search

status-im / nim-drchaos

A powerful and easy-to-use fuzzing framework in Nim for C/C++/Obj-C targets
Other
68 stars 3 forks source link

Hotspots in the benchmark. #4

Open planetis-m opened 2 years ago

planetis-m commented 2 years ago

From the benchmark's results for our custom mutator from left to right, about:

  1. 15% of the time is spent in deserializing the input.
  2. 11% serializing the mutated input.
  3. 36% running myMutator
  4. 20% initRand

Aggregated costs of running important procs:

  1. 1.4% byteSize
  2. 3% sample
  3. 1% running eqeq (that's seq's ==)
  4. 9% copying the selected item before mutation.
  5. 10% rand()
  6. 20% mutateSeq
  7. postProcess doesn't appear anywhere.

εικόνα

Reproduce: Benchmark runs with -d:fuzzerStandalone and --mm:arc

planetis-m commented 2 years ago

Note: According to LibFuzzer's interface: "Should produce the same mutation given the same seed." This applies to minimizing where the crash input is given a different seed each mutation. So I don't know if optimizing rand out is possible.