ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-09 08:41:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Test standard and persistent modes separately

Browse Source
This commit is contained in:
Chris Ball 2023-08-30 01:46:02 -07:00
parent 9b0a35d843
commit bcaa3cb591
1 changed files with 49 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
benchmark/benchmark.py
View File

@ -3,9 +3,9 @@
# Author: Chris Ball <chris@printf.net> # Author: Chris Ball <chris@printf.net>
# Ported from Marc "van Hauser" Heuse's "benchmark.sh". # Ported from Marc "van Hauser" Heuse's "benchmark.sh".
import os import os
import subprocess
import shutil
import re import re
import shutil
import subprocess
import sys import sys
def colon_value_or_none(filename: str, searchKey: str) -> str | None: def colon_value_or_none(filename: str, searchKey: str) -> str | None:
@ -20,6 +20,16 @@ def colon_value_or_none(filename: str, searchKey: str) -> str | None:
return value return value
return None return None
def compile_target(source: str, binary: str) -> None:
with open("afl.log", "w") as f:
process = subprocess.run(
["afl-cc", "-o", binary, source],
stdout=f,
stderr=subprocess.STDOUT,
env={"AFL_INSTRUMENT": "PCGUARD", "PATH": os.environ["PATH"]}
)
if process.returncode != 0:
sys.exit("Error: afl-cc is unable to compile")
# Check if the necessary files exist and are executable # Check if the necessary files exist and are executable
if not ( if not (
@ -27,13 +37,15 @@ if not (
and os.access("../afl-cc", os.X_OK) and os.access("../afl-cc", os.X_OK)
and os.path.exists("../SanitizerCoveragePCGUARD.so") and os.path.exists("../SanitizerCoveragePCGUARD.so")
): ):
print( sys.exit("Error: you need to compile AFL++ first, we need afl-fuzz, afl-clang-fast and SanitizerCoveragePCGUARD.so built.")
"Error: you need to compile AFL++ first, we need afl-fuzz, afl-clang-fast and SanitizerCoveragePCGUARD.so built."
)
exit(1)
print("Preparing environment") print("Preparing environment")
targets = [
{"source": "../test-instr.c", "binary": "test-instr"},
{"source": "../utils/persistent_mode/test-instr.c", "binary": "test-instr-persistent"}
]
# Unset AFL_* environment variables # Unset AFL_* environment variables
for e in list(os.environ.keys()): for e in list(os.environ.keys()):
if e.startswith("AFL_"): if e.startswith("AFL_"):
@ -42,17 +54,8 @@ for e in list(os.environ.keys()):
AFL_PATH = os.path.abspath("../") AFL_PATH = os.path.abspath("../")
os.environ["PATH"] = AFL_PATH + ":" + os.environ["PATH"] os.environ["PATH"] = AFL_PATH + ":" + os.environ["PATH"]
# Compile test-instr.c for target in targets:
with open("afl.log", "w") as f: compile_target(target["source"], target["binary"])
process = subprocess.run(
["../afl-cc", "-o", "test-instr", "../test-instr.c"],
stdout=f,
stderr=subprocess.STDOUT,
env={"AFL_INSTRUMENT": "PCGUARD"}
)
if process.returncode != 0:
print("Error: afl-cc is unable to compile")
exit(1)
# Create input directory and file # Create input directory and file
os.makedirs("in", exist_ok=True) os.makedirs("in", exist_ok=True)
@ -69,33 +72,34 @@ env_vars = {
"AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES": "1", "AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES": "1",
"AFL_BENCH_JUST_ONE": "1", "AFL_BENCH_JUST_ONE": "1",
} }
with open("afl.log", "a") as f:
process = subprocess.run( for target in targets:
[ with open(f"afl-{target['binary']}.log", "a") as f:
"afl-fuzz", process = subprocess.run(
"-i", [
"in", "afl-fuzz",
"-o", "-i",
"out", "in",
"-s", "-o",
"123", f"out-{target['binary']}",
"-D", "-s",
"./test-instr", "123",
], "-D",
stdout=f, f"./{target['binary']}",
stderr=subprocess.STDOUT, ],
env={**os.environ, **env_vars}, stdout=f,
) stderr=subprocess.STDOUT,
env={**os.environ, **env_vars},
)
print("Analysis:") print("Analysis:")
# Extract CPUID from afl.log # Extract CPUID from afl.log
with open("afl.log", "r") as f: with open(f"afl-test-instr.log", "r") as f:
match = re.search(r".*try binding to.*#(\d+)", f.read()) match = re.search(r".*try binding to.*#(\d+)", f.read())
if not match: if not match:
sys.exit("Couldn't see which CPU# was used in afl.log", 1) sys.exit("Couldn't see which CPU# was used in afl.log", 1)
cpuid = match.group(1) cpuid = match.group(1)
print(cpuid)
# Print CPU model # Print CPU model
model = colon_value_or_none("/proc/cpuinfo", "model name") model = colon_value_or_none("/proc/cpuinfo", "model name")
@ -120,16 +124,19 @@ if cpu_speed:
print(" Mhz:", cpu_speed) print(" Mhz:", cpu_speed)
# Print execs_per_sec from fuzzer_stats # Print execs_per_sec from fuzzer_stats
execs = colon_value_or_none("out/default/fuzzer_stats", "execs_per_sec") for target in targets:
if execs: execs = colon_value_or_none(f"out-{target['binary']}/default/fuzzer_stats", "execs_per_sec")
print(" execs/s:", execs) if execs:
print(f" {target['binary']} single-core execs/s:", execs)
print("\nComparison: (note that values can change by 10-15% per run)") print("\nComparison: (note that values can change by 10-15% per run)")
with open("COMPARISON", "r") as f: with open("COMPARISON", "r") as f:
print(f.read()) print(f.read())
# Clean up # Clean up
shutil.rmtree("in")
shutil.rmtree("out")
os.remove("test-instr")
os.remove("afl.log") os.remove("afl.log")
shutil.rmtree("in")
for target in targets:
shutil.rmtree(f"out-{target['binary']}")
os.remove(target["binary"])