Support exit_on_time option: issue #399

Stop fuzzing if no coverage was found for a certain amount of time
author: Daniil Kutz <kutz@ispras.ru> 2023-04-12 13:06:16 +0300
committer: Daniil Kutz <kutz@ispras.ru> 2023-04-12 13:57:36 +0300
commit: cc3d4d19e5be1a981556add62f6a40917329f212 (patch)
tree: 1888a3d506afe166d81b25270ce07515c0588b37
parent: 3f39135d3ccf11a57265b8ad5b28f26680b3859c (diff)
download: honggfuzz-cc3d4d19e5be1a981556add62f6a40917329f212.tar.gz
3 files changed, 10 insertions, 0 deletions
diff --git a/cmdline.c b/cmdline.c
index ab4044a9..54c0193c 100644
--- a/cmdline.c
+++ b/cmdline.c
@@ -500,6 +500,7 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) {
         { { "pprocess_cmd", required_argument, NULL, 0x111 }, "External command postprocessing files produced by internal mutators" },
         { { "ffmutate_cmd", required_argument, NULL, 0x110 }, "External command mutating files which have effective coverage feedback" },
         { { "run_time", required_argument, NULL, 0x109 }, "Number of seconds this fuzzing session will last (default: 0 [no limit])" },
+        { { "exit_on_time", required_argument, NULL, 0x10A }, "Stop fuzzing session if no new coverage was found for this number of seconds (default: 0 [no limit])" },
         { { "iterations", required_argument, NULL, 'N' }, "Number of fuzzing iterations (default: 0 [no limit])" },
         { { "rlimit_as", required_argument, NULL, 0x100 }, "Per process RLIMIT_AS in MiB (default: 0 [default limit])" },
         { { "rlimit_rss", required_argument, NULL, 0x101 }, "Per process RLIMIT_RSS in MiB (default: 0 [default limit]). It will also set *SAN's soft_rss_limit_mb" },
@@ -688,6 +689,9 @@ bool cmdlineParse(int argc, char* argv[], honggfuzz_t* hfuzz) {
                     hfuzz->timing.runEndTime = time(NULL) + p;
                 }
             } break;
+            case 0x10A:
+                hfuzz->timing.exitOnTime = atol(optarg);
+                break;
             case 'N':
                 hfuzz->mutate.mutationsMax = atol(optarg);
                 break;
diff --git a/honggfuzz.c b/honggfuzz.c
index 0d8dbb7b..bba5703c 100644
--- a/honggfuzz.c
+++ b/honggfuzz.c
@@ -282,6 +282,11 @@ static uint8_t mainThreadLoop(honggfuzz_t* hfuzz) {
             LOG_I("Maximum run time reached, terminating");
             break;
         }
+        if (hfuzz->timing.exitOnTime > 0 &&
+                time(NULL) - ATOMIC_GET(hfuzz->timing.lastCovUpdate) > hfuzz->timing.exitOnTime) {
+            LOG_I("No new coverage was found for the last %ld seconds, terminating", hfuzz->timing.exitOnTime);
+            break;
+        }
         pingThreads(hfuzz);
         pause();
     }
diff --git a/honggfuzz.h b/honggfuzz.h
index 21492654..ef8dced7 100644
--- a/honggfuzz.h
+++ b/honggfuzz.h
@@ -243,6 +243,7 @@ typedef struct {
         time_t  runEndTime;
         time_t  tmOut;
         time_t  lastCovUpdate;
+        time_t  exitOnTime;
         int64_t timeOfLongestUnitUSecs;
         bool    tmoutVTALRM;
     } timing;
author	Daniil Kutz <kutz@ispras.ru>	2023-04-12 13:06:16 +0300
committer	Daniil Kutz <kutz@ispras.ru>	2023-04-12 13:57:36 +0300
commit	cc3d4d19e5be1a981556add62f6a40917329f212 (patch)
tree	1888a3d506afe166d81b25270ce07515c0588b37
parent	3f39135d3ccf11a57265b8ad5b28f26680b3859c (diff)
download	honggfuzz-cc3d4d19e5be1a981556add62f6a40917329f212.tar.gz