LibAFL icon indicating copy to clipboard operation
LibAFL copied to clipboard
verified publisher icon AFLplusplus

Implement State save restore to disk on SIGINT to allow to stop and resume a fuzzer

Open andreafioraldi opened this issue 4 years ago • 6 comments

We should implement the handler for posix and windows and extend it to work with multiple processes when using a launcher

andreafioraldi avatar Sep 07 '21 09:09 andreafioraldi

I don't think we have the state available at any time, necessarily. We could set a "exit_soon" flag to true in the handler and check that at certain points in time

domenukk avatar Sep 07 '21 10:09 domenukk

An AFL-Like resume with ondiskcorpus may be fine, though?

domenukk avatar Sep 07 '21 10:09 domenukk

Currently loading from an OnDiskCorpus is quite horrific, especially when running ('resuming') on multiple cores. It takes forever and each core sends all testcases to every other core.... We need to provide a better user experience for this.

s1341 avatar Sep 09 '21 12:09 s1341

After running a fuzz-campaign for about a week with LibAFL, it's clear to me that some way to stop and resume the fuzzing, potentially with tweaks to the fuzzer in between, is a critical requirement.

Assuming we just re-read the queue, we need to either delegate the queue-reading to a single node (a 'queue importer'?), or find a way to efficiently spread the queue-reading across nodes, without causing a cascade of 'new test-cases' from every node to every other node.

s1341 avatar Sep 13 '21 05:09 s1341

I think at least we should add proper signal handlings for SIGINT and SIGTERM

tokatoka avatar Jun 17 '22 06:06 tokatoka

The shmem allocated for StateRestorer is not freed when the process is killed, so we need to implement this.

tokatoka avatar Nov 13 '22 16:11 tokatoka