def build():
"""Build an AFL version and SymCC version of the benchmark"""
print("Step 1: Building with AFL and SymCC")
build_directory = os.environ['OUT']
# First build with AFL.
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
aflplusplus_fuzzer.build("tracepc", "symcc")
print("Step 2: Completed AFL build")
# Copy over AFL artifacts needed by SymCC.
shutil.copy("/afl/afl-fuzz", build_directory)
shutil.copy("/afl/afl-showmap", build_directory)
# Copy over symcc artifacts and symbolic libc++.
print("Step 3: Copying SymCC files")
symcc_build_dir = get_symcc_build_dir(os.environ['OUT'])
shutil.copy(
"/symcc/build//SymRuntime-prefix/src/SymRuntime-build/libSymRuntime.so",
symcc_build_dir)
shutil.copy("/usr/lib/libz3.so", os.path.join(symcc_build_dir, "libz3.so"))
shutil.copy("/libcxx_native_build/lib/libc++.so.1", symcc_build_dir)
shutil.copy("/libcxx_native_build/lib/libc++abi.so.1", symcc_build_dir)
shutil.copy("/rust/bin/symcc_fuzzing_helper", symcc_build_dir)
def build():
"""Build an AFL version and SymCC version of the benchmark"""
print("Step 1: Building with AFL")
build_directory = os.environ['OUT']
# Save the environment for use in SymCC
new_env = os.environ.copy()
# First build with AFL.
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
aflplusplus_fuzzer.build()
print("Step 2: Completed AFL build")
# Copy over AFL artifacts needed by SymCC.
shutil.copy("/afl/afl-fuzz", build_directory)
shutil.copy("/afl/afl-showmap", build_directory)
# Build the SymCC-instrumented target.
print("Step 3: Building the benchmark with SymCC")
symcc_build_dir = get_symcc_build_dir(os.environ['OUT'])
os.mkdir(symcc_build_dir)
# Set flags to ensure compilation with SymCC.
new_env['CC'] = "/symcc/build/symcc"
new_env['CXX'] = "/symcc/build/sym++"
new_env['CXXFLAGS'] = new_env['CXXFLAGS'].replace("-stlib=libc++", "")
new_env['FUZZER_LIB'] = '/libfuzzer-harness.o'
new_env['OUT'] = symcc_build_dir
new_env['CXXFLAGS'] += " -fno-sanitize=all "
new_env['CFLAGS'] += " -fno-sanitize=all "
# Setting this environment variable instructs SymCC to use the
# libcxx library compiled with SymCC instrumentation.
new_env['SYMCC_LIBCXX_PATH'] = "/libcxx_native_build"
# Instructs SymCC to consider no symbolic inputs at runtime. This is needed
# if, for example, some tests are run during compilation of the benchmark.
new_env['SYMCC_NO_SYMBOLIC_INPUT'] = "1"
# Build benchmark.
utils.build_benchmark(env=new_env)
# Copy over symcc artifacts and symbolic libc++.
shutil.copy(
"/symcc/build//SymRuntime-prefix/src/SymRuntime-build/libSymRuntime.so",
symcc_build_dir)
shutil.copy("/usr/lib/libz3.so", os.path.join(symcc_build_dir, "libz3.so"))
shutil.copy("/libcxx_native_build/lib/libc++.so.1", symcc_build_dir)
shutil.copy("/libcxx_native_build/lib/libc++abi.so.1", symcc_build_dir)
shutil.copy("/rust/bin/symcc_fuzzing_helper", symcc_build_dir)
def build():
"""Build benchmark."""
# Backup the environment.
new_env = os.environ.copy()
src = os.getenv('SRC')
work = os.getenv('WORK')
out = os.getenv('OUT')
# First, build an instrumented binary for AFL.
os.environ['CC'] = '/out/AFLplusplus/afl-clang-fast'
os.environ['CXX'] = '/out/AFLplusplus/afl-clang-fast++'
os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
os.environ['AFL_PATH'] = '/out/AFLplusplus/'
os.environ['AFL_LLVM_DICT2FILE'] = out + '/afl++.dict'
#afl_fuzzer.prepare_build_environment()
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
print('[build] Copying afl-fuzz to $OUT directory')
shutil.copy('/out/AFLplusplus/afl-fuzz', os.environ['OUT'])
# Next, build an uninstrumented binary for Fuzzolic.
new_env['CC'] = 'clang'
new_env['CXX'] = 'clang++'
new_env['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a'
# Ensure to compile with NO_SANITIZER_COMPAT* flags even for bug benchmarks,
# as QEMU is incompatible with sanitizers. Also, Fuzzolic prefers clean and
# unoptimized binaries. We leave fast random fuzzing as AFL's job.
new_env['CFLAGS'] = ' '.join(utils.NO_SANITIZER_COMPAT_CFLAGS)
cxxflags = [utils.LIBCPLUSPLUS_FLAG] + utils.NO_SANITIZER_COMPAT_CFLAGS
new_env['CXXFLAGS'] = ' '.join(cxxflags)
uninstrumented_outdir = get_uninstrumented_outdir(os.environ['OUT'])
os.mkdir(uninstrumented_outdir)
new_env['OUT'] = uninstrumented_outdir
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
targ_name = os.path.basename(fuzz_target)
new_env['FUZZ_TARGET'] = os.path.join(uninstrumented_outdir, targ_name)
print('[build] Re-building benchmark for uninstrumented fuzzing target')
with utils.restore_directory(src), utils.restore_directory(work):
utils.build_benchmark(env=new_env)
def build():
"""Build fuzzer."""
afl_fuzzer.prepare_build_environment()
# Override AFL's FUZZER_LIB with QSYM's.
os.environ['FUZZER_LIB'] = '/libQSYM.a'
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
# QSYM requires an uninstrumented build as well.
new_env = os.environ.copy()
utils.set_no_sanitizer_compilation_flags(new_env)
cflags = ['-O2', '-fno-omit-frame-pointer', '-gline-tables-only']
utils.append_flags('CFLAGS', cflags, new_env)
utils.append_flags('CXXFLAGS', cflags, new_env)
# For uninstrumented build, set the OUT and FUZZ_TARGET environment
# variable to point to the new uninstrumented build directory.
build_directory = os.environ['OUT']
uninstrumented_build_directory = get_uninstrumented_build_directory(
build_directory)
os.mkdir(uninstrumented_build_directory)
new_env['OUT'] = uninstrumented_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(uninstrumented_build_directory,
os.path.basename(fuzz_target))
print('Re-building benchmark for uninstrumented fuzzing target')
utils.build_benchmark(env=new_env)
print('[post_build] Copying afl-fuzz to $OUT directory')
# Copy out the afl-fuzz binary as a build artifact.
shutil.copy('/afl/afl-fuzz', build_directory)
# QSYM also requires afl-showmap.
print('[post_build] Copying afl-showmap to $OUT directory')
shutil.copy('/afl/afl-showmap', build_directory)
def build(*args): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
# BUILD_MODES is not already supported by fuzzbench, meanwhile we provide
# a default configuration.
build_modes = list(args)
if 'BUILD_MODES' in os.environ:
build_modes = os.environ['BUILD_MODES'].split(',')
build_directory = os.environ['OUT']
# If nothing was set this is the default:
if not build_modes:
build_modes = ['tracepc', 'nozero']
# Instrumentation coverage modes:
if 'lto' in build_modes:
os.environ['CC'] = '/afl/afl-clang-lto'
os.environ['CXX'] = '/afl/afl-clang-lto++'
os.environ['RANLIB'] = 'llvm-ranlib-11'
os.environ['AR'] = 'llvm-ar-11'
elif 'qemu' in build_modes:
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
else:
os.environ['CC'] = '/afl/afl-clang-fast'
os.environ['CXX'] = '/afl/afl-clang-fast++'
if 'instrim' in build_modes:
# We dont set AFL_LLVM_INSTRIM_LOOPHEAD for better coverage
os.environ['AFL_LLVM_INSTRIM'] = 'CFG'
elif 'tracepc' in build_modes:
os.environ['AFL_LLVM_USE_TRACE_PC'] = '1'
elif 'classic' in build_modes:
os.environ['AFL_LLVM_INSTRUMENT'] = 'CLASSIC'
# Instrumentation coverage options:
# Do not use a fixed map location (LTO only)
if 'dynamic' in build_modes:
os.environ['AFL_LLVM_MAP_DYNAMIC'] = '1'
# Skip over single block functions
if 'skipsingle' in build_modes:
os.environ['AFL_LLVM_SKIPSINGLEBLOCK'] = '1'
# Enable context sentitivity for LLVM mode (non LTO only)
if 'ctx' in build_modes:
os.environ['AFL_LLVM_CTX'] = '1'
# Enable N-gram coverage for LLVM mode (non LTO only)
if 'ngram2' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '2'
elif 'ngram3' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '3'
elif 'ngram4' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '4'
elif 'ngram5' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '5'
elif 'ngram6' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '6'
elif 'ngram7' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '7'
elif 'ngram8' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '8'
elif 'ngram16' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '16'
# Further instrumentation options:
# Disable neverZero implementation
if 'nozero' in build_modes:
os.environ['AFL_LLVM_SKIP_NEVERZERO'] = '1'
# Only one of the following OR cmplog
# enable laf-intel compare splitting
if 'laf' in build_modes:
os.environ['AFL_LLVM_LAF_SPLIT_SWITCHES'] = '1'
os.environ['AFL_LLVM_LAF_SPLIT_COMPARES'] = '1'
os.environ['AFL_LLVM_LAF_SPLIT_FLOATS'] = '1'
if 'autodict' not in build_modes:
os.environ['AFL_LLVM_LAF_TRANSFORM_COMPARES'] = '1'
# enable auto dictionary for LTO
if 'autodict' in build_modes:
os.environ['AFL_LLVM_LTO_AUTODICTIONARY'] = '1'
os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
# Some benchmarks like lcms
# (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212)
# fail to compile if the compiler outputs things to stderr in unexpected
# cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast
# from writing AFL specific messages to stderr.
os.environ['AFL_QUIET'] = '1'
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
if 'cmplog' in build_modes and 'qemu' not in build_modes:
# CmpLog requires an build with different instrumentation.
new_env = os.environ.copy()
new_env['AFL_LLVM_CMPLOG'] = '1'
# For CmpLog build, set the OUT and FUZZ_TARGET environment
# variable to point to the new CmpLog build directory.
cmplog_build_directory = get_cmplog_build_directory(build_directory)
os.mkdir(cmplog_build_directory)
new_env['OUT'] = cmplog_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(
cmplog_build_directory, os.path.basename(fuzz_target))
print('Re-building benchmark for CmpLog fuzzing target')
utils.build_benchmark(env=new_env)
shutil.copy('/afl/afl-fuzz', build_directory)
def build(*args): # pylint: disable=too-many-branches,too-many-statements
"""Build benchmark."""
# BUILD_MODES is not already supported by fuzzbench, meanwhile we provide
# a default configuration.
build_modes = list(args)
if 'BUILD_MODES' in os.environ:
build_modes = os.environ['BUILD_MODES'].split(',')
# Placeholder comment.
build_directory = os.environ['OUT']
# If nothing was set this is the default:
if not build_modes:
build_modes = ['tracepc', 'cmplog', 'dict2file']
# For bug type benchmarks we have to instrument via native clang pcguard :(
build_flags = os.environ['CFLAGS']
if build_flags.find(
'array-bounds'
) != -1 and 'qemu' not in build_modes and 'classic' not in build_modes:
build_modes[0] = 'native'
# Instrumentation coverage modes:
if 'lto' in build_modes:
os.environ['CC'] = '/afl/afl-clang-lto'
os.environ['CXX'] = '/afl/afl-clang-lto++'
edge_file = build_directory + '/aflpp_edges.txt'
os.environ['AFL_LLVM_DOCUMENT_IDS'] = edge_file
if os.path.isfile('/usr/local/bin/llvm-ranlib-13'):
os.environ['RANLIB'] = 'llvm-ranlib-13'
os.environ['AR'] = 'llvm-ar-13'
os.environ['AS'] = 'llvm-as-13'
elif os.path.isfile('/usr/local/bin/llvm-ranlib-12'):
os.environ['RANLIB'] = 'llvm-ranlib-12'
os.environ['AR'] = 'llvm-ar-12'
os.environ['AS'] = 'llvm-as-12'
else:
os.environ['RANLIB'] = 'llvm-ranlib'
os.environ['AR'] = 'llvm-ar'
os.environ['AS'] = 'llvm-as'
elif 'qemu' in build_modes:
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
elif 'gcc' in build_modes:
os.environ['CC'] = 'afl-gcc-fast'
os.environ['CXX'] = 'afl-g++-fast'
else:
os.environ['CC'] = '/afl/afl-clang-fast'
os.environ['CXX'] = '/afl/afl-clang-fast++'
print('AFL++ build: ')
print(build_modes)
if 'qemu' in build_modes or 'symcc' in build_modes:
os.environ['CFLAGS'] = ' '.join(utils.NO_SANITIZER_COMPAT_CFLAGS)
cxxflags = [utils.LIBCPLUSPLUS_FLAG] + utils.NO_SANITIZER_COMPAT_CFLAGS
os.environ['CXXFLAGS'] = ' '.join(cxxflags)
if 'tracepc' in build_modes or 'pcguard' in build_modes:
os.environ['AFL_LLVM_USE_TRACE_PC'] = '1'
elif 'classic' in build_modes:
os.environ['AFL_LLVM_INSTRUMENT'] = 'CLASSIC'
elif 'native' in build_modes:
os.environ['AFL_LLVM_INSTRUMENT'] = 'LLVMNATIVE'
# Instrumentation coverage options:
# Do not use a fixed map location (LTO only)
if 'dynamic' in build_modes:
os.environ['AFL_LLVM_MAP_DYNAMIC'] = '1'
# Use a fixed map location (LTO only)
if 'fixed' in build_modes:
os.environ['AFL_LLVM_MAP_ADDR'] = '0x10000'
# Generate an extra dictionary.
if 'dict2file' in build_modes or 'native' in build_modes:
os.environ['AFL_LLVM_DICT2FILE'] = build_directory + '/afl++.dict'
# Enable context sentitivity for LLVM mode (non LTO only)
if 'ctx' in build_modes:
os.environ['AFL_LLVM_CTX'] = '1'
# Enable N-gram coverage for LLVM mode (non LTO only)
if 'ngram2' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '2'
elif 'ngram3' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '3'
elif 'ngram4' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '4'
elif 'ngram5' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '5'
elif 'ngram6' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '6'
elif 'ngram7' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '7'
elif 'ngram8' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '8'
elif 'ngram16' in build_modes:
os.environ['AFL_LLVM_NGRAM_SIZE'] = '16'
if 'ctx1' in build_modes:
os.environ['AFL_LLVM_CTX_K'] = '1'
elif 'ctx2' in build_modes:
os.environ['AFL_LLVM_CTX_K'] = '2'
elif 'ctx3' in build_modes:
os.environ['AFL_LLVM_CTX_K'] = '3'
elif 'ctx4' in build_modes:
os.environ['AFL_LLVM_CTX_K'] = '4'
# Only one of the following OR cmplog
# enable laf-intel compare splitting
if 'laf' in build_modes:
os.environ['AFL_LLVM_LAF_SPLIT_SWITCHES'] = '1'
os.environ['AFL_LLVM_LAF_SPLIT_COMPARES'] = '1'
os.environ['AFL_LLVM_LAF_SPLIT_FLOATS'] = '1'
if 'autodict' not in build_modes:
os.environ['AFL_LLVM_LAF_TRANSFORM_COMPARES'] = '1'
if 'eclipser' in build_modes:
os.environ['FUZZER_LIB'] = '/libStandaloneFuzzTarget.a'
else:
os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
# Some benchmarks like lcms
# (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212)
# fail to compile if the compiler outputs things to stderr in unexpected
# cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast
# from writing AFL specific messages to stderr.
os.environ['AFL_QUIET'] = '1'
os.environ['AFL_MAP_SIZE'] = '2621440'
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
if 'cmplog' in build_modes and 'qemu' not in build_modes:
# CmpLog requires an build with different instrumentation.
new_env = os.environ.copy()
new_env['AFL_LLVM_CMPLOG'] = '1'
# For CmpLog build, set the OUT and FUZZ_TARGET environment
# variable to point to the new CmpLog build directory.
cmplog_build_directory = get_cmplog_build_directory(build_directory)
os.mkdir(cmplog_build_directory)
new_env['OUT'] = cmplog_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(
cmplog_build_directory, os.path.basename(fuzz_target))
print('Re-building benchmark for CmpLog fuzzing target')
utils.build_benchmark(env=new_env)
if 'symcc' in build_modes:
symcc_build_directory = get_uninstrumented_build_directory(
build_directory)
os.mkdir(symcc_build_directory)
# symcc requires an build with different instrumentation.
new_env = os.environ.copy()
new_env['CC'] = '/symcc/build/symcc'
new_env['CXX'] = '/symcc/build/sym++'
new_env['SYMCC_OUTPUT_DIR'] = '/tmp'
new_env['CXXFLAGS'] = new_env['CXXFLAGS'].replace("-stlib=libc++", "")
new_env['FUZZER_LIB'] = '/libfuzzer-harness.o'
new_env['OUT'] = symcc_build_directory
new_env['SYMCC_LIBCXX_PATH'] = "/libcxx_native_build"
new_env['SYMCC_NO_SYMBOLIC_INPUT'] = "1"
new_env['SYMCC_SILENT'] = "1"
# For CmpLog build, set the OUT and FUZZ_TARGET environment
# variable to point to the new CmpLog build directory.
new_env['OUT'] = symcc_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(
symcc_build_directory, os.path.basename(fuzz_target))
print('Re-building benchmark for CmpLog fuzzing target')
utils.build_benchmark(env=new_env)
shutil.copy('/afl/afl-fuzz', build_directory)
if os.path.exists('/afl/afl-qemu-trace'):
shutil.copy('/afl/afl-qemu-trace', build_directory)
if os.path.exists('/aflpp_qemu_driver_hook.so'):
shutil.copy('/aflpp_qemu_driver_hook.so', build_directory)
if os.path.exists('/get_frida_entry.sh'):
shutil.copy('/afl/afl-frida-trace.so', build_directory)
shutil.copy('/get_frida_entry.sh', build_directory)
def build():
"""Build benchmark."""
# BUILD_MODES is not already supported by fuzzbench, meanwhile we provide
# a default configuration.
build_modes = ['instrim']
if 'BUILD_MODES' in os.environ:
build_modes = os.environ['BUILD_MODES'].split(',')
if 'qemu' in build_modes:
os.environ['CC'] = 'clang'
os.environ['CXX'] = 'clang++'
else:
os.environ['CC'] = '/afl/afl-clang-fast'
os.environ['CXX'] = '/afl/afl-clang-fast++'
if 'laf' in build_modes:
os.environ['AFL_LLVM_LAF_SPLIT_SWITCHES'] = '1'
os.environ['AFL_LLVM_LAF_TRANSFORM_COMPARES'] = '1'
os.environ['AFL_LLVM_LAF_SPLIT_COMPARES'] = '1'
if 'instrim' in build_modes:
# I avoid to put also AFL_LLVM_INSTRIM_LOOPHEAD
os.environ['AFL_LLVM_INSTRIM'] = '1'
os.environ['AFL_LLVM_INSTRIM_SKIPSINGLEBLOCK'] = '1'
os.environ['FUZZER_LIB'] = '/libAFLDriver.a'
# Some benchmarks like lcms
# (see: https://github.com/mm2/Little-CMS/commit/ab1093539b4287c233aca6a3cf53b234faceb792#diff-f0e6d05e72548974e852e8e55dffc4ccR212)
# fail to compile if the compiler outputs things to stderr in unexpected
# cases. Prevent these failures by using AFL_QUIET to stop afl-clang-fast
# from writing AFL specific messages to stderr.
os.environ['AFL_QUIET'] = '1'
src = os.getenv('SRC')
work = os.getenv('WORK')
with utils.restore_directory(src), utils.restore_directory(work):
# Restore SRC to its initial state so we can build again without any
# trouble. For some OSS-Fuzz projects, build_benchmark cannot be run
# twice in the same directory without this.
utils.build_benchmark()
if 'cmplog' in build_modes and 'qemu' not in build_modes:
# CmpLog requires an build with different instrumentation.
new_env = os.environ.copy()
new_env['AFL_LLVM_CMPLOG'] = '1'
# For CmpLog build, set the OUT and FUZZ_TARGET environment
# variable to point to the new CmpLog build directory.
build_directory = os.environ['OUT']
cmplog_build_directory = get_cmplog_build_directory(build_directory)
os.mkdir(cmplog_build_directory)
new_env['OUT'] = cmplog_build_directory
fuzz_target = os.getenv('FUZZ_TARGET')
if fuzz_target:
new_env['FUZZ_TARGET'] = os.path.join(cmplog_build_directory,
os.path.basename(fuzz_target))
print('Re-building benchmark for CmpLog fuzzing target')
utils.build_benchmark(env=new_env)
shutil.copy('/afl/afl-fuzz', os.environ['OUT'])
