SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Conform AFL struct casing to codebase/rust (#3221)

Browse Source 
* Conform AFL struct casing to codebase/rust

* Actually, Aflpp looks better
This commit is contained in:
Dominik Maier 2025-05-13 17:56:58 +02:00 committed by GitHub
parent c606ac106a
commit fef129e23c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 117 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
fuzzers/forkserver/fuzzbench_forkserver/src/main.rs
View File

@ -43,7 +43,7 @@ use libafl_bolts::{
tuples::{tuple_list, Merge},
AsSliceMut, StdTargetArgs,
};
use libafl_targets::cmps::AFLppCmpLogMap;
use libafl_targets::cmps::AflppCmpLogMap;
use nix::sys::signal::Signal;
pub fn main() {
@ -351,12 +351,12 @@ fn fuzz(
if let Some(exec) = &cmplog_exec {
// The cmplog map shared between observer and executor
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AFLppCmpLogMap>().unwrap();
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AflppCmpLogMap>().unwrap();
// let the forkserver know the shmid
unsafe {
cmplog_shmem.write_to_env(SHM_CMPLOG_ENV_VAR).unwrap();
}
let cmpmap = unsafe { OwnedRefMut::<AFLppCmpLogMap>::from_shmem(&mut cmplog_shmem) };
let cmpmap = unsafe { OwnedRefMut::<AflppCmpLogMap>::from_shmem(&mut cmplog_shmem) };
let cmplog_observer = StdCmpObserver::new("cmplog", cmpmap, true);

14
fuzzers/forkserver/fuzzbench_forkserver_cmplog/src/main.rs
View File

@ -21,7 +21,7 @@ use libafl::{
inputs::BytesInput,
monitors::SimpleMonitor,
mutators::{
havoc_mutations, token_mutations::AFLppRedQueen, tokens_mutations, StdMOptMutator, Tokens,
havoc_mutations, token_mutations::AflppRedQueen, tokens_mutations, StdMOptMutator, Tokens,
},
observers::{CanTrack, HitcountsMapObserver, StdMapObserver, TimeObserver},
schedulers::{
@ -43,8 +43,8 @@ use libafl_bolts::{
AsSliceMut, StdTargetArgs,
};
use libafl_targets::{
cmps::{observers::AFLppCmpLogObserver, stages::AFLppCmplogTracingStage},
AFLppCmpLogMap,
cmps::{observers::AflppCmpLogObserver, stages::AflppCmplogTracingStage},
AflppCmpLogMap,
};
use nix::sys::signal::Signal;
@ -354,14 +354,14 @@ fn fuzz(
if let Some(exec) = &cmplog_exec {
// The cmplog map shared between observer and executor
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AFLppCmpLogMap>().unwrap();
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AflppCmpLogMap>().unwrap();
// let the forkserver know the shmid
unsafe {
cmplog_shmem.write_to_env(SHM_CMPLOG_ENV_VAR).unwrap();
}
let cmpmap = unsafe { OwnedRefMut::from_shmem(&mut cmplog_shmem) };
let cmplog_observer = AFLppCmpLogObserver::new("cmplog", cmpmap, true);
let cmplog_observer = AflppCmpLogObserver::new("cmplog", cmpmap, true);
let cmplog_ref = cmplog_observer.handle();
let cmplog_executor = ForkserverExecutor::builder()
@ -376,11 +376,11 @@ fn fuzz(
.build(tuple_list!(cmplog_observer))
.unwrap();
let tracing = AFLppCmplogTracingStage::new(cmplog_executor, cmplog_ref);
let tracing = AflppCmplogTracingStage::new(cmplog_executor, cmplog_ref);
// Setup a randomic Input2State stage
let rq: MultiMutationalStage<_, _, BytesInput, _, _, _> =
MultiMutationalStage::new(AFLppRedQueen::with_cmplog_options(true, true));
MultiMutationalStage::new(AflppRedQueen::with_cmplog_options(true, true));
let cb = |_fuzzer: &mut _,
_executor: &mut _,

6
fuzzers/forkserver/fuzzbench_forkserver_sand/src/main.rs
View File

@ -44,7 +44,7 @@ use libafl_bolts::{
tuples::{tuple_list, Handled, Merge},
AsSliceMut, StdTargetArgs,
};
use libafl_targets::cmps::AFLppCmpLogMap;
use libafl_targets::cmps::AflppCmpLogMap;
use nix::sys::signal::Signal;
pub fn main() {
@ -399,12 +399,12 @@ fn fuzz(
if let Some(exec) = &cmplog_exec {
// The cmplog map shared between observer and executor
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AFLppCmpLogMap>().unwrap();
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AflppCmpLogMap>().unwrap();
// let the forkserver know the shmid
unsafe {
cmplog_shmem.write_to_env(SHM_CMPLOG_ENV_VAR).unwrap();
}
let cmpmap = unsafe { OwnedRefMut::<AFLppCmpLogMap>::from_shmem(&mut cmplog_shmem) };
let cmpmap = unsafe { OwnedRefMut::<AflppCmpLogMap>::from_shmem(&mut cmplog_shmem) };
let cmplog_observer = StdCmpObserver::new("cmplog", cmpmap, true);

12
fuzzers/forkserver/libafl-fuzz/src/fuzzer.rs
View File

@ -26,7 +26,7 @@ use libafl::{
},
fuzzer::StdFuzzer,
inputs::BytesInput,
mutators::{havoc_mutations, tokens_mutations, AFLppRedQueen, HavocScheduledMutator, Tokens},
mutators::{havoc_mutations, tokens_mutations, AflppRedQueen, HavocScheduledMutator, Tokens},
observers::{CanTrack, HitcountsMapObserver, StdMapObserver, TimeObserver},
schedulers::{
powersched::{BaseSchedule, PowerSchedule},
@ -58,7 +58,7 @@ use libafl_bolts::{
};
#[cfg(feature = "nyx")]
use libafl_nyx::{executor::NyxExecutor, helper::NyxHelper, settings::NyxSettings};
use libafl_targets::{cmps::AFLppCmpLogMap, AFLppCmpLogObserver, AFLppCmplogTracingStage};
use libafl_targets::{cmps::AflppCmpLogMap, AflppCmpLogObserver, AflppCmplogTracingStage};
use serde::{Deserialize, Serialize};
use crate::{
@ -475,7 +475,7 @@ define_run_client!(state, mgr, fuzzer_dir, core_id, opt, is_main_node, {
if run_cmplog {
// The CmpLog map shared between the CmpLog observer and CmpLog executor
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AFLppCmpLogMap>().unwrap();
let mut cmplog_shmem = shmem_provider.uninit_on_shmem::<AflppCmpLogMap>().unwrap();
// Let the Forkserver know the CmpLog shared memory map ID.
unsafe {
@ -484,7 +484,7 @@ define_run_client!(state, mgr, fuzzer_dir, core_id, opt, is_main_node, {
let cmpmap = unsafe { OwnedRefMut::from_shmem(&mut cmplog_shmem) };
// Create the CmpLog observer.
let cmplog_observer = AFLppCmpLogObserver::new("cmplog", cmpmap, true);
let cmplog_observer = AflppCmpLogObserver::new("cmplog", cmpmap, true);
let cmplog_ref = cmplog_observer.handle();
// Create the CmpLog executor.
@ -496,11 +496,11 @@ define_run_client!(state, mgr, fuzzer_dir, core_id, opt, is_main_node, {
.unwrap();
// Create the CmpLog tracing stage.
let tracing = AFLppCmplogTracingStage::new(cmplog_executor, cmplog_ref);
let tracing = AflppCmplogTracingStage::new(cmplog_executor, cmplog_ref);
// Create a randomic Input2State stage
let rq = MultiMutationalStage::<_, _, BytesInput, _, _, _>::new(
AFLppRedQueen::with_cmplog_options(true, true),
AflppRedQueen::with_cmplog_options(true, true),
);
// Create an IfStage and wrap the CmpLog stages in it.

24
libafl/src/mutators/token_mutations.rs
View File

@ -30,7 +30,7 @@ use crate::{
mutators::{
MultiMutator, MutationResult, Mutator, Named, buffer_self_copy, mutations::buffer_copy,
},
observers::cmp::{AFLppCmpValuesMetadata, CmpValues, CmpValuesMetadata},
observers::cmp::{AflppCmpValuesMetadata, CmpValues, CmpValuesMetadata},
stages::TaintMetadata,
state::{HasCorpus, HasMaxSize, HasRand},
};
@ -849,7 +849,7 @@ const CMP_ATTRIBUTE_IS_TRANSFORM: u8 = 64;
/// AFL++ redqueen mutation
#[derive(Debug, Default)]
pub struct AFLppRedQueen {
pub struct AflppRedQueen {
enable_transform: bool,
enable_arith: bool,
text_type: TextType,
@ -858,7 +858,7 @@ pub struct AFLppRedQueen {
last_corpus_id: Option<CorpusId>,
}
impl AFLppRedQueen {
impl AflppRedQueen {
#[inline]
fn swapa(x: u8) -> u8 {
(x & 0xf8) + ((x & 7) ^ 0x07)
@ -1321,7 +1321,7 @@ impl AFLppRedQueen {
}
}
impl<I, S> MultiMutator<I, S> for AFLppRedQueen
impl<I, S> MultiMutator<I, S> for AflppRedQueen
where
S: HasMetadata + HasRand + HasMaxSize + HasCorpus<I> + HasCurrentCorpusId,
I: ResizableMutator<u8> + From<Vec<u8>> + HasMutatorBytes,
@ -1342,7 +1342,7 @@ where
let (cmp_len, cmp_meta, taint_meta) = {
let (Some(cmp_meta), Some(taint_meta)) = (
state.metadata_map().get::<AFLppCmpValuesMetadata>(),
state.metadata_map().get::<AflppCmpValuesMetadata>(),
state.metadata_map().get::<TaintMetadata>(),
) else {
return Ok(vec![]);
@ -1370,7 +1370,7 @@ where
// println!("orig: {:#?} new: {:#?}", orig_cmpvals, new_cmpvals);
// Compute when mutating it for the 1st time.
let current_corpus_id = state.current_corpus_id()?.ok_or_else(|| Error::key_not_found("No corpus-id is currently being fuzzed, but called AFLppRedQueen::multi_mutated()."))?;
let current_corpus_id = state.current_corpus_id()?.ok_or_else(|| Error::key_not_found("No corpus-id is currently being fuzzed, but called AflppRedQueen::multi_mutated()."))?;
if self.last_corpus_id.is_none() || self.last_corpus_id.unwrap() != current_corpus_id {
self.text_type = check_if_text(orig_bytes, orig_bytes.len());
self.last_corpus_id = Some(current_corpus_id);
@ -1920,15 +1920,15 @@ where
}
}
impl Named for AFLppRedQueen {
impl Named for AflppRedQueen {
fn name(&self) -> &Cow<'static, str> {
static NAME: Cow<'static, str> = Cow::Borrowed("AFLppRedQueen");
static NAME: Cow<'static, str> = Cow::Borrowed("AflppRedQueen");
&NAME
}
}
impl AFLppRedQueen {
/// Create a new `AFLppRedQueen` Mutator
impl AflppRedQueen {
/// Create a new `AflppRedQueen` Mutator
#[must_use]
pub fn new() -> Self {
Self {
@ -2111,7 +2111,7 @@ mod tests {
use std::fs;
#[cfg(feature = "std")]
use super::{AFLppRedQueen, Tokens};
use super::{AflppRedQueen, Tokens};
#[cfg(feature = "std")]
#[test]
@ -2134,7 +2134,7 @@ token2="B"
#[cfg(feature = "std")]
#[test]
fn test_token_mutations() {
let rq = AFLppRedQueen::with_cmplog_options(true, true);
let rq = AflppRedQueen::with_cmplog_options(true, true);
let pattern = 0;
let repl = 0;
let another_pattern = 0;

20
libafl/src/observers/cmp.rs
View File

@ -120,7 +120,7 @@ impl CmpValuesMetadata {
/// Add comparisons to a metadata from a `CmpObserver`. `cmp_map` is mutable in case
/// it is needed for a custom map, but this is not utilized for `CmpObserver` or
/// `AFLppCmpLogObserver`.
/// `AflppCmpLogObserver`.
pub fn add_from<CM>(&mut self, usable_count: usize, cmp_map: &mut CM)
where
CM: CmpMap,
@ -360,22 +360,22 @@ struct cmp_map {
any(not(feature = "serdeany_autoreg"), miri),
expect(clippy::unsafe_derive_deserialize)
)] // for SerdeAny
pub struct AFLppCmpValuesMetadata {
/// The first map of `AFLppCmpLogVals` retrieved by running the un-mutated input
pub struct AflppCmpValuesMetadata {
/// The first map of `AflppCmpLogVals` retrieved by running the un-mutated input
#[serde(skip)]
pub orig_cmpvals: HashMap<usize, Vec<CmpValues>>,
/// The second map of `AFLppCmpLogVals` retrieved by runnning the mutated input
/// The second map of `AflppCmpLogVals` retrieved by runnning the mutated input
#[serde(skip)]
pub new_cmpvals: HashMap<usize, Vec<CmpValues>>,
/// The list of logged idx and headers retrieved by runnning the mutated input
#[serde(skip)]
pub headers: Vec<(usize, AFLppCmpLogHeader)>,
pub headers: Vec<(usize, AflppCmpLogHeader)>,
}
libafl_bolts::impl_serdeany!(AFLppCmpValuesMetadata);
libafl_bolts::impl_serdeany!(AflppCmpValuesMetadata);
impl AFLppCmpValuesMetadata {
/// Constructor for `AFLppCmpValuesMetadata`
impl AflppCmpValuesMetadata {
/// Constructor for `AflppCmpValuesMetadata`
#[must_use]
pub fn new() -> Self {
Self {
@ -399,7 +399,7 @@ impl AFLppCmpValuesMetadata {
/// Getter for `headers`
#[must_use]
pub fn headers(&self) -> &Vec<(usize, AFLppCmpLogHeader)> {
pub fn headers(&self) -> &Vec<(usize, AflppCmpLogHeader)> {
&self.headers
}
}
@ -418,7 +418,7 @@ impl AFLppCmpValuesMetadata {
/// - reserved: Reserved for future use
#[bitfield(u16)]
#[derive(Debug)]
pub struct AFLppCmpLogHeader {
pub struct AflppCmpLogHeader {
/// The number of hits of a particular comparison
///
/// 6 bits up to 63 entries, we have CMP_MAP_H = 32 (so using half of it)

8
libafl/src/stages/afl_stats.rs
View File

@ -117,7 +117,7 @@ pub struct AflStatsStage<C, E, EM, I, O, S, Z> {
/// AFL++'s `fuzzer_stats`
#[derive(Debug, Clone)]
pub struct AFLFuzzerStats<'a> {
pub struct AflFuzzerStats<'a> {
/// unix time indicating the start time of afl-fuzz
start_time: u64,
/// unix time corresponding to the last interval
@ -320,7 +320,7 @@ where
} else {
0
};
let stats = AFLFuzzerStats {
let stats = AflFuzzerStats {
start_time: self.start_time,
last_update: self.last_report_time.as_secs(),
run_time: self.last_report_time.as_secs() - self.start_time,
@ -460,7 +460,7 @@ where
}
/// Writes a stats file, if a `stats_file_path` is set.
fn maybe_write_fuzzer_stats(&self, stats: &AFLFuzzerStats) -> Result<(), Error> {
fn maybe_write_fuzzer_stats(&self, stats: &AflFuzzerStats) -> Result<(), Error> {
if let Some(stats_file_path) = &self.stats_file_path {
let tmp_file = stats_file_path
.parent()
@ -586,7 +586,7 @@ impl AFLPlotData<'_> {
"# relative_time, cycles_done, cur_item, corpus_count, pending_total, pending_favs, total_edges, saved_crashes, saved_hangs, max_depth, execs_per_sec, execs_done, edges_found"
}
}
impl Display for AFLFuzzerStats<'_> {
impl Display for AflFuzzerStats<'_> {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
writeln!(f, "start_time : {}", &self.start_time)?;
writeln!(f, "start_time : {}", &self.start_time)?;

6
libafl_sugar/src/forkserver.rs
View File

@ -39,7 +39,7 @@ use libafl_bolts::{
shmem::{ShMem, ShMemProvider, UnixShMemProvider},
tuples::{Merge, tuple_list},
};
use libafl_targets::AFLppCmpLogMap;
use libafl_targets::AflppCmpLogMap;
use typed_builder::TypedBuilder;
use crate::{CORPUS_CACHE_SIZE, DEFAULT_TIMEOUT_SECS};
@ -265,14 +265,14 @@ impl ForkserverBytesCoverageSugar<'_> {
if let Some(exec) = &self.cmplog_binary {
// The cmplog map shared between observer and executor
let mut cmplog_shmem = shmem_provider_client
.uninit_on_shmem::<AFLppCmpLogMap>()
.uninit_on_shmem::<AflppCmpLogMap>()
.unwrap();
// let the forkserver know the shmid
unsafe {
cmplog_shmem.write_to_env(SHM_CMPLOG_ENV_VAR).unwrap();
}
let cmpmap =
unsafe { OwnedRefMut::<AFLppCmpLogMap>::from_shmem(&mut cmplog_shmem) };
unsafe { OwnedRefMut::<AflppCmpLogMap>::from_shmem(&mut cmplog_shmem) };
let cmplog_observer = StdCmpObserver::new("cmplog", cmpmap, true);

76
libafl_targets/src/cmps/mod.rs
View File

@ -14,7 +14,7 @@ use core::{
use libafl::{
Error,
observers::{CmpMap, CmpValues, CmplogBytes, cmp::AFLppCmpLogHeader},
observers::{CmpMap, CmpValues, CmplogBytes, cmp::AflppCmpLogHeader},
};
use libafl_bolts::HasLen;
use serde::{Deserialize, Deserializer, Serialize, Serializer};
@ -36,7 +36,7 @@ pub const CMPLOG_MAP_RTN_H: usize =
/// The height of extended rountine map
pub const CMPLOG_MAP_RTN_EXTENDED_H: usize =
CMPLOG_MAP_H * size_of::<AFLppCmpLogOperands>() / size_of::<AFLppCmpLogFnOperands>();
CMPLOG_MAP_H * size_of::<AflppCmpLogOperands>() / size_of::<AflppCmpLogFnOperands>();
/// `CmpLog` instruction kind
pub const CMPLOG_KIND_INS: u8 = 0;
@ -86,10 +86,10 @@ pub struct CmpLogHeader {
/// Comparison operands, represented as either two (left and right of comparison) u64 values or
/// two (left and right of comparison) u128 values, split into two u64 values. If the left and
/// right values are smaller than u64, they can be sign or zero extended to 64 bits, as the actual
/// comparison size is determined by the `hits` field of the associated `AFLppCmpLogHeader`.
/// comparison size is determined by the `hits` field of the associated `AflppCmpLogHeader`.
#[derive(Default, Debug, Clone, Copy)]
#[repr(C, packed)]
pub struct AFLppCmpLogOperands {
pub struct AflppCmpLogOperands {
v0: u64,
v0_128: u64,
v0_256_0: u64,
@ -101,9 +101,9 @@ pub struct AFLppCmpLogOperands {
unused: [u8; 8],
}
impl AFLppCmpLogOperands {
impl AflppCmpLogOperands {
#[must_use]
/// Create new `AFLppCmpLogOperands`
/// Create new `AflppCmpLogOperands`
pub fn new(v0: u64, v1: u64) -> Self {
Self {
v0,
@ -119,7 +119,7 @@ impl AFLppCmpLogOperands {
}
#[must_use]
/// Create new `AFLppCmpLogOperands` with 128-bit comparison values
/// Create new `AflppCmpLogOperands` with 128-bit comparison values
pub fn new_128bit(v0: u128, v1: u128) -> Self {
let v0_128 = (v0 >> 64) as u64;
let v0 = v0 as u64;
@ -192,7 +192,7 @@ impl AFLppCmpLogOperands {
#[derive(Default, Debug, Clone, Copy)]
#[repr(C, packed)]
/// Comparison function operands, like for strcmp/memcmp, represented as two byte arrays.
pub struct AFLppCmpLogFnOperands {
pub struct AflppCmpLogFnOperands {
v0: [u8; 32],
v1: [u8; 32],
v0_len: u8,
@ -200,7 +200,7 @@ pub struct AFLppCmpLogFnOperands {
unused: [u8; 6],
}
impl AFLppCmpLogFnOperands {
impl AflppCmpLogFnOperands {
#[must_use]
/// Create a new AFL++ function operands comparison values from two byte slices
pub fn new(v0: &[u8], v1: &[u8]) -> Self {
@ -286,27 +286,27 @@ impl Debug for CmpLogVals {
#[derive(Clone, Copy)]
#[repr(C, packed)]
/// Comparison values
pub union AFLppCmpLogVals {
operands: [[AFLppCmpLogOperands; CMPLOG_MAP_H]; CMPLOG_MAP_W],
fn_operands: [[AFLppCmpLogFnOperands; CMPLOG_MAP_RTN_EXTENDED_H]; CMPLOG_MAP_W],
pub union AflppCmpLogVals {
operands: [[AflppCmpLogOperands; CMPLOG_MAP_H]; CMPLOG_MAP_W],
fn_operands: [[AflppCmpLogFnOperands; CMPLOG_MAP_RTN_EXTENDED_H]; CMPLOG_MAP_W],
}
impl Debug for AFLppCmpLogVals {
impl Debug for AflppCmpLogVals {
fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
f.debug_struct("AFLppCmpLogVals").finish_non_exhaustive()
f.debug_struct("AflppCmpLogVals").finish_non_exhaustive()
}
}
impl AFLppCmpLogVals {
impl AflppCmpLogVals {
#[must_use]
/// Handle comparison values as comparison operands
pub fn operands(&self) -> &[[AFLppCmpLogOperands; CMPLOG_MAP_H]; CMPLOG_MAP_W] {
pub fn operands(&self) -> &[[AflppCmpLogOperands; CMPLOG_MAP_H]; CMPLOG_MAP_W] {
unsafe { &self.operands }
}
#[must_use]
/// Mutably reference comparison values as comparison operands
pub fn operands_mut(&mut self) -> &mut [[AFLppCmpLogOperands; CMPLOG_MAP_H]; CMPLOG_MAP_W] {
pub fn operands_mut(&mut self) -> &mut [[AflppCmpLogOperands; CMPLOG_MAP_H]; CMPLOG_MAP_W] {
unsafe { &mut self.operands }
}
@ -314,7 +314,7 @@ impl AFLppCmpLogVals {
/// Handle comparison values as comparison function operands
pub fn fn_operands(
&self,
) -> &[[AFLppCmpLogFnOperands; CMPLOG_MAP_RTN_EXTENDED_H]; CMPLOG_MAP_W] {
) -> &[[AflppCmpLogFnOperands; CMPLOG_MAP_RTN_EXTENDED_H]; CMPLOG_MAP_W] {
unsafe { &self.fn_operands }
}
@ -322,7 +322,7 @@ impl AFLppCmpLogVals {
/// Mutably reference comparison values as comparison function operands
pub fn fn_operands_mut(
&mut self,
) -> &mut [[AFLppCmpLogFnOperands; CMPLOG_MAP_RTN_EXTENDED_H]; CMPLOG_MAP_W] {
) -> &mut [[AflppCmpLogFnOperands; CMPLOG_MAP_RTN_EXTENDED_H]; CMPLOG_MAP_W] {
unsafe { &mut self.fn_operands }
}
}
@ -439,10 +439,10 @@ pub static mut libafl_cmplog_map: CmpLogMap = CmpLogMap {
/// The globale `CmpLog` map, aflpp style
#[unsafe(no_mangle)]
#[cfg(feature = "cmplog_extended_instrumentation")]
pub static mut libafl_cmplog_map_extended: AFLppCmpLogMap = AFLppCmpLogMap {
headers: [AFLppCmpLogHeader::new_with_raw_value(0); CMPLOG_MAP_W],
vals: AFLppCmpLogVals {
operands: [[AFLppCmpLogOperands {
pub static mut libafl_cmplog_map_extended: AflppCmpLogMap = AflppCmpLogMap {
headers: [AflppCmpLogHeader::new_with_raw_value(0); CMPLOG_MAP_W],
vals: AflppCmpLogVals {
operands: [[AflppCmpLogOperands {
v0: 0,
v0_128: 0,
v0_256_0: 0,
@ -463,55 +463,55 @@ pub use libafl_cmplog_map_extended as CMPLOG_MAP_EXTENDED;
#[derive(Debug, Clone)]
#[repr(C)]
/// Comparison map compatible with AFL++ cmplog instrumentation
pub struct AFLppCmpLogMap {
headers: [AFLppCmpLogHeader; CMPLOG_MAP_W],
vals: AFLppCmpLogVals,
pub struct AflppCmpLogMap {
headers: [AflppCmpLogHeader; CMPLOG_MAP_W],
vals: AflppCmpLogVals,
}
impl HasLen for AFLppCmpLogMap {
impl HasLen for AflppCmpLogMap {
fn len(&self) -> usize {
CMPLOG_MAP_W
}
}
impl AFLppCmpLogMap {
impl AflppCmpLogMap {
#[must_use]
#[expect(clippy::cast_ptr_alignment)]
/// Instantiate a new boxed zeroed `AFLppCmpLogMap`. This should be used to create a new
/// Instantiate a new boxed zeroed `AflppCmpLogMap`. This should be used to create a new
/// map, because it is so large it cannot be allocated on the stack with default
/// runtime configuration.
pub fn boxed() -> Box<Self> {
unsafe {
Box::from_raw(alloc_zeroed(Layout::new::<AFLppCmpLogMap>()) as *mut AFLppCmpLogMap)
Box::from_raw(alloc_zeroed(Layout::new::<AflppCmpLogMap>()) as *mut AflppCmpLogMap)
}
}
#[must_use]
/// Handle the headers for the map
pub fn headers(&self) -> &[AFLppCmpLogHeader] {
pub fn headers(&self) -> &[AflppCmpLogHeader] {
&self.headers
}
#[must_use]
/// Mutably reference the headers for the map
pub fn headers_mut(&mut self) -> &mut [AFLppCmpLogHeader] {
pub fn headers_mut(&mut self) -> &mut [AflppCmpLogHeader] {
&mut self.headers
}
#[must_use]
/// Handle the values for the map
pub fn values(&self) -> &AFLppCmpLogVals {
pub fn values(&self) -> &AflppCmpLogVals {
&self.vals
}
#[must_use]
/// Mutably reference the headers for the map
pub fn values_mut(&mut self) -> &mut AFLppCmpLogVals {
pub fn values_mut(&mut self) -> &mut AflppCmpLogVals {
&mut self.vals
}
}
impl Serialize for AFLppCmpLogMap {
impl Serialize for AflppCmpLogMap {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
@ -522,7 +522,7 @@ impl Serialize for AFLppCmpLogMap {
}
}
impl<'de> Deserialize<'de> for AFLppCmpLogMap {
impl<'de> Deserialize<'de> for AflppCmpLogMap {
#[expect(clippy::cast_ptr_alignment)]
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
@ -534,7 +534,7 @@ impl<'de> Deserialize<'de> for AFLppCmpLogMap {
}
}
impl CmpMap for AFLppCmpLogMap {
impl CmpMap for AflppCmpLogMap {
fn len(&self) -> usize {
CMPLOG_MAP_W
}
@ -601,7 +601,7 @@ impl CmpMap for AFLppCmpLogMap {
fn reset(&mut self) -> Result<(), Error> {
// For performance, we reset just the headers
self.headers.fill(AFLppCmpLogHeader::new_with_raw_value(0));
self.headers.fill(AflppCmpLogHeader::new_with_raw_value(0));
Ok(())
}

42
libafl_targets/src/cmps/observers/aflpp.rs
View File

@ -6,13 +6,13 @@ use libafl::{
executors::ExitKind,
observers::{
Observer,
cmp::{AFLppCmpValuesMetadata, CmpMap, CmpObserver, CmpValues},
cmp::{AflppCmpValuesMetadata, CmpMap, CmpObserver, CmpValues},
},
};
use libafl_bolts::{Named, ownedref::OwnedRefMut};
use serde::{Deserialize, Serialize};
use crate::cmps::AFLppCmpLogMap;
use crate::cmps::AflppCmpLogMap;
#[cfg(feature = "cmplog_extended_instrumentation")]
use crate::cmps::CMPLOG_ENABLED;
@ -64,16 +64,16 @@ struct cmp_map {
/// A [`CmpObserver`] observer for AFL++ redqueen
#[derive(Serialize, Deserialize, Debug)]
pub struct AFLppCmpLogObserver<'a> {
cmp_map: OwnedRefMut<'a, AFLppCmpLogMap>,
pub struct AflppCmpLogObserver<'a> {
cmp_map: OwnedRefMut<'a, AflppCmpLogMap>,
size: Option<OwnedRefMut<'a, usize>>,
name: Cow<'static, str>,
add_meta: bool,
original: bool,
}
impl CmpObserver for AFLppCmpLogObserver<'_> {
type Map = AFLppCmpLogMap;
impl CmpObserver for AflppCmpLogObserver<'_> {
type Map = AflppCmpLogMap;
/// Get the number of usable cmps (all by default)
fn usable_count(&self) -> usize {
@ -83,16 +83,16 @@ impl CmpObserver for AFLppCmpLogObserver<'_> {
}
}
fn cmp_map(&self) -> &AFLppCmpLogMap {
fn cmp_map(&self) -> &AflppCmpLogMap {
self.cmp_map.as_ref()
}
fn cmp_map_mut(&mut self) -> &mut AFLppCmpLogMap {
fn cmp_map_mut(&mut self) -> &mut AflppCmpLogMap {
self.cmp_map.as_mut()
}
}
impl<I, S> Observer<I, S> for AFLppCmpLogObserver<'_>
impl<I, S> Observer<I, S> for AflppCmpLogObserver<'_>
where
S: HasMetadata,
{
@ -123,18 +123,18 @@ where
}
}
impl Named for AFLppCmpLogObserver<'_> {
impl Named for AflppCmpLogObserver<'_> {
fn name(&self) -> &Cow<'static, str> {
&self.name
}
}
impl<'a> AFLppCmpLogObserver<'a> {
/// Creates a new [`AFLppCmpLogObserver`] with the given name and map.
impl<'a> AflppCmpLogObserver<'a> {
/// Creates a new [`AflppCmpLogObserver`] with the given name and map.
#[must_use]
pub fn new(
name: &'static str,
cmp_map: OwnedRefMut<'a, AFLppCmpLogMap>,
cmp_map: OwnedRefMut<'a, AflppCmpLogMap>,
add_meta: bool,
) -> Self {
Self {
@ -150,11 +150,11 @@ impl<'a> AFLppCmpLogObserver<'a> {
self.original = v;
}
/// Creates a new [`AFLppCmpLogObserver`] with the given name, map and reference to variable size.
/// Creates a new [`AflppCmpLogObserver`] with the given name, map and reference to variable size.
#[must_use]
pub fn with_size(
name: &'static str,
cmp_map: OwnedRefMut<'a, AFLppCmpLogMap>,
cmp_map: OwnedRefMut<'a, AflppCmpLogMap>,
add_meta: bool,
original: bool,
size: OwnedRefMut<'a, usize>,
@ -168,21 +168,21 @@ impl<'a> AFLppCmpLogObserver<'a> {
}
}
/// Add `AFLppCmpValuesMetadata` to the State including the logged values.
/// Add `AflppCmpValuesMetadata` to the State including the logged values.
/// This routine does a basic loop filtering because loop index cmps are not interesting.
fn add_cmpvalues_meta<S>(&mut self, state: &mut S)
where
S: HasMetadata,
{
#[expect(clippy::option_if_let_else)] // we can't mutate state in a closure
let meta = if let Some(meta) = state.metadata_map_mut().get_mut::<AFLppCmpValuesMetadata>()
let meta = if let Some(meta) = state.metadata_map_mut().get_mut::<AflppCmpValuesMetadata>()
{
meta
} else {
state.add_metadata(AFLppCmpValuesMetadata::new());
state.add_metadata(AflppCmpValuesMetadata::new());
state
.metadata_map_mut()
.get_mut::<AFLppCmpValuesMetadata>()
.get_mut::<AflppCmpValuesMetadata>()
.unwrap()
};
@ -205,9 +205,9 @@ impl<'a> AFLppCmpLogObserver<'a> {
/// Add the metadata
pub fn add_to_aflpp_cmp_metadata(
meta: &mut AFLppCmpValuesMetadata,
meta: &mut AflppCmpValuesMetadata,
usable_count: usize,
cmp_map: &mut AFLppCmpLogMap,
cmp_map: &mut AflppCmpLogMap,
original: bool,
) {
let count = usable_count;

20
libafl_targets/src/cmps/stages/aflpptracing.rs
View File

@ -15,26 +15,26 @@ use libafl_bolts::{
tuples::{Handle, MatchNameRef},
};
use crate::cmps::observers::AFLppCmpLogObserver;
use crate::cmps::observers::AflppCmpLogObserver;
/// Trace with tainted input
#[derive(Clone, Debug)]
pub struct AFLppCmplogTracingStage<'a, EM, TE, S, Z> {
pub struct AflppCmplogTracingStage<'a, EM, TE, S, Z> {
name: Cow<'static, str>,
tracer_executor: TE,
cmplog_observer_handle: Handle<AFLppCmpLogObserver<'a>>,
cmplog_observer_handle: Handle<AflppCmpLogObserver<'a>>,
phantom: PhantomData<(EM, TE, S, Z)>,
}
/// The name for aflpp tracing stage
pub static AFLPP_CMPLOG_TRACING_STAGE_NAME: &str = "aflpptracing";
impl<EM, TE, S, Z> Named for AFLppCmplogTracingStage<'_, EM, TE, S, Z> {
impl<EM, TE, S, Z> Named for AflppCmplogTracingStage<'_, EM, TE, S, Z> {
fn name(&self) -> &Cow<'static, str> {
&self.name
}
}
impl<E, EM, TE, S, Z> Stage<E, EM, S, Z> for AFLppCmplogTracingStage<'_, EM, TE, S, Z>
impl<E, EM, TE, S, Z> Stage<E, EM, S, Z> for AflppCmplogTracingStage<'_, EM, TE, S, Z>
where
TE: HasObservers + Executor<EM, BytesInput, S, Z>,
TE::Observers: MatchNameRef + ObserversTuple<BytesInput, S>,
@ -64,7 +64,7 @@ where
// Set it to false
ob.set_original(true);
}
// I can't think of any use of this stage if you don't use AFLppCmpLogObserver
// I can't think of any use of this stage if you don't use AflppCmpLogObserver
// but do nothing ofcourse
self.tracer_executor
@ -94,7 +94,7 @@ where
// Set it to false
ob.set_original(false);
}
// I can't think of any use of this stage if you don't use AFLppCmpLogObserver
// I can't think of any use of this stage if you don't use AflppCmpLogObserver
// but do nothing ofcourse
self.tracer_executor
@ -113,7 +113,7 @@ where
}
}
impl<EM, TE, S, Z> Restartable<S> for AFLppCmplogTracingStage<'_, EM, TE, S, Z>
impl<EM, TE, S, Z> Restartable<S> for AflppCmplogTracingStage<'_, EM, TE, S, Z>
where
S: HasMetadata + HasNamedMetadata + HasCurrentCorpusId,
{
@ -129,9 +129,9 @@ where
}
}
impl<'a, EM, TE, S, Z> AFLppCmplogTracingStage<'a, EM, TE, S, Z> {
impl<'a, EM, TE, S, Z> AflppCmplogTracingStage<'a, EM, TE, S, Z> {
/// With cmplog observer
pub fn new(tracer_executor: TE, observer_handle: Handle<AFLppCmpLogObserver<'a>>) -> Self {
pub fn new(tracer_executor: TE, observer_handle: Handle<AflppCmpLogObserver<'a>>) -> Self {
let observer_name = observer_handle.name().clone();
Self {
name: Cow::Owned(