From 8b6c2747ca01247fb35dd1182b4828dd8dabefd8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulf=20Karg=C3=A9n?= <ulf.kargen@liu.se>
Date: Wed, 15 Nov 2023 21:15:52 +0100
Subject: [PATCH] carry over 'was_fuzzed' state on resume

---
 src/afl-fuzz-init.c | 24 ++++++++++++++++++++++++
 src/afl-fuzz-run.c  |  7 +++----
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c
index d4350420..7531149c 100644
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@@ -801,6 +801,24 @@ void read_testcases(afl_state_t *afl, u8 *directory) {
 
       }
 
+      /* Carry over saved time of first fuzzing from resumed run, if present */
+
+      u8  wf_fn[PATH_MAX];
+      s32 wf_fd;
+      u64 first_fuzz;
+      snprintf(wf_fn, PATH_MAX, "%s/.state/was_fuzzed/%s", afl->in_dir,
+               nl[i]->d_name);
+      wf_fd = open(wf_fn, O_RDONLY);
+
+      if (wf_fd != -1 && 
+          read(wf_fd, &first_fuzz, sizeof(u64)) == sizeof(u64)) {
+        afl->queue_top->was_fuzzed = 1;
+        afl->queue_top->first_fuzz = first_fuzz;
+        afl->pending_not_fuzzed--;
+      }
+      
+      close(wf_fd);
+
       /*
           if (unlikely(afl->schedule >= FAST && afl->schedule <= RARE)) {
 
@@ -1177,6 +1195,8 @@ void perform_dry_run(afl_state_t *afl) {
 
         duplicates = 1;
 
+        u64 runtime = afl->prev_run_time + get_cur_time() - afl->start_time;
+
         // we keep the shorter file
         if (p->len >= q->len) {
 
@@ -1373,6 +1393,10 @@ void pivot_inputs(afl_state_t *afl) {
 
     if (q->passed_det) { mark_as_det_done(afl, q); }
 
+    /* ...and the time of first fuzzing. */
+
+    if (q->was_fuzzed) { mark_as_fuzzed(afl, q); }
+
     if (afl->custom_mutators_count) {
 
       run_afl_custom_queue_new_entry(afl, q, q->fname, NULL);
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c
index 7dc669b5..99519757 100644
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@@ -787,14 +787,13 @@ void sync_fuzzers(afl_state_t *afl) {
 
       snprintf(path, sizeof(path), "%s/%s", qd_path, namelist[o]->d_name);
 
-      /* Skip syncing of recent discoveries if AFL_DELAY_SYNC is true. */
+      /* Skip syncing of recent discoveries if AFL_DELAY_SYNC is set. */
 
       skip = 0;
 
       if (afl->afl_env.afl_delay_sync) {
 
-        u64 cycle_time = get_cur_time() - 
-          (!afl->last_sync_time ? afl->start_time : afl->last_sync_time);
+        u64 cycle_time = get_cur_time() - afl->last_sync_time;
 
         u64 runtime = afl->prev_run_time + get_cur_time() - afl->start_time;
 
@@ -805,7 +804,7 @@ void sync_fuzzers(afl_state_t *afl) {
 
         if (wf_fd < 0 || 
             read(wf_fd, &ftime, sizeof(u64)) != sizeof(u64) ||
-            ftime > runtime - SYNC_DELAY_CYCLES * cycle_time) {
+            ftime + SYNC_DELAY_CYCLES * cycle_time > runtime) {
                                   
           skip = 1;
           
-- 
GitLab