AFLplusplus icon indicating copy to clipboard operation
AFLplusplus copied to clipboard
verified publisher icon AFLplusplus

AFL_EXIT_WHEN_DONE not working when compiling with NO_SPLICING

Open martinus opened this issue 1 year ago • 3 comments

After reading An Empirical Examination of Fuzzer Mutator Performance I decided to disable splicing, but after doing so ~AFL_EXIT_ON_TIME~ AFL_EXIT_WHEN_DONE logic doesn't work.

I looked through the code, and saw that the that logic depends on the cycles_wo_finds counter being > 100. But that counter is never increased when splicing is disabled, the only place where it's increased is here inside the if (afl->use_splicing): https://github.com/AFLplusplus/AFLplusplus/blob/stable/src/afl-fuzz.c#L2940-L2942

To Reproduce Steps to reproduce the behavior:

  1. Build afl++ with NO_SPLICING=1
  2. Have a look at the cycles_wo_finds value in fuzzer_stats, it's always 0.

Expected behavior cycles_wo_finds should count up after each cycle so that ~AFL_EXIT_ON_TIME~ AFL_EXIT_WHEN_DONE works

martinus avatar Oct 12 '24 05:10 martinus

you are correct this is a bug, I pushed a fix to dev. put honestly how AFL_EXIT_ON_TIME works is horrible. It is from back of vanilla afl times ... I should switch it to when the calculation for being finished is reached (the "state: in progress ..." entry in the UI when it shows "finnished"). I think I will just push another commit for this.

vanhauser-thc avatar Oct 14 '24 07:10 vanhauser-thc

actually AFL_EXIT_ON_TIME was fine besides the wrong cycle_wo_finds requirement but AFL_EXIT_WHEN_DONE needed an update. also changed how the colors look like in the UI for cycles done. can you please test and give me feedback?

vanhauser-thc avatar Oct 14 '24 07:10 vanhauser-thc

Works well for me, thanks!

martinus avatar Oct 15 '24 04:10 martinus