more code format

2025-06-14 19:08:08 +00:00 · 2020-03-09 08:30:28 +01:00
parent 0581f6ec00
commit 36ce9c1fb9
13 changed files with 143 additions and 127 deletions
--- a/examples/custom_mutators/example.c
+++ b/examples/custom_mutators/example.c
@ -38,18 +38,17 @@ void afl_custom_init(unsigned int seed) {
 *     produce data larger than max_size.
 * @return Size of the mutated output.
 */
-size_t afl_custom_fuzz(uint8_t **buf, size_t buf_size,
+size_t afl_custom_fuzz(uint8_t **buf, size_t buf_size, uint8_t *add_buf,
-                       uint8_t *add_buf,size_t add_buf_size, // add_buf can be NULL
+                       size_t add_buf_size,  // add_buf can be NULL
                       size_t max_size) {
  // Make sure that the packet size does not exceed the maximum size expected by
  // the fuzzer
  size_t mutated_size = data_size <= max_size ? data_size : max_size;
-  if (mutated_size > buf_size)
+  if (mutated_size > buf_size) *buf = realloc(*buf, mutated_size);
    *buf = realloc(*buf, mutated_size);
-  uint8_t* mutated_out = *buf;
+  uint8_t *mutated_out = *buf;
  // Randomly select a command string to add as a header to the packet
  memcpy(mutated_out, commands[rand() % 3], 3);
@ -147,7 +146,7 @@ int afl_custom_init_trim(uint8_t *buf, size_t buf_size) {
 *     the memory after saving the test case.
 * @param[out] out_buf_size Pointer to the size of the trimmed test case
 */
-void afl_custom_trim(uint8_t **out_buf, size_t* out_buf_size) {
+void afl_custom_trim(uint8_t **out_buf, size_t *out_buf_size) {
  *out_buf_size = trim_buf_size - 1;
@ -172,8 +171,10 @@ void afl_custom_trim(uint8_t **out_buf, size_t* out_buf_size) {
 int afl_custom_post_trim(int success) {
  if (success) {
    ++cur_step;
    return cur_step;
  }
  return trimmming_steps;
@ -193,7 +194,8 @@ int afl_custom_post_trim(int success) {
 *     not produce data larger than max_size.
 * @return Size of the mutated output.
 */
-size_t afl_custom_havoc_mutation(uint8_t** buf, size_t buf_size, size_t max_size) {
+size_t afl_custom_havoc_mutation(uint8_t **buf, size_t buf_size,
                                 size_t max_size) {
  if (buf_size == 0) {
@ -233,7 +235,7 @@ uint8_t afl_custom_havoc_mutation_probability(void) {
 * @return Return True(1) if the fuzzer will fuzz the queue entry, and
 *     False(0) otherwise.
 */
-uint8_t afl_custom_queue_get(const uint8_t* filename) {
+uint8_t afl_custom_queue_get(const uint8_t *filename) {
  return 1;
@ -248,8 +250,8 @@ uint8_t afl_custom_queue_get(const uint8_t* filename) {
 * @param filename_new_queue File name of the new queue entry
 * @param filename_orig_queue File name of the original queue entry
 */
-void afl_custom_queue_new_entry(const uint8_t* filename_new_queue,
+void afl_custom_queue_new_entry(const uint8_t *filename_new_queue,
-                                const uint8_t* filename_orig_queue) {
+                                const uint8_t *filename_orig_queue) {
  /* Additional analysis on the original or new test case */
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@ -461,6 +461,7 @@ extern s32 cmplog_child_pid, cmplog_forksrv_pid;
 /* Custom mutators */
 struct custom_mutator {
  const char* name;
  void*       dh;
@ -485,8 +486,8 @@ struct custom_mutator {
   * @param[in] buf_size Size of the input/output data
   * @param[in] add_buf Buffer containing the additional test case
   * @param[in] add_buf_size Size of the additional test case
-   * @param[in] max_size Maximum size of the mutated output. The mutation must not
+   * @param[in] max_size Maximum size of the mutated output. The mutation must
-   *     produce data larger than max_size.
+   * not produce data larger than max_size.
   * @return Size of the mutated output.
   */
  size_t (*afl_custom_fuzz)(u8** buf, size_t buf_size, u8* add_buf,
@ -574,7 +575,8 @@ struct custom_mutator {
   *     not produce data larger than max_size.
   * @return Size of the mutated output.
   */
-  size_t (*afl_custom_havoc_mutation)(u8** buf, size_t buf_size, size_t max_size);
+  size_t (*afl_custom_havoc_mutation)(u8** buf, size_t buf_size,
                                      size_t max_size);
  /**
   * Return the probability (in percentage) that afl_custom_havoc_mutation
@ -609,6 +611,7 @@ struct custom_mutator {
   */
  void (*afl_custom_queue_new_entry)(const u8* filename_new_queue,
                                     const u8* filename_orig_queue);
 };
 extern struct custom_mutator* mutator;
--- a/include/envs.h
+++ b/include/envs.h
@ -1,11 +1,10 @@
 const char *afl_environment_variables[] = {
    "AFL_ALIGNED_ALLOC", "AFL_ALLOW_TMP", "AFL_ANALYZE_HEX", "AFL_AS",
-    "AFL_AUTORESUME",
+    "AFL_AUTORESUME", "AFL_AS_FORCE_INSTRUMENT", "AFL_BENCH_JUST_ONE",
-    "AFL_AS_FORCE_INSTRUMENT", "AFL_BENCH_JUST_ONE", "AFL_BENCH_UNTIL_CRASH",
+    "AFL_BENCH_UNTIL_CRASH", "AFL_CAL_FAST", "AFL_CC", "AFL_CMIN_ALLOW_ANY",
-    "AFL_CAL_FAST", "AFL_CC", "AFL_CMIN_ALLOW_ANY", "AFL_CMIN_CRASHES_ONLY",
+    "AFL_CMIN_CRASHES_ONLY", "AFL_CODE_END", "AFL_CODE_START",
-    "AFL_CODE_END", "AFL_CODE_START", "AFL_COMPCOV_BINNAME",
+    "AFL_COMPCOV_BINNAME", "AFL_COMPCOV_LEVEL", "AFL_CUSTOM_MUTATOR_LIBRARY",
    "AFL_COMPCOV_LEVEL", "AFL_CUSTOM_MUTATOR_LIBRARY",
    "AFL_CUSTOM_MUTATOR_ONLY", "AFL_CXX", "AFL_DEBUG", "AFL_DEBUG_CHILD_OUTPUT",
    //"AFL_DEFER_FORKSRV", // not implemented anymore, so warn additionally
    "AFL_DISABLE_TRIM", "AFL_DONT_OPTIMIZE", "AFL_DUMB_FORKSRV",
@ -19,21 +18,19 @@ const char *afl_environment_variables[] = {
    "AFL_LLVM_LAF_SPLIT_COMPARES_BITW", "AFL_LLVM_LAF_SPLIT_FLOATS",
    "AFL_LLVM_LAF_SPLIT_SWITCHES", "AFL_LLVM_LAF_TRANSFORM_COMPARES",
    "AFL_LLVM_NOT_ZERO", "AFL_LLVM_WHITELIST", "AFL_NO_AFFINITY",
-    "AFL_LLVM_LTO_STARTID", "AFL_LLVM_LTO_DONTWRITEID",
+    "AFL_LLVM_LTO_STARTID", "AFL_LLVM_LTO_DONTWRITEID", "AFL_NO_ARITH",
-    "AFL_NO_ARITH", "AFL_NO_BUILTIN", "AFL_NO_CPU_RED", "AFL_NO_FORKSRV",
+    "AFL_NO_BUILTIN", "AFL_NO_CPU_RED", "AFL_NO_FORKSRV", "AFL_NO_UI",
    "AFL_NO_UI",
    "AFL_NO_X86",  // not really an env but we dont want to warn on it
    "AFL_PATH", "AFL_PERFORMANCE_FILE",
    //"AFL_PERSISTENT", // not implemented anymore, so warn additionally
-    "AFL_POST_LIBRARY", "AFL_PRELOAD", "AFL_PYTHON_MODULE",
+    "AFL_POST_LIBRARY", "AFL_PRELOAD", "AFL_PYTHON_MODULE", "AFL_QEMU_COMPCOV",
-    "AFL_QEMU_COMPCOV", "AFL_QEMU_COMPCOV_DEBUG", "AFL_QEMU_DEBUG_MAPS",
+    "AFL_QEMU_COMPCOV_DEBUG", "AFL_QEMU_DEBUG_MAPS", "AFL_QEMU_DISABLE_CACHE",
-    "AFL_QEMU_DISABLE_CACHE", "AFL_QEMU_PERSISTENT_ADDR",
+    "AFL_QEMU_PERSISTENT_ADDR", "AFL_QEMU_PERSISTENT_CNT",
-    "AFL_QEMU_PERSISTENT_CNT", "AFL_QEMU_PERSISTENT_GPR",
+    "AFL_QEMU_PERSISTENT_GPR", "AFL_QEMU_PERSISTENT_HOOK",
-    "AFL_QEMU_PERSISTENT_HOOK", "AFL_QEMU_PERSISTENT_RET",
+    "AFL_QEMU_PERSISTENT_RET", "AFL_QEMU_PERSISTENT_RETADDR_OFFSET",
-    "AFL_QEMU_PERSISTENT_RETADDR_OFFSET", "AFL_QUIET",
+    "AFL_QUIET", "AFL_RANDOM_ALLOC_CANARY", "AFL_REAL_PATH",
-    "AFL_RANDOM_ALLOC_CANARY", "AFL_REAL_PATH", "AFL_SHUFFLE_QUEUE",
+    "AFL_SHUFFLE_QUEUE", "AFL_SKIP_BIN_CHECK", "AFL_SKIP_CPUFREQ",
-    "AFL_SKIP_BIN_CHECK", "AFL_SKIP_CPUFREQ", "AFL_SKIP_CRASHES",
+    "AFL_SKIP_CRASHES", "AFL_TMIN_EXACT", "AFL_TMPDIR", "AFL_TOKEN_FILE",
-    "AFL_TMIN_EXACT", "AFL_TMPDIR", "AFL_TOKEN_FILE", "AFL_TRACE_PC",
+    "AFL_TRACE_PC", "AFL_USE_ASAN", "AFL_USE_MSAN", "AFL_USE_TRACE_PC",
-    "AFL_USE_ASAN", "AFL_USE_MSAN", "AFL_USE_TRACE_PC", "AFL_USE_UBSAN",
+    "AFL_USE_UBSAN", "AFL_WINE_PATH", NULL};
    "AFL_WINE_PATH", NULL};
--- a/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
+++ b/qemu_mode/patches/afl-qemu-tcg-runtime-inl.h
@ -34,7 +34,7 @@
 #include "afl-qemu-common.h"
 #include "tcg.h"
-void HELPER(afl_entry_routine)(CPUArchState *env) {
+void HELPER(afl_entry_routine)(CPUArchState* env) {
  afl_forkserver(ENV_GET_CPU(env));
@ -171,7 +171,7 @@ static int area_is_mapped(void* ptr, size_t len) {
 }
-void HELPER(afl_cmplog_rtn)(CPUX86State *env) {
+void HELPER(afl_cmplog_rtn)(CPUX86State* env) {
 #if defined(TARGET_X86_64)
@ -182,7 +182,7 @@ void HELPER(afl_cmplog_rtn)(CPUX86State *env) {
  target_ulong* stack = g2h(env->regs[R_ESP]);
-  if (!area_is_mapped(stack, sizeof(target_ulong)*2)) return;
+  if (!area_is_mapped(stack, sizeof(target_ulong) * 2)) return;
  // when this hook is executed, the retaddr is not on stack yet
  void* ptr1 = g2h(stack[0]);
@ -217,3 +217,4 @@ void HELPER(afl_cmplog_rtn)(CPUX86State *env) {
                   ptr2, 32);
 }
--- a/src/afl-fuzz-globals.c
+++ b/src/afl-fuzz-globals.c
@ -256,7 +256,7 @@ u8 *cmplog_binary;
 s32 cmplog_child_pid, cmplog_forksrv_pid;
 /* Custom mutator */
-struct custom_mutator* mutator;
+struct custom_mutator *mutator;
 /* Interesting values, as per config.h */
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@ -1036,7 +1036,8 @@ static void handle_existing_out_dir(void) {
    fclose(f);
-    /* Autoresume treats a normal run as in_place_resume if a valid out dir already exists */
+    /* Autoresume treats a normal run as in_place_resume if a valid out dir
     * already exists */
    if (!in_place_resume && autoresume) {
--- a/src/afl-fuzz-mutators.c
+++ b/src/afl-fuzz-mutators.c
@ -36,6 +36,7 @@ void setup_custom_mutator(void) {
  u8* fn = getenv("AFL_CUSTOM_MUTATOR_LIBRARY");
  if (fn) {
    if (limit_time_sig)
      FATAL(
          "MOpt and custom mutator are mutually exclusive. We accept pull "
@ -45,6 +46,7 @@ void setup_custom_mutator(void) {
    load_custom_mutator(fn);
    return;
  }
  /* Try Python module */
@ -65,6 +67,7 @@ void setup_custom_mutator(void) {
    load_custom_mutator_py(module_name);
  }
 #else
  if (getenv("AFL_PYTHON_MODULE"))
    FATAL("Your AFL binary was built without Python support");
@ -75,16 +78,20 @@ void setup_custom_mutator(void) {
 void destroy_custom_mutator(void) {
  if (mutator) {
    if (mutator->dh)
      dlclose(mutator->dh);
    else {
      /* Python mutator */
 #ifdef USE_PYTHON
      finalize_py_module();
 #endif
    }
    ck_free(mutator);
  }
 }
@ -104,8 +111,7 @@ void load_custom_mutator(const char* fn) {
  /* Mutator */
  /* "afl_custom_init", optional for backward compatibility */
  mutator->afl_custom_init = dlsym(dh, "afl_custom_init");
-  if (!mutator->afl_custom_init)
+  if (!mutator->afl_custom_init) WARNF("Symbol 'afl_custom_init' not found.");
    WARNF("Symbol 'afl_custom_init' not found.");
  /* "afl_custom_fuzz" or "afl_custom_mutator", required */
  mutator->afl_custom_fuzz = dlsym(dh, "afl_custom_fuzz");
@ -133,8 +139,7 @@ void load_custom_mutator(const char* fn) {
  /* "afl_custom_trim", optional */
  mutator->afl_custom_trim = dlsym(dh, "afl_custom_trim");
-  if (!mutator->afl_custom_trim)
+  if (!mutator->afl_custom_trim) WARNF("Symbol 'afl_custom_trim' not found.");
    WARNF("Symbol 'afl_custom_trim' not found.");
  /* "afl_custom_post_trim", optional */
  mutator->afl_custom_post_trim = dlsym(dh, "afl_custom_post_trim");
@ -158,7 +163,8 @@ void load_custom_mutator(const char* fn) {
    WARNF("Symbol 'afl_custom_havoc_mutation' not found.");
  /* "afl_custom_havoc_mutation", optional */
-  mutator->afl_custom_havoc_mutation_probability = dlsym(dh, "afl_custom_havoc_mutation_probability");
+  mutator->afl_custom_havoc_mutation_probability =
      dlsym(dh, "afl_custom_havoc_mutation_probability");
  if (!mutator->afl_custom_havoc_mutation_probability)
    WARNF("Symbol 'afl_custom_havoc_mutation_probability' not found.");
@ -175,8 +181,7 @@ void load_custom_mutator(const char* fn) {
  OKF("Custom mutator '%s' installed successfully.", fn);
  /* Initialize the custom mutator */
-  if (mutator->afl_custom_init)
+  if (mutator->afl_custom_init) mutator->afl_custom_init(UR(0xFFFFFFFF));
    mutator->afl_custom_init(UR(0xFFFFFFFF));
 }
@ -309,8 +314,7 @@ void load_custom_mutator_py(const char* module_name) {
  mutator->name = module_name;
  ACTF("Loading Python mutator library from '%s'...", module_name);
-  if (py_functions[PY_FUNC_INIT])
+  if (py_functions[PY_FUNC_INIT]) mutator->afl_custom_init = init_py;
    mutator->afl_custom_init = init_py;
  /* "afl_custom_fuzz" should not be NULL, but the interface of Python mutator
     is quite different from the custom mutator. */
@ -325,14 +329,14 @@ void load_custom_mutator_py(const char* module_name) {
  if (py_functions[PY_FUNC_POST_TRIM])
    mutator->afl_custom_post_trim = post_trim_py;
-  if (py_functions[PY_FUNC_TRIM])
+  if (py_functions[PY_FUNC_TRIM]) mutator->afl_custom_trim = trim_py;
    mutator->afl_custom_trim = trim_py;
  if (py_functions[PY_FUNC_HAVOC_MUTATION])
    mutator->afl_custom_havoc_mutation = havoc_mutation_py;
  if (py_functions[PY_FUNC_HAVOC_MUTATION_PROBABILITY])
-    mutator->afl_custom_havoc_mutation_probability = havoc_mutation_probability_py;
+    mutator->afl_custom_havoc_mutation_probability =
        havoc_mutation_probability_py;
  if (py_functions[PY_FUNC_QUEUE_GET])
    mutator->afl_custom_queue_get = queue_get_py;
@ -343,8 +347,9 @@ void load_custom_mutator_py(const char* module_name) {
  OKF("Python mutator '%s' installed successfully.", module_name);
  /* Initialize the custom mutator */
-  if (mutator->afl_custom_init)
+  if (mutator->afl_custom_init) mutator->afl_custom_init(UR(0xFFFFFFFF));
    mutator->afl_custom_init(UR(0xFFFFFFFF));
 }
 #endif
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@ -359,8 +359,7 @@ u8 fuzz_one_original(char** argv) {
    /* The custom mutator will decide to skip this test case or not. */
-    if (!mutator->afl_custom_queue_get(queue_cur->fname))
+    if (!mutator->afl_custom_queue_get(queue_cur->fname)) return 1;
      return 1;
  }
@ -1598,9 +1597,8 @@ custom_mutator_stage:
    ck_read(fd, new_buf, target->len, target->fname);
    close(fd);
-    size_t mutated_size = mutator->afl_custom_fuzz(&out_buf, len,
+    size_t mutated_size = mutator->afl_custom_fuzz(&out_buf, len, new_buf,
-                                                   new_buf, target->len,
+                                                   target->len, max_seed_size);
                                                   max_seed_size);
    ck_free(new_buf);
@ -1694,7 +1692,9 @@ havoc_stage:
    stacked_custom_prob = mutator->afl_custom_havoc_mutation_probability();
    if (stacked_custom_prob > 100)
-      FATAL("The probability returned by afl_custom_havoc_mutation_propability has to be in the range 0-100.");
+      FATAL(
          "The probability returned by afl_custom_havoc_mutation_propability "
          "has to be in the range 0-100.");
  }
@ -1711,8 +1711,8 @@ havoc_stage:
      if (stacked_custom && UR(100) < stacked_custom_prob) {
-        temp_len = mutator->afl_custom_havoc_mutation(&out_buf, temp_len,
+        temp_len =
-                                                      MAX_FILE);
+            mutator->afl_custom_havoc_mutation(&out_buf, temp_len, MAX_FILE);
      }
--- a/src/afl-fuzz-python.c
+++ b/src/afl-fuzz-python.c
@ -80,6 +80,7 @@ int init_py_module(u8* module_name) {
          py_notrim = 1;
        } else if ((py_idx >= PY_FUNC_HAVOC_MUTATION) &&
                   (py_idx <= PY_FUNC_QUEUE_NEW_ENTRY)) {
          // Implenting the havoc and queue API is optional for now
@ -140,6 +141,7 @@ void finalize_py_module() {
 }
 void init_py(unsigned int seed) {
  PyObject *py_args, *py_value;
  /* Provide the init function a seed for the Python RNG */
@ -171,6 +173,7 @@ void init_py(unsigned int seed) {
    return;
  }
 }
 size_t fuzz_py(u8** buf, size_t buf_size, u8* add_buf, size_t add_buf_size,
@ -224,8 +227,7 @@ size_t fuzz_py(u8** buf, size_t buf_size, u8* add_buf, size_t add_buf_size,
  if (py_value != NULL) {
    mutated_size = PyByteArray_Size(py_value);
-    if (buf_size < mutated_size)
+    if (buf_size < mutated_size) *buf = ck_realloc(*buf, mutated_size);
      *buf = ck_realloc(*buf, mutated_size);
    memcpy(*buf, PyByteArray_AsString(py_value), mutated_size);
    Py_DECREF(py_value);
@ -414,8 +416,7 @@ size_t havoc_mutation_py(u8** buf, size_t buf_size, size_t max_size) {
  if (py_value != NULL) {
    mutated_size = PyByteArray_Size(py_value);
-    if (buf_size < mutated_size)
+    if (buf_size < mutated_size) *buf = ck_realloc(*buf, mutated_size);
      *buf = ck_realloc(*buf, mutated_size);
    memcpy(*buf, PyByteArray_AsString(py_value), mutated_size);
@ -436,7 +437,8 @@ u8 havoc_mutation_probability_py(void) {
  PyObject *py_args, *py_value;
  py_args = PyTuple_New(0);
-  py_value = PyObject_CallObject(py_functions[PY_FUNC_HAVOC_MUTATION_PROBABILITY], py_args);
+  py_value = PyObject_CallObject(
      py_functions[PY_FUNC_HAVOC_MUTATION_PROBABILITY], py_args);
  Py_DECREF(py_args);
  if (py_value != NULL) {
@ -491,7 +493,7 @@ u8 queue_get_py(const u8* filename) {
    }
-    return (u8) ret & 0xFF;
+    return (u8)ret & 0xFF;
  } else {
@ -545,8 +547,8 @@ void queue_new_entry_py(const u8* filename_new_queue,
  PyTuple_SetItem(py_args, 1, py_value);
  // Call
-  py_value = PyObject_CallObject(py_functions[PY_FUNC_QUEUE_NEW_ENTRY],
+  py_value =
-                                 py_args);
+      PyObject_CallObject(py_functions[PY_FUNC_QUEUE_NEW_ENTRY], py_args);
  Py_DECREF(py_args);
  if (py_value == NULL) {
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@ -662,7 +662,7 @@ void sync_fuzzers(char** argv) {
    ck_write(id_fd, &next_min_accept, sizeof(u32), qd_synced_path);
-close_sync:
+  close_sync:
    close(id_fd);
    closedir(qd);
    ck_free(qd_path);
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@ -119,7 +119,8 @@ static void usage(u8* argv0, int more_help) {
      "                  if using QEMU, just use -c 0.\n\n"
      "Fuzzing behavior settings:\n"
-      "  -N            - do not unlink the fuzzing input file (only for devices etc.!)\n"
+      "  -N            - do not unlink the fuzzing input file (only for "
      "devices etc.!)\n"
      "  -d            - quick & dirty mode (skips deterministic steps)\n"
      "  -n            - fuzz without instrumentation (dumb mode)\n"
      "  -x dir        - optional fuzzer dictionary (see README.md, its really "
@ -752,8 +753,7 @@ int main(int argc, char** argv, char** envp) {
  if (get_afl_env("AFL_AUTORESUME")) {
    autoresume = 1;
-    if (in_place_resume)
+    if (in_place_resume) SAYF("AFL_AUTORESUME has no effect for '-i -'");
      SAYF("AFL_AUTORESUME has no effect for '-i -'");
  }
--- a/src/afl-showmap.c
+++ b/src/afl-showmap.c
@ -731,8 +731,7 @@ int main(int argc, char** argv, char** envp) {
  doc_path = access(DOC_PATH, F_OK) ? "docs" : DOC_PATH;
-  if (getenv("AFL_QUIET") != NULL)
+  if (getenv("AFL_QUIET") != NULL) be_quiet = 1;
    be_quiet = 1;
  while ((opt = getopt(argc, argv, "+i:o:f:m:t:A:eqZQUWbcrh")) > 0)
--- a/src/afl-tmin.c
+++ b/src/afl-tmin.c
@ -99,7 +99,6 @@ static volatile u8 stop_soon;          /* Ctrl-C pressed?                   */
 static u8 qemu_mode;
 /*
 * forkserver section
 */
@ -826,7 +825,8 @@ finalize_all:
         "%0.02f%% (to %u byte%s)\n" cGRA "    Characters simplified : " cRST
         "%0.02f%%\n" cGRA "     Number of execs done : " cRST "%u\n" cGRA
         "          Fruitless execs : " cRST "termination=%u crash=%u\n\n",
-           100 - ((double)in_len) * 100 / orig_len, in_len, in_len == 1 ? "" : "s",
+         100 - ((double)in_len) * 100 / orig_len, in_len,
         in_len == 1 ? "" : "s",
         ((double)(alpha_d_total)) * 100 / (in_len ? in_len : 1), total_execs,
         missed_paths, missed_crashes);
    return;
@ -1146,7 +1146,8 @@ int main(int argc, char** argv, char** envp) {
      case 'e':
        if (edges_only) FATAL("Multiple -e options not supported");
-        if (hang_mode) FATAL("Edges only and hang mode are mutually exclusive.");
+        if (hang_mode)
          FATAL("Edges only and hang mode are mutually exclusive.");
        edges_only = 1;
        break;
@ -1237,7 +1238,8 @@ int main(int argc, char** argv, char** envp) {
        /* Minimizes a testcase to the minimum that still times out */
        if (hang_mode) FATAL("Multipe -H options not supported");
-        if (edges_only) FATAL("Edges only and hang mode are mutually exclusive.");
+        if (edges_only)
          FATAL("Edges only and hang mode are mutually exclusive.");
        hang_mode = 1;
        break;
@ -1314,11 +1316,15 @@ int main(int argc, char** argv, char** envp) {
  run_target(use_argv, in_data, in_len, 1);
  if (hang_mode && !child_timed_out)
-    FATAL("Target binary did not time out but hang minimization mode "
+    FATAL(
-          "(-H) was set (-t %u).", exec_tmout);
+        "Target binary did not time out but hang minimization mode "
        "(-H) was set (-t %u).",
        exec_tmout);
  if (child_timed_out && !hang_mode)
-    FATAL("Target binary times out (adjusting -t may help). Use -H to minimize a hang.");
+    FATAL(
        "Target binary times out (adjusting -t may help). Use -H to minimize a "
        "hang.");
  if (hang_mode) {