mopt: uppercase constants

2025-06-18 12:48:06 +00:00 · 2025-04-05 13:52:49 +02:00
parent 5a56790dfc
commit 81bbb90454
4 changed files with 77 additions and 77 deletions
--- a/include/afl-fuzz.h
+++ b/include/afl-fuzz.h
@ -317,14 +317,13 @@ enum {

 };

-#define operator_num 19
-#define swarm_num 5
-#define period_core 500000
+#define OPERATOR_NUM 19
+#define SWARM_NUM 5
+#define PERIOD_CORE 500000

 #define RAND_C (rand() % 1000 * 0.001)
-#define v_max 1
-#define v_min 0.05
-#define limit_time_bound 1.1
+#define V_MAX 1
+#define V_MIN 0.05
 #define SPLICE_CYCLES_puppet_up 25
 #define SPLICE_CYCLES_puppet_low 5
 #define STAGE_RANDOMBYTE 12
@ -334,7 +333,7 @@ enum {
 #define STAGE_OverWriteExtra 16
 #define STAGE_InsertExtra 17
 #define STAGE_Splice 18
-#define period_pilot 50000
+#define PERIOD_PILOT 50000

 enum {

@ -518,23 +517,23 @@ typedef struct afl_state {
  u64 tmp_core_time;
  s32 swarm_now;

-  double x_now[swarm_num][operator_num], L_best[swarm_num][operator_num],
-      eff_best[swarm_num][operator_num], G_best[operator_num],
-      v_now[swarm_num][operator_num], probability_now[swarm_num][operator_num],
-      swarm_fitness[swarm_num];
+  double x_now[SWARM_NUM][OPERATOR_NUM], L_best[SWARM_NUM][OPERATOR_NUM],
+      eff_best[SWARM_NUM][OPERATOR_NUM], G_best[OPERATOR_NUM],
+      v_now[SWARM_NUM][OPERATOR_NUM], probability_now[SWARM_NUM][OPERATOR_NUM],
+      swarm_fitness[SWARM_NUM];

-  u64 stage_finds_puppet[swarm_num][operator_num], /* Patterns found per
+  u64 stage_finds_puppet[SWARM_NUM][OPERATOR_NUM], /* Patterns found per
                                                            fuzz stage    */
-      stage_finds_puppet_v2[swarm_num][operator_num],
-      stage_cycles_puppet_v2[swarm_num][operator_num],
-      stage_cycles_puppet_v3[swarm_num][operator_num],
-      stage_cycles_puppet[swarm_num][operator_num],
-      operator_finds_puppet[operator_num],
-      core_operator_finds_puppet[operator_num],
-      core_operator_finds_puppet_v2[operator_num],
-      core_operator_cycles_puppet[operator_num],
-      core_operator_cycles_puppet_v2[operator_num],
-      core_operator_cycles_puppet_v3[operator_num]; /* Execs per fuzz stage */
+      stage_finds_puppet_v2[SWARM_NUM][OPERATOR_NUM],
+      stage_cycles_puppet_v2[SWARM_NUM][OPERATOR_NUM],
+      stage_cycles_puppet_v3[SWARM_NUM][OPERATOR_NUM],
+      stage_cycles_puppet[SWARM_NUM][OPERATOR_NUM],
+      operator_finds_puppet[OPERATOR_NUM],
+      core_operator_finds_puppet[OPERATOR_NUM],
+      core_operator_finds_puppet_v2[OPERATOR_NUM],
+      core_operator_cycles_puppet[OPERATOR_NUM],
+      core_operator_cycles_puppet_v2[OPERATOR_NUM],
+      core_operator_cycles_puppet_v3[OPERATOR_NUM]; /* Execs per fuzz stage */

  double period_pilot_tmp;
  s32    key_lv;
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@ -33,19 +33,16 @@

 static int select_algorithm(afl_state_t *afl, u32 max_algorithm) {

-  int i_puppet, j_puppet = 0, operator_number = max_algorithm;
+  int i_puppet = 0, j_puppet = 0, OPERATOR_NUMber = max_algorithm;

  double range_sele =
-      (double)afl->probability_now[afl->swarm_now][operator_number - 1];
-  double sele = ((double)(rand_below(afl, 10000) * 0.0001 * range_sele));
+      (double)afl->probability_now[afl->swarm_now][OPERATOR_NUMber - 1];
+  double sele =
+      ((double)((double)rand_below(afl, 10000) * 0.0001 * range_sele));

-  for (i_puppet = 0; i_puppet < operator_num; ++i_puppet) {
+  if (likely(sele >= afl->probability_now[afl->swarm_now][0])) {

-    if (unlikely(i_puppet == 0)) {
-
-      if (sele < afl->probability_now[afl->swarm_now][i_puppet]) { break; }
-
-    } else {
+    for (i_puppet = 1; i_puppet < OPERATOR_NUM; ++i_puppet) {

      if (sele < afl->probability_now[afl->swarm_now][i_puppet]) {

@ -58,10 +55,10 @@ static int select_algorithm(afl_state_t *afl, u32 max_algorithm) {

  }

-  if ((j_puppet == 1 &&
+  if (unlikely((j_puppet == 1 &&
                sele < afl->probability_now[afl->swarm_now][i_puppet - 1]) ||
-      (i_puppet + 1 < operator_num &&
-       sele > afl->probability_now[afl->swarm_now][i_puppet + 1])) {
+               (i_puppet + 1 < OPERATOR_NUM &&
+                sele > afl->probability_now[afl->swarm_now][i_puppet + 1]))) {

    FATAL("error select_algorithm");

@ -3466,7 +3463,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

  if (!MOpt_globals.is_pilot_mode) {

-    if (swarm_num == 1) {
+    if (SWARM_NUM == 1) {

      afl->key_module = 2;
      return 0;
@ -3685,7 +3682,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

  s32 temp_len_puppet;

-  // for (; afl->swarm_now < swarm_num; ++afl->swarm_now)
+  // for (; afl->swarm_now < SWARM_NUM; ++afl->swarm_now)
  {

    if (unlikely(afl->orig_hit_cnt_puppet == 0)) {
@ -3757,7 +3754,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

        afl->stage_cur_val = use_stacking;

-        for (i = 0; i < operator_num; ++i) {
+        for (i = 0; i < OPERATOR_NUM; ++i) {

          MOpt_globals.cycles_v3[i] = MOpt_globals.cycles_v2[i];

@ -4427,7 +4424,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

          if (MOpt_globals.is_pilot_mode) {

-            for (i = 0; i < operator_num; ++i) {
+            for (i = 0; i < OPERATOR_NUM; ++i) {

              if (MOpt_globals.cycles_v2[i] > MOpt_globals.cycles_v3[i]) {

@ -4439,7 +4436,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

          } else {

-            for (i = 0; i < operator_num; i++) {
+            for (i = 0; i < OPERATOR_NUM; i++) {

              if (afl->core_operator_cycles_puppet_v2[i] >
                  afl->core_operator_cycles_puppet_v3[i])
@ -4616,7 +4613,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {
        }

        afl->temp_puppet_find = afl->total_puppet_find;
-        for (i = 0; i < operator_num; ++i) {
+        for (i = 0; i < OPERATOR_NUM; ++i) {

          if (MOpt_globals.is_pilot_mode) {

@ -4642,15 +4639,15 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {
          MOpt_globals.finds[i] = MOpt_globals.finds_v2[i];
          MOpt_globals.cycles[i] = MOpt_globals.cycles_v2[i];

-        }                                    /* for i = 0; i < operator_num */
+        }                                    /* for i = 0; i < OPERATOR_NUM */

        if (MOpt_globals.is_pilot_mode) {

          afl->swarm_now = afl->swarm_now + 1;
-          if (afl->swarm_now == swarm_num) {
+          if (afl->swarm_now == SWARM_NUM) {

            afl->key_module = 1;
-            for (i = 0; i < operator_num; ++i) {
+            for (i = 0; i < OPERATOR_NUM; ++i) {

              afl->core_operator_cycles_puppet_v2[i] =
                  afl->core_operator_cycles_puppet[i];
@ -4663,7 +4660,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

            double swarm_eff = 0.0;
            afl->swarm_now = 0;
-            for (i = 0; i < swarm_num; ++i) {
+            for (i = 0; i < SWARM_NUM; ++i) {

              if (afl->swarm_fitness[i] > swarm_eff) {

@ -4674,13 +4671,13 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

            }

-            if (afl->swarm_now < 0 || afl->swarm_now > swarm_num - 1) {
+            if (afl->swarm_now < 0 || afl->swarm_now > SWARM_NUM - 1) {

              PFATAL("swarm_now error number  %d", afl->swarm_now);

            }

-          }                               /* if afl->swarm_now == swarm_num */
+          }                               /* if afl->swarm_now == SWARM_NUM */

          /* adjust pointers dependent on 'afl->swarm_now' */
          afl->mopt_globals_pilot.finds =
@ -4696,7 +4693,7 @@ static u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {

        } else {

-          for (i = 0; i < operator_num; i++) {
+          for (i = 0; i < OPERATOR_NUM; i++) {

            afl->core_operator_finds_puppet[i] =
                afl->core_operator_finds_puppet_v2[i];
@ -4739,17 +4736,17 @@ u8 pilot_fuzzing(afl_state_t *afl) {
 void pso_updating(afl_state_t *afl) {

  afl->g_now++;
-  if (afl->g_now > afl->g_max) { afl->g_now = 0; }
+  if (unlikely(afl->g_now > afl->g_max)) { afl->g_now = 0; }
  afl->w_now =
      (afl->w_init - afl->w_end) * (afl->g_max - afl->g_now) / (afl->g_max) +
      afl->w_end;
  int tmp_swarm, i, j;
  u64 temp_operator_finds_puppet = 0;
-  for (i = 0; i < operator_num; ++i) {
+  for (i = 0; i < OPERATOR_NUM; ++i) {

    afl->operator_finds_puppet[i] = afl->core_operator_finds_puppet[i];

-    for (j = 0; j < swarm_num; ++j) {
+    for (j = 0; j < SWARM_NUM; ++j) {

      afl->operator_finds_puppet[i] =
          afl->operator_finds_puppet[i] + afl->stage_finds_puppet[j][i];
@ -4761,7 +4758,7 @@ void pso_updating(afl_state_t *afl) {

  }

-  for (i = 0; i < operator_num; ++i) {
+  for (i = 0; i < OPERATOR_NUM; ++i) {

    if (afl->operator_finds_puppet[i]) {

@ -4772,10 +4769,10 @@ void pso_updating(afl_state_t *afl) {

  }

-  for (tmp_swarm = 0; tmp_swarm < swarm_num; ++tmp_swarm) {
+  for (tmp_swarm = 0; tmp_swarm < SWARM_NUM; ++tmp_swarm) {

    double x_temp = 0.0;
-    for (i = 0; i < operator_num; ++i) {
+    for (i = 0; i < OPERATOR_NUM; ++i) {

      afl->probability_now[tmp_swarm][i] = 0.0;
      afl->v_now[tmp_swarm][i] =
@ -4783,13 +4780,13 @@ void pso_updating(afl_state_t *afl) {
          RAND_C * (afl->L_best[tmp_swarm][i] - afl->x_now[tmp_swarm][i]) +
          RAND_C * (afl->G_best[i] - afl->x_now[tmp_swarm][i]);
      afl->x_now[tmp_swarm][i] += afl->v_now[tmp_swarm][i];
-      if (afl->x_now[tmp_swarm][i] > v_max) {
+      if (afl->x_now[tmp_swarm][i] > V_MAX) {

-        afl->x_now[tmp_swarm][i] = v_max;
+        afl->x_now[tmp_swarm][i] = V_MAX;

-      } else if (afl->x_now[tmp_swarm][i] < v_min) {
+      } else if (afl->x_now[tmp_swarm][i] < V_MIN) {

-        afl->x_now[tmp_swarm][i] = v_min;
+        afl->x_now[tmp_swarm][i] = V_MIN;

      }

@ -4797,7 +4794,7 @@ void pso_updating(afl_state_t *afl) {

    }

-    for (i = 0; i < operator_num; ++i) {
+    for (i = 0; i < OPERATOR_NUM; ++i) {

      afl->x_now[tmp_swarm][i] = afl->x_now[tmp_swarm][i] / x_temp;
      if (likely(i != 0)) {
@ -4813,8 +4810,8 @@ void pso_updating(afl_state_t *afl) {

    }

-    if (afl->probability_now[tmp_swarm][operator_num - 1] < 0.99 ||
-        afl->probability_now[tmp_swarm][operator_num - 1] > 1.01) {
+    if (afl->probability_now[tmp_swarm][OPERATOR_NUM - 1] < 0.99 ||
+        afl->probability_now[tmp_swarm][OPERATOR_NUM - 1] > 1.01) {

      FATAL("ERROR probability");

@ -4858,9 +4855,13 @@ u8 fuzz_one(afl_state_t *afl) {
       limit_time_sig  < 0 both are run
  */

-  if (afl->limit_time_sig <= 0) { key_val_lv_1 = fuzz_one_original(afl); }
+  if (likely(afl->limit_time_sig <= 0)) {

-  if (afl->limit_time_sig != 0) {
+    key_val_lv_1 = fuzz_one_original(afl);
+
+  }
+
+  if (unlikely(afl->limit_time_sig >= 0)) {

    if (afl->key_module == 0) {

--- a/src/afl-fuzz-state.c
+++ b/src/afl-fuzz-state.c
@ -44,7 +44,7 @@ static void init_mopt_globals(afl_state_t *afl) {
  core->cycles_v3 = afl->core_operator_cycles_puppet_v3;
  core->is_pilot_mode = 0;
  core->pTime = &afl->tmp_core_time;
-  core->period = period_core;
+  core->period = PERIOD_CORE;
  core->havoc_stagename = "MOpt-core-havoc";
  core->splice_stageformat = "MOpt-core-splice %u";
  core->havoc_stagenameshort = "MOpt_core_havoc";
@ -58,7 +58,7 @@ static void init_mopt_globals(afl_state_t *afl) {
  pilot->cycles_v3 = afl->stage_cycles_puppet_v3[0];
  pilot->is_pilot_mode = 1;
  pilot->pTime = &afl->tmp_pilot_time;
-  pilot->period = period_pilot;
+  pilot->period = PERIOD_PILOT;
  pilot->havoc_stagename = "MOpt-havoc";
  pilot->splice_stageformat = "MOpt-splice %u";
  pilot->havoc_stagenameshort = "MOpt_havoc";
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@ -1319,12 +1319,12 @@ int main(int argc, char **argv_orig, char **envp) {
                         (afl->g_max) +
                     afl->w_end;

-        for (tmp_swarm = 0; tmp_swarm < swarm_num; ++tmp_swarm) {
+        for (tmp_swarm = 0; tmp_swarm < SWARM_NUM; ++tmp_swarm) {

          double total_puppet_temp = 0.0;
          afl->swarm_fitness[tmp_swarm] = 0.0;

-          for (j = 0; j < operator_num; ++j) {
+          for (j = 0; j < OPERATOR_NUM; ++j) {

            afl->stage_finds_puppet[tmp_swarm][j] = 0;
            afl->probability_now[tmp_swarm][j] = 0.0;
@ -1338,7 +1338,7 @@ int main(int argc, char **argv_orig, char **envp) {

          }

-          for (j = 0; j < operator_num; ++j) {
+          for (j = 0; j < OPERATOR_NUM; ++j) {

            afl->stage_cycles_puppet_v2[tmp_swarm][j] =
                afl->stage_cycles_puppet[tmp_swarm][j];
@ -1351,7 +1351,7 @@ int main(int argc, char **argv_orig, char **envp) {

          double x_temp = 0.0;

-          for (j = 0; j < operator_num; ++j) {
+          for (j = 0; j < OPERATOR_NUM; ++j) {

            afl->probability_now[tmp_swarm][j] = 0.0;
            afl->v_now[tmp_swarm][j] =
@ -1362,13 +1362,13 @@ int main(int argc, char **argv_orig, char **envp) {

            afl->x_now[tmp_swarm][j] += afl->v_now[tmp_swarm][j];

-            if (afl->x_now[tmp_swarm][j] > v_max) {
+            if (afl->x_now[tmp_swarm][j] > V_MAX) {

-              afl->x_now[tmp_swarm][j] = v_max;
+              afl->x_now[tmp_swarm][j] = V_MAX;

-            } else if (afl->x_now[tmp_swarm][j] < v_min) {
+            } else if (afl->x_now[tmp_swarm][j] < V_MIN) {

-              afl->x_now[tmp_swarm][j] = v_min;
+              afl->x_now[tmp_swarm][j] = V_MIN;

            }

@ -1376,7 +1376,7 @@ int main(int argc, char **argv_orig, char **envp) {

          }

-          for (j = 0; j < operator_num; ++j) {
+          for (j = 0; j < OPERATOR_NUM; ++j) {

            afl->x_now[tmp_swarm][j] = afl->x_now[tmp_swarm][j] / x_temp;
            if (likely(j != 0)) {
@ -1393,8 +1393,8 @@ int main(int argc, char **argv_orig, char **envp) {

          }

-          if (afl->probability_now[tmp_swarm][operator_num - 1] < 0.99 ||
-              afl->probability_now[tmp_swarm][operator_num - 1] > 1.01) {
+          if (afl->probability_now[tmp_swarm][OPERATOR_NUM - 1] < 0.99 ||
+              afl->probability_now[tmp_swarm][OPERATOR_NUM - 1] > 1.01) {

            FATAL("ERROR probability");

@ -1402,7 +1402,7 @@ int main(int argc, char **argv_orig, char **envp) {

        }

-        for (j = 0; j < operator_num; ++j) {
+        for (j = 0; j < OPERATOR_NUM; ++j) {

          afl->core_operator_finds_puppet[j] = 0;
          afl->core_operator_finds_puppet_v2[j] = 0;