From 579895f5d2f9cde79421f114b6b2b6ada1269370 Mon Sep 17 00:00:00 2001 From: kjain14 Date: Fri, 7 Oct 2022 10:48:55 -0400 Subject: [PATCH] Fix build issues for UM fuzzers (#1517) Removing the final build after fuzzing mutants entirely, since this is the point of failure on all UM fuzzers. Instead on initial build copying output directory and copying it back after final UM build. Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com> --- fuzzers/afl_um_parallel/fuzzer.py | 90 ++++++++++--------- fuzzers/afl_um_prioritize/fuzzer.py | 96 ++++++++++----------- fuzzers/afl_um_random/fuzzer.py | 90 ++++++++++--------- fuzzers/aflplusplus_um_parallel/fuzzer.py | 90 ++++++++++--------- fuzzers/aflplusplus_um_prioritize/fuzzer.py | 96 ++++++++++----------- fuzzers/aflplusplus_um_random/fuzzer.py | 89 ++++++++++--------- fuzzers/aflplusplus_um_random_3/fuzzer.py | 89 ++++++++++--------- fuzzers/aflplusplus_um_random_6/fuzzer.py | 89 ++++++++++--------- fuzzers/eclipser_um_parallel/fuzzer.py | 89 ++++++++++--------- fuzzers/eclipser_um_prioritize/fuzzer.py | 96 ++++++++++----------- fuzzers/eclipser_um_random/fuzzer.py | 90 ++++++++++--------- fuzzers/honggfuzz_um_parallel/fuzzer.py | 90 ++++++++++--------- fuzzers/honggfuzz_um_prioritize/fuzzer.py | 96 ++++++++++----------- fuzzers/honggfuzz_um_random/fuzzer.py | 90 ++++++++++--------- fuzzers/libfuzzer_um_parallel/fuzzer.py | 90 ++++++++++--------- fuzzers/libfuzzer_um_prioritize/fuzzer.py | 96 ++++++++++----------- fuzzers/libfuzzer_um_random/fuzzer.py | 90 ++++++++++--------- service/experiment-requests.yaml | 33 +++++-- 18 files changed, 790 insertions(+), 799 deletions(-) diff --git a/fuzzers/afl_um_parallel/fuzzer.py b/fuzzers/afl_um_parallel/fuzzer.py index b5f8b777e..5b7cc34ee 100644 --- a/fuzzers/afl_um_parallel/fuzzer.py +++ b/fuzzers/afl_um_parallel/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): afl_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\ - .{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - afl_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\ + .{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + afl_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - afl_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/afl_um_prioritize/fuzzer.py b/fuzzers/afl_um_prioritize/fuzzer.py index 0af39ae4a..123da9455 100755 --- a/fuzzers/afl_um_prioritize/fuzzer.py +++ b/fuzzers/afl_um_prioritize/fuzzer.py @@ -73,12 +73,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): afl_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") total_fuzzing_time = int( os.getenv('MAX_TOTAL_TIME', str(TOTAL_FUZZING_TIME_DEFAULT))) @@ -159,57 +162,52 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(order): - with utils.restore_directory(src), utils.restore_directory( - work): - key, line = order[ind] - mutant = prioritize_map[key][line] - print(mutant) - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\ - .{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - afl_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - print(f"FOUND NOT EQUAL {num_non_buggy}, \ - ind: {ind}") - else: - print(f"EQUAL {num_non_buggy}, ind: {ind}") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(order): + with utils.restore_directory(src), utils.restore_directory( + work): + key, line = order[ind] + mutant = prioritize_map[key][line] + print(mutant) + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\ + .{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + afl_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + print(f"FOUND NOT EQUAL {num_non_buggy}, \ + ind: {ind}") + else: + print(f"EQUAL {num_non_buggy}, ind: {ind}") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - afl_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/afl_um_random/fuzzer.py b/fuzzers/afl_um_random/fuzzer.py index 4dde44e27..24be49a45 100644 --- a/fuzzers/afl_um_random/fuzzer.py +++ b/fuzzers/afl_um_random/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): afl_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\ - .{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - afl_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\ + .{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + afl_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - afl_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/aflplusplus_um_parallel/fuzzer.py b/fuzzers/aflplusplus_um_parallel/fuzzer.py index 57efc54d3..ea24a2bd0 100644 --- a/fuzzers/aflplusplus_um_parallel/fuzzer.py +++ b/fuzzers/aflplusplus_um_parallel/fuzzer.py @@ -78,12 +78,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): aflplusplus_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -131,54 +134,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + aflplusplus_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/aflplusplus_um_prioritize/fuzzer.py b/fuzzers/aflplusplus_um_prioritize/fuzzer.py index 02498f75f..301f7b22f 100755 --- a/fuzzers/aflplusplus_um_prioritize/fuzzer.py +++ b/fuzzers/aflplusplus_um_prioritize/fuzzer.py @@ -80,12 +80,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): aflplusplus_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") total_fuzzing_time = int( os.getenv('MAX_TOTAL_TIME', str(TOTAL_FUZZING_TIME_DEFAULT))) @@ -166,57 +169,52 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(order): - with utils.restore_directory(src), utils.restore_directory( - work): - key, line = order[ind] - mutant = prioritize_map[key][line] - print(mutant) - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - print(f"FOUND NOT EQUAL {num_non_buggy}, \ - ind: {ind}") - else: - print(f"EQUAL {num_non_buggy}, ind: {ind}") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(order): + with utils.restore_directory(src), utils.restore_directory( + work): + key, line = order[ind] + mutant = prioritize_map[key][line] + print(mutant) + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + aflplusplus_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + print(f"FOUND NOT EQUAL {num_non_buggy}, \ + ind: {ind}") + else: + print(f"EQUAL {num_non_buggy}, ind: {ind}") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/aflplusplus_um_random/fuzzer.py b/fuzzers/aflplusplus_um_random/fuzzer.py index 7f4bc1bfd..b250766aa 100644 --- a/fuzzers/aflplusplus_um_random/fuzzer.py +++ b/fuzzers/aflplusplus_um_random/fuzzer.py @@ -78,12 +78,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): aflplusplus_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -131,53 +134,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + aflplusplus_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/aflplusplus_um_random_3/fuzzer.py b/fuzzers/aflplusplus_um_random_3/fuzzer.py index ed56f8a7a..f4b9a3620 100644 --- a/fuzzers/aflplusplus_um_random_3/fuzzer.py +++ b/fuzzers/aflplusplus_um_random_3/fuzzer.py @@ -78,12 +78,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): aflplusplus_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -131,53 +134,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + aflplusplus_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/aflplusplus_um_random_6/fuzzer.py b/fuzzers/aflplusplus_um_random_6/fuzzer.py index 2f6f32273..1a15d8494 100644 --- a/fuzzers/aflplusplus_um_random_6/fuzzer.py +++ b/fuzzers/aflplusplus_um_random_6/fuzzer.py @@ -78,12 +78,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): aflplusplus_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -131,53 +134,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + aflplusplus_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - aflplusplus_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/eclipser_um_parallel/fuzzer.py b/fuzzers/eclipser_um_parallel/fuzzer.py index 28244dbcd..73ada3eaa 100644 --- a/fuzzers/eclipser_um_parallel/fuzzer.py +++ b/fuzzers/eclipser_um_parallel/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): eclipser_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,53 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - eclipser_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + eclipser_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - eclipser_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/eclipser_um_prioritize/fuzzer.py b/fuzzers/eclipser_um_prioritize/fuzzer.py index 8a69906e4..19324dab7 100755 --- a/fuzzers/eclipser_um_prioritize/fuzzer.py +++ b/fuzzers/eclipser_um_prioritize/fuzzer.py @@ -73,12 +73,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): eclipser_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") total_fuzzing_time = int( os.getenv('MAX_TOTAL_TIME', str(TOTAL_FUZZING_TIME_DEFAULT))) @@ -159,57 +162,52 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(order): - with utils.restore_directory(src), utils.restore_directory( - work): - key, line = order[ind] - mutant = prioritize_map[key][line] - print(mutant) - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - eclipser_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - print(f"FOUND NOT EQUAL {num_non_buggy}, \ - ind: {ind}") - else: - print(f"EQUAL {num_non_buggy}, ind: {ind}") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(order): + with utils.restore_directory(src), utils.restore_directory( + work): + key, line = order[ind] + mutant = prioritize_map[key][line] + print(mutant) + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + eclipser_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + print(f"FOUND NOT EQUAL {num_non_buggy}, \ + ind: {ind}") + else: + print(f"EQUAL {num_non_buggy}, ind: {ind}") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - eclipser_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/eclipser_um_random/fuzzer.py b/fuzzers/eclipser_um_random/fuzzer.py index 4050794a3..2c943ad33 100644 --- a/fuzzers/eclipser_um_random/fuzzer.py +++ b/fuzzers/eclipser_um_random/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): eclipser_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - eclipser_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + eclipser_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - eclipser_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/honggfuzz_um_parallel/fuzzer.py b/fuzzers/honggfuzz_um_parallel/fuzzer.py index 98a69588d..c17fc8ce8 100644 --- a/fuzzers/honggfuzz_um_parallel/fuzzer.py +++ b/fuzzers/honggfuzz_um_parallel/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): honggfuzz_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - honggfuzz_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + honggfuzz_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - honggfuzz_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/honggfuzz_um_prioritize/fuzzer.py b/fuzzers/honggfuzz_um_prioritize/fuzzer.py index 361d15570..59f86d3a7 100755 --- a/fuzzers/honggfuzz_um_prioritize/fuzzer.py +++ b/fuzzers/honggfuzz_um_prioritize/fuzzer.py @@ -73,12 +73,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): honggfuzz_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") total_fuzzing_time = int( os.getenv('MAX_TOTAL_TIME', str(TOTAL_FUZZING_TIME_DEFAULT))) @@ -159,57 +162,52 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(order): - with utils.restore_directory(src), utils.restore_directory( - work): - key, line = order[ind] - mutant = prioritize_map[key][line] - print(mutant) - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - honggfuzz_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - print(f"FOUND NOT EQUAL {num_non_buggy}, \ - ind: {ind}") - else: - print(f"EQUAL {num_non_buggy}, ind: {ind}") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(order): + with utils.restore_directory(src), utils.restore_directory( + work): + key, line = order[ind] + mutant = prioritize_map[key][line] + print(mutant) + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + honggfuzz_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + print(f"FOUND NOT EQUAL {num_non_buggy}, \ + ind: {ind}") + else: + print(f"EQUAL {num_non_buggy}, ind: {ind}") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - honggfuzz_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/honggfuzz_um_random/fuzzer.py b/fuzzers/honggfuzz_um_random/fuzzer.py index 6a664fbc8..01b87c96c 100644 --- a/fuzzers/honggfuzz_um_random/fuzzer.py +++ b/fuzzers/honggfuzz_um_random/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): honggfuzz_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - honggfuzz_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + honggfuzz_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - honggfuzz_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/libfuzzer_um_parallel/fuzzer.py b/fuzzers/libfuzzer_um_parallel/fuzzer.py index 8f827c7de..bfc616869 100755 --- a/fuzzers/libfuzzer_um_parallel/fuzzer.py +++ b/fuzzers/libfuzzer_um_parallel/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): libfuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - libfuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + libfuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - libfuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/libfuzzer_um_prioritize/fuzzer.py b/fuzzers/libfuzzer_um_prioritize/fuzzer.py index 51769a423..719683305 100755 --- a/fuzzers/libfuzzer_um_prioritize/fuzzer.py +++ b/fuzzers/libfuzzer_um_prioritize/fuzzer.py @@ -73,12 +73,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): libfuzzer_fuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") total_fuzzing_time = int( os.getenv('MAX_TOTAL_TIME', str(TOTAL_FUZZING_TIME_DEFAULT))) @@ -159,57 +162,52 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(order): - with utils.restore_directory(src), utils.restore_directory( - work): - key, line = order[ind] - mutant = prioritize_map[key][line] - print(mutant) - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - libfuzzer_fuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - print(f"FOUND NOT EQUAL {num_non_buggy}, \ - ind: {ind}") - else: - print(f"EQUAL {num_non_buggy}, ind: {ind}") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(order): + with utils.restore_directory(src), utils.restore_directory( + work): + key, line = order[ind] + mutant = prioritize_map[key][line] + print(mutant) + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + libfuzzer_fuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + print(f"FOUND NOT EQUAL {num_non_buggy}, \ + ind: {ind}") + else: + print(f"EQUAL {num_non_buggy}, ind: {ind}") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - libfuzzer_fuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/fuzzers/libfuzzer_um_random/fuzzer.py b/fuzzers/libfuzzer_um_random/fuzzer.py index 3864c6073..bd0d67072 100755 --- a/fuzzers/libfuzzer_um_random/fuzzer.py +++ b/fuzzers/libfuzzer_um_random/fuzzer.py @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements os.mkdir(mutate_bins) mutate_scripts = f"{storage_dir}/mutant_scripts" os.mkdir(mutate_scripts) + orig_out = f"{storage_dir}/orig_out" + os.mkdir(orig_out) orig_fuzz_target = os.getenv("FUZZ_TARGET") with utils.restore_directory(src), utils.restore_directory(work): libfuzzer.build() shutil.copy(f"{out}/{orig_fuzz_target}", f"{mutate_bins}/{orig_fuzz_target}") + os.system(f"cp -r {out}/* {orig_out}/") benchmark = os.getenv("BENCHMARK") source_extensions = [".c", ".cc", ".cpp"] @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements # Add grace time for final build at end remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) - GRACE_TIME) - - with utils.restore_directory(src, - ignore_errors=True), utils.restore_directory( - work, ignore_errors=True): - try: - with time_limit(remaining_time): - num_non_buggy = 1 - ind = 0 - while ind < len(mutants): - with utils.restore_directory(src), utils.restore_directory( - work): - mutant = mutants[ind] - suffix = "." + mutant.split(".")[-1] - mpart = ".mutant." + mutant.split(".mutant.")[1] - source_file = f"{src}/{mutant.replace(mpart, suffix)}" - print(source_file) - print(f"{mutate_dir}/{mutant}") - os.system(f"cp {source_file} {mutate_dir}/orig") - os.system(f"cp {mutate_dir}/{mutant} {source_file}") - - try: - new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ - f".{num_non_buggy}" - - os.system(f"rm -rf {out}/*") - libfuzzer.build() - if not filecmp.cmp( - f'{mutate_bins}/{orig_fuzz_target}', - f'{out}/{orig_fuzz_target}', - shallow=False): - print(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - shutil.copy(f"{out}/{orig_fuzz_target}", - f"{mutate_bins}/{new_fuzz_target}") - num_non_buggy += 1 - else: - print("EQUAL") - except RuntimeError: - pass - except CalledProcessError: - pass - os.system(f"cp {mutate_dir}/orig {source_file}") - ind += 1 - except TimeoutException: - pass + try: + with time_limit(remaining_time): + num_non_buggy = 1 + ind = 0 + while ind < len(mutants): + with utils.restore_directory(src), utils.restore_directory( + work): + mutant = mutants[ind] + suffix = "." + mutant.split(".")[-1] + mpart = ".mutant." + mutant.split(".mutant.")[1] + source_file = f"{src}/{mutant.replace(mpart, suffix)}" + print(source_file) + print(f"{mutate_dir}/{mutant}") + os.system(f"cp {source_file} {mutate_dir}/orig") + os.system(f"cp {mutate_dir}/{mutant} {source_file}") + + try: + new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}"\ + f".{num_non_buggy}" + + os.system(f"rm -rf {out}/*") + libfuzzer.build() + if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}', + f'{out}/{orig_fuzz_target}', + shallow=False): + print(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + shutil.copy(f"{out}/{orig_fuzz_target}", + f"{mutate_bins}/{new_fuzz_target}") + num_non_buggy += 1 + else: + print("EQUAL") + except RuntimeError: + pass + except CalledProcessError: + pass + os.system(f"cp {mutate_dir}/orig {source_file}") + ind += 1 + except TimeoutException: + pass os.system(f"rm -rf {out}/*") - libfuzzer.build() + os.system(f"cp -r {orig_out}/* {out}/") os.system(f"cp {mutate_bins}/* {out}/") diff --git a/service/experiment-requests.yaml b/service/experiment-requests.yaml index 22b0bfc0e..0c0a4038f 100644 --- a/service/experiment-requests.yaml +++ b/service/experiment-requests.yaml @@ -20,14 +20,35 @@ # Please add new experiment requests towards the top of this file. # -- experiment: 2022-06-08-dissecting2 - description: "Dissecting AFL paper (scheduling)" - type: bug +- experiment: 2022-10-07-um-full + description: "UM fuzzer experiment" fuzzers: + - aflplusplus + - aflplusplus_um_parallel + - aflplusplus + - libfuzzer_um_prioritize + - libfuzzer_um_random + - libfuzzer_um_parallel + - libfuzzer + - afl_um_prioritize + - afl_um_random + - afl_um_parallel - afl - - afl_scheduling_lifo - - afl_scheduling_random - + - eclipser_um_prioritize + - eclipser_um_random + - eclipser_um_parallel + - eclipser + - honggfuzz_um_prioritize + - honggfuzz_um_random + - honggfuzz_um_parallel + - honggfuzz + +- experiment: 2022-10-07-um-3 + description: "UM fuzzer experiment" + fuzzers: + - aflplusplus + - aflplusplus_um_random_3 + - experiment: 2022-10-06-um-full description: "UM fuzzer experiment" fuzzers: