When we started using AFL, it did not have an integrated GCC plugin.
There was one proposed by Austin Seipp, but for various reasons we
ended up using some of its infrastructure (runtime and wrapper), but
writing the GCC plugin proper from scratch.
With AFL++'s renewed interest in a GCC plugin, we rebased ours, with
some features that are or were missing in the one that was integrated:
* efficient, fully-functional inline and out-of-line instrumentation
Inline instrumentation was work in progress in the original plugin.
Controlled by AFL_GCC_OUT_OF_LINE.
* reproducible instrumentation
Obey -frandom-seed for pseudorandom number generation.
* licensing clarity and strict compliance
GPLv3+ for the plugin, that uses GCC internals; add a copy of the
license, as required.
* allow/deny list support
Copied and adjusted from the LLVM plugin implementation.
* neverZero support
Not as compact as the asm-wrapper version, but likely more efficient.
Both are quite thread-unsafe, with different caveats.
Controlled with AFL_GCC_SKIP_NEVERZERO.
* Addition of AFL_FORKSRV_INIT_TMOUT env var
This commit introduces a new environment variable which allows to
specify the timespan AFL should wait for initial contact with the
forkserver.
This is useful for fuzz-targets requiring a rather long setup time
before the actual fuzzing can be started (e.g., unicorn).
* add .swp files to .gitignore
* Inherit init_tmout in afl_fsrv_init_dup
Without this patch, the forkserver would spawn with a timeout of 0 in
cmplog mode, leading to an immediate crash.
Additionally, this commit removes a spurious whitespace.
* Initialize afl->fsrv.init_tmout in afl_fsrv_init
Not all afl-components will need the new AFL_FORKSRV_INIT_TMOUT
environment variable. Hence, it's initialized to the safe "default"
value from before in afl_fsrv_init now.
