debug output

2025-06-14 11:08:06 +00:00 · 2023-02-15 09:32:32 +01:00
parent 80eabd6e8a
commit 668f5e1fa9
10 changed files with 37 additions and 7 deletions
--- a/custom_mutators/autotokens/Makefile
+++ b/custom_mutators/autotokens/Makefile
@ -13,10 +13,14 @@ endif

 all:	autotokens.so

-autotokens.so:	autotokens.cpp
+afl-fuzz-queue.o:	../../src/afl-fuzz-queue.c
 	$(CC) -D_STANDALONE_MODULE=1 -I../../include -g -O3 $(CPPFLAGS) -fPIC -c -o ./afl-fuzz-queue.o ../../src/afl-fuzz-queue.c
+
+afl-common.o:	../../src/afl-common.c
 	$(CC) -I../../include -g -O3 $(CPPFLAGS) -DBIN_PATH=\"dummy\" -Wno-pointer-sign -fPIC -c -o ./afl-common.o ../../src/afl-common.c
+
+autotokens.so:	afl-fuzz-queue.o afl-common.o autotokens.cpp
 	$(CXX) -Wno-deprecated -g -O3 $(CXXFLAGS) $(CPPFLAGS) -shared -fPIC -o autotokens.so -I../../include autotokens.cpp  ./afl-fuzz-queue.o ../../src/afl-performance.o ./afl-common.o

 clean:
-	rm -f autotokens.so *~ core
+	rm -f autotokens.so *.o *~ core
--- a/custom_mutators/autotokens/autotokens.cpp
+++ b/custom_mutators/autotokens/autotokens.cpp
@ -145,6 +145,9 @@ static void first_run(void *data) {

      if ((valid * 100) / afl_ptr->extras_cnt < 95) { module_disabled = 1; }

+      DEBUGF(stderr, "DICT: valid %u, total %u, %u < 95 == disable\n", valid,
+             afl_ptr->extras_cnt, (u32)((valid * 100) / afl_ptr->extras_cnt));
+
    } else {

      module_disabled = 1;
@ -190,6 +193,10 @@ static void first_run(void *data) {

  if ((is_ascii * 100) / valid < 70) { module_disabled = 1; }

+  DEBUGF(stderr, "seeds: total %u, valid %u, ascii %u, %u < 70 == disabled\n",
+         afl_ptr->active_items, valid, is_ascii,
+         (u32)((is_ascii * 100) / valid));
+
 }

 static u32 good_whitespace_or_singleval() {
@ -538,7 +545,15 @@ extern "C" unsigned char afl_custom_queue_get(void                *data,
    is_first_run = 0;
    first_run(data);

-    if (module_disabled) { WARNF("Autotokens custom module is disabled."); }
+    if (module_disabled) {
+
+      WARNF("Autotokens custom module is disabled.");
+
+    } else if (auto_disable) {
+
+      OKF("Autotokens custom module is enabled.");
+
+    }

  }

--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -6,6 +6,7 @@
 ### Version ++4.06a (dev)
  - afl-fuzz:
    - ensure temporary file descriptor is closed when not used
+    - added `AFL_NO_WARN_INSTABILITY`
  - afl-cc:
    - add CFI sanitizer variant to gcc targets
    - llvm 16 support (thanks to @devnexen!)
--- a/docs/env_variables.md
+++ b/docs/env_variables.md
@ -482,6 +482,8 @@ checks or alter some of the more exotic semantics of the tool:
  - Setting `AFL_NO_STARTUP_CALIBRATION` will skip the initial calibration
    of all starting seeds, and start fuzzing at once.

+  - Setting `AFL_NO_WARN_INSTABILITY` will suppress instability warnings.
+
  - In QEMU mode (-Q) and FRIDA mode (-O), `AFL_PATH` will be searched for
    afl-qemu-trace and afl-frida-trace.so.

--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@ -399,7 +399,7 @@ typedef struct afl_env_vars {
      afl_cycle_schedules, afl_expand_havoc, afl_statsd, afl_cmplog_only_new,
      afl_exit_on_seed_issues, afl_try_affinity, afl_ignore_problems,
      afl_keep_timeouts, afl_pizza_mode, afl_no_crash_readme,
-      afl_ignore_timeouts, afl_no_startup_calibration;
+      afl_ignore_timeouts, afl_no_startup_calibration, afl_no_warn_instability;

  u8 *afl_tmpdir, *afl_custom_mutator_library, *afl_python_module, *afl_path,
      *afl_hang_tmout, *afl_forksrv_init_tmout, *afl_preload,
--- a/include/envs.h
+++ b/include/envs.h
@ -172,6 +172,7 @@ static char *afl_environment_variables[] = {
    "AFL_NO_UI",
    "AFL_NO_PYTHON",
    "AFL_NO_STARTUP_CALIBRATION",
+    "AFL_NO_WARN_INSTABILITY",
    "AFL_UNTRACER_FILE",
    "AFL_LLVM_USE_TRACE_PC",
    "AFL_MAP_SIZE",
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@ -1120,7 +1120,7 @@ void perform_dry_run(afl_state_t *afl) {

    }

-    if (q->var_behavior) {
+    if (unlikely(q->var_behavior && !afl->afl_env.afl_no_warn_instability)) {

      WARNF("Instrumentation output varies across runs.");

--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@ -523,7 +523,7 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem,

        }

-        if (unlikely(!var_detected)) {
+        if (unlikely(!var_detected && !afl->afl_env.afl_no_warn_instability)) {

          // note: from_queue seems to only be set during initialization
          if (afl->afl_env.afl_no_ui || from_queue) {
--- a/src/afl-fuzz-state.c
+++ b/src/afl-fuzz-state.c
@ -204,6 +204,13 @@ void read_afl_environment(afl_state_t *afl, char **envp) {
            afl->afl_env.afl_no_affinity =
                get_afl_env(afl_environment_variables[i]) ? 1 : 0;

+          } else if (!strncmp(env, "AFL_NO_WARN_INSTABILITY",
+
+                              afl_environment_variable_len)) {
+
+            afl->afl_env.afl_no_warn_instability =
+                get_afl_env(afl_environment_variables[i]) ? 1 : 0;
+
          } else if (!strncmp(env, "AFL_TRY_AFFINITY",

                              afl_environment_variable_len)) {