def loop(self):
skip_sync = False
while True:
if not skip_sync:
self.__sync_handler()
skip_sync = False
request = recv_msg(self.comm.to_mapserver_queue)
if request.tag == KAFL_TAG_RESULT:
self.__result_tag_handler(request)
elif request.tag == DRIFUZZ_CONC_BITMAP:
self.skip_sync = True
self.__result_tag_handler(request, imported=True)
elif request.tag == KAFL_TAG_MAP_INFO:
self.__map_info_tag_handler(request)
elif request.tag == KAFL_TAG_NXT_FIN or request.tag == KAFL_TAG_NXT_UNFIN:
self.abortion_counter = 0
self.abortion_alredy_sent = False
self.comm.stage_abortion_notifier.value = False
self.__next_tag_handler(request)
elif request.tag == KAFL_TAG_UNTOUCHED_NODES:
self.__untouched_tag_handler(request)
elif request.tag == KAFL_TAG_REQ_EFFECTOR:
self.__req_effector_tag_handler(request)
elif request.tag == KAFL_TAG_GET_EFFECTOR:
self.__get_effector_tag_handler(request)
def loop(self):
# ui = FuzzerUI(self.comm.num_processes, fancy=self.config.argument_values['f'], inline_log=self.config.argument_values['l'])
if self.use_ui:
ui = FuzzerUI(self.comm.num_processes, fancy=True, inline_log=True)
else:
ui = None
ev = Evaluation(self.config)
if self.use_ui:
ui.install_sighandler()
# Thread(target=self.blacklist_updater, args=(ui,)).start()
update = None
while True:
msg = recv_msg(self.comm.to_update_queue, timeout=self.timeout)
self.__update_ui(ui, ev, update, msg)
while not self.comm.to_update_queue.empty():
msg = recv_msg(self.comm.to_update_queue)
self.__update_ui(ui, ev, update, msg)
def loop(self):
while not self.stopped():
msg = recv_msg(self.comm.to_concolicserver_queue, timeout=0.1)
if msg is None:
continue
if msg.tag == DRIFUZZ_NEW_INPUT:
log_concolicserver("Received DRIFUZZ_NEW_INPUT")
self.run_concolic(msg.data)
for lf in self.logs:
lf.close()
def loop(self):
while not self.stopped():
msg = recv_msg(self.comm.to_slave_queues[self.slave_id], timeout=0.1)
if msg is None:
continue
if msg.tag == DRIFUZZ_REQ_READ_IDX or \
msg.tag == DRIFUZZ_REQ_DMA_IDX:
key, idx = msg.data
self.idx = idx
# log_concolicserver(f"Received index {self.idx}")
self.idx_sem.release()
def loop(self):
while True:
msg = recv_msg(self.comm.to_modelserver_queue)
if msg.tag == DRIFUZZ_REQ_READ_IDX:
key, _, _ = msg.data
res = self.global_model.get_read_idx(*msg.data)
send_msg(DRIFUZZ_REQ_READ_IDX, (key, res), self.comm.to_slave_queues[msg.source])
elif msg.tag == DRIFUZZ_REQ_DMA_IDX:
key, _, _ = msg.data
res = self.global_model.get_dma_idx(*msg.data)
send_msg(DRIFUZZ_REQ_DMA_IDX, (key, res), self.comm.to_slave_queues[msg.source])
else:
continue
def __init__(self, comm, initial=True, reload=False):
self.comm = comm
self.mapserver_state_obj = MapserverState()
self.hash_list = set()
self.crash_list = []
self.shadow_map = set()
self.last_hash = ""
self.post_sync_master_tag = None
self.effector_map = []
self.abortion_counter = 0
self.abortion_alredy_sent = False
self.comm.stage_abortion_notifier.value = False
self.new_findings = 0
self.effector_initial_bitmap = None
self.effector_sync = False
self.performance = 0
self.post_sync = False
self.pre_sync = False
self.round_counter = 0
self.round_counter_effector_sync = 0
self.round_counter_master_post = 0
self.round_counter_master_pre = 0
self.config = FuzzerConfiguration()
# self.enable_graphviz = self.config.argument_values['g']
self.enable_graphviz = False
# self.abortion_threshold = self.config.config_values['ABORTION_TRESHOLD']
self.abortion_threshold = 5
self.ring_buffers = []
for e in range(self.config.argument_values['p']):
self.ring_buffers.append(collections.deque(maxlen=30))
if reload:
self.load_data()
self.treemap = KaflTree.load_data(
enable_graphviz=self.enable_graphviz)
else:
msg = recv_msg(self.comm.to_mapserver_queue)
self.mapserver_state_obj.pending = len(msg.data)
self.treemap = KaflTree(msg.data,
enable_graphviz=self.enable_graphviz)
def interprocess_proto_handler(self):
response = recv_msg(self.comm.to_slave_queues[self.slave_id],
timeout=0.1)
if response is None:
return
if self.stopped():
return
# print('slave got cmd %d' % response.tag)
if response.tag == KAFL_TAG_JOB:
self.__respond_job_req(response)
elif response.tag == DRIFUZZ_CONC_BITMAP:
self.__respond_job_req(response, imported=True)
elif response.tag == KAFL_TAG_REQ_BITMAP:
self.__respond_bitmap_req(response)
elif response.tag == KAFL_TAG_REQ_SAMPLING:
self.__respond_sampling_req(response)
elif response.tag == KAFL_TAG_REQ_BENCHMARK:
self.__respond_benchmark_req(response)
elif response.tag == DRIFUZZ_REQ_READ_IDX or \
response.tag == DRIFUZZ_REQ_DMA_IDX:
# If qemu was restarted and we receive this,
# it's from last execution before restarting
# We discard the result
key, idx = response.data
self.idx = idx
self.idx_sem.release()
elif response.tag == DRIFUZZ_START_QEMU:
self.start_vm()
else:
log_slave("Received TAG: " + str(response.tag), self.slave_id)