diff --git a/fuzzers/wcet_qemu_sys/Makefile b/fuzzers/wcet_qemu_sys/Makefile index c1e58ecbab..bcae7c69b5 100644 --- a/fuzzers/wcet_qemu_sys/Makefile +++ b/fuzzers/wcet_qemu_sys/Makefile @@ -1,9 +1,11 @@ BENCHDIR = target/bench -TARGET = tmr.axf -TARGET_TRACE = $(BENCHDIR)/traces/tmr_worst.ron -TARGET_EDGES = $(BENCHDIR)/edges/tmr_worst.ron +TNAME = tmrint +TARGET = $(TNAME).axf +TARGET_TRACE = $(BENCHDIR)/traces/$(TNAME)_worst.ron +TARGET_EDGES = $(BENCHDIR)/edges/$(TNAME)_worst.ron RUNTIME = 3600 -COMMON_FLAGS = benchmark,dump_infos,fuzz_interrupt +INT_FLAG = ,fuzz_interrupt +COMMON_FLAGS = benchmark,dump_infos$(INT_FLAG) NUM_JOB = 3 NUM_ITERATIONS = 10 LOCKFILE = /tmp/bench_sem @@ -14,7 +16,7 @@ $(BENCHDIR)/bin: mkdir -p $@ $(BENCHDIR)/target_random: - cargo build --bin fuzzer --target-dir $@ --features benchmark,dump_infos,fuzz_interrupt,sched_queue,fuzz_random + cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),sched_queue,fuzz_random $(BENCHDIR)/target_known_edges: cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_known_edges,sched_queue @@ -29,7 +31,7 @@ $(BENCHDIR)/target_state: cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_state,sched_state $(BENCHDIR)/target_state_afl: - cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_state,sched_state + cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_state,feed_afl,sched_state $(BENCHDIR)/target_state_afl_int: cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_state,sched_state,muta_interrupt @@ -46,11 +48,11 @@ $(BENCHDIR)/target_graph_afl: $(BENCHDIR)/target_graph_muta_afl: cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_graph,sched_graph,feed_afl,muta_snip,muta_input,muta_suffix -$(BENCHDIR)/target_graph_all: +$(BENCHDIR)/target_graph_muta_afl_int: cargo build --bin fuzzer --target-dir $@ --features $(COMMON_FLAGS),feed_graph,sched_graph,feed_afl,muta_snip,muta_input,muta_suffix,muta_interrupt binaries: $(BENCHDIR)/target_random $(BENCHDIR)/target_known_edges $(BENCHDIR)/target_afl_queue $(BENCHDIR)/target_afl_mapmax $(BENCHDIR)/target_state $(BENCHDIR)/target_state_afl $(BENCHDIR)/target_state_afl_int \ - $(BENCHDIR)/target_graph $(BENCHDIR)/target_graph_muta $(BENCHDIR)/target_graph_afl $(BENCHDIR)/target_graph_muta_afl $(BENCHDIR)/target_graph_all + $(BENCHDIR)/target_graph $(BENCHDIR)/target_graph_muta $(BENCHDIR)/target_graph_afl $(BENCHDIR)/target_graph_muta_afl $(BENCHDIR)/target_graph_muta_afl_int # variants: known_edges, afl_queue, afl_mapmax, state, state_afl, graph, graph_muta, graph_afl, graph_all $(BENCHDIR)/bench_%.log: $(BENCHDIR)/target_% $(TARGET_TRACE) @@ -63,20 +65,22 @@ $(BENCHDIR)/bench_%.log: $(BENCHDIR)/target_% $(TARGET_TRACE) mkdir -p $(BENCHDIR)/infos/$$CASE ; \ ./fuzzer_bench.sh $ $@_$$i || \ - sed -i "1 i\\$$CASE " $(BENCHDIR)/execs/$$CASE\_$$i.exec || \ + --libafl-edges $(TARGET_EDGES) --libafl-exectimes $(BENCHDIR)/execs/$$CASE\_$$i.exec > $@_$$i && \ + sed -i "1 i\\$$CASE " $(BENCHDIR)/execs/$$CASE\_$$i.exec && \ $(RELEASE) & \ done - for i in $@_*; do tail -n 1 $$i >> $@; done + wait + for i in $@_*; do tail -n 1 $$i >> $@; done -benchmarks_all: target/bench/bench_known_edges.log target/bench/bench_afl_queue.log target/bench/bench_afl_mapmax.log target/bench/bench_state.log target/bench/bench_state_afl.log target/bench/bench_state_afl_int.log \ - target/bench/bench_graph.log target/bench/bench_graph_muta.log target/bench/bench_graph_afl.log target/bench/bench_graph_muta_afl.log target/bench/bench_graph_all.log +benchmarks_noint: target/bench/bench_known_edges.log target/bench/bench_afl_queue.log target/bench/bench_afl_mapmax.log target/bench/bench_state.log target/bench/bench_state_afl.log \ + target/bench/bench_graph.log target/bench/bench_graph_muta.log target/bench/bench_graph_afl.log target/bench/bench_graph_muta_afl.log +# target/bench/bench_graph_all.log target/bench/bench_state_afl_int.log -benchmarks_int_mut: target/bench/bench_graph_muta_afl.log target/bench/bench_graph_all.log target/bench/bench_state_afl.log target/bench/bench_state_afl_int.log +benchmarks_int: target/bench/bench_graph_muta_afl.log target/bench/bench_graph_muta_afl_int.log target/bench/bench_state_afl.log target/bench/bench_state_afl_int.log target/bench/bench_afl_mapmax.log benchmark_random: target/bench/bench_random.log -all: binaries benchmarks_all +all: binaries benchmarks_noint clean_bench: rm -rf $(BENCHDIR)/bench_* @@ -104,4 +108,4 @@ reset_sem: grep "Qemu Ticks:"; \ done -$(TARGET_TRACE): tmr.case \ No newline at end of file +$(TARGET_TRACE): $(TNAME).case \ No newline at end of file diff --git a/fuzzers/wcet_qemu_sys/bash_sem.sh b/fuzzers/wcet_qemu_sys/bash_sem.sh index c93986b563..261b54f4b3 100755 --- a/fuzzers/wcet_qemu_sys/bash_sem.sh +++ b/fuzzers/wcet_qemu_sys/bash_sem.sh @@ -12,21 +12,24 @@ if [[ $2 != "lock" ]] && [[ $2 != "release" ]]; then echo "Parameter 2: must be if [[ $2 = "lock" ]]; then SEM='' while [[ -z $SEM ]]; do + if (( $(cat $1 ) == 0 )); then sleep 1; wait; continue; fi if mkdir $1_lockdir > /dev/null 2>&1 ; then VAL=$(cat $1) if (( $VAL > 0 )) then SEM=$(sed -i "s@$VAL@$(( $VAL - 1))@w /dev/stdout" $1) echo "Take $VAL -> $SEM" + rmdir $1_lockdir else + rmdir $1_lockdir sleep 1; wait fi else - sleep 0.1; + sleep 0.5; fi done - rmdir $1_lockdir else + echo "Attempt unlock" SEM='' while [[ -z $SEM ]]; do if mkdir $1_lockdir > /dev/null 2>&1 ; then @@ -36,8 +39,8 @@ else else sleep 0.1; fi + rmdir $1_lockdir done - rmdir $1_lockdir fi #SEM=''; while [[ -z SEM ]]; do VAL=$(cat /tmp/test); if (( $VAL > 0 )); then SEM=$(sed -i "s@$VAL@$(( $VAL - 1))@w /dev/stdout" /tmp/test); else sleep 1; wait; fi; done