switch to tracepcguard

google · May 12, 2020 · 782f555 · 782f555
1 parent ff031c7
commit 782f555
Show file tree

Hide file tree

Showing 17 changed files with 29 additions and 102 deletions.
diff --git a/.github/workflows/fuzzers.yml b/.github/workflows/fuzzers.yml
@@ -19,7 +19,6 @@ jobs:
           - aflplusplus
           - aflplusplus_lto_mopt
           - aflplusplus_lto_instrim_mopt
-          - aflplusplus_ngram3_cmplog_mopt2_17
           - aflplusplus_instrim_mopt
           - aflplusplus_instrim_mopt2
           - aflplusplus_instrim_cmplog_mopt

diff --git a/fuzzers/aflplusplus/builder.Dockerfile b/fuzzers/aflplusplus/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
     AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= CFLAGS= make
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus/fuzzer.py b/fuzzers/aflplusplus/fuzzer.py
@@ -36,6 +36,10 @@ def build(*args):  # pylint: disable=too-many-branches,too-many-statements
     if 'BUILD_MODES' in os.environ:
         build_modes = os.environ['BUILD_MODES'].split(',')
 
+    # If nothing was set this is the default:
+    if not build_modes:
+        build_modes = [ 'tracepc', 'nozero' ]
+
     # Instrumentation coverage modes:
     if 'lto' in build_modes:
         os.environ['CC'] = '/afl/afl-clang-lto'
@@ -54,6 +58,10 @@ def build(*args):  # pylint: disable=too-many-branches,too-many-statements
     if 'instrim' in build_modes:
         # We dont set AFL_LLVM_INSTRIM_LOOPHEAD for better coverage
         os.environ['AFL_LLVM_INSTRIM'] = 'CFG'
+    elif 'tracepc' in build_modes:
+        os.environ['AFL_LLVM_USE_TRACE_PC'] = '1'
+    elif 'classic' in build_modes:
+        os.environ['AFL_LLVM_INSTRUMENT'] = 'CLASSIC'
 
     # Instrumentation coverage options:
     # Do not use a fixed map location (LTO only)

diff --git a/fuzzers/aflplusplus_cmplog/builder.Dockerfile b/fuzzers/aflplusplus_cmplog/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
-    AFL_NO_X86=1 make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= make
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
+    AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus_instrim_cmplog_mopt/builder.Dockerfile b/fuzzers/aflplusplus_instrim_cmplog_mopt/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
     AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= CFLAGS= make
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus_instrim_cmplog_mopt/fuzzer.py b/fuzzers/aflplusplus_instrim_cmplog_mopt/fuzzer.py
@@ -20,12 +20,12 @@
 
 def build():
     """Build benchmark."""
-    aflplusplus_fuzzer.build("cmplog", "instrim", "nozero")
+    aflplusplus_fuzzer.build("cmplog", "tracepc", "nozero")
 
 
 def fuzz(input_corpus, output_corpus, target_binary):
     """Run fuzzer."""
     aflplusplus_fuzzer.fuzz(input_corpus,
                             output_corpus,
                             target_binary,
-                            flags=("-L", "0"))
+                            flags=("-L", "-1"))
diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2/builder.Dockerfile b/fuzzers/aflplusplus_instrim_laf_mopt2/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
     AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= CFLAGS= make
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2/fuzzer.py b/fuzzers/aflplusplus_instrim_laf_mopt2/fuzzer.py
@@ -20,7 +20,7 @@
 
 def build():
     """Build benchmark."""
-    aflplusplus_fuzzer.build("laf", "instrim", "nozero")
+    aflplusplus_fuzzer.build("laf", "tracepc", "nozero")
 
 
 def fuzz(input_corpus, output_corpus, target_binary):

diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2_17/builder.Dockerfile b/fuzzers/aflplusplus_instrim_laf_mopt2_17/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
     AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= CFLAGS= make
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2_17/fuzzer.py b/fuzzers/aflplusplus_instrim_laf_mopt2_17/fuzzer.py
@@ -20,7 +20,7 @@
 
 def build():
     """Build benchmark."""
-    aflplusplus_fuzzer.build("laf", "instrim", "nozero")
+    aflplusplus_fuzzer.build("laf", "tracepc", "nozero")
 
 
 def fuzz(input_corpus, output_corpus, target_binary):

diff --git a/fuzzers/aflplusplus_instrim_mopt/builder.Dockerfile b/fuzzers/aflplusplus_instrim_mopt/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
     AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= CFLAGS= make
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus_instrim_mopt/fuzzer.py b/fuzzers/aflplusplus_instrim_mopt/fuzzer.py
@@ -20,7 +20,7 @@
 
 def build():
     """Build benchmark."""
-    aflplusplus_fuzzer.build("instrim", "nozero")
+    aflplusplus_fuzzer.build("tracepc", "nozero")
 
 
 def fuzz(input_corpus, output_corpus, target_binary):

diff --git a/fuzzers/aflplusplus_instrim_mopt2/builder.Dockerfile b/fuzzers/aflplusplus_instrim_mopt2/builder.Dockerfile
@@ -24,9 +24,9 @@ RUN apt-get update && \
 # Set AFL_NO_X86 to skip flaky tests.
 RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \
     cd /afl && git checkout dev && \
-    git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \
+    git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \
     AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \
-    cd llvm_mode && CXXFLAGS= CFLAGS= make
+    cd llvm_mode && CFLAGS= CXXFLAGS= make
 
 # Use afl_driver.cpp from LLVM as our fuzzing library.
 RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \

diff --git a/fuzzers/aflplusplus_instrim_mopt2/fuzzer.py b/fuzzers/aflplusplus_instrim_mopt2/fuzzer.py
@@ -20,7 +20,7 @@
 
 def build():
     """Build benchmark."""
-    aflplusplus_fuzzer.build("instrim", "nozero")
+    aflplusplus_fuzzer.build("tracepc", "nozero")
 
 
 def fuzz(input_corpus, output_corpus, target_binary):

diff --git a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/builder.Dockerfile b/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/builder.Dockerfile
diff --git a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/fuzzer.py b/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/fuzzer.py
diff --git a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/runner.Dockerfile b/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/runner.Dockerfile