little more speed for queue analysis

2025-06-14 02:58:08 +00:00 · 2020-04-17 14:08:40 +02:00
parent ef1d384184
commit 6ee11c2a6f
5 changed files with 10 additions and 8 deletions
--- a/README.md
+++ b/README.md
@ -4,9 +4,9 @@

  ![Travis State](https://api.travis-ci.com/AFLplusplus/AFLplusplus.svg?branch=master)

-  Release Version: [2.63c](https://github.com/AFLplusplus/AFLplusplus/releases)
+  Release Version: [2.64c](https://github.com/AFLplusplus/AFLplusplus/releases)

-  Github Version: 2.63d
+  Github Version: 2.64d

  includes all necessary/interesting changes from Google's afl 2.56b

--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@ -608,9 +608,10 @@ typedef struct afl_state {
  u8 *   ex_buf;
  size_t ex_size;

+  /* this is a fixed buffer of size map_size that can be used by any function if they do not call another function */
  u8 *   map_tmp_buf;
-  size_t map_tmp_size;
-
+  size_t map_tmp_len;
+  
 } afl_state_t;

 /* A global pointer to all instances is needed (for now) for signals to arrive
--- a/include/config.h
+++ b/include/config.h
@ -28,7 +28,7 @@
 /* Version string: */

 // c = release, d = volatile github dev, e = experimental branch
-#define VERSION "++2.63d"
+#define VERSION "++2.64c"

 /******************************************************
 *                                                    *
--- a/src/afl-fuzz-queue.c
+++ b/src/afl-fuzz-queue.c
@ -271,12 +271,10 @@ void cull_queue(afl_state_t *afl) {
  struct queue_entry *q;
  u32                 len = (afl->fsrv.map_size >> 3);
  u32                 i;
-  u8 *                temp_v;
+  u8 *                temp_v = afl->map_tmp_buf;

  if (afl->dumb_mode || !afl->score_changed) return;

-  temp_v = ck_maybe_grow((void **)&afl->map_tmp_buf, &afl->map_tmp_size, afl->fsrv.map_size >> 3);
-
  afl->score_changed = 0;

  memset(temp_v, 255, len);
--- a/src/afl-fuzz-state.c
+++ b/src/afl-fuzz-state.c
@ -107,6 +107,8 @@ void afl_state_init(afl_state_t *afl, uint32_t map_size) {
  afl->clean_trace = ck_alloc(map_size);
  afl->clean_trace_custom = ck_alloc(map_size);
  afl->first_trace = ck_alloc(map_size);
+  afl->map_tmp_buf = ck_alloc(map_size);
+  afl->map_tmp_len = map_size;

  afl->fsrv.use_stdin = 1;
  afl->fsrv.map_size = map_size;
@ -389,6 +391,7 @@ void afl_state_deinit(afl_state_t *afl) {
  ck_free(afl->clean_trace);
  ck_free(afl->clean_trace_custom);
  ck_free(afl->first_trace);
+  ck_free(afl->map_tmp_buf);

  list_remove(&afl_states, afl);