Skip to content

Commit

Permalink
Bump libipt, fix tui in intel_pt baby fuzzer (AFLplusplus#2714)
Browse files Browse the repository at this point in the history
* Bump libipt, fix tui in intel_pt baby fuzzer

* libipt = "0.2.0"

* Use end_ip for previous block instead of ip + 1
  • Loading branch information
Marcondiro authored Nov 22, 2024
1 parent a8d2e87 commit 959ecb3
Show file tree
Hide file tree
Showing 5 changed files with 8 additions and 13 deletions.
2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ cmake = "0.1.51"
document-features = "0.2.10"
hashbrown = { version = "0.14.5", default-features = false } # A faster hashmap, nostd compatible
libc = "0.2.159" # For (*nix) libc
libipt = "0.1.4"
libipt = "0.2.0"
log = "0.4.22"
meminterval = "0.4.1"
mimalloc = { version = "0.1.43", default-features = false }
Expand Down
2 changes: 1 addition & 1 deletion fuzzers/binary_only/intel_pt_baby_fuzzer/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ authors = [
edition = "2021"

[features]
tui = []
tui = ["libafl/tui_monitor"]

[dependencies]
libafl = { path = "../../../libafl/", default-features = false, features = [
Expand Down
4 changes: 0 additions & 4 deletions libafl_intelpt/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,6 @@ readme = "./README.md"
keywords = ["fuzzing", "testing", "security", "intelpt"]
categories = ["development-tools::testing", "no-std"]

[package.metadata.docs.rs]
features = ["std"]
no-default-features = true # because libipt won't build

[features]
default = ["std", "libipt"]
std = ["libafl_bolts/std"]
Expand Down
11 changes: 5 additions & 6 deletions libafl_intelpt/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -317,7 +317,7 @@ impl IntelPT {
.set_image(Some(image))
.map_err(error_from_pt_error)?;

let mut previous_block_ip = 0;
let mut previous_block_end_ip = 0;
let mut status;
'sync: loop {
match decoder.sync_forward() {
Expand All @@ -326,7 +326,7 @@ impl IntelPT {
Self::decode_blocks(
&mut decoder,
&mut status,
&mut previous_block_ip,
&mut previous_block_end_ip,
skip,
map,
)?;
Expand Down Expand Up @@ -370,7 +370,7 @@ impl IntelPT {
fn decode_blocks<T>(
decoder: &mut BlockDecoder<()>,
status: &mut Status,
previous_block_ip: &mut u64,
previous_block_end_ip: &mut u64,
skip: u64,
map: &mut [T],
) -> Result<(), Error>
Expand All @@ -396,13 +396,12 @@ impl IntelPT {
let offset = decoder.offset().map_err(error_from_pt_error)?;

if !b.speculative() && skip < offset {
// add 1 to `previous_block_ip` to avoid that all the recursive basic blocks map to 0
let id = hash_me(*previous_block_ip + 1) ^ hash_me(b.ip());
let id = hash_me(*previous_block_end_ip) ^ hash_me(b.ip());
// SAFETY: the index is < map.len() since the modulo operation is applied
let map_loc = unsafe { map.get_unchecked_mut(id as usize % map.len()) };
*map_loc = (*map_loc).saturating_add(&1u8.into());

*previous_block_ip = b.ip();
*previous_block_end_ip = b.end_ip();
}
}
Err(e) => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,4 @@ for test_bin in ../target/debug/deps/integration_tests_linux-*; do
fi
done

cargo test intel_pt_trace_fork
cargo test intel_pt_trace_fork -- --show-output

0 comments on commit 959ecb3

Please sign in to comment.