MOpt-AFL mutations selection optimization #15
Labels
enhancement
New feature or request
Comments
|
A good idea is to ask directly to the authors if they want merge they changes to AFL directly here. Here: puppet-meteor/MOpt-AFL#1 |
|
I don't understand the issue here. MOpt is already included, first in branch MOpt and then merged to master... |
|
Lol I missed it, GG for the rapid merge |
|
yes I think @andreafioraldi missed it :) I did a lot of testing and verified that MOpt is really good and then added it also instrim is now in trunk/master. makes llvm_mode much, much faster (but slightly lower coverage) |
|
@andreafioraldi but if you ever see something interested, integrate it or create an issue. I always look and @hexcoder- too, but of course we can miss stuff :) |
stbergmann
added a commit
to stbergmann/AFLplusplus
that referenced
this issue
Mar 2, 2021
This had caused an assert SIGABRT with LibreOffice (see <https://git.libreoffice.org/core/+/ e2c9ac71cec0f205b1d4864538e8158c22558296%5E%21> "ofz#30767 Build-Failure") at > AFLplusplus#3 0x00007ffff7a07026 in __GI___assert_fail (assertion=0x7ffff79c3b98 "isString() && \"Not a string\"", file=0x7ffff79c3800 "~/llvm/inst/include/llvm/IR/Constants.h", line=661, function=0x7ffff79c3bb5 "llvm::StringRef llvm::ConstantDataSequential::getAsString() const") at /usr/src/debug/glibc-2.32-37-g760e1d2878/assert/assert.c:101 > AFLplusplus#4 0x00007ffff79b9dd1 in llvm::ConstantDataSequential::getAsString (this=0xcb75f90) at ~/llvm/inst/include/llvm/IR/Constants.h:661 > AFLplusplus#5 0x00007ffff79b8645 in (anonymous namespace)::AFLdict2filePass::runOnModule (this=0xd175d50, M=...) at ~/AFLplusplus/instrumentation/afl-llvm-dict2file.so.cc:406 > AFLplusplus#6 0x000000000550fb63 in (anonymous namespace)::MPPassManager::runOnModule (M=..., this=<optimized out>) at ~/llvm/llvm-project/llvm/lib/IR/LegacyPassManager.cpp:1550 > AFLplusplus#7 llvm::legacy::PassManagerImpl::run (this=0x9925a90, M=...) at ~/llvm/llvm-project/llvm/lib/IR/LegacyPassManager.cpp:541 > AFLplusplus#8 0x000000000550feb9 in llvm::legacy::PassManager::run (this=this@entry=0x7fffffff91c0, M=...) at ~/llvm/llvm-project/llvm/lib/IR/LegacyPassManager.cpp:1677 > AFLplusplus#9 0x000000000653efb3 in (anonymous namespace)::EmitAssemblyHelper::EmitAssembly (this=this@entry=0x7fffffff9670, Action=Action@entry=clang::Backend_EmitObj, OS=std::unique_ptr<llvm::raw_pwrite_stream> = {...}) at ~/llvm/llvm-project/clang/lib/CodeGen/BackendUtil.cpp:1015 > AFLplusplus#10 0x0000000006540856 in clang::EmitBackendOutput (Diags=..., HeaderOpts=..., CGOpts=..., TOpts=..., LOpts=..., TDesc=..., M=0x944b6f0, Action=<optimized out>, OS=...) at /usr/include/c++/10/bits/move.h:76 > AFLplusplus#11 0x000000000689383c in clang::BackendConsumer::HandleTranslationUnit (this=0x944a210, C=...) at ~/llvm/llvm-project/clang/include/clang/Basic/TargetInfo.h:1076 > AFLplusplus#12 0x00000000078fe1c9 in clang::ParseAST (S=..., PrintStats=<optimized out>, SkipFunctionBodies=<optimized out>) at ~/llvm/llvm-project/clang/lib/Parse/ParseAST.cpp:171 > AFLplusplus#13 0x00000000067b9729 in clang::FrontendAction::Execute (this=this@entry=0x941b1a0) at ~/llvm/llvm-project/clang/lib/Frontend/FrontendAction.cpp:949 > AFLplusplus#14 0x00000000066f6586 in clang::CompilerInstance::ExecuteAction (this=this@entry=0x940f390, Act=...) at ~/llvm/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:949 > AFLplusplus#15 0x000000000686ecfb in clang::ExecuteCompilerInvocation (Clang=Clang@entry=0x940f390) at ~/llvm/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:278 > AFLplusplus#16 0x00000000039f6f04 in cc1_main (Argv=..., Argv0=0x7fffffffcc0c "~/llvm/inst/bin/clang-13", MainAddr=MainAddr@entry=0x39f0a60 <GetExecutablePath[abi:cxx11](char const*, bool)>) at ~/llvm/llvm-project/clang/tools/driver/cc1_main.cpp:246 > AFLplusplus#17 0x00000000039f054d in ExecuteCC1Tool (ArgV=...) at ~/llvm/llvm-project/clang/tools/driver/driver.cpp:330 > AFLplusplus#18 0x00000000039f25c5 in main (argc_=<optimized out>, argc_@entry=145, argv_=<optimized out>, argv_@entry=0x7fffffffc3d8) at ~/llvm/llvm-project/clang/tools/driver/driver.cpp:407 when (in frame AFLplusplus#5) FuncName is "_ZNKSt17basic_string_viewIDsSt11char_traitsIDsEE4findEPKDsm" (i.e., > std::basic_string_view<char16_t, std::char_traits<char16_t> >::find(char16_t const*, unsigned long) const ) and thus isStdString is true.
abertschi
pushed a commit
to mattweingarten/AFLplusplus
that referenced
this issue
Apr 21, 2022
Make miscellaneous improvements based on feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
MOpt-AFL is a AFL-based fuzzer that utilizes a customized Particle Swarm Optimization (PSO) algorithm to find the optimal selection probability distribution of operators with respect to fuzzing effectiveness.https://github.com/puppet-meteor/MOpt-AFL
This seems very interesting and the results showed in the paper confirm the validity of this technique. It does not change the way about how AFL works and maybe can be integrated here with a bit of source code refactoring.
The text was updated successfully, but these errors were encountered: