diff options
| author | Andrea Fioraldi <andreafioraldi@gmail.com> | 2019-11-11 14:36:06 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-11-11 14:36:06 +0100 |
| commit | 659db7e421b47da4b04110a141d9c20307f74ecc (patch) | |
| tree | 18f9c38cc5270adcf445a62b974712cead4a01c4 /docs/perf_tips.txt | |
| parent | cd84339bccc104a51a5da614a9f82cc4ae615cce (diff) | |
| parent | 01d55372441960c435af8f3bd6b61d1302042728 (diff) | |
| download | afl++-659db7e421b47da4b04110a141d9c20307f74ecc.tar.gz | |
Merge branch 'master' into radamsa
Diffstat (limited to 'docs/perf_tips.txt')
| -rw-r--r-- | docs/perf_tips.txt | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/docs/perf_tips.txt b/docs/perf_tips.txt index 215895b6..0cac8f7b 100644 --- a/docs/perf_tips.txt +++ b/docs/perf_tips.txt @@ -50,12 +50,15 @@ Even if you don't have a lightweight harness for a particular target, remember that you can always use another, related library to generate a corpus that will be then manually fed to a more resource-hungry program later on. +Also note that reading the fuzzing input via stdin is faster than reading from +a file. + 3) Use LLVM instrumentation --------------------------- -When fuzzing slow targets, you can gain 2x performance improvement by using -the LLVM-based instrumentation mode described in llvm_mode/README.llvm. Note -that this mode requires the use of clang and will not work with GCC. +When fuzzing slow targets, you can gain 20-100% performance improvement by +using the LLVM-based instrumentation mode described in llvm_mode/README.llvm. +Note that this mode requires the use of clang and will not work with GCC. The LLVM mode also offers a "persistent", in-process fuzzing mode that can work well for certain types of self-contained libraries, and for fast targets, @@ -72,6 +75,9 @@ If you are only intested in specific parts of the code being fuzzed, you can whitelist the files that are actually relevant. This improves the speed and accuracy of afl. See llvm_mode/README.whitelist +Also use the InsTrim mode on larger binaries, this improves performance and +coverage a lot. + 4) Profile and optimize the binary ---------------------------------- @@ -161,6 +167,11 @@ and not waste CPU time. There are several OS-level factors that may affect fuzzing speed: + - If you have no risk of power loss then run your fuzzing on a tmpfs + partition. This increases the performance noticably. + Alternatively you can use AFL_TMPDIR to point to a tmpfs location to + just write the input file to a tmpfs. + - High system load. Use idle machines where possible. Kill any non-essential CPU hogs (idle browser windows, media players, complex screensavers, etc). |