fuzzer_stat eps is now overall not current, clang-format fixed to v8

.custom-format.py

@@ -29,27 +29,29 @@ CLANG_FORMAT_BIN = os.getenv("CLANG_FORMAT_BIN")
 if CLANG_FORMAT_BIN is None:
     o = 0
     try:
-        p = subprocess.Popen(["clang-format", "--version"], stdout=subprocess.PIPE)
+        p = subprocess.Popen(["clang-format-8", "--version"], stdout=subprocess.PIPE)
         o, _ = p.communicate()
         o = str(o, "utf-8")
         o = o[len("clang-format version "):].strip()
         o = o[:o.find(".")]
         o = int(o)
-    except: pass
+    except:
-    if o < 7:
+        print ("clang-format-8 is needed. Aborted.")
-        if subprocess.call(['which', 'clang-format-7'], stdout=subprocess.PIPE) == 0:
-            CLANG_FORMAT_BIN = 'clang-format-7'
-        elif subprocess.call(['which', 'clang-format-8'], stdout=subprocess.PIPE) == 0:
-            CLANG_FORMAT_BIN = 'clang-format-8'
-        elif subprocess.call(['which', 'clang-format-9'], stdout=subprocess.PIPE) == 0:
-            CLANG_FORMAT_BIN = 'clang-format-9'
-        elif subprocess.call(['which', 'clang-format-10'], stdout=subprocess.PIPE) == 0:
-            CLANG_FORMAT_BIN = 'clang-format-10'
-        else:
-            print ("clang-format 7 or above is needed. Aborted.")
         exit(1)
+    #if o < 7:
+    #    if subprocess.call(['which', 'clang-format-7'], stdout=subprocess.PIPE) == 0:
+    #        CLANG_FORMAT_BIN = 'clang-format-7'
+    #    elif subprocess.call(['which', 'clang-format-8'], stdout=subprocess.PIPE) == 0:
+    #        CLANG_FORMAT_BIN = 'clang-format-8'
+    #    elif subprocess.call(['which', 'clang-format-9'], stdout=subprocess.PIPE) == 0:
+    #        CLANG_FORMAT_BIN = 'clang-format-9'
+    #    elif subprocess.call(['which', 'clang-format-10'], stdout=subprocess.PIPE) == 0:
+    #        CLANG_FORMAT_BIN = 'clang-format-10'
+    #    else:
+    #        print ("clang-format 7 or above is needed. Aborted.")
+    #        exit(1)
     else:
-        CLANG_FORMAT_BIN = 'clang-format'
+        CLANG_FORMAT_BIN = 'clang-format-8'
             
 COLUMN_LIMIT = 80
 for line in fmt.split("\n"):

docs/Changelog.md

@@ -19,6 +19,8 @@ sending a mail to <afl-users+subscribe@googlegroups.com>.
      - CmpLog forkserver
      - Redqueen input-2-state mutator (cmp instructions only ATM)
      - all Python 2+3 versions supported now
+     - changed execs_per_sec in fuzzer_stats from "current" execs per second
+       (which is pointless) to total execs per second
   - afl-clang-fast:
      - show in the help output for which llvm version it was compiled for
      - now does not need to be recompiled between trace-pc and pass

docs/status_screen.md

@@ -377,7 +377,7 @@ directory. This includes:
   - `fuzzer_pid`     - PID of the fuzzer process
   - `cycles_done`    - queue cycles completed so far
   - `execs_done`     - number of execve() calls attempted
-  - `execs_per_sec`  - current number of execs per second
+  - `execs_per_sec`  - overall number of execs per second
   - `paths_total`    - total number of entries in the queue
   - `paths_found`    - number of entries discovered through local fuzzing
   - `paths_imported` - number of entries imported from other instances

libdislocator/libdislocator.so.c

@@ -68,7 +68,8 @@
 #include "config.h"
 #include "types.h"
 
-#if __STDC_VERSION__ < 201112L || (defined(__FreeBSD__) && __FreeBSD_version < 1200000)
+#if __STDC_VERSION__ < 201112L || \
+    (defined(__FreeBSD__) && __FreeBSD_version < 1200000)
 // use this hack if not C11
 typedef struct {
 

qemu_mode/patches/afl-qemu-cpu-translate-inl.h

@@ -299,7 +299,6 @@ static void gpr_saving(TCGv *cpu_regs, int regs_num) {
 
 }
 
-
 static void restore_state_for_persistent(TCGv *cpu_regs, int regs_num, int sp) {
 
   if (persistent_save_gpr) {
@@ -366,7 +365,7 @@ static void restore_state_for_persistent(TCGv *cpu_regs, int regs_num, int sp) {
                                                                                \
       if (!persistent_save_gpr) tcg_gen_afl_call0(&afl_persistent_loop);       \
                                                                                \
-    } else if (afl_persistent_ret_addr && dc->pc == afl_persistent_ret_addr) {\
+    } else if (afl_persistent_ret_addr && dc->pc == afl_persistent_ret_addr) { \
                                                                                \
       gen_bx_im(dc, afl_persistent_addr);                                      \
                                                                                \
@@ -400,3 +399,4 @@ static void restore_state_for_persistent(TCGv *cpu_regs, int regs_num, int sp) {
     }                                                                         \
                                                                               \
   }
+

src/afl-fuzz-stats.c

@@ -65,13 +65,15 @@ void write_stats_file(double bitmap_cvg, double stability, double eps) {
 
   if (getrusage(RUSAGE_CHILDREN, &rus)) rus.ru_maxrss = 0;
 
-  fprintf(f,
+  fprintf(
+      f,
       "start_time        : %llu\n"
       "last_update       : %llu\n"
       "fuzzer_pid        : %d\n"
       "cycles_done       : %llu\n"
       "execs_done        : %llu\n"
       "execs_per_sec     : %0.02f\n"
+      //          "real_execs_per_sec: %0.02f\n"  // damn the name is too long
       "paths_total       : %u\n"
       "paths_favored     : %u\n"
       "paths_found       : %u\n"
@@ -98,10 +100,11 @@ void write_stats_file(double bitmap_cvg, double stability, double eps) {
       "target_mode       : %s%s%s%s%s%s%s%s\n"
       "command_line      : %s\n",
       start_time / 1000, get_cur_time() / 1000, getpid(),
-          queue_cycle ? (queue_cycle - 1) : 0, total_execs, eps, queued_paths,
+      queue_cycle ? (queue_cycle - 1) : 0, total_execs,
-          queued_favored, queued_discovered, queued_imported, max_depth,
+      /*eps,*/ total_execs / ((double)(get_cur_time() - start_time) / 1000),
-          current_entry, pending_favored, pending_not_fuzzed, queued_variable,
+      queued_paths, queued_favored, queued_discovered, queued_imported,
-          stability, bitmap_cvg, unique_crashes, unique_hangs,
+      max_depth, current_entry, pending_favored, pending_not_fuzzed,
+      queued_variable, stability, bitmap_cvg, unique_crashes, unique_hangs,
       last_path_time / 1000, last_crash_time / 1000, last_hang_time / 1000,
       total_execs - last_crash_execs, exec_tmout, slowest_exec_ms,
 #ifdef __APPLE__
@@ -113,8 +116,8 @@ void write_stats_file(double bitmap_cvg, double stability, double eps) {
       dumb_mode ? " dumb " : "", no_forkserver ? "no_forksrv " : "",
       crash_mode ? "crash " : "", persistent_mode ? "persistent " : "",
       deferred_mode ? "deferred " : "",
-          (unicorn_mode || qemu_mode || dumb_mode || no_forkserver ||
+      (unicorn_mode || qemu_mode || dumb_mode || no_forkserver || crash_mode ||
-           crash_mode || persistent_mode || deferred_mode)
+       persistent_mode || deferred_mode)
           ? ""
           : "default",
       orig_cmdline);

src/afl-showmap.c

@@ -981,8 +981,7 @@ int main(int argc, char** argv) {
       snprintf(infile, sizeof(infile), "%s/%s", in_dir, dir_ent->d_name);
 
 #if !defined(DT_REG)                                          /* use stat() */
-      if (-1 == stat(infile, &statbuf)
+      if (-1 == stat(infile, &statbuf) || !S_ISREG(statbuf.st_mode)) continue;
-          || !S_ISREG(statbuf.st_mode)) continue;
 #endif
 
       snprintf(outfile, sizeof(outfile), "%s/%s", out_file, dir_ent->d_name);