Skip to content

Commit

Permalink
[casr-afl][casr-libfuzzer] Add progress printing
Browse files Browse the repository at this point in the history
  • Loading branch information
hkctkuy authored and hkctkuy committed Aug 21, 2023
1 parent 95786e2 commit 0cd4d6b
Show file tree
Hide file tree
Showing 2 changed files with 76 additions and 54 deletions.
55 changes: 35 additions & 20 deletions casr/src/bin/casr-afl.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ use std::collections::HashMap;
use std::fs;
use std::path::{Path, PathBuf};
use std::process::Command;
use std::sync::RwLock;

#[derive(Debug, Clone, Default)]
/// Information about crash to reproduce it.
Expand Down Expand Up @@ -263,20 +264,27 @@ fn main() -> Result<()> {
} else {
std::cmp::max(1, num_cpus::get() / 2)
};
let num_of_threads = jobs.min(crashes.len()).max(1);
let num_of_threads = jobs.min(crashes.len()).max(1) + 1;
let custom_pool = rayon::ThreadPoolBuilder::new()
.num_threads(num_of_threads)
.build()
.unwrap();

// Generate CASR reports.
info!("Generating CASR reports...");
info!("Using {} threads", num_of_threads);
custom_pool.install(|| {
crashes
.par_iter()
.try_for_each(|(_, crash)| crash.run_casr(output_dir.as_path(), timeout))
})?;
info!("Using {} threads", num_of_threads - 1);
let counter = RwLock::new(0_usize);
let total = crashes.len();
custom_pool.join(
|| {
let _ = crashes.par_iter().try_for_each(|(_, crash)| {
crash.run_casr(output_dir.as_path(), timeout)?;
*counter.write().unwrap() += 1;
Ok::<(), anyhow::Error>(())
});
},
|| util::log_progress(&counter, total),
);

// Deduplicate reports.
if output_dir.read_dir()?.count() < 2 {
Expand Down Expand Up @@ -378,25 +386,32 @@ fn summarize_results(
.filter(|e| !Path::new(format!("{}.gdb.casrep", e.display()).as_str()).exists())
.collect();
let num_of_threads = jobs.min(crashes.len());
if num_of_threads > 0 {
if num_of_threads > 1 {
info!("casr-gdb: adding crash reports...");
info!("Using {} threads", num_of_threads);
info!("Using {} threads", num_of_threads - 1);
let counter = RwLock::new(0_usize);
let total = crashes.len();
let custom_pool = rayon::ThreadPoolBuilder::new()
.num_threads(num_of_threads)
.build()
.unwrap();
let at_index = gdb_args.iter().skip(1).position(|s| s.contains("@@"));
custom_pool.install(|| {
crashes.par_iter().try_for_each(|crash| {
AflCrashInfo {
path: crash.to_path_buf(),
target_args: gdb_args.clone(),
at_index,
is_asan: false,
}
.run_casr(None, timeout)
})
})?;
custom_pool.join(
|| {
let _ = crashes.par_iter().try_for_each(|crash| {
AflCrashInfo {
path: crash.to_path_buf(),
target_args: gdb_args.clone(),
at_index,
is_asan: false,
}
.run_casr(None, timeout)?;
*counter.write().unwrap() += 1;
Ok::<(), anyhow::Error>(())
});
},
|| util::log_progress(&counter, total),
);
}
}

Expand Down
75 changes: 41 additions & 34 deletions casr/src/bin/casr-libfuzzer.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ use rayon::iter::{IntoParallelRefIterator, ParallelIterator};
use std::fs;
use std::path::{Path, PathBuf};
use std::process::{Command, Stdio};
use std::sync::RwLock;

fn main() -> Result<()> {
let matches = clap::Command::new("casr-libfuzzer")
Expand Down Expand Up @@ -158,57 +159,63 @@ fn main() -> Result<()> {
} else {
std::cmp::max(1, num_cpus::get() / 2)
};
let num_of_threads = jobs.min(crashes.len()).max(1);
let num_of_threads = jobs.min(crashes.len()).max(1) + 1;
let custom_pool = rayon::ThreadPoolBuilder::new()
.num_threads(num_of_threads)
.build()
.unwrap();

// Generate CASR reports.
info!("Generating CASR reports...");
info!("Using {} threads", num_of_threads);
info!("Using {} threads", num_of_threads - 1);
let counter = RwLock::new(0_usize);
let total = crashes.len();
let tool = if !atheris_asan_lib.is_empty() {
"casr-python"
} else if argv[0].ends_with("jazzer") || argv[0].ends_with("java") {
"casr-java"
} else {
"casr-san"
};
custom_pool.install(|| {
crashes.par_iter().try_for_each(|(crash, fname)| {
let mut casr_cmd = Command::new(tool);
if timeout != 0 {
casr_cmd.args(["-t".to_string(), timeout.to_string()]);
}
casr_cmd.args([
"-o",
format!("{}.casrep", output_dir.join(fname).display()).as_str(),
"--",
]);
if !atheris_asan_lib.is_empty() {
casr_cmd.arg("python3");
casr_cmd.env("LD_PRELOAD", &atheris_asan_lib);
}
casr_cmd.args(argv.clone());
casr_cmd.arg(crash);
debug!("{:?}", casr_cmd);
custom_pool.join(
|| {
let _ = crashes.par_iter().try_for_each(|(crash, fname)| {
let mut casr_cmd = Command::new(tool);
if timeout != 0 {
casr_cmd.args(["-t".to_string(), timeout.to_string()]);
}
casr_cmd.args([
"-o",
format!("{}.casrep", output_dir.join(fname).display()).as_str(),
"--",
]);
if !atheris_asan_lib.is_empty() {
casr_cmd.arg("python3");
casr_cmd.env("LD_PRELOAD", &atheris_asan_lib);
}
casr_cmd.args(argv.clone());
casr_cmd.arg(crash);
debug!("{:?}", casr_cmd);

// Get output
let casr_output = casr_cmd
.output()
.with_context(|| format!("Couldn't launch {casr_cmd:?}"))?;
// Get output
let casr_output = casr_cmd
.output()
.with_context(|| format!("Couldn't launch {casr_cmd:?}"))?;

if !casr_output.status.success() {
let err = String::from_utf8_lossy(&casr_output.stderr);
if err.contains("Program terminated (no crash)") {
warn!("{}: no crash on input {}", tool, crash.display());
} else {
error!("{} for input: {}", err.trim(), crash.display());
if !casr_output.status.success() {
let err = String::from_utf8_lossy(&casr_output.stderr);
if err.contains("Program terminated (no crash)") {
warn!("{}: no crash on input {}", tool, crash.display());
} else {
error!("{} for input: {}", err.trim(), crash.display());
}
}
}
Ok::<(), anyhow::Error>(())
})
})?;
*counter.write().unwrap() += 1;
Ok::<(), anyhow::Error>(())
});
},
|| util::log_progress(&counter, total),
);

// Deduplicate reports.
if output_dir.read_dir()?.count() < 2 {
Expand Down

0 comments on commit 0cd4d6b

Please sign in to comment.