dump intermediate cases
This commit is contained in:
parent
107ccf03a8
commit
64d1151e96
@ -371,7 +371,7 @@ let run_client = |state: Option<_>, mut mgr, _core_id| {
|
|||||||
#[cfg(all(feature = "observe_systemstate"))]
|
#[cfg(all(feature = "observe_systemstate"))]
|
||||||
let mut feedback = feedback_or!(
|
let mut feedback = feedback_or!(
|
||||||
feedback,
|
feedback,
|
||||||
DumpSystraceFeedback::<FreeRTOSSystem>::with_dump(if cli.dump_traces {cli.dump_name.clone().map(|x| x.with_extension("trace.ron"))} else {None})
|
DumpSystraceFeedback::<FreeRTOSSystem>::with_dump(if cli.dump_traces {cli.dump_name.clone()} else {None})
|
||||||
);
|
);
|
||||||
#[cfg(feature = "trace_stg")]
|
#[cfg(feature = "trace_stg")]
|
||||||
let mut feedback = feedback_or!(
|
let mut feedback = feedback_or!(
|
||||||
|
|||||||
@ -4,12 +4,15 @@ use libafl::{
|
|||||||
feedbacks::Feedback,
|
feedbacks::Feedback,
|
||||||
observers::ObserversTuple,
|
observers::ObserversTuple,
|
||||||
prelude::{State, UsesInput},
|
prelude::{State, UsesInput},
|
||||||
state::MaybeHasClientPerfMonitor,
|
state::{HasCorpus, MaybeHasClientPerfMonitor},
|
||||||
Error,
|
Error,
|
||||||
|
corpus::Corpus,
|
||||||
|
inputs::Input,
|
||||||
};
|
};
|
||||||
use libafl::events::EventFirer;
|
use libafl::events::EventFirer;
|
||||||
use libafl_bolts::Named;
|
use libafl_bolts::Named;
|
||||||
use std::path::PathBuf;
|
use std::path::PathBuf;
|
||||||
|
use std::time::{Duration, Instant};
|
||||||
|
|
||||||
use super::target_os::TargetSystem;
|
use super::target_os::TargetSystem;
|
||||||
use std::borrow::Cow;
|
use std::borrow::Cow;
|
||||||
@ -28,16 +31,19 @@ where
|
|||||||
name: Cow<'static, str>,
|
name: Cow<'static, str>,
|
||||||
dumpfile: Option<PathBuf>,
|
dumpfile: Option<PathBuf>,
|
||||||
phantom: PhantomData<SYS>,
|
phantom: PhantomData<SYS>,
|
||||||
|
init_time: Instant,
|
||||||
|
last_dump: Option<Instant>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<S, SYS> StateInitializer<S> for DumpSystraceFeedback<SYS> where SYS: TargetSystem {}
|
impl<S, SYS> StateInitializer<S> for DumpSystraceFeedback<SYS> where SYS: TargetSystem {}
|
||||||
|
|
||||||
impl<EM, I, OT, S, SYS> Feedback<EM, I, OT, S> for DumpSystraceFeedback<SYS>
|
impl<EM, I, OT, S, SYS> Feedback<EM, I, OT, S> for DumpSystraceFeedback<SYS>
|
||||||
where
|
where
|
||||||
S: State + UsesInput + MaybeHasClientPerfMonitor + HasMetadata,
|
S: State + UsesInput + MaybeHasClientPerfMonitor + HasMetadata + HasCorpus<Corpus: Corpus<Input=I>>,
|
||||||
EM: EventFirer<State = S>,
|
EM: EventFirer<State = S>,
|
||||||
OT: ObserversTuple<I, S>,
|
OT: ObserversTuple<I, S>,
|
||||||
SYS: TargetSystem,
|
SYS: TargetSystem,
|
||||||
|
I: Input,
|
||||||
{
|
{
|
||||||
fn is_interesting(
|
fn is_interesting(
|
||||||
&mut self,
|
&mut self,
|
||||||
@ -50,16 +56,37 @@ where
|
|||||||
where {
|
where {
|
||||||
match &self.dumpfile {
|
match &self.dumpfile {
|
||||||
Some(s) => {
|
Some(s) => {
|
||||||
|
let time_has_come = self.last_dump.map(|t| Instant::now()-t > Duration::from_secs(60)).unwrap_or(true);
|
||||||
|
if time_has_come {
|
||||||
|
self.last_dump = Some(Instant::now());
|
||||||
|
// Try dumping the worst case
|
||||||
|
let casename = s.with_extension(format!("at_{}h.case", (Instant::now()-self.init_time).as_secs()/60));
|
||||||
|
let corpus = state.corpus();
|
||||||
|
let mut worst = Duration::new(0,0);
|
||||||
|
let mut worst_input = None;
|
||||||
|
for i in 0..corpus.count() {
|
||||||
|
let tc = corpus.get(corpus.nth(i.into())).expect("Could not get element from corpus").borrow();
|
||||||
|
if worst < tc.exec_time().expect("Testcase missing duration") {
|
||||||
|
worst_input = Some(tc.input().as_ref().unwrap().clone());
|
||||||
|
worst = tc.exec_time().expect("Testcase missing duration");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if let Some(wi) = worst_input {
|
||||||
|
wi.to_file(casename);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Try dumping the current case
|
||||||
|
let tracename = s.with_extension("trace.ron");
|
||||||
let trace = state
|
let trace = state
|
||||||
.metadata::<SYS::TraceData>()
|
.metadata::<SYS::TraceData>()
|
||||||
.expect("TraceData not found");
|
.expect("TraceData not found");
|
||||||
std::fs::write(
|
std::fs::write(
|
||||||
s,
|
tracename,
|
||||||
ron::to_string(trace)
|
ron::to_string(trace)
|
||||||
.expect("Error serializing hashmap"),
|
.expect("Error serializing hashmap"),
|
||||||
)
|
)
|
||||||
.expect("Can not dump to file");
|
.expect("Can not dump to file");
|
||||||
self.dumpfile = None
|
}
|
||||||
}
|
}
|
||||||
Option::None => {
|
Option::None => {
|
||||||
()
|
()
|
||||||
@ -90,6 +117,8 @@ where
|
|||||||
name: Cow::from("Dumpsystemstate".to_string()),
|
name: Cow::from("Dumpsystemstate".to_string()),
|
||||||
dumpfile: None,
|
dumpfile: None,
|
||||||
phantom: PhantomData,
|
phantom: PhantomData,
|
||||||
|
init_time: std::time::Instant::now(),
|
||||||
|
last_dump: None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#[allow(unused)]
|
#[allow(unused)]
|
||||||
@ -98,6 +127,8 @@ where
|
|||||||
name: Cow::from("Dumpsystemstate".to_string()),
|
name: Cow::from("Dumpsystemstate".to_string()),
|
||||||
dumpfile: dumpfile,
|
dumpfile: dumpfile,
|
||||||
phantom: PhantomData,
|
phantom: PhantomData,
|
||||||
|
init_time: std::time::Instant::now(),
|
||||||
|
last_dump: None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user