diff --git a/.github/workflows/fuzzers.yml b/.github/workflows/fuzzers.yml index 99010b821..2e5eea7ca 100644 --- a/.github/workflows/fuzzers.yml +++ b/.github/workflows/fuzzers.yml @@ -19,7 +19,6 @@ jobs: - aflplusplus - aflplusplus_lto_mopt - aflplusplus_lto_instrim_mopt - - aflplusplus_ngram3_cmplog_mopt2_17 - aflplusplus_instrim_mopt - aflplusplus_instrim_mopt2 - aflplusplus_instrim_cmplog_mopt diff --git a/fuzzers/aflplusplus/builder.Dockerfile b/fuzzers/aflplusplus/builder.Dockerfile index 66df9870f..29214a3c5 100644 --- a/fuzzers/aflplusplus/builder.Dockerfile +++ b/fuzzers/aflplusplus/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus/fuzzer.py b/fuzzers/aflplusplus/fuzzer.py index d2fb422fb..ef8e378e0 100755 --- a/fuzzers/aflplusplus/fuzzer.py +++ b/fuzzers/aflplusplus/fuzzer.py @@ -36,6 +36,10 @@ def build(*args): # pylint: disable=too-many-branches,too-many-statements if 'BUILD_MODES' in os.environ: build_modes = os.environ['BUILD_MODES'].split(',') + # If nothing was set this is the default: + if not build_modes: + build_modes = [ 'tracepc', 'nozero' ] + # Instrumentation coverage modes: if 'lto' in build_modes: os.environ['CC'] = '/afl/afl-clang-lto' @@ -54,6 +58,10 @@ def build(*args): # pylint: disable=too-many-branches,too-many-statements if 'instrim' in build_modes: # We dont set AFL_LLVM_INSTRIM_LOOPHEAD for better coverage os.environ['AFL_LLVM_INSTRIM'] = 'CFG' + elif 'tracepc' in build_modes: + os.environ['AFL_LLVM_USE_TRACE_PC'] = '1' + elif 'classic' in build_modes: + os.environ['AFL_LLVM_INSTRUMENT'] = 'CLASSIC' # Instrumentation coverage options: # Do not use a fixed map location (LTO only) diff --git a/fuzzers/aflplusplus_cmplog/builder.Dockerfile b/fuzzers/aflplusplus_cmplog/builder.Dockerfile index f5ff8166b..29214a3c5 100644 --- a/fuzzers/aflplusplus_cmplog/builder.Dockerfile +++ b/fuzzers/aflplusplus_cmplog/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ - AFL_NO_X86=1 make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= make + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ + AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus_instrim_cmplog_mopt/builder.Dockerfile b/fuzzers/aflplusplus_instrim_cmplog_mopt/builder.Dockerfile index 66df9870f..29214a3c5 100644 --- a/fuzzers/aflplusplus_instrim_cmplog_mopt/builder.Dockerfile +++ b/fuzzers/aflplusplus_instrim_cmplog_mopt/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus_instrim_cmplog_mopt/fuzzer.py b/fuzzers/aflplusplus_instrim_cmplog_mopt/fuzzer.py index 962796a1b..3b452b555 100755 --- a/fuzzers/aflplusplus_instrim_cmplog_mopt/fuzzer.py +++ b/fuzzers/aflplusplus_instrim_cmplog_mopt/fuzzer.py @@ -20,7 +20,7 @@ def build(): """Build benchmark.""" - aflplusplus_fuzzer.build("cmplog", "instrim", "nozero") + aflplusplus_fuzzer.build("cmplog", "tracepc", "nozero") def fuzz(input_corpus, output_corpus, target_binary): @@ -28,4 +28,4 @@ def fuzz(input_corpus, output_corpus, target_binary): aflplusplus_fuzzer.fuzz(input_corpus, output_corpus, target_binary, - flags=("-L", "0")) + flags=("-L", "-1")) diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2/builder.Dockerfile b/fuzzers/aflplusplus_instrim_laf_mopt2/builder.Dockerfile index 66df9870f..29214a3c5 100644 --- a/fuzzers/aflplusplus_instrim_laf_mopt2/builder.Dockerfile +++ b/fuzzers/aflplusplus_instrim_laf_mopt2/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2/fuzzer.py b/fuzzers/aflplusplus_instrim_laf_mopt2/fuzzer.py index 66092d0ca..c570963ec 100755 --- a/fuzzers/aflplusplus_instrim_laf_mopt2/fuzzer.py +++ b/fuzzers/aflplusplus_instrim_laf_mopt2/fuzzer.py @@ -20,7 +20,7 @@ def build(): """Build benchmark.""" - aflplusplus_fuzzer.build("laf", "instrim", "nozero") + aflplusplus_fuzzer.build("laf", "tracepc", "nozero") def fuzz(input_corpus, output_corpus, target_binary): diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2_17/builder.Dockerfile b/fuzzers/aflplusplus_instrim_laf_mopt2_17/builder.Dockerfile index 66df9870f..29214a3c5 100644 --- a/fuzzers/aflplusplus_instrim_laf_mopt2_17/builder.Dockerfile +++ b/fuzzers/aflplusplus_instrim_laf_mopt2_17/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus_instrim_laf_mopt2_17/fuzzer.py b/fuzzers/aflplusplus_instrim_laf_mopt2_17/fuzzer.py index 66092d0ca..c570963ec 100755 --- a/fuzzers/aflplusplus_instrim_laf_mopt2_17/fuzzer.py +++ b/fuzzers/aflplusplus_instrim_laf_mopt2_17/fuzzer.py @@ -20,7 +20,7 @@ def build(): """Build benchmark.""" - aflplusplus_fuzzer.build("laf", "instrim", "nozero") + aflplusplus_fuzzer.build("laf", "tracepc", "nozero") def fuzz(input_corpus, output_corpus, target_binary): diff --git a/fuzzers/aflplusplus_instrim_mopt/builder.Dockerfile b/fuzzers/aflplusplus_instrim_mopt/builder.Dockerfile index 66df9870f..29214a3c5 100644 --- a/fuzzers/aflplusplus_instrim_mopt/builder.Dockerfile +++ b/fuzzers/aflplusplus_instrim_mopt/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus_instrim_mopt/fuzzer.py b/fuzzers/aflplusplus_instrim_mopt/fuzzer.py index ee1d89816..1022788fa 100755 --- a/fuzzers/aflplusplus_instrim_mopt/fuzzer.py +++ b/fuzzers/aflplusplus_instrim_mopt/fuzzer.py @@ -20,7 +20,7 @@ def build(): """Build benchmark.""" - aflplusplus_fuzzer.build("instrim", "nozero") + aflplusplus_fuzzer.build("tracepc", "nozero") def fuzz(input_corpus, output_corpus, target_binary): diff --git a/fuzzers/aflplusplus_instrim_mopt2/builder.Dockerfile b/fuzzers/aflplusplus_instrim_mopt2/builder.Dockerfile index 66df9870f..29214a3c5 100644 --- a/fuzzers/aflplusplus_instrim_mopt2/builder.Dockerfile +++ b/fuzzers/aflplusplus_instrim_mopt2/builder.Dockerfile @@ -24,9 +24,9 @@ RUN apt-get update && \ # Set AFL_NO_X86 to skip flaky tests. RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ + git checkout 72f4a9f678bea33826a40c1586a79b7ef7a6da15 && \ AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make + cd llvm_mode && CFLAGS= CXXFLAGS= make # Use afl_driver.cpp from LLVM as our fuzzing library. RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ diff --git a/fuzzers/aflplusplus_instrim_mopt2/fuzzer.py b/fuzzers/aflplusplus_instrim_mopt2/fuzzer.py index 210d92df8..36d395b2a 100755 --- a/fuzzers/aflplusplus_instrim_mopt2/fuzzer.py +++ b/fuzzers/aflplusplus_instrim_mopt2/fuzzer.py @@ -20,7 +20,7 @@ def build(): """Build benchmark.""" - aflplusplus_fuzzer.build("instrim", "nozero") + aflplusplus_fuzzer.build("tracepc", "nozero") def fuzz(input_corpus, output_corpus, target_binary): diff --git a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/builder.Dockerfile b/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/builder.Dockerfile deleted file mode 100644 index 66df9870f..000000000 --- a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/builder.Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ARG parent_image=gcr.io/fuzzbench/base-builder -FROM $parent_image - -# Install wget to download afl_driver.cpp. Install libstdc++ to use llvm_mode. -RUN apt-get update && \ - apt-get install wget libstdc++-5-dev -y - -# Download and compile afl++ (v2.62d). -# Build without Python support as we don't need it. -# Set AFL_NO_X86 to skip flaky tests. -RUN git clone https://github.com/AFLplusplus/AFLplusplus.git /afl && \ - cd /afl && git checkout dev && \ - git checkout ef2ccc8117bb899616472e2d95525ae0ca1a2098 && \ - AFL_NO_X86=1 CFLAGS= CXXFLAGS= make PYTHON_INCLUDE=/ && \ - cd llvm_mode && CXXFLAGS= CFLAGS= make - -# Use afl_driver.cpp from LLVM as our fuzzing library. -RUN wget https://raw.githubusercontent.com/llvm/llvm-project/5feb80e748924606531ba28c97fe65145c65372e/compiler-rt/lib/fuzzer/afl/afl_driver.cpp -O /afl/afl_driver.cpp && \ - clang++ -stdlib=libc++ -std=c++11 -O2 -c /afl/afl_driver.cpp && \ - ar ru /libAFLDriver.a *.o diff --git a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/fuzzer.py b/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/fuzzer.py deleted file mode 100755 index af48824f4..000000000 --- a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/fuzzer.py +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -"""Integration code for AFLplusplus fuzzer.""" - -from fuzzers.aflplusplus import fuzzer as aflplusplus_fuzzer - -# OUT environment variable is the location of build directory (default is /out). - - -def build(): - """Build benchmark.""" - aflplusplus_fuzzer.build("cmplog", "ngram3", "nozero") - - -def fuzz(input_corpus, output_corpus, target_binary): - """Run fuzzer.""" - aflplusplus_fuzzer.fuzz(input_corpus, - output_corpus, - target_binary, - flags=("-L", "-1")) diff --git a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/runner.Dockerfile b/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/runner.Dockerfile deleted file mode 100644 index 53911ee36..000000000 --- a/fuzzers/aflplusplus_ngram3_cmplog_mopt2_17/runner.Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright 2020 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM gcr.io/fuzzbench/base-runner