}). Use the LIBAFL_EDGES_MAP_SIZE_IN_USE env to increase it at compile time.", EDGES_MAP.len()); + assert!((MAX_EDGES_NUM <= EDGES_MAP.len()), "The number of edges reported by SanitizerCoverage exceed the size of the edges map ({}). Use the LIBAFL_EDGES_MAP_SIZE env to increase it at compile time.", EDGES_MAP.len()); } } }