Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix build issues for UM fuzzers #1517

Merged
merged 29 commits into from
Oct 7, 2022
Merged

Fix build issues for UM fuzzers #1517

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
8416a57
Adding aflplusplus um modes
kjain14 Aug 25, 2022
c230e1a
Adding fuzzers to fuzzers.yml and creating an experiment
kjain14 Aug 26, 2022
1657e16
Adding UM fuzzers for honggfuzz, libfuzzer, eclipser, and afl
kjain14 Aug 31, 2022
1e1513e
Add UM parallel modes
kjain14 Sep 26, 2022
0afae16
Add new fuzzers
kjain14 Sep 26, 2022
f01557e
Adding comparison experiment
kjain14 Sep 26, 2022
7ecb1c1
Merge branch 'master' into master
kjain14 Sep 27, 2022
0c245f3
Merge branch 'master' into master
jonathanmetzman Sep 28, 2022
e19f05c
Fixing random fuzzer for aflplusplus, should hopefully resolve build …
kjain14 Oct 4, 2022
65f7c60
Fixing formatting issues
kjain14 Oct 4, 2022
34cdc5a
Fixing merge conflict
kjain14 Oct 4, 2022
31b0428
Merging
kjain14 Oct 4, 2022
5e2f507
Making build 3 hours
kjain14 Oct 4, 2022
1c6de30
Adding configs for 6-12 hours
kjain14 Oct 4, 2022
6ab07ba
merging
kjain14 Oct 4, 2022
f5a4788
Adding 3 hour fuzzer, creating new experiment, fixing bug
kjain14 Oct 5, 2022
39bc6d0
merging
kjain14 Oct 5, 2022
546c17c
Make 3/6 fuzzers up to date too
kjain14 Oct 5, 2022
a5b22f8
Fix all fuzzers
kjain14 Oct 6, 2022
f1f3ece
One more large experiment
kjain14 Oct 6, 2022
1a42eb5
Merging
kjain14 Oct 6, 2022
b0ac186
Merging
kjain14 Oct 6, 2022
1d68894
Merging
kjain14 Oct 6, 2022
6c814bd
Adding line back
kjain14 Oct 6, 2022
791ac32
Making experiments file not have duplicates
kjain14 Oct 6, 2022
1ea8146
Merge branch 'master' into master
kjain14 Oct 6, 2022
fdc9b8b
Merging
kjain14 Oct 7, 2022
31712d9
Merge branch 'master' of https://github.com/kjain14/fuzzbench
kjain14 Oct 7, 2022
9ef0d26
remove final failing build entirely
kjain14 Oct 7, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 44 additions & 46 deletions fuzzers/afl_um_parallel/fuzzer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements
os.mkdir(mutate_bins)
mutate_scripts = f"{storage_dir}/mutant_scripts"
os.mkdir(mutate_scripts)
orig_out = f"{storage_dir}/orig_out"
os.mkdir(orig_out)

orig_fuzz_target = os.getenv("FUZZ_TARGET")
with utils.restore_directory(src), utils.restore_directory(work):
afl_fuzzer.build()
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{orig_fuzz_target}")
os.system(f"cp -r {out}/* {orig_out}/")
benchmark = os.getenv("BENCHMARK")

source_extensions = [".c", ".cc", ".cpp"]
Expand Down Expand Up @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements
# Add grace time for final build at end
remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) -
GRACE_TIME)

with utils.restore_directory(src,
ignore_errors=True), utils.restore_directory(
work, ignore_errors=True):
try:
with time_limit(remaining_time):
num_non_buggy = 1
ind = 0
while ind < len(mutants):
with utils.restore_directory(src), utils.restore_directory(
work):
mutant = mutants[ind]
suffix = "." + mutant.split(".")[-1]
mpart = ".mutant." + mutant.split(".mutant.")[1]
source_file = f"{src}/{mutant.replace(mpart, suffix)}"
print(source_file)
print(f"{mutate_dir}/{mutant}")
os.system(f"cp {source_file} {mutate_dir}/orig")
os.system(f"cp {mutate_dir}/{mutant} {source_file}")

try:
new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\
.{num_non_buggy}"

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
if not filecmp.cmp(
f'{mutate_bins}/{orig_fuzz_target}',
f'{out}/{orig_fuzz_target}',
shallow=False):
print(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
num_non_buggy += 1
else:
print("EQUAL")
except RuntimeError:
pass
except CalledProcessError:
pass
os.system(f"cp {mutate_dir}/orig {source_file}")
ind += 1
except TimeoutException:
pass
try:
with time_limit(remaining_time):
num_non_buggy = 1
ind = 0
while ind < len(mutants):
with utils.restore_directory(src), utils.restore_directory(
work):
mutant = mutants[ind]
suffix = "." + mutant.split(".")[-1]
mpart = ".mutant." + mutant.split(".mutant.")[1]
source_file = f"{src}/{mutant.replace(mpart, suffix)}"
print(source_file)
print(f"{mutate_dir}/{mutant}")
os.system(f"cp {source_file} {mutate_dir}/orig")
os.system(f"cp {mutate_dir}/{mutant} {source_file}")

try:
new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\
.{num_non_buggy}"

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}',
f'{out}/{orig_fuzz_target}',
shallow=False):
print(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
num_non_buggy += 1
else:
print("EQUAL")
except RuntimeError:
pass
except CalledProcessError:
pass
os.system(f"cp {mutate_dir}/orig {source_file}")
ind += 1
except TimeoutException:
pass

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
os.system(f"cp -r {orig_out}/* {out}/")
os.system(f"cp {mutate_bins}/* {out}/")


Expand Down
96 changes: 47 additions & 49 deletions fuzzers/afl_um_prioritize/fuzzer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,12 +73,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra
os.mkdir(mutate_bins)
mutate_scripts = f"{storage_dir}/mutant_scripts"
os.mkdir(mutate_scripts)
orig_out = f"{storage_dir}/orig_out"
os.mkdir(orig_out)

orig_fuzz_target = os.getenv("FUZZ_TARGET")
with utils.restore_directory(src), utils.restore_directory(work):
afl_fuzzer.build()
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{orig_fuzz_target}")
os.system(f"cp -r {out}/* {orig_out}/")
benchmark = os.getenv("BENCHMARK")
total_fuzzing_time = int(
os.getenv('MAX_TOTAL_TIME', str(TOTAL_FUZZING_TIME_DEFAULT)))
Expand Down Expand Up @@ -159,57 +162,52 @@ def build(): # pylint: disable=too-many-locals,too-many-statements,too-many-bra
# Add grace time for final build at end
remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) -
GRACE_TIME)

with utils.restore_directory(src,
ignore_errors=True), utils.restore_directory(
work, ignore_errors=True):
try:
with time_limit(remaining_time):
num_non_buggy = 1
ind = 0
while ind < len(order):
with utils.restore_directory(src), utils.restore_directory(
work):
key, line = order[ind]
mutant = prioritize_map[key][line]
print(mutant)
suffix = "." + mutant.split(".")[-1]
mpart = ".mutant." + mutant.split(".mutant.")[1]
source_file = f"{src}/{mutant.replace(mpart, suffix)}"
print(source_file)
print(f"{mutate_dir}/{mutant}")
os.system(f"cp {source_file} {mutate_dir}/orig")
os.system(f"cp {mutate_dir}/{mutant} {source_file}")
try:
new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\
.{num_non_buggy}"

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
if not filecmp.cmp(
f'{mutate_bins}/{orig_fuzz_target}',
f'{out}/{orig_fuzz_target}',
shallow=False):
print(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
num_non_buggy += 1
print(f"FOUND NOT EQUAL {num_non_buggy}, \
ind: {ind}")
else:
print(f"EQUAL {num_non_buggy}, ind: {ind}")
except RuntimeError:
pass
except CalledProcessError:
pass
os.system(f"cp {mutate_dir}/orig {source_file}")
ind += 1
except TimeoutException:
pass
try:
with time_limit(remaining_time):
num_non_buggy = 1
ind = 0
while ind < len(order):
with utils.restore_directory(src), utils.restore_directory(
work):
key, line = order[ind]
mutant = prioritize_map[key][line]
print(mutant)
suffix = "." + mutant.split(".")[-1]
mpart = ".mutant." + mutant.split(".mutant.")[1]
source_file = f"{src}/{mutant.replace(mpart, suffix)}"
print(source_file)
print(f"{mutate_dir}/{mutant}")
os.system(f"cp {source_file} {mutate_dir}/orig")
os.system(f"cp {mutate_dir}/{mutant} {source_file}")
try:
new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\
.{num_non_buggy}"

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}',
f'{out}/{orig_fuzz_target}',
shallow=False):
print(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
num_non_buggy += 1
print(f"FOUND NOT EQUAL {num_non_buggy}, \
ind: {ind}")
else:
print(f"EQUAL {num_non_buggy}, ind: {ind}")
except RuntimeError:
pass
except CalledProcessError:
pass
os.system(f"cp {mutate_dir}/orig {source_file}")
ind += 1
except TimeoutException:
pass

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
os.system(f"cp -r {orig_out}/* {out}/")
os.system(f"cp {mutate_bins}/* {out}/")


Expand Down
90 changes: 44 additions & 46 deletions fuzzers/afl_um_random/fuzzer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,12 +71,15 @@ def build(): # pylint: disable=too-many-locals,too-many-statements
os.mkdir(mutate_bins)
mutate_scripts = f"{storage_dir}/mutant_scripts"
os.mkdir(mutate_scripts)
orig_out = f"{storage_dir}/orig_out"
os.mkdir(orig_out)

orig_fuzz_target = os.getenv("FUZZ_TARGET")
with utils.restore_directory(src), utils.restore_directory(work):
afl_fuzzer.build()
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{orig_fuzz_target}")
os.system(f"cp -r {out}/* {orig_out}/")
benchmark = os.getenv("BENCHMARK")

source_extensions = [".c", ".cc", ".cpp"]
Expand Down Expand Up @@ -124,54 +127,49 @@ def build(): # pylint: disable=too-many-locals,too-many-statements
# Add grace time for final build at end
remaining_time = int(TOTAL_BUILD_TIME - (start_time - curr_time) -
GRACE_TIME)

with utils.restore_directory(src,
ignore_errors=True), utils.restore_directory(
work, ignore_errors=True):
try:
with time_limit(remaining_time):
num_non_buggy = 1
ind = 0
while ind < len(mutants):
with utils.restore_directory(src), utils.restore_directory(
work):
mutant = mutants[ind]
suffix = "." + mutant.split(".")[-1]
mpart = ".mutant." + mutant.split(".mutant.")[1]
source_file = f"{src}/{mutant.replace(mpart, suffix)}"
print(source_file)
print(f"{mutate_dir}/{mutant}")
os.system(f"cp {source_file} {mutate_dir}/orig")
os.system(f"cp {mutate_dir}/{mutant} {source_file}")

try:
new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\
.{num_non_buggy}"

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
if not filecmp.cmp(
f'{mutate_bins}/{orig_fuzz_target}',
f'{out}/{orig_fuzz_target}',
shallow=False):
print(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
num_non_buggy += 1
else:
print("EQUAL")
except RuntimeError:
pass
except CalledProcessError:
pass
os.system(f"cp {mutate_dir}/orig {source_file}")
ind += 1
except TimeoutException:
pass
try:
with time_limit(remaining_time):
num_non_buggy = 1
ind = 0
while ind < len(mutants):
with utils.restore_directory(src), utils.restore_directory(
work):
mutant = mutants[ind]
suffix = "." + mutant.split(".")[-1]
mpart = ".mutant." + mutant.split(".mutant.")[1]
source_file = f"{src}/{mutant.replace(mpart, suffix)}"
print(source_file)
print(f"{mutate_dir}/{mutant}")
os.system(f"cp {source_file} {mutate_dir}/orig")
os.system(f"cp {mutate_dir}/{mutant} {source_file}")

try:
new_fuzz_target = f"{os.getenv('FUZZ_TARGET')}\
.{num_non_buggy}"

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
if not filecmp.cmp(f'{mutate_bins}/{orig_fuzz_target}',
f'{out}/{orig_fuzz_target}',
shallow=False):
print(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
shutil.copy(f"{out}/{orig_fuzz_target}",
f"{mutate_bins}/{new_fuzz_target}")
num_non_buggy += 1
else:
print("EQUAL")
except RuntimeError:
pass
except CalledProcessError:
pass
os.system(f"cp {mutate_dir}/orig {source_file}")
ind += 1
except TimeoutException:
pass

os.system(f"rm -rf {out}/*")
afl_fuzzer.build()
os.system(f"cp -r {orig_out}/* {out}/")
os.system(f"cp {mutate_bins}/* {out}/")


Expand Down
Loading