Add option to set custom corpus

[jiradeto]

This PR allows users to set custom seed corpus for the experiment. To use this option, one has to set --custom-seed-corpus-dir to path that has input files for the running benchmarks.

For example:

PYTHONPATH=. python3 experiment/run_experiment.py  \
--experiment-config /tmp/local-experiment-config.yaml \
--experiment-name demo-exp \
--fuzzers  afl libfuzzer \
--benchmarks libjpeg-turbo-07-2017 sqlite3_ossfuzz \
--custom-seed-corpus-dir /local/my-custom-corpora 

and /local/my-custom-corpora must have the following content:

|— my-custom-corpora 
|    |— sqlite3_ossfuzz  
|    |    |— fbeb1de0be72d83ed8dff924fd9df8cedb0a7497
|    |    |— fba1b82f6612e8e1d1786b757dfeecbbfabeeca5
|    |— libjpeg-turbo-07-2017
|    |    |— f78602c270b787d3e7e940f50f78365552d5a20b
|    |    |— ebc89a181d637f6bdfdcaa9d647cfd1f88d62675
|    |    |— ed0fbdb5c9f7d2fbb1c6c8e0665e80b110ba1e14

[jiradeto]

I think we cannot get rid of this implementation entirely. I simplified code a bit but the main idea remains:

1. Read and validate custom seeds directory from optional flag custom-seed-corpus-dir
2. Copy content of such directory into the main worker (dispatcher)
3. Dispatcher then starts spawning fuzzing workers with a mounted directory containing custom seed corpora of all running benchmarks
4. Then inside the fuzzing runners, check for env variable CUSTOM_SEED_CORPUS_DIR and if specified, copy content of custom seeds from the mounted directory and use for experiment

I added a detail of the alternative that they've suggested us to do for the comparison.

For any benchmark that we need to have a custom seed we need to repeatedly do the following (libpng for example):

1. create seeds directory inside benchmark directory and add custom input files there
2. modify Dockerfile to copy seeds to a container
3. adjust build.sh script to feed seeds to the experiment

I believe we'd better go with our implementation for the custom seed. I think the above alternative is doable but not really convenient. What do you think? @wuestholz

[wuestholz]

@jiradeto Thanks a lot! Maybe we should try the following:

1. Update the PR for fuzzbench with these changes (New option for custom seed corpus google/fuzzbench#1395).
2. Tell Jonathan the following:

We tried to simplify the PR, and we managed to reduce the complexity quite a bit. However, it seems like some functionality is needed for our use case. In case you don't remember, we're trying to use the custom seed directory to start individual campaigns with different sets of seeds from a large pool of seeds. We don't necessarily want to commit the large pool of seeds to the repo (for instance, seeds from clusterfuzz or existing fuzzing campaigns).

3. Wait what he says.
4. Independently, prepare a PR that includes all of our PRs (Add support for branch coverage google/fuzzbench#1375, Add option to set custom corpus #3, and [Prototype] Target fuzzing #5). Let's already try to get some results while we're waiting for them to merge the PRs.

The key issue seems to be that each benchmark has their own structure and seeds directory. Modifying it would require changes to the Dockerfile and/or the build script.

The combined PR should include 4 commits:

1. add branch coverage
2. add custom seed dir
3. add random seed selection
4. add random seed selection with target edges