1 files changed, 24 insertions, 13 deletions

diff --git a/runtime/afl.c b/runtime/afl.c
index 0d3c77d8c1..54a1f83d3f 100644
--- a/runtime/afl.c
+++ b/runtime/afl.c
@@ -13,26 +13,34 @@
 /**************************************************************************/
 
 /* Runtime support for afl-fuzz */
+
+#define CAML_INTERNALS
+
 #include "caml/config.h"
+#include "caml/memory.h"
+#include "caml/mlvalues.h"
 
 /* Values used by the instrumentation logic (see cmmgen.ml) */
-static unsigned char afl_area_initial[1 << 16];
-unsigned char* caml_afl_area_ptr = afl_area_initial;
+
+#define INITIAL_AFL_AREA_SIZE (1 << 16)
+unsigned char * caml_afl_area_ptr = NULL;
 uintnat caml_afl_prev_loc;
 
 #if !defined(HAS_SYS_SHM_H) || !defined(HAS_SHMAT)
 
-#include "caml/mlvalues.h"
-#include "caml/domain.h"
-
-CAMLprim value caml_reset_afl_instrumentation(value full)
+CAMLexport value caml_setup_afl(value unit)
 {
+  /* AFL is not supported, but we still need to allocate space for the bitmap
+       (the instrumented OCaml code will write into it). */
+  if (caml_afl_area_ptr == NULL) {
+    caml_afl_area_ptr = caml_stat_alloc(INITIAL_AFL_AREA_SIZE);
+    memset(caml_afl_area_ptr, 0, INITIAL_AFL_AREA_SIZE);
+  }
   return Val_unit;
 }
 
-CAMLexport value caml_setup_afl(value unit)
+CAMLprim value caml_reset_afl_instrumentation(value full)
 {
-  /* AFL is not supported */
   return Val_unit;
 }
 
@@ -46,9 +54,8 @@ CAMLexport value caml_setup_afl(value unit)
 #include <stdio.h>
 #include <string.h>
 
-#define CAML_INTERNALS
+#include "caml/domain.h"
 #include "caml/misc.h"
-#include "caml/mlvalues.h"
 #include "caml/osdeps.h"
 
 static int afl_initialised = 0;
@@ -87,7 +94,11 @@ CAMLexport value caml_setup_afl(value unit)
 
   shm_id_str = caml_secure_getenv("__AFL_SHM_ID");
   if (shm_id_str == NULL) {
-    /* Not running under afl-fuzz, continue as normal */
+    /* Not running under afl-fuzz.  Allocate space for the bitmap
+       (the instrumented OCaml code will write into it),
+       and continue as normal. */
+    caml_afl_area_ptr = caml_stat_alloc(INITIAL_AFL_AREA_SIZE);
+    memset(caml_afl_area_ptr, 0, INITIAL_AFL_AREA_SIZE);
     return Val_unit;
   }
 
@@ -164,8 +175,8 @@ CAMLexport value caml_setup_afl(value unit)
 
 CAMLprim value caml_reset_afl_instrumentation(value full)
 {
-  if (full == Val_true) {
-    memset(caml_afl_area_ptr, 0, sizeof(afl_area_initial));
+  if (full == Val_true && caml_afl_area_ptr != NULL) {
+    memset(caml_afl_area_ptr, 0, INITIAL_AFL_AREA_SIZE);
   }
   caml_afl_prev_loc = 0;
   return Val_unit;