diff options
| -rw-r--r-- | cmdline.c | 32 | ||||
| -rw-r--r-- | display.c | 2 | ||||
| -rw-r--r-- | fuzz.c | 14 | ||||
| -rw-r--r-- | honggfuzz.c | 4 | ||||
| -rw-r--r-- | honggfuzz.h | 9 | ||||
| -rw-r--r-- | subproc.c | 2 |
6 files changed, 36 insertions, 27 deletions
@@ -161,8 +161,6 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) .tmOut = 10, .runEndTime = 0, .mutationsMax = 0, - .threadsFinished = 0, - .threadsMax = (sysconf(_SC_NPROCESSORS_ONLN) <= 1) ? 1 : sysconf(_SC_NPROCESSORS_ONLN) / 2, .reportFile = NULL, .asLimit = 0ULL, .clearEnv = false, @@ -176,11 +174,16 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) #else .monitorSIGABRT = true, #endif - .threadsActiveCnt = 0, .mainPid = getpid(), .terminating = false, .exitUponCrash = false, + .threads = { + .threadsFinished = 0, + .threadsMax = (sysconf(_SC_NPROCESSORS_ONLN) <= 1) ? 1 : sysconf(_SC_NPROCESSORS_ONLN) / 2, + .threadsActiveCnt = 0, + }, + .dictionaryFile = NULL, .dictionaryCnt = 0, .dictqCurrent = NULL, @@ -211,12 +214,14 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) .crashesCnt = 0ULL, }, - .sanCov_mutex = PTHREAD_MUTEX_INITIALIZER, .sanOpts = { + .sanCov_mutex = PTHREAD_MUTEX_INITIALIZER, + .sanOpts = { .asanOpts = NULL, .msanOpts = NULL, .ubsanOpts = NULL, }, - .useSanCov = false, .covMetadata = NULL, + .useSanCov = false, + .covMetadata = NULL, .report_mutex = PTHREAD_MUTEX_INITIALIZER, @@ -389,7 +394,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) hfuzz->reportFile = optarg; break; case 'n': - hfuzz->threadsMax = atol(optarg); + hfuzz->threads.threadsMax = atol(optarg); break; case 0x109: { time_t p = atol(optarg); @@ -530,9 +535,9 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) return false; } - if (hfuzz->threadsMax >= _HF_THREAD_MAX) { - LOG_E("Too many fuzzing threads specified %zu (>= _HF_THREAD_MAX (%u))", hfuzz->threadsMax, - _HF_THREAD_MAX); + if (hfuzz->threads.threadsMax >= _HF_THREAD_MAX) { + LOG_E("Too many fuzzing threads specified %zu (>= _HF_THREAD_MAX (%u))", + hfuzz->threads.threadsMax, _HF_THREAD_MAX); return false; } @@ -551,7 +556,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) if (hfuzz->linux.pid > 0 || hfuzz->linux.pidFile) { LOG_I("PID=%d specified, lowering maximum number of concurrent threads to 1", hfuzz->linux.pid); - hfuzz->threadsMax = 1; + hfuzz->threads.threadsMax = 1; } if (hfuzz->mutationsPerRun == 0U && hfuzz->useVerifier) { @@ -569,14 +574,15 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) LOG_I("PID: %d, inputDir '%s', nullifyStdio: %s, fuzzStdin: %s, saveUnique: %s, " "mutationsPerRun: %u, " - "externalCommand: '%s', runEndTime: %d tmOut: %ld, mutationsMax: %zu, threadsMax: %zu, " + "externalCommand: '%s', runEndTime: %d tmOut: %ld, mutationsMax: %zu, " + "threads.threadsMax: %zu, " "fileExtn: '%s', " "memoryLimit: 0x%" PRIx64 "(MiB), fuzzExe: '%s', fuzzedPid: %d, monitorSIGABRT: '%s'", (int)getpid(), hfuzz->inputDir, cmdlineYesNo(hfuzz->nullifyStdio), cmdlineYesNo(hfuzz->fuzzStdin), cmdlineYesNo(hfuzz->saveUnique), hfuzz->mutationsPerRun, hfuzz->externalCommand == NULL ? "NULL" : hfuzz->externalCommand, (int)hfuzz->runEndTime, - hfuzz->tmOut, hfuzz->mutationsMax, hfuzz->threadsMax, hfuzz->fileExtn, hfuzz->asLimit, - hfuzz->cmdline[0], hfuzz->linux.pid, cmdlineYesNo(hfuzz->monitorSIGABRT)); + hfuzz->tmOut, hfuzz->mutationsMax, hfuzz->threads.threadsMax, hfuzz->fileExtn, + hfuzz->asLimit, hfuzz->cmdline[0], hfuzz->linux.pid, cmdlineYesNo(hfuzz->monitorSIGABRT)); snprintf(hfuzz->cmdline_txt, sizeof(hfuzz->cmdline_txt), "%s", hfuzz->cmdline[0]); for (size_t i = 1; hfuzz->cmdline[i]; i++) { @@ -206,7 +206,7 @@ static void display_displayLocked(honggfuzz_t* hfuzz) unsigned cpuUse = getCpuUse(num_cpu); display_put(" Threads : " ESC_BOLD "%zu" ESC_RESET ", CPUs: " ESC_BOLD "%ld" ESC_RESET ", CPU%: " ESC_BOLD "%u" ESC_RESET "%% (" ESC_BOLD "%u" ESC_RESET "%%/CPU)\n", - hfuzz->threadsMax, num_cpu, cpuUse, cpuUse / num_cpu); + hfuzz->threads.threadsMax, num_cpu, cpuUse, cpuUse / num_cpu); display_put(" Speed : " ESC_BOLD "% " _HF_MONETARY_MOD "zu" ESC_RESET "/sec" " (avg: " ESC_BOLD "%" _HF_MONETARY_MOD "zu" ESC_RESET ")\n", @@ -211,7 +211,7 @@ static void fuzz_setState(honggfuzz_t* hfuzz, fuzzState_t state) if (state == _HF_STATE_DYNAMIC_MAIN) { static size_t cnt = 0; ATOMIC_PRE_INC(cnt); - while (ATOMIC_GET(cnt) < hfuzz->threadsMax) { + while (ATOMIC_GET(cnt) < hfuzz->threads.threadsMax) { if (ATOMIC_GET(hfuzz->terminating) == true) { return; } @@ -605,7 +605,7 @@ static void fuzz_fuzzLoop(honggfuzz_t* hfuzz, run_t* run) static void* fuzz_threadNew(void* arg) { honggfuzz_t* hfuzz = (honggfuzz_t*)arg; - unsigned int fuzzNo = ATOMIC_POST_INC(hfuzz->threadsActiveCnt); + unsigned int fuzzNo = ATOMIC_POST_INC(hfuzz->threads.threadsActiveCnt); LOG_I("Launched new fuzzing thread, no. #%" PRId32, fuzzNo); run_t run = { @@ -631,14 +631,14 @@ static void* fuzz_threadNew(void* arg) /* Check if dry run mode with verifier enabled */ if (hfuzz->mutationsPerRun == 0U && hfuzz->useVerifier) { if (ATOMIC_POST_INC(hfuzz->mutationsCnt) >= hfuzz->fileCnt) { - ATOMIC_POST_INC(hfuzz->threadsFinished); + ATOMIC_POST_INC(hfuzz->threads.threadsFinished); break; } } /* Check for max iterations limit if set */ else if ((ATOMIC_POST_INC(hfuzz->mutationsCnt) >= hfuzz->mutationsMax) && hfuzz->mutationsMax) { - ATOMIC_POST_INC(hfuzz->threadsFinished); + ATOMIC_POST_INC(hfuzz->threads.threadsFinished); break; } @@ -656,7 +656,7 @@ static void* fuzz_threadNew(void* arg) } LOG_I("Terminating thread no. #%" PRId32, fuzzNo); - ATOMIC_POST_INC(hfuzz->threadsFinished); + ATOMIC_POST_INC(hfuzz->threads.threadsFinished); pthread_kill(fuzz_mainThread, SIGALRM); return NULL; } @@ -699,14 +699,14 @@ void fuzz_threadsStart(honggfuzz_t* hfuzz, pthread_t* threads) fuzz_setState(hfuzz, _HF_STATE_STATIC); } - for (size_t i = 0; i < hfuzz->threadsMax; i++) { + for (size_t i = 0; i < hfuzz->threads.threadsMax; i++) { fuzz_runThread(hfuzz, &threads[i], fuzz_threadNew); } } void fuzz_threadsStop(honggfuzz_t* hfuzz, pthread_t* threads) { - for (size_t i = 0; i < hfuzz->threadsMax; i++) { + for (size_t i = 0; i < hfuzz->threads.threadsMax; i++) { void* retval; if (pthread_join(threads[i], &retval) != 0) { PLOG_F("Couldn't pthread_join() thread: %zu", i); diff --git a/honggfuzz.c b/honggfuzz.c index 37016b5b..c71a26fd 100644 --- a/honggfuzz.c +++ b/honggfuzz.c @@ -187,7 +187,7 @@ int main(int argc, char** argv) /* * So far, so good */ - pthread_t threads[hfuzz.threadsMax]; + pthread_t threads[hfuzz.threads.threadsMax]; setupSignalsPreThr(); fuzz_threadsStart(&hfuzz, threads); @@ -203,7 +203,7 @@ int main(int argc, char** argv) strsignal(ATOMIC_GET(sigReceived))); break; } - if (ATOMIC_GET(hfuzz.threadsFinished) >= hfuzz.threadsMax) { + if (ATOMIC_GET(hfuzz.threads.threadsFinished) >= hfuzz.threads.threadsMax) { break; } if (hfuzz.runEndTime > 0 && (time(NULL) > hfuzz.runEndTime)) { diff --git a/honggfuzz.h b/honggfuzz.h index 4d1b3a33..c64ba62e 100644 --- a/honggfuzz.h +++ b/honggfuzz.h @@ -192,8 +192,6 @@ typedef struct { long tmOut; time_t runEndTime; size_t mutationsMax; - size_t threadsMax; - size_t threadsFinished; size_t maxFileSz; char* reportFile; uint64_t asLimit; @@ -204,11 +202,16 @@ typedef struct { bool skipFeedbackOnTimeout; bool enableSanitizers; bool monitorSIGABRT; - uint32_t threadsActiveCnt; pid_t mainPid; bool terminating; bool exitUponCrash; + struct { + size_t threadsMax; + size_t threadsFinished; + uint32_t threadsActiveCnt; + } threads; + const char* dictionaryFile; TAILQ_HEAD(strq_t, strings_t) dictq; size_t dictionaryCnt; @@ -279,7 +279,7 @@ static bool subproc_New(honggfuzz_t* hfuzz, run_t* run) } /* Parent */ - LOG_D("Launched new process, pid: %d, (concurrency: %zd)", run->pid, hfuzz->threadsMax); + LOG_D("Launched new process, pid: %d, (concurrency: %zd)", run->pid, hfuzz->threads.threadsMax); if (hfuzz->persistent) { close(sv[1]); |