Comments (5)
@mboehme I just noticed that in some other issues, some people are confused with the distance calculation on binutils.
from aflgo.
Thanks for your interest in our greybox fuzzing research! Correct, there seems to be a disagreement between the results for AFL in the AFLFast and AFLGo papers. However, the sections on experimental setup in both papers should well explain this difference.
First, we are using two different versions of AFL (the most recent in each case). The version of AFL used in the AFLGo paper (FidgetyAFL) already incorporates the explore-schedule which makes recent versions of AFL substantially faster than earlier versions (i.e., before AFLFast).
Second, in the AFLFast paper, we executed both AFL and AFLFast with the deterministic stage (w/o "-d"). However, as Michal Zalewski pointed out in a discussion on AFLFast, he suggested future experiments be conducted with "-d". Hence, we opted to executed both AFL and AFLGo without the deterministic stage (w/ "-d").
Third, we made sure that there is no disadvantage in the comparison of AFLGo with AFL or AFLFast with AFL. In both papers, all fuzzers are started on the same seed corpus, using the same command line parameters, and given the same time budget. In the case of AFL, AFLFast, AFLGo on binutils, the "seed corpus" was the empty file:
mkdir in
echo "" > in/in
Fourth, in order to allow other researchers (including you) to reproduce our results, we made our tools publicly available. The experimental infrastructure is discussed in the paper. I hope this has answered your questions.
Since there is no issue with the tool per-se, I am closing this issue.
from aflgo.
@mboehme I tried AFL 1.94b (I think it was the version AFLFast paper) with c++filt version before your fix. CVE-2016-4487/CVE-2016-4488 took a little long time to be found, but it reported all 46 unique crashes within 1 hour. I checked gdb+valgrind backtrace and some are relevant to CVE-2016-4492/CVE-2016-4493, CVE-2016-4490 and some other crashes. But I don't know how to use AFLGo to get the distance for binutils; can you open source the scripts? (I had some questions in #19 and hope you answer)
Also, I'm also interesting in that said by @karl-fuzznoob why AFLFast can be better than AFLGo sometimes?
from aflgo.
@fuseproj Interesting observations. @mboehme Can you share the details?
from aflgo.
Also, 4487/4488 and 4492/4493 are similar crashes, but in terms of time fuzzing results are different.
from aflgo.
Related Issues (20)
- `cp $SUBJECT/test/dtd* in` happend the error HOT 1
- Building libav with aflgo HOT 3
- How do I debug AFLgo if I want to make improvements based on it? HOT 3
- Fail to build lua [lua.o: File format not recognized] HOT 1
- Can't test on aflgo on libxml2 HOT 4
- invalid syntax when execute gen_distance_fast.py HOT 1
- typo of AFLGO_PROFILER_FILE HOT 1
- Incorrect method of merge call graph HOT 2
- Some incorrect lines caused the script gen_distance_fast.py to abort.
- Can't build libxml2 HOT 1
- Function distance calculation differs from paper HOT 3
- Can afl-llvm-pass.so.cc:366 solve the same name issue of basic block? HOT 2
- Build sqlite by afl-clang-fast HOT 1
- Cannot observe the crash in simple C program HOT 1
- Build libxml2: C compiler cannot create executables
- cannot access 'TMP_DIR/dot-files': No such file or directory HOT 4
- How to direct to code in a shared library HOT 1
- Erros when generating distance file HOT 5
- Distance calculation optimization in distance.py
- Details about AFLGo for patch testing
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aflgo.