diff --git a/fuzzers/forkserver_libafl_cc/src/main.rs b/fuzzers/forkserver_libafl_cc/src/main.rs index 58b1308876..ecb8a84424 100644 --- a/fuzzers/forkserver_libafl_cc/src/main.rs +++ b/fuzzers/forkserver_libafl_cc/src/main.rs @@ -190,7 +190,7 @@ pub fn main() { .expect("Failed to create the executor."); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &corpus_dirs) .unwrap_or_else(|err| { diff --git a/fuzzers/forkserver_simple/src/main.rs b/fuzzers/forkserver_simple/src/main.rs index 91cd4439a0..81ff15847c 100644 --- a/fuzzers/forkserver_simple/src/main.rs +++ b/fuzzers/forkserver_simple/src/main.rs @@ -190,7 +190,7 @@ pub fn main() { .expect("Failed to create the executor."); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &corpus_dirs) .unwrap_or_else(|err| { diff --git a/fuzzers/frida_gdiplus/src/fuzzer.rs b/fuzzers/frida_gdiplus/src/fuzzer.rs index 9011c9586a..a9f65693ae 100644 --- a/fuzzers/frida_gdiplus/src/fuzzer.rs +++ b/fuzzers/frida_gdiplus/src/fuzzer.rs @@ -198,7 +198,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &options.input) .unwrap_or_else(|_| { @@ -313,7 +313,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &options.input) .unwrap_or_else(|_| { @@ -443,7 +443,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &options.input) .unwrap_or_else(|_| { diff --git a/fuzzers/frida_libpng/src/fuzzer.rs b/fuzzers/frida_libpng/src/fuzzer.rs index 1b1b21d640..bd862c3b03 100644 --- a/fuzzers/frida_libpng/src/fuzzer.rs +++ b/fuzzers/frida_libpng/src/fuzzer.rs @@ -196,7 +196,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &options.input) .unwrap_or_else(|_| { @@ -311,7 +311,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &options.input) .unwrap_or_else(|_| { @@ -441,7 +441,7 @@ unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> { ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &options.input) .unwrap_or_else(|_| { diff --git a/fuzzers/fuzzbench/src/lib.rs b/fuzzers/fuzzbench/src/lib.rs index 6dcb8ca13e..a9b40f1bec 100644 --- a/fuzzers/fuzzbench/src/lib.rs +++ b/fuzzers/fuzzbench/src/lib.rs @@ -369,7 +369,7 @@ fn fuzz( } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &[seed_dir.clone()]) .unwrap_or_else(|_| { diff --git a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs index 22b8ded7e8..ba690c321f 100644 --- a/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_fork_qemu/src/fuzzer.rs @@ -356,7 +356,7 @@ fn fuzz( } } - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &[seed_dir.clone()]) .unwrap_or_else(|_| { diff --git a/fuzzers/fuzzbench_qemu/src/fuzzer.rs b/fuzzers/fuzzbench_qemu/src/fuzzer.rs index 636293fcf5..037065315f 100644 --- a/fuzzers/fuzzbench_qemu/src/fuzzer.rs +++ b/fuzzers/fuzzbench_qemu/src/fuzzer.rs @@ -371,7 +371,7 @@ fn fuzz( } } - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &[seed_dir.clone()]) .unwrap_or_else(|_| { diff --git a/fuzzers/fuzzbench_text/src/lib.rs b/fuzzers/fuzzbench_text/src/lib.rs index 92c2ba5ecb..89becb7d05 100644 --- a/fuzzers/fuzzbench_text/src/lib.rs +++ b/fuzzers/fuzzbench_text/src/lib.rs @@ -430,7 +430,7 @@ fn fuzz_binary( } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &[seed_dir.clone()]) .unwrap_or_else(|_| { @@ -647,7 +647,7 @@ fn fuzz_text( } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &[seed_dir.clone()]) .unwrap_or_else(|_| { diff --git a/fuzzers/libafl_atheris/src/lib.rs b/fuzzers/libafl_atheris/src/lib.rs index 950daebe88..2fc250793b 100644 --- a/fuzzers/libafl_atheris/src/lib.rs +++ b/fuzzers/libafl_atheris/src/lib.rs @@ -318,7 +318,7 @@ pub fn LLVMFuzzerRunDriver( let mut stages = tuple_list!(tracing, i2s, mutational); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { if input_dirs.is_empty() { // Generator of printable bytearrays of max size 32 let mut generator = RandBytesGenerator::new(32); diff --git a/fuzzers/libfuzzer_libmozjpeg/src/lib.rs b/fuzzers/libfuzzer_libmozjpeg/src/lib.rs index 878a19800c..b072091d94 100644 --- a/fuzzers/libfuzzer_libmozjpeg/src/lib.rs +++ b/fuzzers/libfuzzer_libmozjpeg/src/lib.rs @@ -157,7 +157,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &corpus_dirs)); diff --git a/fuzzers/libfuzzer_libpng/src/lib.rs b/fuzzers/libfuzzer_libpng/src/lib.rs index c171c08aee..5a74b41562 100644 --- a/fuzzers/libfuzzer_libpng/src/lib.rs +++ b/fuzzers/libfuzzer_libpng/src/lib.rs @@ -191,7 +191,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &corpus_dirs)); diff --git a/fuzzers/libfuzzer_libpng_accounting/src/lib.rs b/fuzzers/libfuzzer_libpng_accounting/src/lib.rs index f8570f66e6..34e09bb476 100644 --- a/fuzzers/libfuzzer_libpng_accounting/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_accounting/src/lib.rs @@ -226,7 +226,7 @@ pub fn libafl_main() { } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, &opt.input) .unwrap_or_else(|e| { diff --git a/fuzzers/libfuzzer_libpng_cmin/src/lib.rs b/fuzzers/libfuzzer_libpng_cmin/src/lib.rs index 9a411ec85f..9ae74a66a8 100644 --- a/fuzzers/libfuzzer_libpng_cmin/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_cmin/src/lib.rs @@ -190,7 +190,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &corpus_dirs)); diff --git a/fuzzers/libfuzzer_libpng_ctx/src/lib.rs b/fuzzers/libfuzzer_libpng_ctx/src/lib.rs index a173a0dac3..ad9f483e01 100644 --- a/fuzzers/libfuzzer_libpng_ctx/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_ctx/src/lib.rs @@ -217,7 +217,7 @@ pub fn libafl_main() { } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, &opt.input) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &opt.input)); diff --git a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs index a47746e8b6..64e0bdaf5b 100644 --- a/fuzzers/libfuzzer_libpng_launcher/src/lib.rs +++ b/fuzzers/libfuzzer_libpng_launcher/src/lib.rs @@ -222,7 +222,7 @@ pub fn libafl_main() { } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, &opt.input) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &opt.input)); diff --git a/fuzzers/libfuzzer_reachability/src/lib.rs b/fuzzers/libfuzzer_reachability/src/lib.rs index a9684635eb..ad6d049605 100644 --- a/fuzzers/libfuzzer_reachability/src/lib.rs +++ b/fuzzers/libfuzzer_reachability/src/lib.rs @@ -136,7 +136,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", corpus_dirs)); diff --git a/fuzzers/libfuzzer_stb_image/src/main.rs b/fuzzers/libfuzzer_stb_image/src/main.rs index 649f8dd086..34626e1d38 100644 --- a/fuzzers/libfuzzer_stb_image/src/main.rs +++ b/fuzzers/libfuzzer_stb_image/src/main.rs @@ -142,7 +142,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", corpus_dirs)); diff --git a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs index 21d662505d..5ce433c7b1 100644 --- a/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs +++ b/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs @@ -179,7 +179,7 @@ fn fuzz( } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {corpus_dirs:?}")); diff --git a/fuzzers/libfuzzer_windows_asan/src/lib.rs b/fuzzers/libfuzzer_windows_asan/src/lib.rs index 3445950cbd..70a4bb8aac 100644 --- a/fuzzers/libfuzzer_windows_asan/src/lib.rs +++ b/fuzzers/libfuzzer_windows_asan/src/lib.rs @@ -154,7 +154,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &corpus_dirs)); diff --git a/fuzzers/qemu_arm_launcher/src/fuzzer.rs b/fuzzers/qemu_arm_launcher/src/fuzzer.rs index 1f175bb83f..7b679778e3 100644 --- a/fuzzers/qemu_arm_launcher/src/fuzzer.rs +++ b/fuzzers/qemu_arm_launcher/src/fuzzer.rs @@ -195,7 +195,7 @@ pub fn fuzz() { // Wrap the executor to keep track of the timeout let mut executor = TimeoutExecutor::new(executor, timeout); - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &corpus_dirs) .unwrap_or_else(|_| { diff --git a/fuzzers/qemu_launcher/src/fuzzer.rs b/fuzzers/qemu_launcher/src/fuzzer.rs index 5871b59a47..d63e46dd75 100644 --- a/fuzzers/qemu_launcher/src/fuzzer.rs +++ b/fuzzers/qemu_launcher/src/fuzzer.rs @@ -176,7 +176,7 @@ pub fn fuzz() { // Wrap the executor to keep track of the timeout let mut executor = TimeoutExecutor::new(executor, timeout); - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &corpus_dirs) .unwrap_or_else(|_| { diff --git a/fuzzers/qemu_systemmode/src/fuzzer.rs b/fuzzers/qemu_systemmode/src/fuzzer.rs index 1d5a12feb8..6bcb7e4eed 100644 --- a/fuzzers/qemu_systemmode/src/fuzzer.rs +++ b/fuzzers/qemu_systemmode/src/fuzzer.rs @@ -204,7 +204,7 @@ pub fn fuzz() { // Wrap the executor to keep track of the timeout let mut executor = TimeoutExecutor::new(executor, timeout); - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut mgr, &corpus_dirs) .unwrap_or_else(|_| { diff --git a/fuzzers/tutorial/src/lib.rs b/fuzzers/tutorial/src/lib.rs index efb1e87b08..fcc99048f5 100644 --- a/fuzzers/tutorial/src/lib.rs +++ b/fuzzers/tutorial/src/lib.rs @@ -158,7 +158,7 @@ fn fuzz(corpus_dirs: &[PathBuf], objective_dir: PathBuf, broker_port: u16) -> Re } // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { state .load_initial_inputs(&mut fuzzer, &mut executor, &mut restarting_mgr, corpus_dirs) .unwrap_or_else(|_| panic!("Failed to load initial corpus at {:?}", &corpus_dirs)); diff --git a/libafl/src/state/mod.rs b/libafl/src/state/mod.rs index b027063c07..07a7cfe668 100644 --- a/libafl/src/state/mod.rs +++ b/libafl/src/state/mod.rs @@ -5,6 +5,7 @@ use core::{fmt::Debug, marker::PhantomData, time::Duration}; use std::{ fs, path::{Path, PathBuf}, + vec::Vec, }; use serde::{de::DeserializeOwned, Deserialize, Serialize}; @@ -194,6 +195,9 @@ pub struct StdState { /// Performance statistics for this fuzzer #[cfg(feature = "introspection")] introspection_monitor: ClientPerfMonitor, + #[cfg(feature = "std")] + /// Remaining initial inputs to load, if any + remaining_initial_files: Option>, phantom: PhantomData, } @@ -347,23 +351,15 @@ where R: Rand, SC: Corpus::Input>, { - /// Loads inputs from a directory. - /// If `forced` is `true`, the value will be loaded, - /// even if it's not considered to be `interesting`. - pub fn load_from_directory( - &mut self, - fuzzer: &mut Z, - executor: &mut E, - manager: &mut EM, - in_dir: &Path, - forced: bool, - loader: &mut dyn FnMut(&mut Z, &mut Self, &Path) -> Result, - ) -> Result<(), Error> - where - E: UsesState, - EM: UsesState, - Z: Evaluator, - { + /// Decide if the state nust load the inputs + pub fn must_load_initial_inputs(&self) -> bool { + self.corpus().count() == 0 + || (self.remaining_initial_files.is_some() + && !self.remaining_initial_files.as_ref().unwrap().is_empty()) + } + + /// List initial inputs from a directory. + fn visit_initial_directory(files: &mut Vec, in_dir: &Path) -> Result<(), Error> { for entry in fs::read_dir(in_dir)? { let entry = entry?; let path = entry.path(); @@ -380,18 +376,9 @@ where let attr = attributes?; if attr.is_file() && attr.len() > 0 { - println!("Loading file {:?} ...", &path); - let input = loader(fuzzer, self, &path)?; - if forced { - let _ = fuzzer.add_input(self, executor, manager, input)?; - } else { - let (res, _) = fuzzer.evaluate_input(self, executor, manager, input)?; - if res == ExecuteInputResult::None { - println!("File {:?} was not interesting, skipped.", &path); - } - } + files.push(path); } else if attr.is_dir() { - self.load_from_directory(fuzzer, executor, manager, &path, forced, loader)?; + Self::visit_initial_directory(files, in_dir)?; } } @@ -400,29 +387,48 @@ where /// Loads initial inputs from the passed-in `in_dirs`. /// If `forced` is true, will add all testcases, no matter what. - fn load_initial_inputs_internal( + fn load_initial_inputs_custom( &mut self, fuzzer: &mut Z, executor: &mut E, manager: &mut EM, in_dirs: &[PathBuf], forced: bool, + loader: &mut dyn FnMut(&mut Z, &mut Self, &Path) -> Result, ) -> Result<(), Error> where E: UsesState, EM: EventFirer, Z: Evaluator, { - for in_dir in in_dirs { - self.load_from_directory( - fuzzer, - executor, - manager, - in_dir, - forced, - &mut |_, _, path| I::from_file(path), - )?; + if let Some(remaining) = self.remaining_initial_files.as_ref() { + // everything was loaded + if remaining.is_empty() { + return Ok(()); + } + } else { + let mut files = vec![]; + for in_dir in in_dirs { + Self::visit_initial_directory(&mut files, in_dir)?; + } + + self.remaining_initial_files = Some(files); } + + // TODO option to shuffle the initial files + while let Some(path) = self.remaining_initial_files.as_mut().unwrap().pop() { + println!("Loading file {:?} ...", &path); + let input = loader(fuzzer, self, &path)?; + if forced { + let _ = fuzzer.add_input(self, executor, manager, input)?; + } else { + let (res, _) = fuzzer.evaluate_input(self, executor, manager, input)?; + if res == ExecuteInputResult::None { + println!("File {:?} was not interesting, skipped.", &path); + } + } + } + manager.fire( self, Event::Log { @@ -449,7 +455,14 @@ where EM: EventFirer, Z: Evaluator, { - self.load_initial_inputs_internal(fuzzer, executor, manager, in_dirs, true) + self.load_initial_inputs_custom( + fuzzer, + executor, + manager, + in_dirs, + true, + &mut |_, _, path| I::from_file(path), + ) } /// Loads initial inputs from the passed-in `in_dirs`. @@ -465,7 +478,14 @@ where EM: EventFirer, Z: Evaluator, { - self.load_initial_inputs_internal(fuzzer, executor, manager, in_dirs, false) + self.load_initial_inputs_custom( + fuzzer, + executor, + manager, + in_dirs, + false, + &mut |_, _, path| I::from_file(path), + ) } } @@ -574,6 +594,8 @@ where max_size: DEFAULT_MAX_SIZE, #[cfg(feature = "introspection")] introspection_monitor: ClientPerfMonitor::new(), + #[cfg(feature = "std")] + remaining_initial_files: None, phantom: PhantomData, }; feedback.init_state(&mut state)?; diff --git a/libafl_sugar/src/forkserver.rs b/libafl_sugar/src/forkserver.rs index 61c3932468..140c695a86 100644 --- a/libafl_sugar/src/forkserver.rs +++ b/libafl_sugar/src/forkserver.rs @@ -196,7 +196,7 @@ impl<'a, const MAP_SIZE: usize> ForkserverBytesCoverageSugar<'a, MAP_SIZE> { .expect("Failed to create the executor."); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { if self.input_dirs.is_empty() { // Generator of printable bytearrays of max size 32 let mut generator = RandBytesGenerator::new(32); diff --git a/libafl_sugar/src/inmemory.rs b/libafl_sugar/src/inmemory.rs index b0ae7cc41e..f37e465763 100644 --- a/libafl_sugar/src/inmemory.rs +++ b/libafl_sugar/src/inmemory.rs @@ -216,7 +216,7 @@ where ); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { if self.input_dirs.is_empty() { // Generator of printable bytearrays of max size 32 let mut generator = RandBytesGenerator::new(32); diff --git a/libafl_sugar/src/qemu.rs b/libafl_sugar/src/qemu.rs index cc13152d4a..fdbad16835 100644 --- a/libafl_sugar/src/qemu.rs +++ b/libafl_sugar/src/qemu.rs @@ -232,7 +232,7 @@ where let mut executor = ShadowExecutor::new(executor, tuple_list!(cmplog_observer)); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { if self.input_dirs.is_empty() { // Generator of printable bytearrays of max size 32 let mut generator = RandBytesGenerator::new(32); @@ -335,7 +335,7 @@ where let mut executor = TimeoutExecutor::new(executor, timeout); // In case the corpus is empty (on first run), reset - if state.corpus().count() < 1 { + if state.must_load_initial_inputs() { if self.input_dirs.is_empty() { // Generator of printable bytearrays of max size 32 let mut generator = RandBytesGenerator::new(32);