def loop(self): skip_sync = False while True: if not skip_sync: self.__sync_handler() skip_sync = False request = recv_msg(self.comm.to_mapserver_queue) if request.tag == KAFL_TAG_RESULT: self.__result_tag_handler(request) elif request.tag == DRIFUZZ_CONC_BITMAP: self.skip_sync = True self.__result_tag_handler(request, imported=True) elif request.tag == KAFL_TAG_MAP_INFO: self.__map_info_tag_handler(request) elif request.tag == KAFL_TAG_NXT_FIN or request.tag == KAFL_TAG_NXT_UNFIN: self.abortion_counter = 0 self.abortion_alredy_sent = False self.comm.stage_abortion_notifier.value = False self.__next_tag_handler(request) elif request.tag == KAFL_TAG_UNTOUCHED_NODES: self.__untouched_tag_handler(request) elif request.tag == KAFL_TAG_REQ_EFFECTOR: self.__req_effector_tag_handler(request) elif request.tag == KAFL_TAG_GET_EFFECTOR: self.__get_effector_tag_handler(request)
def loop(self): # ui = FuzzerUI(self.comm.num_processes, fancy=self.config.argument_values['f'], inline_log=self.config.argument_values['l']) if self.use_ui: ui = FuzzerUI(self.comm.num_processes, fancy=True, inline_log=True) else: ui = None ev = Evaluation(self.config) if self.use_ui: ui.install_sighandler() # Thread(target=self.blacklist_updater, args=(ui,)).start() update = None while True: msg = recv_msg(self.comm.to_update_queue, timeout=self.timeout) self.__update_ui(ui, ev, update, msg) while not self.comm.to_update_queue.empty(): msg = recv_msg(self.comm.to_update_queue) self.__update_ui(ui, ev, update, msg)
def loop(self): while not self.stopped(): msg = recv_msg(self.comm.to_concolicserver_queue, timeout=0.1) if msg is None: continue if msg.tag == DRIFUZZ_NEW_INPUT: log_concolicserver("Received DRIFUZZ_NEW_INPUT") self.run_concolic(msg.data) for lf in self.logs: lf.close()
def loop(self): while not self.stopped(): msg = recv_msg(self.comm.to_slave_queues[self.slave_id], timeout=0.1) if msg is None: continue if msg.tag == DRIFUZZ_REQ_READ_IDX or \ msg.tag == DRIFUZZ_REQ_DMA_IDX: key, idx = msg.data self.idx = idx # log_concolicserver(f"Received index {self.idx}") self.idx_sem.release()
def loop(self): while True: msg = recv_msg(self.comm.to_modelserver_queue) if msg.tag == DRIFUZZ_REQ_READ_IDX: key, _, _ = msg.data res = self.global_model.get_read_idx(*msg.data) send_msg(DRIFUZZ_REQ_READ_IDX, (key, res), self.comm.to_slave_queues[msg.source]) elif msg.tag == DRIFUZZ_REQ_DMA_IDX: key, _, _ = msg.data res = self.global_model.get_dma_idx(*msg.data) send_msg(DRIFUZZ_REQ_DMA_IDX, (key, res), self.comm.to_slave_queues[msg.source]) else: continue
def __init__(self, comm, initial=True, reload=False): self.comm = comm self.mapserver_state_obj = MapserverState() self.hash_list = set() self.crash_list = [] self.shadow_map = set() self.last_hash = "" self.post_sync_master_tag = None self.effector_map = [] self.abortion_counter = 0 self.abortion_alredy_sent = False self.comm.stage_abortion_notifier.value = False self.new_findings = 0 self.effector_initial_bitmap = None self.effector_sync = False self.performance = 0 self.post_sync = False self.pre_sync = False self.round_counter = 0 self.round_counter_effector_sync = 0 self.round_counter_master_post = 0 self.round_counter_master_pre = 0 self.config = FuzzerConfiguration() # self.enable_graphviz = self.config.argument_values['g'] self.enable_graphviz = False # self.abortion_threshold = self.config.config_values['ABORTION_TRESHOLD'] self.abortion_threshold = 5 self.ring_buffers = [] for e in range(self.config.argument_values['p']): self.ring_buffers.append(collections.deque(maxlen=30)) if reload: self.load_data() self.treemap = KaflTree.load_data( enable_graphviz=self.enable_graphviz) else: msg = recv_msg(self.comm.to_mapserver_queue) self.mapserver_state_obj.pending = len(msg.data) self.treemap = KaflTree(msg.data, enable_graphviz=self.enable_graphviz)
def interprocess_proto_handler(self): response = recv_msg(self.comm.to_slave_queues[self.slave_id], timeout=0.1) if response is None: return if self.stopped(): return # print('slave got cmd %d' % response.tag) if response.tag == KAFL_TAG_JOB: self.__respond_job_req(response) elif response.tag == DRIFUZZ_CONC_BITMAP: self.__respond_job_req(response, imported=True) elif response.tag == KAFL_TAG_REQ_BITMAP: self.__respond_bitmap_req(response) elif response.tag == KAFL_TAG_REQ_SAMPLING: self.__respond_sampling_req(response) elif response.tag == KAFL_TAG_REQ_BENCHMARK: self.__respond_benchmark_req(response) elif response.tag == DRIFUZZ_REQ_READ_IDX or \ response.tag == DRIFUZZ_REQ_DMA_IDX: # If qemu was restarted and we receive this, # it's from last execution before restarting # We discard the result key, idx = response.data self.idx = idx self.idx_sem.release() elif response.tag == DRIFUZZ_START_QEMU: self.start_vm() else: log_slave("Received TAG: " + str(response.tag), self.slave_id)