Fix libxml2 on fuzzbench (#2492)

* fix * fmt * fuck * from windows * fix --------- Co-authored-by: Your Name <you@example.com>
2024-08-21 16:41:18 +02:00 · 2024-08-21 16:41:18 +02:00 · f856092f3d
commit f856092f3d
parent 4b87d7f4eb
9 changed files with 82 additions and 69 deletions
--- a/libafl/src/executors/hooks/inprocess.rs
+++ b/libafl/src/executors/hooks/inprocess.rs
@ -31,7 +31,6 @@ use crate::{
    events::{EventFirer, EventRestarter},
    executors::{hooks::ExecutorHook, inprocess::HasInProcessHooks, Executor, HasObservers},
    feedbacks::Feedback,
-    fuzzer::{ExecutionProcessor, HasScheduler},
    inputs::UsesInput,
    state::{HasCorpus, HasExecutions, HasSolutions},
    Error, HasObjective,
@ -236,7 +235,7 @@ where
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        // # Safety
        // We get a pointer to `GLOBAL_STATE` that will be initialized at this point in time.
@ -276,7 +275,7 @@ where
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: State + HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        let ret;
        #[cfg(feature = "std")]
--- a/libafl/src/executors/hooks/unix.rs
+++ b/libafl/src/executors/hooks/unix.rs
@ -17,10 +17,9 @@ pub mod unix_signal_handler {
            Executor, ExitKind, HasObservers,
        },
        feedbacks::Feedback,
-        fuzzer::{ExecutionProcessor, HasObjective},
+        fuzzer::HasObjective,
        inputs::{Input, UsesInput},
        state::{HasCorpus, HasExecutions, HasSolutions},
-        HasScheduler,
    };

    pub(crate) type HandlerFuncPtr = unsafe fn(
@ -80,7 +79,7 @@ pub mod unix_signal_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + ExecutionProcessor + HasScheduler,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        let old_hook = panic::take_hook();
        panic::set_hook(Box::new(move |panic_info| unsafe {
@ -127,7 +126,7 @@ pub mod unix_signal_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + ExecutionProcessor + HasScheduler,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        // this stuff is for batch timeout
        if !data.executor_ptr.is_null()
@ -182,7 +181,7 @@ pub mod unix_signal_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + ExecutionProcessor + HasScheduler,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        #[cfg(all(target_os = "android", target_arch = "aarch64"))]
        let _context = _context.map(|p| {
--- a/libafl/src/executors/hooks/windows.rs
+++ b/libafl/src/executors/hooks/windows.rs
@ -18,7 +18,7 @@ pub mod windows_asan_handler {
            ExitKind, HasObservers,
        },
        feedbacks::Feedback,
-        fuzzer::{ExecutionProcessor, HasObjective, HasScheduler},
+        fuzzer::HasObjective,
        inputs::UsesInput,
        state::{HasCorpus, HasExecutions, HasSolutions},
    };
@ -31,7 +31,7 @@ pub mod windows_asan_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        let data = addr_of_mut!(GLOBAL_STATE);
        (*data).set_in_handler(true);
@ -132,7 +132,7 @@ pub mod windows_exception_handler {
            Executor, ExitKind, HasObservers,
        },
        feedbacks::Feedback,
-        fuzzer::{ExecutionProcessor, HasObjective, HasScheduler},
+        fuzzer::HasObjective,
        inputs::{Input, UsesInput},
        state::{HasCorpus, HasExecutions, HasSolutions, State},
    };
@ -179,7 +179,7 @@ pub mod windows_exception_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        let old_hook = panic::take_hook();
        panic::set_hook(Box::new(move |panic_info| unsafe {
@ -239,7 +239,7 @@ pub mod windows_exception_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: State + HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        let data: &mut InProcessExecutorHandlerData =
            &mut *(global_state as *mut InProcessExecutorHandlerData);
@ -309,7 +309,7 @@ pub mod windows_exception_handler {
        EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
        OF: Feedback<E::State>,
        E::State: HasExecutions + HasSolutions + HasCorpus,
-        Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = E::State>,
    {
        // Have we set a timer_before?
        if data.ptp_timer.is_some() {
--- a/libafl/src/executors/inprocess/inner.rs
+++ b/libafl/src/executors/inprocess/inner.rs
@ -26,11 +26,11 @@ use crate::{
        Executor, HasObservers,
    },
    feedbacks::Feedback,
-    fuzzer::{HasObjective, HasScheduler},
+    fuzzer::HasObjective,
    inputs::UsesInput,
    observers::{ObserversTuple, UsesObservers},
    state::{HasCorpus, HasExecutions, HasSolutions, State, UsesState},
-    Error, ExecutionProcessor,
+    Error,
 };

 /// The internal state of `GenericInProcessExecutor`.
@ -177,7 +177,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        Self::with_timeout_generic::<E, EM, OF, Z>(
            user_hooks,
@ -204,7 +204,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let mut me = Self::with_timeout_generic::<E, EM, OF, Z>(
            user_hooks, observers, fuzzer, state, event_mgr, exec_tmout,
@ -234,7 +234,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let default = InProcessHooks::new::<E, EM, OF, Z>(timeout)?;
        let mut hooks = tuple_list!(default).merge(user_hooks);
--- a/libafl/src/executors/inprocess/mod.rs
+++ b/libafl/src/executors/inprocess/mod.rs
@ -21,7 +21,8 @@ use libafl_bolts::tuples::{tuple_list, RefIndexable};
 #[cfg(any(unix, feature = "std"))]
 use crate::executors::hooks::inprocess::GLOBAL_STATE;
 use crate::{
-    events::{EventFirer, EventRestarter},
+    corpus::{Corpus, Testcase},
+    events::{Event, EventFirer, EventRestarter},
    executors::{
        hooks::{inprocess::InProcessHooks, ExecutorHooksTuple},
        inprocess::inner::GenericInProcessExecutorInner,
@ -31,9 +32,8 @@ use crate::{
    fuzzer::HasObjective,
    inputs::UsesInput,
    observers::{ObserversTuple, UsesObservers},
-    schedulers::Scheduler,
-    state::{HasCorpus, HasExecutions, HasSolutions, State, UsesState},
-    Error, ExecutionProcessor, HasScheduler,
+    state::{HasCorpus, HasCurrentTestcase, HasExecutions, HasSolutions, State, UsesState},
+    Error, ExecutionProcessor, HasMetadata, HasScheduler,
 };

 /// The inner structure of `InProcessExecutor`.
@ -180,7 +180,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        Self::with_timeout_generic(
            tuple_list!(),
@ -208,7 +208,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::batched_timeout_generic::<Self, EM, OF, Z>(
            tuple_list!(),
@ -247,7 +247,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::with_timeout_generic::<Self, EM, OF, Z>(
            tuple_list!(),
@ -288,7 +288,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        Self::with_timeout_generic(
            user_hooks,
@ -317,7 +317,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::batched_timeout_generic::<Self, EM, OF, Z>(
            user_hooks, observers, fuzzer, state, event_mgr, exec_tmout,
@ -352,7 +352,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::with_timeout_generic::<Self, EM, OF, Z>(
            user_hooks, observers, fuzzer, state, event_mgr, timeout,
@ -431,47 +431,58 @@ pub fn run_observers_and_save_state<E, EM, OF, Z>(
    state: &mut E::State,
    input: &<E::State as UsesInput>::Input,
    fuzzer: &mut Z,
-    manager: &mut EM,
-    exit_kind: ExitKind,
+    event_mgr: &mut EM,
+    exitkind: ExitKind,
 ) where
    E: HasObservers,
    EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
    OF: Feedback<E::State>,
    E::State: HasExecutions + HasSolutions + HasCorpus,
-    Z: HasObjective<Objective = OF, State = E::State>
-        + HasScheduler<State = E::State>
-        + ExecutionProcessor,
+    Z: HasObjective<Objective = OF, State = E::State>,
 {
-    let observers = executor.observers_mut();
-    let scheduler = fuzzer.scheduler_mut();
+    let mut observers = executor.observers_mut();

-    if scheduler.on_evaluation(state, input, &*observers).is_err() {
-        log::error!("Failed to call on_evaluation");
-        return;
+    observers
+        .post_exec_all(state, input, &exitkind)
+        .expect("Observers post_exec_all failed");
+
+    let interesting = fuzzer
+        .objective_mut()
+        .is_interesting(state, event_mgr, input, &*observers, &exitkind)
+        .expect("In run_observers_and_save_state objective failure.");
+
+    if interesting {
+        let executions = *state.executions();
+        let mut new_testcase = Testcase::with_executions(input.clone(), executions);
+        new_testcase.add_metadata(exitkind);
+        new_testcase.set_parent_id_optional(*state.corpus().current());
+
+        if let Ok(mut tc) = state.current_testcase_mut() {
+            tc.found_objective();
        }

-    let res = fuzzer.check_results(state, manager, input, &*observers, &exit_kind);
-    if let Ok(exec_res) = res {
-        if fuzzer
-            .process_execution(state, manager, input, &exec_res, &*observers)
-            .is_err()
-        {
-            log::error!("Failed to call process_execution");
-            return;
+        fuzzer
+            .objective_mut()
+            .append_metadata(state, event_mgr, &*observers, &mut new_testcase)
+            .expect("Failed adding metadata");
+        state
+            .solutions_mut()
+            .add(new_testcase)
+            .expect("In run_observers_and_save_state solutions failure.");
+        event_mgr
+            .fire(
+                state,
+                Event::Objective {
+                    objective_size: state.solutions().count(),
+                    executions,
+                    time: libafl_bolts::current_time(),
+                },
+            )
+            .expect("Could not save state in run_observers_and_save_state");
    }

-        if fuzzer
-            .dispatch_event(state, manager, input.clone(), &exec_res, None, &exit_kind)
-            .is_err()
-        {
-            log::error!("Failed to dispatch_event");
-            return;
-        }
-    } else {
-        log::error!("Faild to check execution result");
-    }
    // Serialize the state and wait safely for the broker to read pending messages
-    manager.on_restart(state).unwrap();
+    event_mgr.on_restart(state).unwrap();

    log::info!("Bye!");
 }
--- a/libafl/src/executors/inprocess/stateful.rs
+++ b/libafl/src/executors/inprocess/stateful.rs
@ -18,7 +18,7 @@ use crate::{
        Executor, ExitKind, HasObservers,
    },
    feedbacks::Feedback,
-    fuzzer::{ExecutionProcessor, HasObjective, HasScheduler},
+    fuzzer::HasObjective,
    inputs::UsesInput,
    observers::{ObserversTuple, UsesObservers},
    state::{HasCorpus, HasExecutions, HasSolutions, State, UsesState},
@ -172,7 +172,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        Self::with_timeout_generic(
            tuple_list!(),
@ -202,7 +202,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::batched_timeout_generic::<Self, EM, OF, Z>(
            tuple_list!(),
@ -243,7 +243,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::with_timeout_generic::<Self, EM, OF, Z>(
            tuple_list!(),
@ -304,7 +304,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        Self::with_timeout_generic(
            user_hooks,
@ -335,7 +335,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::batched_timeout_generic::<Self, EM, OF, Z>(
            user_hooks, observers, fuzzer, state, event_mgr, exec_tmout,
@ -372,7 +372,7 @@ where
        EM: EventFirer<State = S> + EventRestarter,
        OF: Feedback<S>,
        S: State,
-        Z: HasObjective<Objective = OF, State = S> + HasScheduler + ExecutionProcessor,
+        Z: HasObjective<Objective = OF, State = S>,
    {
        let inner = GenericInProcessExecutorInner::with_timeout_generic::<Self, EM, OF, Z>(
            user_hooks, observers, fuzzer, state, event_mgr, timeout,
--- a/libafl_qemu/src/executor.rs
+++ b/libafl_qemu/src/executor.rs
@ -83,7 +83,7 @@ pub unsafe fn inproc_qemu_timeout_handler<E, EM, OF, Z>(
    EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
    OF: Feedback<E::State>,
    E::State: HasExecutions + HasSolutions + HasCorpus,
-    Z: HasObjective<Objective = OF, State = E::State> + ExecutionProcessor + HasScheduler,
+    Z: HasObjective<Objective = OF, State = E::State>,
 {
    if BREAK_ON_TMOUT {
        qemu_system_debug_request();
--- a/libafl_targets/src/sancov_pcguard.rs
+++ b/libafl_targets/src/sancov_pcguard.rs
@ -5,7 +5,11 @@
 use core::simd::num::SimdUint;
 use core::{mem::align_of, slice};

-#[cfg(any(feature = "sancov_ngram4", feature = "sancov_ctx", feature = "sancov_ngram8"))]
+#[cfg(any(
+    feature = "sancov_ngram4",
+    feature = "sancov_ctx",
+    feature = "sancov_ngram8"
+))]
 use libafl::executors::{hooks::ExecutorHook, HasObservers};

 #[cfg(any(
--- a/libafl_targets/src/windows_asan.rs
+++ b/libafl_targets/src/windows_asan.rs
@ -5,7 +5,7 @@ use libafl::{
    executors::{hooks::windows::windows_asan_handler::asan_death_handler, Executor, HasObservers},
    feedbacks::Feedback,
    state::{HasCorpus, HasExecutions, HasSolutions},
-    ExecutionProcessor, HasObjective, HasScheduler,
+    HasObjective,
 };

 /// Asan death callback type
@ -33,7 +33,7 @@ where
    EM: EventFirer<State = E::State> + EventRestarter<State = E::State>,
    OF: Feedback<E::State>,
    E::State: HasSolutions + HasCorpus + HasExecutions,
-    Z: HasObjective<Objective = OF, State = E::State> + HasScheduler + ExecutionProcessor,
+    Z: HasObjective<Objective = OF, State = E::State>,
 {
    __sanitizer_set_death_callback(Some(asan_death_handler::<E, EM, OF, Z>));
 }