googleprojectzero / winafl

A fork of AFL for fuzzing Windows binaries
Apache License 2.0
2.36k stars 533 forks source link

Remove redundant file API calls (unlink before open, seek before close) #365

Closed eranzim closed 2 years ago

eranzim commented 2 years ago

Disk I/O is the bottleneck for fast harnesses (verified by profiling). Reducing the amount of those calls should give us an immediate performance gain. I apologize but I won't have time to test this change, as I need to start a project at work, but if something seems amiss tell me and I'll try to make some time to fix it.

ifratric commented 2 years ago

Thanks! I asked lcamtuf (original creator of AFL) about the unlinks and this is what he replied:

The original unlink approach is basically slightly safer in case the fuzzed program does something weird with the input file - say, removes read or write permissions, replaces it with a symlink, whatever. Not a hugely common scenario, but that unlink() is not costing much

I think something like that would be extremely unlikely on Windows. However, let me run some tests first and then I'll decide whether to merge as is or if we should have some flag or another mechanism to revert to earlier bahavior if needed.

ifratric commented 2 years ago

Apologies for the delay, I too got tied up in another project. I did some experiments that suggest, on Windows at least, removing the unlinks is going to be noticeably faster. Given the benefits and relatively low risk of breakage (famous last words), I'm going to merge as is.