From 39b7f488705a7e242b7a54695ca8e03fb2e73d81 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Wed, 23 Oct 2019 17:01:05 +0200 Subject: performance doc enhancements --- docs/perf_tips.txt | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs/perf_tips.txt') diff --git a/docs/perf_tips.txt b/docs/perf_tips.txt index 215895b6..2fa19234 100644 --- a/docs/perf_tips.txt +++ b/docs/perf_tips.txt @@ -50,6 +50,9 @@ Even if you don't have a lightweight harness for a particular target, remember that you can always use another, related library to generate a corpus that will be then manually fed to a more resource-hungry program later on. +Also note that reading the fuzzing input via stdin is faster than reading from +a file. + 3) Use LLVM instrumentation --------------------------- @@ -161,6 +164,11 @@ and not waste CPU time. There are several OS-level factors that may affect fuzzing speed: + - If you have no risk of power loss then run your fuzzing on a tmpfs + partition. This increases the performance noticably. + Alternatively you can use AFL_TMPDIR to point to a tmpfs location to + just write the input file to a tmpfs. + - High system load. Use idle machines where possible. Kill any non-essential CPU hogs (idle browser windows, media players, complex screensavers, etc). -- cgit 1.4.1 From 4de38fe40a4e0dac34c178c4ef6f4cb213fb3ee3 Mon Sep 17 00:00:00 2001 From: van Hauser Date: Sun, 27 Oct 2019 09:04:40 +0100 Subject: docs update --- README.md | 6 +++--- docs/perf_tips.txt | 9 ++++++--- 2 files changed, 9 insertions(+), 6 deletions(-) (limited to 'docs/perf_tips.txt') diff --git a/README.md b/README.md index de012e62..88a86aaa 100644 --- a/README.md +++ b/README.md @@ -55,9 +55,9 @@ | Feature/Instrumentation | AFL-GCC | LLVM_MODE | GCC_PLUGIN | QEMU_MODE | Unicorn | | ----------------------- |:-------:|:---------:|:----------:|:---------:|:-------:| | laf-intel / CompCov | | x | | x | x | - | NeverZero | X | x(1) | (2) | x | x | - | Persistent mode | | x | X | x | | - | Whitelist | | x | X | | | + | NeverZero | x | x(1) | (2) | x | x | + | Persistent mode | | x | x | x | | + | Whitelist | | x | x | | | | InsTrim | | x | | | | neverZero: diff --git a/docs/perf_tips.txt b/docs/perf_tips.txt index 2fa19234..0cac8f7b 100644 --- a/docs/perf_tips.txt +++ b/docs/perf_tips.txt @@ -56,9 +56,9 @@ a file. 3) Use LLVM instrumentation --------------------------- -When fuzzing slow targets, you can gain 2x performance improvement by using -the LLVM-based instrumentation mode described in llvm_mode/README.llvm. Note -that this mode requires the use of clang and will not work with GCC. +When fuzzing slow targets, you can gain 20-100% performance improvement by +using the LLVM-based instrumentation mode described in llvm_mode/README.llvm. +Note that this mode requires the use of clang and will not work with GCC. The LLVM mode also offers a "persistent", in-process fuzzing mode that can work well for certain types of self-contained libraries, and for fast targets, @@ -75,6 +75,9 @@ If you are only intested in specific parts of the code being fuzzed, you can whitelist the files that are actually relevant. This improves the speed and accuracy of afl. See llvm_mode/README.whitelist +Also use the InsTrim mode on larger binaries, this improves performance and +coverage a lot. + 4) Profile and optimize the binary ---------------------------------- -- cgit 1.4.1