From cc442f4dc86257a90a2b3d8ba10cf80532f4d5be Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Thu, 12 Dec 2024 20:40:28 +0100 Subject: [PATCH] No Uses* from `fuzzer` (#2761) * go * fixing stuf * hello from windows * more * lolg * lolf * fix * a --------- Co-authored-by: Your Name --- .../baby_fuzzer_custom_executor/src/main.rs | 3 +- .../binary_only/qemu_launcher/src/instance.rs | 5 +- .../forkserver/libafl-fuzz/src/executor.rs | 1 - fuzzers/forkserver/libafl-fuzz/src/fuzzer.rs | 16 +- libafl/src/corpus/minimizer.rs | 2 +- libafl/src/events/centralized.rs | 110 ++-- libafl/src/events/llmp/mgr.rs | 34 +- libafl/src/events/llmp/mod.rs | 15 +- libafl/src/events/llmp/restarting.rs | 89 ++-- libafl/src/events/tcp.rs | 84 ++-- libafl/src/executors/combined.rs | 2 - libafl/src/executors/command.rs | 3 - libafl/src/executors/differential.rs | 1 - libafl/src/executors/forkserver.rs | 1 - libafl/src/executors/hooks/inprocess.rs | 6 +- libafl/src/executors/hooks/unix.rs | 6 +- libafl/src/executors/hooks/windows.rs | 8 +- libafl/src/executors/inprocess/inner.rs | 6 +- libafl/src/executors/inprocess/mod.rs | 31 +- libafl/src/executors/inprocess/stateful.rs | 13 +- libafl/src/executors/inprocess_fork/inner.rs | 1 - libafl/src/executors/inprocess_fork/mod.rs | 9 +- .../src/executors/inprocess_fork/stateful.rs | 2 +- libafl/src/executors/mod.rs | 2 - libafl/src/executors/shadow.rs | 1 - libafl/src/executors/with_observers.rs | 1 - libafl/src/fuzzer/mod.rs | 472 ++++++++---------- libafl/src/stages/afl_stats.rs | 4 +- libafl/src/stages/calibrate.rs | 2 +- libafl/src/stages/colorization.rs | 2 - libafl/src/stages/concolic.rs | 11 +- libafl/src/stages/generalization.rs | 2 - libafl/src/stages/generation.rs | 2 +- libafl/src/stages/mutational.rs | 8 +- libafl/src/stages/power.rs | 4 +- libafl/src/stages/push/mod.rs | 8 +- libafl/src/stages/push/mutational.rs | 9 +- libafl/src/stages/sync.rs | 20 +- libafl/src/stages/tmin.rs | 18 +- libafl/src/stages/tracing.rs | 10 +- libafl/src/stages/tuneable.rs | 10 +- libafl/src/stages/verify_timeouts.rs | 2 +- libafl/src/state/mod.rs | 24 +- libafl_frida/src/executor.rs | 1 - libafl_libfuzzer/runtime/src/fuzz.rs | 2 +- libafl_libfuzzer/runtime/src/report.rs | 2 +- libafl_libfuzzer/runtime/src/tmin.rs | 2 +- libafl_nyx/src/executor.rs | 1 - libafl_qemu/src/executor.rs | 18 +- .../src/cmps/stages/aflpptracing.rs | 1 - libafl_targets/src/windows_asan.rs | 2 +- libafl_tinyinst/src/executor.rs | 1 - 52 files changed, 495 insertions(+), 595 deletions(-) diff --git a/fuzzers/baby/baby_fuzzer_custom_executor/src/main.rs b/fuzzers/baby/baby_fuzzer_custom_executor/src/main.rs index 003839f84d..f9c0b2e9ee 100644 --- a/fuzzers/baby/baby_fuzzer_custom_executor/src/main.rs +++ b/fuzzers/baby/baby_fuzzer_custom_executor/src/main.rs @@ -53,13 +53,12 @@ impl Executor for CustomExecutor where EM: UsesState, S: State + HasExecutions, - Z: UsesState, Self::Input: HasTargetBytes, { fn run_target( &mut self, _fuzzer: &mut Z, - state: &mut Self::State, + state: &mut S, _mgr: &mut EM, input: &Self::Input, ) -> Result { diff --git a/fuzzers/binary_only/qemu_launcher/src/instance.rs b/fuzzers/binary_only/qemu_launcher/src/instance.rs index 5693c8ae2b..317d21a36f 100644 --- a/fuzzers/binary_only/qemu_launcher/src/instance.rs +++ b/fuzzers/binary_only/qemu_launcher/src/instance.rs @@ -312,9 +312,8 @@ impl Instance<'_, M> { stages: &mut ST, ) -> Result<(), Error> where - Z: Fuzzer, ST> - + UsesState - + Evaluator, State = ClientState>, + Z: Fuzzer, ClientState, ST> + + Evaluator, BytesInput, ClientState>, E: UsesState, ST: StagesTuple, ClientState, Z>, { diff --git a/fuzzers/forkserver/libafl-fuzz/src/executor.rs b/fuzzers/forkserver/libafl-fuzz/src/executor.rs index 42db166408..06082e8a73 100644 --- a/fuzzers/forkserver/libafl-fuzz/src/executor.rs +++ b/fuzzers/forkserver/libafl-fuzz/src/executor.rs @@ -357,7 +357,6 @@ pub enum SupportedExecutors { impl Executor for SupportedExecutors where S: State, - Z: UsesState, EM: UsesState, FSV: Executor, { diff --git a/fuzzers/forkserver/libafl-fuzz/src/fuzzer.rs b/fuzzers/forkserver/libafl-fuzz/src/fuzzer.rs index 24f4178083..6f7895968d 100644 --- a/fuzzers/forkserver/libafl-fuzz/src/fuzzer.rs +++ b/fuzzers/forkserver/libafl-fuzz/src/fuzzer.rs @@ -22,7 +22,7 @@ use libafl::{ CaptureTimeoutFeedback, ConstFeedback, CrashFeedback, MaxMapFeedback, TimeFeedback, }, fuzzer::StdFuzzer, - inputs::{BytesInput, NopTargetBytesConverter}, + inputs::{BytesInput, NopTargetBytesConverter, UsesInput}, mutators::{havoc_mutations, tokens_mutations, AFLppRedQueen, StdScheduledMutator, Tokens}, observers::{CanTrack, HitcountsMapObserver, StdMapObserver, TimeObserver}, schedulers::{ @@ -38,7 +38,6 @@ use libafl::{ }, state::{ HasCorpus, HasCurrentTestcase, HasExecutions, HasLastReportTime, HasStartTime, StdState, - UsesState, }, Error, Fuzzer, HasFeedback, HasMetadata, SerdeAny, }; @@ -649,20 +648,19 @@ pub fn fuzzer_target_mode(opt: &Opt) -> Cow<'static, str> { #[derive(Debug, Serialize, Deserialize, SerdeAny)] pub struct IsInitialCorpusEntryMetadata {} -pub fn run_fuzzer_with_stages( +pub fn run_fuzzer_with_stages( opt: &Opt, fuzzer: &mut Z, stages: &mut ST, executor: &mut E, - state: &mut ::State, + state: &mut S, mgr: &mut EM, ) -> Result<(), Error> where - Z: Fuzzer, - E: UsesState, - EM: ProgressReporter, - ST: StagesTuple, - ::State: HasLastReportTime + HasExecutions + HasMetadata, + Z: Fuzzer, + EM: ProgressReporter, + ST: StagesTuple, + S: HasLastReportTime + HasExecutions + HasMetadata + UsesInput, { if opt.bench_just_one { fuzzer.fuzz_loop_for(stages, executor, state, mgr, 1)?; diff --git a/libafl/src/corpus/minimizer.rs b/libafl/src/corpus/minimizer.rs index 84c6be3875..c6599ca75d 100644 --- a/libafl/src/corpus/minimizer.rs +++ b/libafl/src/corpus/minimizer.rs @@ -77,7 +77,7 @@ where E::Observers: ObserversTuple, CS: Scheduler + RemovableScheduler, EM: EventFirer, - Z: HasScheduler, + Z: HasScheduler, { // don't delete this else it won't work after restart let current = *state.corpus().current(); diff --git a/libafl/src/events/centralized.rs b/libafl/src/events/centralized.rs index 515c8ec5b9..e0b1a441f5 100644 --- a/libafl/src/events/centralized.rs +++ b/libafl/src/events/centralized.rs @@ -30,6 +30,7 @@ use crate::events::llmp::COMPRESS_THRESHOLD; #[cfg(feature = "scalability_introspection")] use crate::state::HasScalabilityMonitor; use crate::{ + corpus::Corpus, events::{ AdaptiveSerializer, CustomBufEventResult, Event, EventConfig, EventFirer, EventManager, EventManagerHooksTuple, EventManagerId, EventProcessor, EventRestarter, @@ -39,7 +40,7 @@ use crate::{ fuzzer::{EvaluatorObservers, ExecutionProcessor}, inputs::{Input, NopInput, UsesInput}, observers::{ObserversTuple, TimeObserver}, - state::{HasExecutions, HasLastReportTime, NopState, State, Stoppable, UsesState}, + state::{HasCorpus, HasExecutions, HasLastReportTime, NopState, State, Stoppable, UsesState}, Error, HasMetadata, }; @@ -49,8 +50,8 @@ pub(crate) const _LLMP_TAG_TO_MAIN: Tag = Tag(0x3453453); #[derive(Debug)] pub struct CentralizedEventManager where - EM: UsesState, - EMH: EventManagerHooksTuple, + EM: UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -114,8 +115,8 @@ impl CentralizedEventManagerBuilder { time_obs: Option>, ) -> Result, Error> where - EM: UsesState, - EMH: EventManagerHooksTuple, + EM: UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -135,7 +136,6 @@ impl CentralizedEventManagerBuilder { /// /// If the port is not yet bound, it will act as a broker; otherwise, it /// will act as a client. - #[cfg(feature = "std")] pub fn build_on_port( self, inner: EM, @@ -145,8 +145,8 @@ impl CentralizedEventManagerBuilder { time_obs: Option>, ) -> Result, Error> where - EM: UsesState, - EMH: EventManagerHooksTuple, + EM: UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -165,7 +165,6 @@ impl CentralizedEventManagerBuilder { /// If a client respawns, it may reuse the existing connection, previously /// stored by [`LlmpClient::to_env()`]. - #[cfg(feature = "std")] pub fn build_existing_client_from_env( self, inner: EM, @@ -175,8 +174,8 @@ impl CentralizedEventManagerBuilder { time_obs: Option>, ) -> Result, Error> where - EM: UsesState, - EMH: EventManagerHooksTuple, + EM: UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -193,7 +192,6 @@ impl CentralizedEventManagerBuilder { } /// Create an existing client from description - #[cfg(feature = "std")] pub fn existing_client_from_description( self, inner: EM, @@ -203,8 +201,8 @@ impl CentralizedEventManagerBuilder { time_obs: Option>, ) -> Result, Error> where - EM: UsesState, - EMH: EventManagerHooksTuple, + EM: UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -222,8 +220,8 @@ impl CentralizedEventManagerBuilder { } impl UsesState for CentralizedEventManager where - EM: UsesState, - EMH: EventManagerHooksTuple, + EM: UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -232,8 +230,8 @@ where impl AdaptiveSerializer for CentralizedEventManager where - EM: AdaptiveSerializer + UsesState, - EMH: EventManagerHooksTuple, + EM: AdaptiveSerializer + UsesState, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -270,9 +268,10 @@ where impl EventFirer for CentralizedEventManager where - EM: AdaptiveSerializer + EventFirer + HasEventManagerId, - EMH: EventManagerHooksTuple, - S: State, + EM: AdaptiveSerializer + EventFirer + HasEventManagerId, + EMH: EventManagerHooksTuple, + S: State + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, { fn should_send(&self) -> bool { @@ -342,8 +341,8 @@ where impl EventRestarter for CentralizedEventManager where - EM: EventRestarter, - EMH: EventManagerHooksTuple, + EM: EventRestarter, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -368,17 +367,18 @@ where impl EventProcessor for CentralizedEventManager where - EM: AdaptiveSerializer + EventProcessor + EventFirer + HasEventManagerId, - EMH: EventManagerHooksTuple, + EM: AdaptiveSerializer + EventProcessor + EventFirer + HasEventManagerId, + EMH: EventManagerHooksTuple, E: HasObservers + Executor, E::Observers: ObserversTuple<::Input, ::State> + Serialize, for<'a> E::Observers: Deserialize<'a>, - S: State, + S: State + HasCorpus, + S::Corpus: Corpus, Self::State: HasExecutions + HasMetadata, SP: ShMemProvider, - Z: EvaluatorObservers - + ExecutionProcessor, + Z: EvaluatorObservers::Input, S> + + ExecutionProcessor::Input, E::Observers, S>, { fn process( &mut self, @@ -408,20 +408,21 @@ where E::Observers: ObserversTuple<::Input, ::State> + Serialize, for<'a> E::Observers: Deserialize<'a>, - EM: AdaptiveSerializer + EventManager, + EM: AdaptiveSerializer + EventManager, EM::State: HasExecutions + HasMetadata + HasLastReportTime, - EMH: EventManagerHooksTuple, - S: State, + EMH: EventManagerHooksTuple, + S: State + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, - Z: EvaluatorObservers - + ExecutionProcessor, + Z: EvaluatorObservers::Input, S> + + ExecutionProcessor::Input, E::Observers, S>, { } impl HasCustomBufHandlers for CentralizedEventManager where - EM: HasCustomBufHandlers, - EMH: EventManagerHooksTuple, + EM: HasCustomBufHandlers, + EMH: EventManagerHooksTuple, S: State, SP: ShMemProvider, { @@ -438,19 +439,21 @@ where impl ProgressReporter for CentralizedEventManager where - EM: AdaptiveSerializer + ProgressReporter + HasEventManagerId, + EM: AdaptiveSerializer + ProgressReporter + HasEventManagerId, EM::State: HasMetadata + HasExecutions + HasLastReportTime, - EMH: EventManagerHooksTuple, - S: State, + EMH: EventManagerHooksTuple, + S: State + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, { } impl HasEventManagerId for CentralizedEventManager where - EM: HasEventManagerId + UsesState, - EMH: EventManagerHooksTuple, - S: State, + EM: HasEventManagerId + UsesState, + EMH: EventManagerHooksTuple, + S: State + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, { fn mgr_id(&self) -> EventManagerId { @@ -460,9 +463,10 @@ where impl CentralizedEventManager where - EM: UsesState, - EMH: EventManagerHooksTuple, - S: State, + EM: UsesState, + EMH: EventManagerHooksTuple, + S: State + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, { /// Describe the client event manager's LLMP parts in a restorable fashion @@ -472,7 +476,6 @@ where /// Write the config for a client [`EventManager`] to env vars, a new /// client can reattach using [`CentralizedEventManagerBuilder::build_existing_client_from_env()`]. - #[cfg(feature = "std")] pub fn to_env(&self, env_name: &str) { self.client.to_env(env_name).unwrap(); } @@ -485,9 +488,10 @@ where impl CentralizedEventManager where - EM: UsesState + EventFirer + AdaptiveSerializer + HasEventManagerId, - EMH: EventManagerHooksTuple, - S: State + Stoppable, + EM: UsesState + EventFirer + AdaptiveSerializer + HasEventManagerId, + EMH: EventManagerHooksTuple, + S: State + Stoppable + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, { #[cfg(feature = "llmp_compression")] @@ -535,8 +539,8 @@ where ObserversTuple<::Input, ::State> + Serialize, ::State: UsesInput + HasExecutions + HasMetadata, for<'a> E::Observers: Deserialize<'a>, - Z: ExecutionProcessor::State> - + EvaluatorObservers, + Z: EvaluatorObservers::Input, S> + + ExecutionProcessor::Input, E::Observers, S>, { // TODO: Get around local event copy by moving handle_in_client let self_id = self.client.sender().id(); @@ -585,8 +589,8 @@ where ObserversTuple<::Input, ::State> + Serialize, ::State: UsesInput + HasExecutions + HasMetadata, for<'a> E::Observers: Deserialize<'a> + Serialize, - Z: ExecutionProcessor::State> - + EvaluatorObservers, + Z: EvaluatorObservers::Input, S> + + ExecutionProcessor::Input, E::Observers, S>, { log::debug!("handle_in_main!"); @@ -640,7 +644,7 @@ where process::id(), event_name ); - fuzzer.evaluate_input_with_observers::( + fuzzer.evaluate_input_with_observers( state, executor, self, diff --git a/libafl/src/events/llmp/mgr.rs b/libafl/src/events/llmp/mgr.rs index 1153c30610..687d7e10d4 100644 --- a/libafl/src/events/llmp/mgr.rs +++ b/libafl/src/events/llmp/mgr.rs @@ -30,6 +30,7 @@ use serde::{Deserialize, Serialize}; #[cfg(feature = "llmp_compression")] use crate::events::llmp::COMPRESS_THRESHOLD; use crate::{ + corpus::Corpus, events::{ llmp::{LLMP_TAG_EVENT_TO_BOTH, _LLMP_TAG_EVENT_TO_BROKER}, AdaptiveSerializer, CustomBufEventResult, CustomBufHandlerFn, Event, EventConfig, @@ -40,7 +41,7 @@ use crate::{ fuzzer::{Evaluator, EvaluatorObservers, ExecutionProcessor}, inputs::{NopInput, UsesInput}, observers::{ObserversTuple, TimeObserver}, - state::{HasExecutions, HasImported, HasLastReportTime, NopState, State, UsesState}, + state::{HasCorpus, HasExecutions, HasImported, HasLastReportTime, NopState, State, UsesState}, Error, HasMetadata, }; @@ -387,7 +388,8 @@ where impl LlmpEventManager where EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, { // Handle arriving events in the client @@ -404,9 +406,9 @@ where E: Executor + HasObservers, E::Observers: ObserversTuple + Serialize, for<'a> E::Observers: Deserialize<'a>, - Z: ExecutionProcessor - + EvaluatorObservers - + Evaluator, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S> + + Evaluator::Input, S>, { if !self.hooks.pre_exec_all(state, client_id, &event)? { return Ok(()); @@ -449,9 +451,7 @@ where { state.scalability_monitor_mut().testcase_without_observers += 1; } - fuzzer.evaluate_input_with_observers::( - state, executor, self, input, false, - )? + fuzzer.evaluate_input_with_observers(state, executor, self, input, false)? }; if let Some(item) = res.1 { *state.imported_mut() += 1; @@ -585,14 +585,15 @@ where impl EventProcessor for LlmpEventManager where EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, E: HasObservers + Executor, E::Observers: ObserversTuple + Serialize, for<'a> E::Observers: Deserialize<'a>, - Z: ExecutionProcessor - + EvaluatorObservers - + Evaluator, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S> + + Evaluator::Input, S>, { fn process( &mut self, @@ -649,11 +650,12 @@ where E::Observers: ObserversTuple + Serialize, for<'a> E::Observers: Deserialize<'a>, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported, + S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, - Z: ExecutionProcessor - + EvaluatorObservers - + Evaluator, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S> + + Evaluator::Input, S>, { } diff --git a/libafl/src/events/llmp/mod.rs b/libafl/src/events/llmp/mod.rs index bdbe32f4ba..0175d33c6f 100644 --- a/libafl/src/events/llmp/mod.rs +++ b/libafl/src/events/llmp/mod.rs @@ -16,11 +16,12 @@ use libafl_bolts::{ use serde::Deserialize; use crate::{ + corpus::Corpus, events::{CustomBufEventResult, CustomBufHandlerFn, Event, EventFirer}, executors::{Executor, HasObservers}, fuzzer::{EvaluatorObservers, ExecutionProcessor}, inputs::{Input, InputConverter, NopInput, NopInputConverter, UsesInput}, - state::{HasExecutions, NopState, State, Stoppable, UsesState}, + state::{HasCorpus, HasExecutions, NopState, State, Stoppable, UsesState}, Error, HasMetadata, }; @@ -253,7 +254,7 @@ where impl LlmpEventConverter where - S: UsesInput + HasExecutions + HasMetadata + Stoppable, + S: UsesInput + HasExecutions + HasMetadata + Stoppable + HasCorpus, SP: ShMemProvider, IC: InputConverter, ICB: InputConverter, @@ -295,8 +296,10 @@ where where E: Executor + HasObservers, EM: UsesState + EventFirer, + S::Corpus: Corpus, for<'a> E::Observers: Deserialize<'a>, - Z: ExecutionProcessor + EvaluatorObservers, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S>, { match event { Event::NewTestcase { @@ -308,7 +311,7 @@ where return Ok(()); }; - let res = fuzzer.evaluate_input_with_observers::( + let res = fuzzer.evaluate_input_with_observers( state, executor, manager, @@ -349,8 +352,10 @@ where where E: Executor + HasObservers, EM: UsesState + EventFirer, + S::Corpus: Corpus, for<'a> E::Observers: Deserialize<'a>, - Z: ExecutionProcessor + EvaluatorObservers, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S>, { // TODO: Get around local event copy by moving handle_in_client let self_id = self.llmp.sender().id(); diff --git a/libafl/src/events/llmp/restarting.rs b/libafl/src/events/llmp/restarting.rs index c76d89497d..731c9e932d 100644 --- a/libafl/src/events/llmp/restarting.rs +++ b/libafl/src/events/llmp/restarting.rs @@ -4,56 +4,51 @@ //! restart/refork it. use alloc::{boxed::Box, vec::Vec}; -#[cfg(feature = "std")] -use core::sync::atomic::{compiler_fence, Ordering}; -#[cfg(feature = "std")] -use core::time::Duration; -use core::{marker::PhantomData, num::NonZeroUsize}; -#[cfg(feature = "std")] +use core::{ + marker::PhantomData, + num::NonZeroUsize, + sync::atomic::{compiler_fence, Ordering}, + time::Duration, +}; use std::net::SocketAddr; -#[cfg(feature = "std")] -use libafl_bolts::core_affinity::CoreId; -#[cfg(all(feature = "std", any(windows, not(feature = "fork"))))] +#[cfg(any(windows, not(feature = "fork")))] use libafl_bolts::os::startable_self; -#[cfg(all(unix, feature = "std", not(miri)))] +#[cfg(all(unix, not(miri)))] use libafl_bolts::os::unix_signals::setup_signal_handler; -#[cfg(all(feature = "std", feature = "fork", unix))] +#[cfg(all(feature = "fork", unix))] use libafl_bolts::os::{fork, ForkResult}; -#[cfg(feature = "std")] -use libafl_bolts::{ - llmp::LlmpConnection, os::CTRL_C_EXIT, shmem::StdShMemProvider, staterestore::StateRestorer, -}; use libafl_bolts::{ - llmp::{Broker, LlmpBroker}, - shmem::ShMemProvider, + core_affinity::CoreId, + llmp::{Broker, LlmpBroker, LlmpConnection}, + os::CTRL_C_EXIT, + shmem::{ShMemProvider, StdShMemProvider}, + staterestore::StateRestorer, tuples::{tuple_list, Handle}, }; use serde::{Deserialize, Serialize}; -#[cfg(feature = "std")] use typed_builder::TypedBuilder; -#[cfg(all(unix, feature = "std", not(miri)))] +#[cfg(all(unix, not(miri)))] use crate::events::EVENTMGR_SIGHANDLER_STATE; -#[cfg(feature = "std")] -use crate::events::{AdaptiveSerializer, CustomBufEventResult, HasCustomBufHandlers}; use crate::{ + corpus::Corpus, events::{ - launcher::ClientDescription, Event, EventConfig, EventFirer, EventManager, - EventManagerHooksTuple, EventManagerId, EventProcessor, EventRestarter, HasEventManagerId, - LlmpEventManager, LlmpShouldSaveState, ProgressReporter, StdLlmpEventHook, + launcher::ClientDescription, AdaptiveSerializer, CustomBufEventResult, Event, EventConfig, + EventFirer, EventManager, EventManagerHooksTuple, EventManagerId, EventProcessor, + EventRestarter, HasCustomBufHandlers, HasEventManagerId, LlmpEventManager, + LlmpShouldSaveState, ProgressReporter, StdLlmpEventHook, }, executors::{Executor, HasObservers}, fuzzer::{Evaluator, EvaluatorObservers, ExecutionProcessor}, inputs::UsesInput, monitors::Monitor, observers::{ObserversTuple, TimeObserver}, - state::{HasExecutions, HasImported, HasLastReportTime, State, UsesState}, + state::{HasCorpus, HasExecutions, HasImported, HasLastReportTime, State, UsesState}, Error, HasMetadata, }; /// A manager that can restart on the fly, storing states in-between (in `on_restart`) -#[cfg(feature = "std")] #[derive(Debug)] pub struct LlmpRestartingEventManager where @@ -69,7 +64,6 @@ where save_state: LlmpShouldSaveState, } -#[cfg(feature = "std")] impl AdaptiveSerializer for LlmpRestartingEventManager where SP: ShMemProvider, @@ -106,7 +100,6 @@ where } } -#[cfg(feature = "std")] impl UsesState for LlmpRestartingEventManager where S: State, @@ -115,7 +108,6 @@ where type State = S; } -#[cfg(feature = "std")] impl ProgressReporter for LlmpRestartingEventManager where S: State + HasExecutions + HasMetadata + HasLastReportTime, @@ -123,7 +115,6 @@ where { } -#[cfg(feature = "std")] impl EventFirer for LlmpRestartingEventManager where SP: ShMemProvider, @@ -157,7 +148,6 @@ where } } -#[cfg(feature = "std")] impl EventRestarter for LlmpRestartingEventManager where S: State + HasExecutions, @@ -199,18 +189,22 @@ where } } -#[cfg(feature = "std")] impl EventProcessor for LlmpRestartingEventManager where E: HasObservers + Executor, Z, State = S>, E::Observers: ObserversTuple + Serialize, for<'a> E::Observers: Deserialize<'a>, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, - Z: ExecutionProcessor, E::Observers, State = S> - + EvaluatorObservers, E::Observers> - + Evaluator>, + Z: ExecutionProcessor< + LlmpEventManager, + ::Input, + E::Observers, + S, + > + EvaluatorObservers, ::Input, S> + + Evaluator, ::Input, S>, { fn process(&mut self, fuzzer: &mut Z, state: &mut S, executor: &mut E) -> Result { let res = self.llmp_mgr.process(fuzzer, state, executor)?; @@ -223,22 +217,25 @@ where } } -#[cfg(feature = "std")] impl EventManager for LlmpRestartingEventManager where E: HasObservers + Executor, Z, State = S>, E::Observers: ObserversTuple + Serialize, for<'a> E::Observers: Deserialize<'a>, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported, + S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider, - Z: ExecutionProcessor, E::Observers, State = S> - + EvaluatorObservers, E::Observers> - + Evaluator>, + Z: ExecutionProcessor< + LlmpEventManager, + ::Input, + E::Observers, + S, + > + EvaluatorObservers, ::Input, S> + + Evaluator, ::Input, S>, { } -#[cfg(feature = "std")] impl HasEventManagerId for LlmpRestartingEventManager where S: State, @@ -249,7 +246,6 @@ where } } -#[cfg(feature = "std")] impl HasCustomBufHandlers for LlmpRestartingEventManager where S: State, @@ -269,7 +265,6 @@ const _ENV_FUZZER_RECEIVER: &str = "_AFL_ENV_FUZZER_RECEIVER"; /// The llmp (2 way) connection from a fuzzer to the broker (broadcasting all other fuzzer messages) const _ENV_FUZZER_BROKER_CLIENT_INITIAL: &str = "_AFL_ENV_FUZZER_BROKER_CLIENT"; -#[cfg(feature = "std")] impl LlmpRestartingEventManager where S: State, @@ -321,7 +316,6 @@ where } /// The kind of manager we're creating right now -#[cfg(feature = "std")] #[derive(Debug, Clone)] pub enum ManagerKind { /// Any kind will do @@ -339,7 +333,6 @@ pub enum ManagerKind { /// /// The restarting mgr is a combination of restarter and runner, that can be used on systems with and without `fork` support. /// The restarter will spawn a new process each time the child crashes or timeouts. -#[cfg(feature = "std")] #[allow(clippy::type_complexity)] pub fn setup_restarting_mgr_std( monitor: MT, @@ -371,7 +364,6 @@ where /// The restarting mgr is a combination of restarter and runner, that can be used on systems with and without `fork` support. /// The restarter will spawn a new process each time the child crashes or timeouts. /// This one, additionally uses the timeobserver for the adaptive serialization -#[cfg(feature = "std")] #[allow(clippy::type_complexity)] pub fn setup_restarting_mgr_std_adaptive( monitor: MT, @@ -405,7 +397,6 @@ where /// The [`RestartingMgr`] is is a combination of a /// `restarter` and `runner`, that can be used on systems both with and without `fork` support. The /// `restarter` will start a new process each time the child crashes or times out. -#[cfg(feature = "std")] #[allow(clippy::default_trait_access, clippy::ignored_unit_patterns)] #[derive(TypedBuilder, Debug)] pub struct RestartingMgr { @@ -448,7 +439,6 @@ pub struct RestartingMgr { phantom_data: PhantomData<(EMH, S)>, } -#[cfg(feature = "std")] #[allow(clippy::type_complexity, clippy::too_many_lines)] impl RestartingMgr where @@ -719,7 +709,6 @@ where } #[cfg(test)] -#[cfg(feature = "std")] mod tests { use core::sync::atomic::{compiler_fence, Ordering}; diff --git a/libafl/src/events/tcp.rs b/libafl/src/events/tcp.rs index 977ad9de85..5b4ac815db 100644 --- a/libafl/src/events/tcp.rs +++ b/libafl/src/events/tcp.rs @@ -16,32 +16,33 @@ use std::{ #[cfg(feature = "tcp_compression")] use libafl_bolts::compress::GzipCompressor; -#[cfg(feature = "std")] -use libafl_bolts::core_affinity::CoreId; -#[cfg(all(feature = "std", any(windows, not(feature = "fork"))))] +#[cfg(any(windows, not(feature = "fork")))] use libafl_bolts::os::startable_self; -#[cfg(all(unix, feature = "std", not(miri)))] +#[cfg(all(unix, not(miri)))] use libafl_bolts::os::unix_signals::setup_signal_handler; -#[cfg(feature = "std")] -use libafl_bolts::os::CTRL_C_EXIT; -#[cfg(all(feature = "std", feature = "fork", unix))] +#[cfg(all(feature = "fork", unix))] use libafl_bolts::os::{fork, ForkResult}; -use libafl_bolts::{shmem::ShMemProvider, tuples::tuple_list, ClientId}; -#[cfg(feature = "std")] -use libafl_bolts::{shmem::StdShMemProvider, staterestore::StateRestorer}; +use libafl_bolts::{ + core_affinity::CoreId, + os::CTRL_C_EXIT, + shmem::{ShMemProvider, StdShMemProvider}, + staterestore::StateRestorer, + tuples::tuple_list, + ClientId, +}; use serde::{de::DeserializeOwned, Deserialize, Serialize}; use tokio::{ io::{AsyncReadExt, AsyncWriteExt}, sync::{broadcast, broadcast::error::RecvError, mpsc}, task::{spawn, JoinHandle}, }; -#[cfg(feature = "std")] use typed_builder::TypedBuilder; use super::{CustomBufEventResult, CustomBufHandlerFn}; -#[cfg(all(unix, feature = "std", not(miri)))] +#[cfg(all(unix, not(miri)))] use crate::events::EVENTMGR_SIGHANDLER_STATE; use crate::{ + corpus::Corpus, events::{ BrokerEventResult, Event, EventConfig, EventFirer, EventManager, EventManagerHooksTuple, EventManagerId, EventProcessor, EventRestarter, HasCustomBufHandlers, HasEventManagerId, @@ -52,7 +53,7 @@ use crate::{ inputs::{Input, UsesInput}, monitors::Monitor, observers::ObserversTuple, - state::{HasExecutions, HasImported, HasLastReportTime, State, UsesState}, + state::{HasCorpus, HasExecutions, HasImported, HasLastReportTime, State, UsesState}, Error, HasMetadata, }; @@ -583,7 +584,8 @@ where impl TcpEventManager where EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, { /// Write the client id for a client [`EventManager`] to env vars pub fn to_env(&self, env_name: &str) { @@ -604,8 +606,8 @@ where E: Executor + HasObservers, E::Observers: Serialize + ObserversTuple, for<'a> E::Observers: Deserialize<'a>, - Z: ExecutionProcessor - + EvaluatorObservers, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S>, { if !self.hooks.pre_exec_all(state, client_id, &event)? { return Ok(()); @@ -636,8 +638,7 @@ where { state.scalability_monitor_mut().testcase_without_observers += 1; } - fuzzer - .evaluate_input_with_observers::(state, executor, self, input, false)? + fuzzer.evaluate_input_with_observers(state, executor, self, input, false)? }; if let Some(item) = _res.1 { *state.imported_mut() += 1; @@ -745,9 +746,10 @@ where E::Observers: Serialize + ObserversTuple, for<'a> E::Observers: Deserialize<'a>, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasImported, - Z: EvaluatorObservers - + ExecutionProcessor, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S>, { fn process( &mut self, @@ -820,9 +822,10 @@ where E::Observers: Serialize + ObserversTuple, for<'a> E::Observers: Deserialize<'a>, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported, - Z: EvaluatorObservers - + ExecutionProcessor, + S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported + HasCorpus, + S::Corpus: Corpus, + Z: ExecutionProcessor::Input, E::Observers, S> + + EvaluatorObservers::Input, S>, { } @@ -858,7 +861,6 @@ where } /// A manager that can restart on the fly, storing states in-between (in `on_restart`) -#[cfg(feature = "std")] #[derive(Debug)] pub struct TcpRestartingEventManager where @@ -875,7 +877,6 @@ where save_state: bool, } -#[cfg(feature = "std")] impl UsesState for TcpRestartingEventManager where EMH: EventManagerHooksTuple, @@ -885,7 +886,6 @@ where type State = S; } -#[cfg(feature = "std")] impl ProgressReporter for TcpRestartingEventManager where EMH: EventManagerHooksTuple, @@ -894,7 +894,6 @@ where { } -#[cfg(feature = "std")] impl EventFirer for TcpRestartingEventManager where EMH: EventManagerHooksTuple, @@ -920,7 +919,6 @@ where } } -#[cfg(feature = "std")] impl EventRestarter for TcpRestartingEventManager where EMH: EventManagerHooksTuple, @@ -959,17 +957,17 @@ where } } -#[cfg(feature = "std")] impl EventProcessor for TcpRestartingEventManager where E: HasObservers + Executor, Z, State = S>, for<'a> E::Observers: Deserialize<'a>, E::Observers: ObserversTuple + Serialize, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider + 'static, - Z: EvaluatorObservers, E::Observers, State = S> - + ExecutionProcessor, E::Observers>, //CE: CustomEvent, + Z: ExecutionProcessor, ::Input, E::Observers, S> + + EvaluatorObservers, ::Input, S>, { fn process(&mut self, fuzzer: &mut Z, state: &mut S, executor: &mut E) -> Result { self.tcp_mgr.process(fuzzer, state, executor) @@ -980,21 +978,20 @@ where } } -#[cfg(feature = "std")] impl EventManager for TcpRestartingEventManager where E: HasObservers + Executor, Z, State = S>, E::Observers: ObserversTuple + Serialize, for<'a> E::Observers: Deserialize<'a>, EMH: EventManagerHooksTuple, - S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported, + S: State + HasExecutions + HasMetadata + HasLastReportTime + HasImported + HasCorpus, + S::Corpus: Corpus, SP: ShMemProvider + 'static, - Z: EvaluatorObservers, E::Observers, State = S> - + ExecutionProcessor, E::Observers>, //CE: CustomEvent, + Z: ExecutionProcessor, ::Input, E::Observers, S> + + EvaluatorObservers, ::Input, S>, { } -#[cfg(feature = "std")] impl HasEventManagerId for TcpRestartingEventManager where EMH: EventManagerHooksTuple, @@ -1012,7 +1009,6 @@ const _ENV_FUZZER_RECEIVER: &str = "_AFL_ENV_FUZZER_RECEIVER"; /// The tcp (2 way) connection from a fuzzer to the broker (broadcasting all other fuzzer messages) const _ENV_FUZZER_BROKER_CLIENT_INITIAL: &str = "_AFL_ENV_FUZZER_BROKER_CLIENT"; -#[cfg(feature = "std")] impl TcpRestartingEventManager where EMH: EventManagerHooksTuple, @@ -1054,7 +1050,6 @@ where } /// The kind of manager we're creating right now -#[cfg(feature = "std")] #[derive(Debug, Clone, Copy)] pub enum TcpManagerKind { /// Any kind will do @@ -1072,7 +1067,6 @@ pub enum TcpManagerKind { /// /// The [`TcpRestartingEventManager`] is a combination of restarter and runner, that can be used on systems with and without `fork` support. /// The restarter will spawn a new process each time the child crashes or timeouts. -#[cfg(feature = "std")] #[allow(clippy::type_complexity)] pub fn setup_restarting_mgr_tcp( monitor: MT, @@ -1087,7 +1081,8 @@ pub fn setup_restarting_mgr_tcp( > where MT: Monitor + Clone, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, { TcpRestartingMgr::builder() .shmem_provider(StdShMemProvider::new()?) @@ -1104,7 +1099,6 @@ where /// The [`TcpRestartingMgr`] is a combination of a /// `restarter` and `runner`, that can be used on systems both with and without `fork` support. The /// `restarter` will start a new process each time the child crashes or times out. -#[cfg(feature = "std")] #[allow(clippy::default_trait_access, clippy::ignored_unit_patterns)] #[derive(TypedBuilder, Debug)] pub struct TcpRestartingMgr @@ -1148,13 +1142,13 @@ where phantom_data: PhantomData, } -#[cfg(feature = "std")] #[allow(clippy::type_complexity, clippy::too_many_lines)] impl TcpRestartingMgr where EMH: EventManagerHooksTuple + Copy + Clone, SP: ShMemProvider, - S: State + HasExecutions + HasMetadata + HasImported, + S: State + HasExecutions + HasMetadata + HasImported + HasCorpus, + S::Corpus: Corpus, MT: Monitor + Clone, { /// Launch the restarting manager diff --git a/libafl/src/executors/combined.rs b/libafl/src/executors/combined.rs index 639f1f1528..20c830ac39 100644 --- a/libafl/src/executors/combined.rs +++ b/libafl/src/executors/combined.rs @@ -26,7 +26,6 @@ impl CombinedExecutor { A: Executor, B: Executor::State>, EM: UsesState::State>, - Z: UsesState::State>, { Self { primary, secondary } } @@ -48,7 +47,6 @@ where B: Executor::State>, Self::State: HasExecutions, EM: UsesState::State>, - Z: UsesState::State>, { fn run_target( &mut self, diff --git a/libafl/src/executors/command.rs b/libafl/src/executors/command.rs index 7bf6db343c..8471f91b03 100644 --- a/libafl/src/executors/command.rs +++ b/libafl/src/executors/command.rs @@ -396,7 +396,6 @@ where S: State + HasExecutions + UsesInput, T: CommandConfigurator + Debug, OT: Debug + MatchName + ObserversTuple, - Z: UsesState, { fn run_target( &mut self, @@ -433,7 +432,6 @@ where S: State + HasExecutions + UsesInput, T: CommandConfigurator + Debug, OT: Debug + MatchName + ObserversTuple, - Z: UsesState, HT: ExecutorHooksTuple, { /// Linux specific low level implementation, to directly handle `fork`, `exec` and use linux @@ -793,7 +791,6 @@ impl CommandExecutorBuilder { /// fn make_executor() -> impl Executor /// where /// EM: UsesState, -/// Z: UsesState, /// EM::State: UsesInput + HasExecutions, /// { /// MyExecutor.into_executor(()) diff --git a/libafl/src/executors/differential.rs b/libafl/src/executors/differential.rs index 316295be11..95b0e093cb 100644 --- a/libafl/src/executors/differential.rs +++ b/libafl/src/executors/differential.rs @@ -74,7 +74,6 @@ where ::Observers: ObserversTuple<<::State as UsesInput>::Input, ::State>, DOT: DifferentialObserversTuple + MatchName, - Z: UsesState::State>, { fn run_target( &mut self, diff --git a/libafl/src/executors/forkserver.rs b/libafl/src/executors/forkserver.rs index f3a403827b..2b0e8dec82 100644 --- a/libafl/src/executors/forkserver.rs +++ b/libafl/src/executors/forkserver.rs @@ -1588,7 +1588,6 @@ where S: State + HasExecutions, TC: TargetBytesConverter, EM: UsesState, - Z: UsesState, { #[inline] fn run_target( diff --git a/libafl/src/executors/hooks/inprocess.rs b/libafl/src/executors/hooks/inprocess.rs index f4a927c9c8..876016b972 100644 --- a/libafl/src/executors/hooks/inprocess.rs +++ b/libafl/src/executors/hooks/inprocess.rs @@ -236,7 +236,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -279,7 +279,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, E::State: State + HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -336,7 +336,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, { #[cfg_attr(miri, allow(unused_variables))] let ret = Self { diff --git a/libafl/src/executors/hooks/unix.rs b/libafl/src/executors/hooks/unix.rs index a63adb0563..25ece10a70 100644 --- a/libafl/src/executors/hooks/unix.rs +++ b/libafl/src/executors/hooks/unix.rs @@ -84,7 +84,7 @@ pub mod unix_signal_handler { EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -134,7 +134,7 @@ pub mod unix_signal_handler { EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -192,7 +192,7 @@ pub mod unix_signal_handler { EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { diff --git a/libafl/src/executors/hooks/windows.rs b/libafl/src/executors/hooks/windows.rs index d4ec7829ae..ec2aef5a04 100644 --- a/libafl/src/executors/hooks/windows.rs +++ b/libafl/src/executors/hooks/windows.rs @@ -31,7 +31,7 @@ pub mod windows_asan_handler { OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, E::Observers: ObserversTuple<::Input, E::State>, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -190,7 +190,7 @@ pub mod windows_exception_handler { OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, E::Observers: ObserversTuple<::Input, E::State>, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -253,7 +253,7 @@ pub mod windows_exception_handler { EM: EventFirer + EventRestarter, OF: Feedback, E::State: State + HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -326,7 +326,7 @@ pub mod windows_exception_handler { EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { diff --git a/libafl/src/executors/inprocess/inner.rs b/libafl/src/executors/inprocess/inner.rs index cb6d38ae76..08c4f79e1a 100644 --- a/libafl/src/executors/inprocess/inner.rs +++ b/libafl/src/executors/inprocess/inner.rs @@ -161,7 +161,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -191,7 +191,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -224,7 +224,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { diff --git a/libafl/src/executors/inprocess/mod.rs b/libafl/src/executors/inprocess/mod.rs index e326743cce..366532cbf7 100644 --- a/libafl/src/executors/inprocess/mod.rs +++ b/libafl/src/executors/inprocess/mod.rs @@ -106,7 +106,6 @@ where HT: ExecutorHooksTuple, OT: ObserversTuple, S: State + HasExecutions, - Z: UsesState, { fn run_target( &mut self, @@ -173,7 +172,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, { Self::with_timeout_generic( tuple_list!(), @@ -201,7 +200,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -242,7 +241,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -287,7 +286,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, { Self::with_timeout_generic( user_hooks, @@ -316,7 +315,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -353,7 +352,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -442,7 +441,7 @@ pub fn run_observers_and_save_state( EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus + HasCurrentTestcase, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me { let mut observers = executor.observers_mut(); @@ -503,9 +502,9 @@ where EM: EventFirer + EventRestarter, OF: Feedback, E::State: HasExecutions + HasSolutions + HasCorpus + HasCurrentTestcase, - Z: HasObjective - + HasScheduler - + ExecutionProcessor, + Z: HasObjective + + HasScheduler + + ExecutionProcessor, <::State as HasSolutions>::Solutions: Corpus, //delete me { let data = &raw mut GLOBAL_STATE; @@ -533,7 +532,7 @@ where #[cfg(test)] mod tests { - use libafl_bolts::tuples::tuple_list; + use libafl_bolts::{rands::XkcdRand, tuples::tuple_list}; use crate::{ corpus::InMemoryCorpus, @@ -542,7 +541,7 @@ mod tests { feedbacks::CrashFeedback, inputs::{NopInput, UsesInput}, schedulers::RandScheduler, - state::StdState, + state::{NopState, StdState}, StdFuzzer, }; @@ -554,16 +553,16 @@ mod tests { #[allow(clippy::let_unit_value)] fn test_inmem_exec() { let mut harness = |_buf: &NopInput| ExitKind::Ok; - let rand = libafl_bolts::rands::XkcdRand::new(); + let rand = XkcdRand::new(); let corpus = InMemoryCorpus::::new(); let solutions = InMemoryCorpus::new(); let mut objective = CrashFeedback::new(); let mut feedback = tuple_list!(); - let sche = RandScheduler::new(); + let sche: RandScheduler> = RandScheduler::new(); let mut mgr = NopEventManager::new(); let mut state = StdState::new(rand, corpus, solutions, &mut feedback, &mut objective).unwrap(); - let mut fuzzer = StdFuzzer::<_, _, _, _>::new(sche, feedback, objective); + let mut fuzzer = StdFuzzer::<_, _, _>::new(sche, feedback, objective); let mut in_process_executor = InProcessExecutor::new( &mut harness, diff --git a/libafl/src/executors/inprocess/stateful.rs b/libafl/src/executors/inprocess/stateful.rs index 27bd145836..159d87fac5 100644 --- a/libafl/src/executors/inprocess/stateful.rs +++ b/libafl/src/executors/inprocess/stateful.rs @@ -98,7 +98,6 @@ where HT: ExecutorHooksTuple, OT: ObserversTuple, S: State + HasExecutions, - Z: UsesState, { fn run_target( &mut self, @@ -165,7 +164,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, { Self::with_timeout_generic( tuple_list!(), @@ -195,7 +194,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -238,7 +237,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -303,7 +302,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, { Self::with_timeout_generic( user_hooks, @@ -334,7 +333,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { @@ -373,7 +372,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State, - Z: HasObjective, + Z: HasObjective, ::Solutions: Corpus, //delete me <::Corpus as Corpus>::Input: Clone, //delete me { diff --git a/libafl/src/executors/inprocess_fork/inner.rs b/libafl/src/executors/inprocess_fork/inner.rs index 9c82fbf70c..e34d1eb56b 100644 --- a/libafl/src/executors/inprocess_fork/inner.rs +++ b/libafl/src/executors/inprocess_fork/inner.rs @@ -121,7 +121,6 @@ where SP: ShMemProvider, HT: ExecutorHooksTuple, EM: EventFirer + EventRestarter, - Z: UsesState, { pub(super) unsafe fn pre_run_target_child( &mut self, diff --git a/libafl/src/executors/inprocess_fork/mod.rs b/libafl/src/executors/inprocess_fork/mod.rs index fd5e7c3f6c..b3386cc03b 100644 --- a/libafl/src/executors/inprocess_fork/mod.rs +++ b/libafl/src/executors/inprocess_fork/mod.rs @@ -55,7 +55,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: HasSolutions, - Z: HasObjective, + Z: HasObjective, { #[allow(clippy::too_many_arguments)] /// The constructor for `InProcessForkExecutor` @@ -93,7 +93,6 @@ where SP: ShMemProvider, HT: ExecutorHooksTuple, EM: UsesState, - Z: UsesState, { harness_fn: &'a mut H, inner: GenericInProcessForkExecutorInner, @@ -107,7 +106,6 @@ where SP: ShMemProvider, HT: ExecutorHooksTuple + Debug, EM: UsesState, - Z: UsesState, { #[cfg(target_os = "linux")] fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { @@ -135,7 +133,6 @@ where SP: ShMemProvider, HT: ExecutorHooksTuple, EM: UsesState, - Z: UsesState, { type State = S; } @@ -149,7 +146,6 @@ where SP: ShMemProvider, HT: ExecutorHooksTuple, EM: EventFirer + EventRestarter, - Z: UsesState, { #[allow(unreachable_code)] #[inline] @@ -191,7 +187,7 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: State + HasSolutions, - Z: HasObjective, + Z: HasObjective, { /// Creates a new [`GenericInProcessForkExecutor`] with custom hooks #[allow(clippy::too_many_arguments)] @@ -242,7 +238,6 @@ where OT: ObserversTuple, SP: ShMemProvider, EM: UsesState, - Z: UsesState, { type Observers = OT; #[inline] diff --git a/libafl/src/executors/inprocess_fork/stateful.rs b/libafl/src/executors/inprocess_fork/stateful.rs index f5a5d854c2..027f272abd 100644 --- a/libafl/src/executors/inprocess_fork/stateful.rs +++ b/libafl/src/executors/inprocess_fork/stateful.rs @@ -124,7 +124,7 @@ where OT: ObserversTuple + Debug, S: State + HasExecutions, SP: ShMemProvider, - Z: HasObjective, + Z: HasObjective, { #[allow(unreachable_code)] #[inline] diff --git a/libafl/src/executors/mod.rs b/libafl/src/executors/mod.rs index 000cb68081..a15ce0e1ef 100644 --- a/libafl/src/executors/mod.rs +++ b/libafl/src/executors/mod.rs @@ -120,7 +120,6 @@ pub trait HasObservers { pub trait Executor: UsesState where EM: UsesState, - Z: UsesState, { /// Instruct the target about the input and run fn run_target( @@ -209,7 +208,6 @@ mod test { EM: UsesState, S: State + HasExecutions, S::Input: HasTargetBytes, - Z: UsesState, { fn run_target( &mut self, diff --git a/libafl/src/executors/shadow.rs b/libafl/src/executors/shadow.rs index 0ec225b1ca..717822f900 100644 --- a/libafl/src/executors/shadow.rs +++ b/libafl/src/executors/shadow.rs @@ -68,7 +68,6 @@ where E: Executor + HasObservers, SOT: ObserversTuple, EM: UsesState, - Z: UsesState, { fn run_target( &mut self, diff --git a/libafl/src/executors/with_observers.rs b/libafl/src/executors/with_observers.rs index 7b161cbb97..e94a761ea2 100644 --- a/libafl/src/executors/with_observers.rs +++ b/libafl/src/executors/with_observers.rs @@ -23,7 +23,6 @@ impl Executor for WithObservers where E: Executor, EM: UsesState, - Z: UsesState, { fn run_target( &mut self, diff --git a/libafl/src/fuzzer/mod.rs b/libafl/src/fuzzer/mod.rs index 8a074282cb..4ac5aeedb6 100644 --- a/libafl/src/fuzzer/mod.rs +++ b/libafl/src/fuzzer/mod.rs @@ -1,10 +1,10 @@ //! The `Fuzzer` is the main struct for a fuzz campaign. use alloc::{string::ToString, vec::Vec}; -use core::{fmt::Debug, marker::PhantomData, time::Duration}; +use core::{fmt::Debug, time::Duration}; -use libafl_bolts::current_time; -use serde::{de::DeserializeOwned, Serialize}; +use libafl_bolts::{current_time, tuples::MatchName}; +use serde::Serialize; #[cfg(feature = "introspection")] use crate::monitors::PerfFeature; @@ -13,7 +13,7 @@ use crate::{ events::{Event, EventConfig, EventFirer, EventProcessor, ProgressReporter}, executors::{Executor, ExitKind, HasObservers}, feedbacks::Feedback, - inputs::UsesInput, + inputs::{Input, UsesInput}, mark_feature_time, observers::ObserversTuple, schedulers::Scheduler, @@ -21,7 +21,7 @@ use crate::{ start_timer, state::{ HasCorpus, HasCurrentTestcase, HasExecutions, HasLastFoundTime, HasLastReportTime, - HasSolutions, State, Stoppable, UsesState, + HasSolutions, MaybeHasClientPerfMonitor, State, UsesState, }, Error, HasMetadata, }; @@ -30,12 +30,9 @@ use crate::{ pub(crate) const STATS_TIMEOUT_DEFAULT: Duration = Duration::from_secs(15); /// Holds a scheduler -pub trait HasScheduler: UsesState -where - Self::State: HasCorpus, -{ +pub trait HasScheduler { /// The [`Scheduler`] for this fuzzer - type Scheduler: Scheduler; + type Scheduler: Scheduler; /// The scheduler fn scheduler(&self) -> &Self::Scheduler; @@ -45,7 +42,7 @@ where } /// Holds an feedback -pub trait HasFeedback: UsesState { +pub trait HasFeedback { /// The feedback type type Feedback; @@ -57,7 +54,7 @@ pub trait HasFeedback: UsesState { } /// Holds an objective feedback -pub trait HasObjective: UsesState { +pub trait HasObjective { /// The type of the [`Feedback`] used to find objectives for this fuzzer type Objective; @@ -69,104 +66,87 @@ pub trait HasObjective: UsesState { } /// Evaluates if an input is interesting using the feedback -pub trait ExecutionProcessor: UsesState { +pub trait ExecutionProcessor { /// Check the outcome of the execution, find if it is worth for corpus or objectives fn check_results( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: &::Input, + input: &I, observers: &OT, exit_kind: &ExitKind, - ) -> Result - where - EM: EventFirer, - OT: ObserversTuple<::Input, Self::State>; + ) -> Result; /// Process `ExecuteInputResult`. Add to corpus, solution or ignore #[allow(clippy::too_many_arguments)] fn process_execution( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: &::Input, + input: &I, exec_res: &ExecuteInputResult, observers: &OT, - ) -> Result, Error> - where - EM: EventFirer, - OT: ObserversTuple<::Input, Self::State>; + ) -> Result, Error>; /// serialize and send event via manager fn serialize_and_dispatch( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: ::Input, + input: I, exec_res: &ExecuteInputResult, observers: &OT, exit_kind: &ExitKind, - ) -> Result<(), Error> - where - EM: EventFirer, - OT: ObserversTuple<::Input, Self::State> + Serialize; + ) -> Result<(), Error>; /// send event via manager fn dispatch_event( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: ::Input, + input: I, exec_res: &ExecuteInputResult, obs_buf: Option>, exit_kind: &ExitKind, - ) -> Result<(), Error> - where - EM: EventFirer; + ) -> Result<(), Error>; /// Evaluate if a set of observation channels has an interesting state fn evaluate_execution( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: ::Input, + input: I, observers: &OT, exit_kind: &ExitKind, send_events: bool, - ) -> Result<(ExecuteInputResult, Option), Error> - where - EM: EventFirer, - OT: ObserversTuple<::Input, Self::State> + Serialize; + ) -> Result<(ExecuteInputResult, Option), Error>; } /// Evaluates an input modifying the state of the fuzzer -pub trait EvaluatorObservers: UsesState + Sized { +pub trait EvaluatorObservers { /// Runs the input and triggers observers and feedback, /// returns if is interesting an (option) the index of the new /// [`crate::corpus::Testcase`] in the [`crate::corpus::Corpus`] - fn evaluate_input_with_observers( + fn evaluate_input_with_observers( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, manager: &mut EM, - input: ::Input, + input: I, send_events: bool, - ) -> Result<(ExecuteInputResult, Option), Error> - where - E: Executor + HasObservers, - EM: EventFirer; + ) -> Result<(ExecuteInputResult, Option), Error>; } /// Evaluate an input modifying the state of the fuzzer -pub trait Evaluator: UsesState { +pub trait Evaluator { /// Runs the input and triggers observers and feedback, /// returns if is interesting an (option) the index of the new [`crate::corpus::Testcase`] in the corpus fn evaluate_input( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, manager: &mut EM, - input: ::Input, + input: I, ) -> Result<(ExecuteInputResult, Option), Error> { self.evaluate_input_events(state, executor, manager, input, true) } @@ -176,10 +156,10 @@ pub trait Evaluator: UsesState { /// This version has a boolean to decide if send events to the manager. fn evaluate_input_events( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, manager: &mut EM, - input: ::Input, + input: I, send_events: bool, ) -> Result<(ExecuteInputResult, Option), Error>; @@ -189,10 +169,10 @@ pub trait Evaluator: UsesState { /// Usually, you want to use [`Evaluator::evaluate_input`], unless you know what you are doing. fn add_input( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, manager: &mut EM, - input: ::Input, + input: I, ) -> Result; /// Adds the input to the corpus as disabled a input. @@ -200,21 +180,11 @@ pub trait Evaluator: UsesState { /// Disabled testcases are only used for splicing /// Returns the `index` of the new testcase in the corpus. /// Usually, you want to use [`Evaluator::evaluate_input`], unless you know what you are doing. - fn add_disabled_input( - &mut self, - state: &mut Self::State, - input: ::Input, - ) -> Result; + fn add_disabled_input(&mut self, state: &mut S, input: I) -> Result; } /// The main fuzzer trait. -pub trait Fuzzer: Sized + UsesState -where - Self::State: HasMetadata + HasExecutions + HasLastReportTime + Stoppable, - E: UsesState, - EM: ProgressReporter, - ST: StagesTuple, -{ +pub trait Fuzzer { /// Fuzz for a single iteration. /// Returns the index of the last fuzzed corpus item. /// (Note: An iteration represents a complete run of every stage. @@ -228,7 +198,7 @@ where &mut self, stages: &mut ST, executor: &mut E, - state: &mut Self::State, + state: &mut S, manager: &mut EM, ) -> Result; @@ -237,16 +207,9 @@ where &mut self, stages: &mut ST, executor: &mut E, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - ) -> Result<(), Error> { - let monitor_timeout = STATS_TIMEOUT_DEFAULT; - loop { - manager.maybe_report_progress(state, monitor_timeout)?; - - self.fuzz_one(stages, executor, state, manager)?; - } - } + ) -> Result<(), Error>; /// Fuzz for n iterations. /// Returns the index of the last fuzzed corpus item. @@ -261,33 +224,10 @@ where &mut self, stages: &mut ST, executor: &mut E, - state: &mut Self::State, + state: &mut S, manager: &mut EM, iters: u64, - ) -> Result { - if iters == 0 { - return Err(Error::illegal_argument( - "Cannot fuzz for 0 iterations!".to_string(), - )); - } - - let mut ret = None; - let monitor_timeout = STATS_TIMEOUT_DEFAULT; - - for _ in 0..iters { - manager.maybe_report_progress(state, monitor_timeout)?; - ret = Some(self.fuzz_one(stages, executor, state, manager)?); - } - - manager.report_progress(state)?; - - // If we would assume the fuzzer loop will always exit after this, we could do this here: - // manager.on_restart(state)?; - // But as the state may grow to a few megabytes, - // for now we won't, and the user has to do it (unless we find a way to do this on `Drop`). - - Ok(ret.unwrap()) - } + ) -> Result; } /// The corpus this input should be added to @@ -303,24 +243,16 @@ pub enum ExecuteInputResult { /// Your default fuzzer instance, for everyday use. #[derive(Debug)] -pub struct StdFuzzer { +pub struct StdFuzzer { scheduler: CS, feedback: F, objective: OF, - phantom: PhantomData, } -impl UsesState for StdFuzzer +impl HasScheduler<::Input, S> for StdFuzzer where - S: State, -{ - type State = S; -} - -impl HasScheduler for StdFuzzer -where - S: State + HasCorpus, - CS: Scheduler, + S: HasCorpus, + CS: Scheduler<::Input, S>, { type Scheduler = CS; @@ -333,10 +265,7 @@ where } } -impl HasFeedback for StdFuzzer -where - S: State, -{ +impl HasFeedback for StdFuzzer { type Feedback = F; fn feedback(&self) -> &Self::Feedback { @@ -348,10 +277,7 @@ where } } -impl HasObjective for StdFuzzer -where - S: State, -{ +impl HasObjective for StdFuzzer { type Objective = OF; fn objective(&self) -> &OF { @@ -363,27 +289,30 @@ where } } -impl ExecutionProcessor for StdFuzzer +impl ExecutionProcessor::Input, OT, S> + for StdFuzzer where - CS: Scheduler, - F: Feedback, - OF: Feedback, - S: HasCorpus + HasSolutions + HasExecutions + HasCorpus + HasCurrentCorpusId + State, - S::Corpus: Corpus, //delete me - S::Solutions: Corpus, //delete me + CS: Scheduler<::Input, S>, + EM: EventFirer, + S: HasCorpus + + MaybeHasClientPerfMonitor + + UsesInput::Input> + + HasCurrentTestcase + + HasSolutions, + F: Feedback::Input, OT, S>, + OF: Feedback::Input, OT, S>, + OT: ObserversTuple<::Input, S> + Serialize, + ::Input: Input, + S::Solutions: Corpus::Input>, { fn check_results( &mut self, state: &mut S, manager: &mut EM, - input: &S::Input, + input: &::Input, observers: &OT, exit_kind: &ExitKind, - ) -> Result - where - EM: EventFirer, - OT: ObserversTuple, - { + ) -> Result { let mut res = ExecuteInputResult::None; #[cfg(not(feature = "introspection"))] @@ -418,17 +347,13 @@ where fn evaluate_execution( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: ::Input, + input: ::Input, observers: &OT, exit_kind: &ExitKind, send_events: bool, - ) -> Result<(ExecuteInputResult, Option), Error> - where - EM: EventFirer, - OT: ObserversTuple + Serialize, - { + ) -> Result<(ExecuteInputResult, Option), Error> { let exec_res = self.check_results(state, manager, &input, observers, exit_kind)?; let corpus_id = self.process_execution(state, manager, &input, &exec_res, observers)?; if send_events { @@ -439,17 +364,13 @@ where fn serialize_and_dispatch( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: ::Input, + input: ::Input, exec_res: &ExecuteInputResult, observers: &OT, exit_kind: &ExitKind, - ) -> Result<(), Error> - where - EM: EventFirer, - OT: ObserversTuple + Serialize, - { + ) -> Result<(), Error> { // Now send off the event let observers_buf = match exec_res { ExecuteInputResult::Corpus => { @@ -473,16 +394,13 @@ where fn dispatch_event( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: ::Input, + input: ::Input, exec_res: &ExecuteInputResult, observers_buf: Option>, exit_kind: &ExitKind, - ) -> Result<(), Error> - where - EM: EventFirer, - { + ) -> Result<(), Error> { // Now send off the event match exec_res { ExecuteInputResult::Corpus => { @@ -522,16 +440,12 @@ where /// Evaluate if a set of observation channels has an interesting state fn process_execution( &mut self, - state: &mut Self::State, + state: &mut S, manager: &mut EM, - input: &S::Input, + input: &::Input, exec_res: &ExecuteInputResult, observers: &OT, - ) -> Result, Error> - where - EM: EventFirer, - OT: ObserversTuple, - { + ) -> Result, Error> { match exec_res { ExecuteInputResult::None => { self.feedback_mut().discard_metadata(state, input)?; @@ -577,30 +491,34 @@ where } } -impl EvaluatorObservers for StdFuzzer +impl EvaluatorObservers::Input, S> + for StdFuzzer where - CS: Scheduler, - OT: ObserversTuple + Serialize + DeserializeOwned, - F: Feedback, - OF: Feedback, - S: HasCorpus + HasSolutions + HasExecutions + State, - S::Corpus: Corpus, //delete me - S::Solutions: Corpus, //delete me + CS: Scheduler<::Input, S>, + E: HasObservers + Executor, + E::Observers: MatchName + ObserversTuple<::Input, S> + Serialize, + EM: EventFirer, + F: Feedback::Input, E::Observers, S>, + OF: Feedback::Input, E::Observers, S>, + S: HasCorpus + + HasSolutions + + MaybeHasClientPerfMonitor + + HasCurrentTestcase + + UsesInput::Input> + + HasExecutions, + ::Input: Input, + S::Solutions: Corpus::Input>, { /// Process one input, adding to the respective corpora if needed and firing the right events #[inline] - fn evaluate_input_with_observers( + fn evaluate_input_with_observers( &mut self, state: &mut S, executor: &mut E, manager: &mut EM, - input: S::Input, + input: ::Input, send_events: bool, - ) -> Result<(ExecuteInputResult, Option), Error> - where - E: Executor + HasObservers, - EM: EventFirer, - { + ) -> Result<(ExecuteInputResult, Option), Error> { let exit_kind = self.execute_input(state, executor, manager, &input)?; let observers = executor.observers(); @@ -610,34 +528,40 @@ where } } -impl Evaluator for StdFuzzer +impl Evaluator::Input, S> for StdFuzzer where - CS: Scheduler, + CS: Scheduler<::Input, S>, E: HasObservers + Executor, - E::Observers: ObserversTuple + Serialize + DeserializeOwned, + E::Observers: MatchName + ObserversTuple<::Input, S> + Serialize, EM: EventFirer, - F: Feedback, - OF: Feedback, - S: HasCorpus + HasSolutions + HasExecutions + HasLastFoundTime + State, - S::Corpus: Corpus, //delete me - S::Solutions: Corpus, //delete me + F: Feedback::Input, E::Observers, S>, + OF: Feedback::Input, E::Observers, S>, + S: HasCorpus + + HasSolutions + + MaybeHasClientPerfMonitor + + HasCurrentTestcase + + HasLastFoundTime + + HasExecutions + + UsesInput::Input>, + ::Input: Input, + S::Solutions: Corpus::Input>, { /// Process one input, adding to the respective corpora if needed and firing the right events #[inline] fn evaluate_input_events( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, manager: &mut EM, - input: ::Input, + input: ::Input, send_events: bool, ) -> Result<(ExecuteInputResult, Option), Error> { self.evaluate_input_with_observers(state, executor, manager, input, send_events) } fn add_disabled_input( &mut self, - state: &mut Self::State, - input: ::Input, + state: &mut S, + input: ::Input, ) -> Result { let mut testcase = Testcase::from(input.clone()); testcase.set_disabled(true); @@ -648,10 +572,10 @@ where /// Adds an input, even if it's not considered `interesting` by any of the executors fn add_input( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, manager: &mut EM, - input: ::Input, + input: ::Input, ) -> Result { *state.last_found_time_mut() = current_time(); @@ -744,7 +668,7 @@ where } } -impl Fuzzer for StdFuzzer +impl Fuzzer for StdFuzzer where CS: Scheduler, E: UsesState, @@ -763,7 +687,7 @@ where &mut self, stages: &mut ST, executor: &mut E, - state: &mut Self::State, + state: &mut S, manager: &mut EM, ) -> Result { // Init timer for scheduler @@ -819,77 +743,89 @@ where Ok(id) } -} -impl StdFuzzer -where - CS: Scheduler, - S: UsesInput + HasExecutions + HasCorpus + State, -{ - /// Create a new `StdFuzzer` with standard behavior. - pub fn new(scheduler: CS, feedback: F, objective: OF) -> Self { - Self { - scheduler, - feedback, - objective, - phantom: PhantomData, + fn fuzz_loop( + &mut self, + stages: &mut ST, + executor: &mut E, + state: &mut S, + manager: &mut EM, + ) -> Result<(), Error> { + let monitor_timeout = STATS_TIMEOUT_DEFAULT; + loop { + manager.maybe_report_progress(state, monitor_timeout)?; + + self.fuzz_one(stages, executor, state, manager)?; } } - /// Runs the input and triggers observers - pub fn execute_input( + fn fuzz_loop_for( &mut self, - state: &mut ::State, + stages: &mut ST, executor: &mut E, - event_mgr: &mut EM, - input: &<::State as UsesInput>::Input, - ) -> Result - where - E: Executor::State> + HasObservers, - E::Observers: ObserversTuple<::Input, ::State>, - EM: UsesState::State>, - { - start_timer!(state); - executor.observers_mut().pre_exec_all(state, input)?; - mark_feature_time!(state, PerfFeature::PreExecObservers); + state: &mut S, + manager: &mut EM, + iters: u64, + ) -> Result { + if iters == 0 { + return Err(Error::illegal_argument( + "Cannot fuzz for 0 iterations!".to_string(), + )); + } - start_timer!(state); - let exit_kind = executor.run_target(self, state, event_mgr, input)?; - mark_feature_time!(state, PerfFeature::TargetExecution); + let mut ret = None; + let monitor_timeout = STATS_TIMEOUT_DEFAULT; - start_timer!(state); - executor - .observers_mut() - .post_exec_all(state, input, &exit_kind)?; - mark_feature_time!(state, PerfFeature::PostExecObservers); + for _ in 0..iters { + manager.maybe_report_progress(state, monitor_timeout)?; + ret = Some(self.fuzz_one(stages, executor, state, manager)?); + } - Ok(exit_kind) + manager.report_progress(state)?; + + // If we would assume the fuzzer loop will always exit after this, we could do this here: + // manager.on_restart(state)?; + // But as the state may grow to a few megabytes, + // for now we won't, and the user has to do it (unless we find a way to do this on `Drop`). + + Ok(ret.unwrap()) + } +} + +impl StdFuzzer { + /// Create a new `StdFuzzer` with standard behavior. + pub fn new(scheduler: CS, feedback: F, objective: OF) -> Self { + Self { + scheduler, + feedback, + objective, + } } } /// Structs with this trait will execute an input -pub trait ExecutesInput: UsesState -where - E: UsesState, - EM: UsesState, -{ +pub trait ExecutesInput { /// Runs the input and triggers observers and feedback fn execute_input( &mut self, - state: &mut Self::State, + state: &mut S, executor: &mut E, event_mgr: &mut EM, - input: &::Input, + input: &I, ) -> Result; } -impl ExecutesInput for StdFuzzer +impl ExecutesInput::Input, S> + for StdFuzzer where - CS: Scheduler, + CS: Scheduler<::Input, S>, E: Executor + HasObservers, - E::Observers: ObserversTuple<::Input, ::State>, - EM: UsesState, - S: UsesInput + HasExecutions + HasCorpus + State, + E::Observers: ObserversTuple<::Input, S>, + EM: UsesState, + S: UsesInput::Input> + + HasExecutions + + HasCorpus + + MaybeHasClientPerfMonitor, { /// Runs the input and triggers observers and feedback fn execute_input( @@ -897,7 +833,7 @@ where state: &mut S, executor: &mut E, event_mgr: &mut EM, - input: &S::Input, + input: &::Input, ) -> Result { start_timer!(state); executor.observers_mut().pre_exec_all(state, input)?; @@ -919,39 +855,28 @@ where /// A [`NopFuzzer`] that does nothing #[derive(Clone, Debug)] -pub struct NopFuzzer { - phantom: PhantomData, -} +pub struct NopFuzzer {} -impl NopFuzzer { +impl NopFuzzer { /// Creates a new [`NopFuzzer`] #[must_use] pub fn new() -> Self { - Self { - phantom: PhantomData, - } + Self {} } } -impl Default for NopFuzzer { +impl Default for NopFuzzer { fn default() -> Self { Self::new() } } -impl UsesState for NopFuzzer -where - S: State, -{ - type State = S; -} - -impl Fuzzer for NopFuzzer +impl Fuzzer for NopFuzzer where E: UsesState, - EM: ProgressReporter + EventProcessor, - ST: StagesTuple, - Self::State: HasMetadata + HasExecutions + HasLastReportTime + HasCurrentStageId, + EM: ProgressReporter + EventProcessor, + ST: StagesTuple, + S: HasMetadata + HasExecutions + HasLastReportTime + HasCurrentStageId + UsesInput, { fn fuzz_one( &mut self, @@ -962,4 +887,25 @@ where ) -> Result { unimplemented!("NopFuzzer cannot fuzz"); } + + fn fuzz_loop( + &mut self, + _stages: &mut ST, + _executor: &mut E, + _state: &mut S, + _manager: &mut EM, + ) -> Result<(), Error> { + unimplemented!("NopFuzzer cannot fuzz"); + } + + fn fuzz_loop_for( + &mut self, + _stages: &mut ST, + _executor: &mut E, + _state: &mut S, + _manager: &mut EM, + _iters: u64, + ) -> Result { + unimplemented!("NopFuzzer cannot fuzz"); + } } diff --git a/libafl/src/stages/afl_stats.rs b/libafl/src/stages/afl_stats.rs index 6aba14ee18..ece9ba1b73 100644 --- a/libafl/src/stages/afl_stats.rs +++ b/libafl/src/stages/afl_stats.rs @@ -239,7 +239,7 @@ impl Stage for AflStatsStage where E: HasObservers, EM: EventFirer, - Z: HasScheduler, + Z: HasScheduler<::Input, S>, S: HasImported + HasCorpus + HasMetadata @@ -252,7 +252,7 @@ where E::Observers: MatchNameRef, O: MapObserver, C: AsRef + Named, - ::Scheduler: HasQueueCycles, + Z::Scheduler: HasQueueCycles, { #[allow(clippy::too_many_lines)] fn perform( diff --git a/libafl/src/stages/calibrate.rs b/libafl/src/stages/calibrate.rs index 2d2cc09bd2..3cdbc2fd47 100644 --- a/libafl/src/stages/calibrate.rs +++ b/libafl/src/stages/calibrate.rs @@ -102,7 +102,7 @@ where + HasCurrentTestcase + HasCurrentCorpusId + UsesInput::Input>, - Z: Evaluator, + Z: Evaluator::Input, S>, ::Input: Input, { #[inline] diff --git a/libafl/src/stages/colorization.rs b/libafl/src/stages/colorization.rs index 91023844fc..732bbce1c2 100644 --- a/libafl/src/stages/colorization.rs +++ b/libafl/src/stages/colorization.rs @@ -92,7 +92,6 @@ where ::Input: HasMutatorBytes + Clone, O: MapObserver, C: AsRef + Named, - Z: UsesState, { #[inline] #[allow(clippy::let_and_return)] @@ -174,7 +173,6 @@ where + HasCurrentTestcase + UsesInput::Input>, ::Input: HasMutatorBytes + Clone, - Z: UsesState, { #[inline] #[allow(clippy::let_and_return)] diff --git a/libafl/src/stages/concolic.rs b/libafl/src/stages/concolic.rs index b6261a0125..d4b6641f6a 100644 --- a/libafl/src/stages/concolic.rs +++ b/libafl/src/stages/concolic.rs @@ -60,7 +60,6 @@ where + MaybeHasClientPerfMonitor + UsesInput::Input>, EM: UsesState, - Z: UsesState, { #[inline] fn perform( @@ -362,14 +361,6 @@ pub struct SimpleConcolicMutationalStage { phantom: PhantomData, } -#[cfg(feature = "concolic_mutation")] -impl UsesState for SimpleConcolicMutationalStage -where - Z: UsesState, -{ - type State = Z::State; -} - #[cfg(feature = "concolic_mutation")] /// The unique id for this stage static mut SIMPLE_CONCOLIC_MUTATIONAL_ID: usize = 0; @@ -388,7 +379,7 @@ impl Named for SimpleConcolicMutationalStage { #[cfg(feature = "concolic_mutation")] impl Stage for SimpleConcolicMutationalStage where - Z: Evaluator, + Z: Evaluator::Input, S>, ::Input: HasMutatorBytes + Clone, S: HasExecutions + HasCorpus diff --git a/libafl/src/stages/generalization.rs b/libafl/src/stages/generalization.rs index 1ae2bd28c7..123c6162ac 100644 --- a/libafl/src/stages/generalization.rs +++ b/libafl/src/stages/generalization.rs @@ -76,7 +76,6 @@ where + UsesInput, S::Corpus: Corpus, EM: UsesState, - Z: UsesState, { #[inline] #[allow(clippy::too_many_lines)] @@ -352,7 +351,6 @@ where + UsesInput, OT: ObserversTuple, EM: UsesState, - Z: UsesState, { /// Create a new [`GeneralizationStage`]. #[must_use] diff --git a/libafl/src/stages/generation.rs b/libafl/src/stages/generation.rs index 7067d0ea62..8fe6ff28fa 100644 --- a/libafl/src/stages/generation.rs +++ b/libafl/src/stages/generation.rs @@ -31,7 +31,7 @@ impl GenStage { impl Stage for GenStage where - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + UsesInput::Input>, G: Generator<::Input, S>, { diff --git a/libafl/src/stages/mutational.rs b/libafl/src/stages/mutational.rs index 1ac574a489..5e67897a85 100644 --- a/libafl/src/stages/mutational.rs +++ b/libafl/src/stages/mutational.rs @@ -150,7 +150,7 @@ impl Named for StdMutationalStage { impl Stage for StdMutationalStage where M: Mutator, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasMetadata @@ -192,7 +192,7 @@ where impl StdMutationalStage::Input, M, S, Z> where M: Mutator<::Input, S>, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasCurrentCorpusId + UsesInput + MaybeHasClientPerfMonitor, ::Input: Input + Clone, S::Corpus: Corpus, @@ -213,7 +213,7 @@ where impl StdMutationalStage where M: Mutator, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasCurrentTestcase + MaybeHasClientPerfMonitor + UsesInput, I: MutatedTransform<::Input, S> + Clone, ::Input: Input, @@ -319,7 +319,7 @@ impl Named for MultiMutationalStage { impl Stage for MultiMutationalStage where M: MultiMutator, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasNamedMetadata + HasCurrentTestcase + HasCurrentCorpusId + UsesInput, I: MutatedTransform<::Input, S> + Clone, ::Input: Input, diff --git a/libafl/src/stages/power.rs b/libafl/src/stages/power.rs index adcf982ca8..abd05b0b01 100644 --- a/libafl/src/stages/power.rs +++ b/libafl/src/stages/power.rs @@ -93,7 +93,7 @@ where + HasCurrentCorpusId + MaybeHasClientPerfMonitor + UsesInput::Input>, - Z: Evaluator, + Z: Evaluator::Input, S>, I: MutatedTransform<::Input, S> + Clone + Input, ::Input: Input, { @@ -134,7 +134,7 @@ where + MaybeHasClientPerfMonitor + UsesInput::Input>, I: MutatedTransform<::Input, S> + Clone + Input, - Z: Evaluator, + Z: Evaluator::Input, S>, ::Input: Input, { /// Creates a new [`PowerMutationalStage`] diff --git a/libafl/src/stages/push/mod.rs b/libafl/src/stages/push/mod.rs index cbbb456eff..b2caf3c2ad 100644 --- a/libafl/src/stages/push/mod.rs +++ b/libafl/src/stages/push/mod.rs @@ -262,10 +262,10 @@ where EM: EventFirer + EventRestarter + HasEventManagerId + ProgressReporter, OT: ObserversTuple<::Input, S>, PS: PushStage::Input, OT, S, Z>, - Z: ExecutesInput - + ExecutionProcessor - + EvaluatorObservers - + HasScheduler, + Z: ExecutesInput::Input, S> + + ExecutionProcessor::Input, OT, S> + + EvaluatorObservers::Input, OT> + + HasScheduler<::Input, S>, { fn perform( &mut self, diff --git a/libafl/src/stages/push/mutational.rs b/libafl/src/stages/push/mutational.rs index d3d35f8b50..76d28cfb09 100644 --- a/libafl/src/stages/push/mutational.rs +++ b/libafl/src/stages/push/mutational.rs @@ -80,7 +80,8 @@ impl PushStage::Input, OT, S, Z> for StdMutationalPushStage where EM: EventFirer, - Z: HasScheduler + ExecutionProcessor, + Z: HasScheduler<::Input, S> + + ExecutionProcessor::Input, OT, S>, S: HasCorpus + UsesInput::Input> + HasRand @@ -203,7 +204,8 @@ where OT: ObserversTuple<::Input, S> + Serialize, M: Mutator<::Input, S>, ::Input: Clone + Debug + Input, - Z: HasScheduler + ExecutionProcessor, + Z: HasScheduler<::Input, S> + + ExecutionProcessor::Input, OT, S>, { type Item = Result<::Input, Error>; @@ -225,7 +227,8 @@ where OT: ObserversTuple<::Input, S> + Serialize, M: Mutator<::Input, S>, ::Input: Clone + Debug + Input, - Z: HasScheduler + ExecutionProcessor, + Z: HasScheduler<::Input, S> + + ExecutionProcessor::Input, OT, S>, { /// Creates a new default mutational stage #[must_use] diff --git a/libafl/src/stages/sync.rs b/libafl/src/stages/sync.rs index b4cc5fcec0..a6cbcd3783 100644 --- a/libafl/src/stages/sync.rs +++ b/libafl/src/stages/sync.rs @@ -69,7 +69,7 @@ impl Named for SyncFromDiskStage { impl Stage for SyncFromDiskStage where CB: FnMut(&mut Z, &mut S, &Path) -> Result<::Input, Error>, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasMetadata @@ -167,20 +167,25 @@ impl SyncFromDiskStage { /// Function type when the callback in `SyncFromDiskStage` is not a lambda pub type SyncFromDiskFunction = - fn(&mut Z, &mut S, &Path) -> Result<::Input, Error>; + fn(&mut Z, &mut S, &Path) -> Result<<::Corpus as Corpus>::Input, Error>; -impl SyncFromDiskStage, E, EM, S, Z> +impl SyncFromDiskStage, E, EM, S, Z> where - Z: Evaluator, + S: HasCorpus, + ::Input: Input, + Z: Evaluator::Input, S>, { /// Creates a new [`SyncFromDiskStage`] invoking `Input::from_file` to load inputs #[must_use] pub fn with_from_file(sync_dirs: Vec, interval: Duration) -> Self { - fn load_callback( + fn load_callback( _: &mut Z, _: &mut S, p: &Path, - ) -> Result { + ) -> Result<::Input, Error> + where + ::Input: Input, + { Input::from_file(p) } Self { @@ -240,7 +245,8 @@ where SP: ShMemProvider, E: HasObservers + Executor, for<'a> E::Observers: Deserialize<'a>, - Z: EvaluatorObservers + ExecutionProcessor, + Z: EvaluatorObservers::Input, S> + + ExecutionProcessor::Input, E::Observers, S>, IC: InputConverter::Input, To = DI>, ICB: InputConverter::Input>, DI: Input, diff --git a/libafl/src/stages/tmin.rs b/libafl/src/stages/tmin.rs index e7d072e486..ff449b19fa 100644 --- a/libafl/src/stages/tmin.rs +++ b/libafl/src/stages/tmin.rs @@ -59,9 +59,9 @@ pub struct StdTMinMutationalStage { impl Stage for StdTMinMutationalStage where - Z: HasScheduler - + ExecutionProcessor - + ExecutesInput + Z: HasScheduler<::Input, S> + + ExecutionProcessor::Input, E::Observers, S> + + ExecutesInput::Input, S> + HasFeedback, Z::Scheduler: RemovableScheduler<::Input, S>, E: HasObservers + UsesState, @@ -94,7 +94,7 @@ where &mut self, fuzzer: &mut Z, executor: &mut E, - state: &mut Z::State, + state: &mut S, manager: &mut EM, ) -> Result<(), Error> { self.perform_minification(fuzzer, executor, state, manager)?; @@ -130,14 +130,14 @@ pub static TMIN_STAGE_NAME: &str = "tmin"; impl StdTMinMutationalStage where - Z: HasScheduler - + ExecutionProcessor - + ExecutesInput + Z: HasScheduler<::Input, S> + + ExecutionProcessor::Input, E::Observers, S> + + ExecutesInput::Input, S> + HasFeedback, Z::Scheduler: RemovableScheduler<::Input, S>, - E: HasObservers + UsesState, + E: HasObservers + UsesState, E::Observers: ObserversTuple<::Input, S> + Serialize, - EM: EventFirer, + EM: EventFirer, FF: FeedbackFactory, F: Feedback::Input, E::Observers, S>, S: HasMetadata diff --git a/libafl/src/stages/tracing.rs b/libafl/src/stages/tracing.rs index b0a0442b4f..68f0fdfe76 100644 --- a/libafl/src/stages/tracing.rs +++ b/libafl/src/stages/tracing.rs @@ -42,7 +42,6 @@ where + MaybeHasClientPerfMonitor + UsesInput::Input>, EM: UsesState, //delete me - Z: UsesState, //delete me { #[allow(rustdoc::broken_intra_doc_links)] /// Perform tracing on the given `CorpusId`. Useful for if wrapping [`TracingStage`] with your @@ -87,7 +86,6 @@ where + MaybeHasClientPerfMonitor + UsesInput::Input>, EM: UsesState, - Z: UsesState, ::Input: Input, { #[inline] @@ -183,7 +181,6 @@ where + MaybeHasClientPerfMonitor + UsesInput::Input>, EM: UsesState, - Z: UsesState, { #[inline] fn perform( @@ -232,11 +229,10 @@ where impl ShadowTracingStage where - E: Executor + HasObservers, - S: HasExecutions + HasCorpus, + E: Executor + HasObservers, + S: HasExecutions + HasCorpus + UsesInput, SOT: ObserversTuple<::Input, S>, - EM: UsesState, - Z: UsesState, + EM: UsesState, { /// Creates a new default stage pub fn new(_executor: &mut ShadowExecutor) -> Self { diff --git a/libafl/src/stages/tuneable.rs b/libafl/src/stages/tuneable.rs index a5db42bb87..25a2ec82ef 100644 --- a/libafl/src/stages/tuneable.rs +++ b/libafl/src/stages/tuneable.rs @@ -164,7 +164,7 @@ pub struct TuneableMutationalStage { impl MutationalStage for TuneableMutationalStage where M: Mutator, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasNamedMetadata + HasMetadata + HasExecutions + HasCurrentTestcase, I: MutatedTransform<::Input, S> + Clone, ::Input: Input, @@ -196,7 +196,7 @@ where impl Stage for TuneableMutationalStage where M: Mutator, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasNamedMetadata @@ -237,7 +237,7 @@ where impl TuneableMutationalStage where M: Mutator, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasNamedMetadata @@ -469,8 +469,8 @@ where impl TuneableMutationalStage where - M: Mutator, - Z: Evaluator, + M: Mutator, + Z: Evaluator::Input, S>, S: HasCorpus + HasRand + HasNamedMetadata, { /// Creates a new transforming mutational stage diff --git a/libafl/src/stages/verify_timeouts.rs b/libafl/src/stages/verify_timeouts.rs index b6755dadff..9d62f61b57 100644 --- a/libafl/src/stages/verify_timeouts.rs +++ b/libafl/src/stages/verify_timeouts.rs @@ -86,7 +86,7 @@ where E::Observers: ObserversTuple<::Input, S>, E: Executor + HasObservers + HasTimeout, EM: UsesState, - Z: Evaluator, + Z: Evaluator::Input, S>, S: HasCorpus + HasMetadata + UsesInput::Input>, ::Input: Debug + Serialize + DeserializeOwned + Default + 'static + Clone, { diff --git a/libafl/src/state/mod.rs b/libafl/src/state/mod.rs index 0237aa8712..86477a6aa1 100644 --- a/libafl/src/state/mod.rs +++ b/libafl/src/state/mod.rs @@ -725,7 +725,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { if let Some(remaining) = self.remaining_initial_files.as_ref() { // everything was loaded @@ -750,7 +750,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { log::info!("Loading file {:?} ...", &path); let input = (config.loader)(fuzzer, self, path)?; @@ -779,7 +779,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { loop { match self.next_file() { @@ -844,7 +844,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { self.load_initial_inputs_custom_by_filenames( fuzzer, @@ -872,7 +872,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { self.canonicalize_input_dirs(in_dirs)?; self.continue_loading_initial_inputs_custom( @@ -899,7 +899,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { self.load_initial_inputs_custom_by_filenames( fuzzer, @@ -925,7 +925,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { self.canonicalize_input_dirs(in_dirs)?; self.continue_loading_initial_inputs_custom( @@ -952,7 +952,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { self.canonicalize_input_dirs(in_dirs)?; self.continue_loading_initial_inputs_custom( @@ -994,7 +994,7 @@ where where E: UsesState, EM: EventFirer, - Z: Evaluator, + Z: Evaluator, { if self.multicore_inputs_processed.unwrap_or(false) { self.continue_loading_initial_inputs_custom( @@ -1090,7 +1090,7 @@ where E: UsesState, EM: EventFirer, G: Generator<::Input, Self>, - Z: Evaluator, + Z: Evaluator, { let mut added = 0; for _ in 0..num { @@ -1129,7 +1129,7 @@ where E: UsesState, EM: EventFirer, G: Generator<::Input, Self>, - Z: Evaluator, + Z: Evaluator, { self.generate_initial_internal(fuzzer, executor, generator, manager, num, true) } @@ -1147,7 +1147,7 @@ where E: UsesState, EM: EventFirer, G: Generator<::Input, Self>, - Z: Evaluator, + Z: Evaluator, { self.generate_initial_internal(fuzzer, executor, generator, manager, num, false) } diff --git a/libafl_frida/src/executor.rs b/libafl_frida/src/executor.rs index a7feffc839..1f80d2bac0 100644 --- a/libafl_frida/src/executor.rs +++ b/libafl_frida/src/executor.rs @@ -74,7 +74,6 @@ where TC: TargetBytesConverter, OT: ObserversTuple, RT: FridaRuntimeTuple, - Z: UsesState, { /// Instruct the target about the input and run #[inline] diff --git a/libafl_libfuzzer/runtime/src/fuzz.rs b/libafl_libfuzzer/runtime/src/fuzz.rs index 94f3954559..17827c9c14 100644 --- a/libafl_libfuzzer/runtime/src/fuzz.rs +++ b/libafl_libfuzzer/runtime/src/fuzz.rs @@ -62,7 +62,7 @@ fn do_fuzz( mgr: &mut EM, ) -> Result<(), Error> where - F: Fuzzer, + F: Fuzzer, S: HasMetadata + HasExecutions + UsesInput diff --git a/libafl_libfuzzer/runtime/src/report.rs b/libafl_libfuzzer/runtime/src/report.rs index 44ee09cad1..8c22b28bde 100644 --- a/libafl_libfuzzer/runtime/src/report.rs +++ b/libafl_libfuzzer/runtime/src/report.rs @@ -23,7 +23,7 @@ fn do_report( _mgr: &mut EM, ) -> Result<(), Error> where - F: Fuzzer, + F: Fuzzer, S: HasMetadata + HasNamedMetadata + HasExecutions diff --git a/libafl_libfuzzer/runtime/src/tmin.rs b/libafl_libfuzzer/runtime/src/tmin.rs index dab8f27433..44ff647796 100644 --- a/libafl_libfuzzer/runtime/src/tmin.rs +++ b/libafl_libfuzzer/runtime/src/tmin.rs @@ -13,7 +13,7 @@ use libafl::{ schedulers::QueueScheduler, stages::StdTMinMutationalStage, state::{HasCorpus, StdState}, - Error, Fuzzer, StdFuzzer, + Error, ExecutesInput, Fuzzer, StdFuzzer, }; use libafl_bolts::{ rands::{RomuDuoJrRand, StdRand}, diff --git a/libafl_nyx/src/executor.rs b/libafl_nyx/src/executor.rs index 5f100a5c83..c83e35ade2 100644 --- a/libafl_nyx/src/executor.rs +++ b/libafl_nyx/src/executor.rs @@ -50,7 +50,6 @@ where EM: UsesState, S: State + HasExecutions, S::Input: HasTargetBytes, - Z: UsesState, OT: ObserversTuple, { fn run_target( diff --git a/libafl_qemu/src/executor.rs b/libafl_qemu/src/executor.rs index 6a56c06c4b..b5ce9791c5 100644 --- a/libafl_qemu/src/executor.rs +++ b/libafl_qemu/src/executor.rs @@ -98,7 +98,7 @@ pub unsafe fn inproc_qemu_timeout_handler( ET: EmulatorModuleTuple, OF: Feedback, S: State + Unpin, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { @@ -166,9 +166,10 @@ where EM: EventFirer + EventRestarter, OF: Feedback, S: Unpin + State + HasExecutions + HasCorpus + HasSolutions, - Z: HasObjective - + HasScheduler - + ExecutionProcessor, + S::Corpus: Corpus, + Z: HasObjective + + HasScheduler<::Input, S> + + ExecutionProcessor::Input, OT, S>, S::Solutions: Corpus, //delete me ::Input: Clone, //delete me { @@ -241,7 +242,6 @@ where H: FnMut(&mut Emulator, &mut S, &S::Input) -> ExitKind, OT: ObserversTuple, S: State + HasExecutions + Unpin, - Z: UsesState, { fn run_target( &mut self, @@ -315,7 +315,6 @@ where OT: ObserversTuple, S: UsesInput, SP: ShMemProvider, - Z: UsesState, { inner: QemuInProcessForkExecutor<'a, CM, ED, EM, ET, H, OT, S, SM, SP, Z>, } @@ -333,7 +332,6 @@ where S: UsesInput + Debug, SM: Debug, SP: ShMemProvider, - Z: UsesState, { fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { f.debug_struct("QemuForkExecutor") @@ -354,7 +352,7 @@ where OT: ObserversTuple, S: State + HasSolutions, SP: ShMemProvider, - Z: HasObjective, + Z: HasObjective, Z::Objective: Feedback, { #[allow(clippy::too_many_arguments)] @@ -416,7 +414,7 @@ where OT: ObserversTuple + Debug, S: State + HasExecutions + Unpin, SP: ShMemProvider, - Z: HasObjective, + Z: HasObjective, { fn run_target( &mut self, @@ -452,7 +450,6 @@ where OT: ObserversTuple, S: State, SP: ShMemProvider, - Z: UsesState, { type State = S; } @@ -468,7 +465,6 @@ where OT: ObserversTuple, S: State, SP: ShMemProvider, - Z: UsesState, { type Observers = OT; #[inline] diff --git a/libafl_targets/src/cmps/stages/aflpptracing.rs b/libafl_targets/src/cmps/stages/aflpptracing.rs index 6749ea7feb..99f37ffb12 100644 --- a/libafl_targets/src/cmps/stages/aflpptracing.rs +++ b/libafl_targets/src/cmps/stages/aflpptracing.rs @@ -38,7 +38,6 @@ impl Named for AFLppCmplogTracingStage<'_, EM, TE, S, Z> { impl Stage for AFLppCmplogTracingStage<'_, EM, TE, S, Z> where EM: UsesState, - Z: UsesState, TE: HasObservers + Executor, TE::Observers: MatchNameRef + ObserversTuple, S: HasCorpus diff --git a/libafl_targets/src/windows_asan.rs b/libafl_targets/src/windows_asan.rs index 3ba804dd3e..1f23c63132 100644 --- a/libafl_targets/src/windows_asan.rs +++ b/libafl_targets/src/windows_asan.rs @@ -37,7 +37,7 @@ where OF: Feedback, E::State: HasSolutions + HasCorpus + HasExecutions, E::Observers: ObserversTuple<::Input, E::State>, - Z: HasObjective, + Z: HasObjective, <::State as HasSolutions>::Solutions: Corpus, //delete me <<::State as HasCorpus>::Corpus as Corpus>::Input: Clone, //delete me { diff --git a/libafl_tinyinst/src/executor.rs b/libafl_tinyinst/src/executor.rs index 6dca42c5ae..b4b22d58fe 100644 --- a/libafl_tinyinst/src/executor.rs +++ b/libafl_tinyinst/src/executor.rs @@ -54,7 +54,6 @@ where S: State + HasExecutions, S::Input: HasTargetBytes, SP: ShMemProvider, - Z: UsesState, { #[inline] fn run_target(