fix negative stability bug (hopefully)

2025-06-14 11:08:06 +00:00 · 2020-04-26 18:42:42 +02:00
parent ea876e59a8
commit 4ffa5b0636
2 changed files with 6 additions and 3 deletions
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -13,6 +13,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
  - afl-fuzz:
     - AFL_MAP_SIZE was not working correctly
     - better python detection
+     - an old, old bug in afl that would show negative stability in rare
+       circumstances is now hopefully fixed
  - llvm_mode:
     - if LLVM 11 is installed the posix shm_open+mmap is used and a fixed
       address for the shared memory map is used as this increases the
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@ -193,6 +193,8 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem,
  if (q->exec_cksum) {

    memcpy(afl->first_trace, afl->fsrv.trace_bits, afl->fsrv.map_size);
+    u8 hnb = has_new_bits(afl, afl->virgin_bits);
+    if (hnb > new_bits) { new_bits = hnb; }

  }

@ -226,12 +228,11 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem,
    }

    cksum = hash32(afl->fsrv.trace_bits, afl->fsrv.map_size, HASH_CONST);
-
-    if (q->exec_cksum != cksum) {
-
    u8 hnb = has_new_bits(afl, afl->virgin_bits);
    if (hnb > new_bits) { new_bits = hnb; }

+    if (q->exec_cksum != cksum) {
+
      if (q->exec_cksum) {

        u32 i;