ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-11 09:41:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

update how AFL_EXIT_WHEN_DONE and colors of cycles done are working

Browse Source
This commit is contained in:
vanhauser-thc 2024-10-14 09:45:59 +02:00
parent c0837409bd
commit b3d16f7b8c
2 changed files with 8 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/env_variables.md
View File

@ -424,9 +424,8 @@ checks or alter some of the more exotic semantics of the tool:
types of automated jobs.
- `AFL_EXIT_WHEN_DONE` causes afl-fuzz to terminate when all existing paths
have been fuzzed and there were no new finds for a while. This would be
normally indicated by the cycle counter in the UI turning green. May be
convenient for some types of automated jobs.
have been fuzzed and there were no new finds for a while. This is basically
when the fuzzing state says `state: finished`
- Setting `AFL_EXPAND_HAVOC_NOW` will start in the extended havoc mode that
includes costly mutations. afl-fuzz automatically enables this mode when

28
src/afl-fuzz-stats.c
View File

@ -56,6 +56,8 @@ char *get_fuzzing_state(afl_state_t *afl) {
if (unlikely(percent_cur >= 80 && percent_total >= 80)) {
if (unlikely(afl->afl_env.afl_exit_when_done)) { afl->stop_soon = 2; }
return fuzzing_state[3];
} else if (unlikely(percent_cur >= 55 && percent_total >= 55)) {
@ -822,15 +824,6 @@ void show_stats_normal(afl_state_t *afl) {
}
/* Honor AFL_EXIT_WHEN_DONE and AFL_BENCH_UNTIL_CRASH. */
if (unlikely(!afl->non_instrumented_mode && afl->cycles_wo_finds > 100 &&
!afl->pending_not_fuzzed && afl->afl_env.afl_exit_when_done)) {
afl->stop_soon = 2;
}
/* AFL_EXIT_ON_TIME. */
/* If no coverage was found yet, check whether run time is greater than
@ -998,14 +991,14 @@ void show_stats_normal(afl_state_t *afl) {
} else
/* Subsequent cycles, but we're still making finds. */
if (afl->cycles_wo_finds < 25 || min_wo_finds < 30) {
if (afl->cycles_wo_finds < 2 || min_wo_finds <= 30) {
strcpy(tmp, cYEL);
} else
/* No finds for a long time and no test cases to try. */
if (afl->cycles_wo_finds > 100 && !afl->pending_not_fuzzed &&
if (afl->cycles_wo_finds > 1 && !afl->pending_not_fuzzed &&
min_wo_finds > 120) {
strcpy(tmp, cLGN);
@ -1656,15 +1649,6 @@ void show_stats_pizza(afl_state_t *afl) {
}
/* Honor AFL_EXIT_WHEN_DONE and AFL_BENCH_UNTIL_CRASH. */
if (unlikely(!afl->non_instrumented_mode && afl->cycles_wo_finds > 100 &&
!afl->pending_not_fuzzed && afl->afl_env.afl_exit_when_done)) {
afl->stop_soon = 2;
}
/* AFL_EXIT_ON_TIME. */
/* If no coverage was found yet, check whether run time is greater than
@ -1813,14 +1797,14 @@ void show_stats_pizza(afl_state_t *afl) {
} else
/* Subsequent cycles, but we're still making finds. */
if (afl->cycles_wo_finds < 25 || min_wo_finds < 30) {
if (afl->cycles_wo_finds < 2 || min_wo_finds <= 30) {
strcpy(tmp, cYEL);
} else
/* No finds for a long time and no test cases to try. */
if (afl->cycles_wo_finds > 100 && !afl->pending_not_fuzzed &&
if (afl->cycles_wo_finds > 1 && !afl->pending_not_fuzzed &&
min_wo_finds > 120) {
strcpy(tmp, cLGN);