diff --git a/libafl/src/corpus/testcase.rs b/libafl/src/corpus/testcase.rs index e73dc27292..07ec0c3d50 100644 --- a/libafl/src/corpus/testcase.rs +++ b/libafl/src/corpus/testcase.rs @@ -31,6 +31,8 @@ where cached_len: Option, /// Number of executions done at discovery time executions: usize, + /// Number of fuzzing iterations of this particular input updated in perform_mutational + fuzz_level: usize, /// If it has been fuzzed fuzzed: bool, } @@ -154,6 +156,18 @@ where &mut self.executions } + /// Get the `fuzz_level` + #[inline] + pub fn fuzz_level(&self) -> usize { + self.fuzz_level + } + + /// Set the `fuzz_level` + #[inline] + pub fn set_fuzz_leve(&mut self, fuzz_level: usize) { + self.fuzz_level = fuzz_level; + } + /// Get if it was fuzzed #[inline] pub fn fuzzed(&self) -> bool { @@ -216,6 +230,7 @@ where metadata: SerdeAnyMap::new(), exec_time: None, cached_len: None, + fuzz_level: 0, executions: 0, fuzzed: false, } @@ -264,8 +279,6 @@ where pub struct PowerScheduleTestcaseMetaData { /// Number of bits set in bitmap, updated in calibrate_case bitmap_size: u64, - /// Number of fuzzing iterations, updated in perform_mutational - fuzz_level: u64, /// Number of queue cycles behind handicap: u64, /// Path depth, initialized in on_add @@ -280,7 +293,6 @@ impl PowerScheduleTestcaseMetaData { pub fn new(depth: u64) -> Self { Self { bitmap_size: 0, - fuzz_level: 0, handicap: 0, depth, n_fuzz_entry: 0, @@ -298,17 +310,6 @@ impl PowerScheduleTestcaseMetaData { self.bitmap_size = val; } - /// Get the fuzz level - #[must_use] - pub fn fuzz_level(&self) -> u64 { - self.fuzz_level - } - - /// Set the fuzz level - pub fn set_fuzz_level(&mut self, val: u64) { - self.fuzz_level = val; - } - /// Get the handicap #[must_use] pub fn handicap(&self) -> u64 { diff --git a/libafl/src/schedulers/testcase_score.rs b/libafl/src/schedulers/testcase_score.rs index 8482c3fb24..59229fa566 100644 --- a/libafl/src/schedulers/testcase_score.rs +++ b/libafl/src/schedulers/testcase_score.rs @@ -73,7 +73,8 @@ where #[allow( clippy::cast_precision_loss, clippy::too_many_lines, - clippy::cast_sign_loss + clippy::cast_sign_loss, + clippy::cast_lossless )] fn compute(entry: &mut Testcase, state: &S) -> Result { let psmeta = state @@ -195,7 +196,7 @@ where } } PowerSchedule::FAST => { - if tcmeta.fuzz_level() != 0 { + if entry.fuzz_level() != 0 { let lg = libm::log2(f64::from(psmeta.n_fuzz()[tcmeta.n_fuzz_entry()])); match lg { @@ -234,11 +235,11 @@ where } } PowerSchedule::LIN => { - factor = (tcmeta.fuzz_level() as f64) + factor = (entry.fuzz_level() as f64) / f64::from(psmeta.n_fuzz()[tcmeta.n_fuzz_entry()] + 1); } PowerSchedule::QUAD => { - factor = ((tcmeta.fuzz_level() * tcmeta.fuzz_level()) as f64) + factor = ((entry.fuzz_level() * entry.fuzz_level()) as f64) / f64::from(psmeta.n_fuzz()[tcmeta.n_fuzz_entry()] + 1); } } @@ -297,7 +298,7 @@ where // This means that this testcase has never gone through the calibration stage before1, // In this case we'll just return the default weight - if tcmeta.fuzz_level() == 0 || psmeta.cycles() == 0 { + if entry.fuzz_level() == 0 || psmeta.cycles() == 0 { return Ok(weight); } @@ -344,7 +345,7 @@ where } // was it fuzzed before? - if tcmeta.fuzz_level() == 0 { + if entry.fuzz_level() == 0 { weight *= 2.0; } diff --git a/libafl/src/stages/calibrate.rs b/libafl/src/stages/calibrate.rs index 46e59e0da7..702bbea3a2 100644 --- a/libafl/src/stages/calibrate.rs +++ b/libafl/src/stages/calibrate.rs @@ -59,27 +59,12 @@ where corpus_idx: usize, ) -> Result<(), Error> { // Run this stage only once for each corpus entry - if state - .corpus() - .get(corpus_idx)? - .borrow_mut() - .metadata() - .get::() - .ok_or_else(|| { - Error::KeyNotFound("PowerScheduleTescaseMetatdata not found".to_string()) - })? - .fuzz_level() - > 0 - { + if state.corpus().get(corpus_idx)?.borrow_mut().fuzz_level() > 0 { return Ok(()); } let mut iter = self.stage_max; - let handicap = state - .metadata() - .get::() - .ok_or_else(|| Error::KeyNotFound("PowerScheduleMetadata not found".to_string()))? - .queue_cycles(); + let input = state .corpus() .get(corpus_idx)? @@ -175,36 +160,48 @@ where } }; - let psmeta = state - .metadata_mut() - .get_mut::() - .ok_or_else(|| Error::KeyNotFound("PowerScheduleMetadata not found".to_string()))?; + // If power schedule is used, update it + let use_powerschedule = state.has_metadata::() + && state + .corpus() + .get(corpus_idx)? + .borrow() + .has_metadata::(); - let map = executor - .observers() - .match_name::(&self.map_observer_name) - .ok_or_else(|| Error::KeyNotFound("MapObserver not found".to_string()))?; + if use_powerschedule { + let map = executor + .observers() + .match_name::(&self.map_observer_name) + .ok_or_else(|| Error::KeyNotFound("MapObserver not found".to_string()))?; - let bitmap_size = map.count_bytes(); + let bitmap_size = map.count_bytes(); - psmeta.set_exec_time(psmeta.exec_time() + total_time); - psmeta.set_cycles(psmeta.cycles() + (iter as u64)); - psmeta.set_bitmap_size(psmeta.bitmap_size() + bitmap_size); - psmeta.set_bitmap_entries(psmeta.bitmap_entries() + 1); + let psmeta = state + .metadata_mut() + .get_mut::() + .unwrap(); + let handicap = psmeta.queue_cycles(); - let mut testcase = state.corpus().get(corpus_idx)?.borrow_mut(); + psmeta.set_exec_time(psmeta.exec_time() + total_time); + psmeta.set_cycles(psmeta.cycles() + (iter as u64)); + psmeta.set_bitmap_size(psmeta.bitmap_size() + bitmap_size); + psmeta.set_bitmap_entries(psmeta.bitmap_entries() + 1); - testcase.set_exec_time(total_time / (iter as u32)); - // println!("time: {:#?}", testcase.exec_time()); - let data = testcase - .metadata_mut() - .get_mut::() - .ok_or_else(|| Error::KeyNotFound("PowerScheduleTestData not found".to_string()))?; + let mut testcase = state.corpus().get(corpus_idx)?.borrow_mut(); + let fuzz_level = testcase.fuzz_level(); - data.set_bitmap_size(bitmap_size); - data.set_handicap(handicap); - data.set_fuzz_level(data.fuzz_level() + 1); - // println!("data: {:#?}", data); + testcase.set_exec_time(total_time / (iter as u32)); + testcase.set_fuzz_leve(fuzz_level + 1); + // println!("time: {:#?}", testcase.exec_time()); + + let data = testcase + .metadata_mut() + .get_mut::() + .ok_or_else(|| Error::KeyNotFound("PowerScheduleTestData not found".to_string()))?; + + data.set_bitmap_size(bitmap_size); + data.set_handicap(handicap); + } Ok(()) }