Hit counts
38 views
Skip to first unread message
Stefan Nagy
Oct 4, 2018, 5:52:43 PM10/4/18
to honggfuzz
Hello all!
I'm wondering if honggFuzz does any sort of internal tracking of basic block hit counts (like AFL)? I've looked through the code on github but didn't find anything obvious related to this.
Thanks!
-Stefan
Robert Święcki
Oct 10, 2018, 3:15:58 PM10/10/18
to sna...@vt.edu, honggfuzz
Hi,
Sorry for late response, I was on vacations.
No, we don't support it, though you can try to compile code with counters and see what happens. I mean, honggfuzz wouldn't use it, but it should work as basic block coverage, and with some small modifications in honggfuzz you can use counters (as in, the increase some counter if the same path is called more times than one). I'm not sure whether it works better than basic block hits, but please feel free to try.
--
You received this message because you are subscribed to the Google Groups "honggfuzz" group.
To unsubscribe from this group and stop receiving emails from it, send an email to honggfuzz+...@googlegroups.com.
To post to this group, send email to hong...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/honggfuzz/7c504fc7-6fbe-44c9-a4f5-8f782018b451%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Robert Święcki
Stefan Nagy
Oct 10, 2018, 9:24:59 PM10/10/18
to honggfuzz
No worries! I hope the vacation was fun. :)
I was more just asking out of curiosity. I find interesting that AFL uses hit counts, yet honggFuzz is also successful without taking them into account.
Are there any specific reasons for this design choice in honggFuzz? My intuition is that only tracking whether a basic block was covered or not (and not how many times it was covered) provides enough information for making smart mutation decisions.
Are hit counts also ignored in libFuzzer?
Thanks,
-Stefan
Robert Święcki
Oct 11, 2018, 2:25:43 AM10/11/18
to Stefan Nagy, honggfuzz
Hi,
czw., 11 paź 2018 o 03:25 Stefan Nagy <sna...@vt.edu> napisał(a):
No worries! I hope the vacation was fun. :)I was more just asking out of curiosity. I find interesting that AFL uses hit counts, yet honggFuzz is also successful without taking them into account.Are there any specific reasons for this design choice in honggFuzz? My intuition is that only tracking whether a basic block was covered or not (and not how many times it was covered) provides enough information for making smart mutation decisions.
I guess I couldn't convince myself that it could give better results than bbs/edges in exchange for the effort. But I didn't give it too much thought at the same time, so maybe there's potential in it :)
Are hit counts also ignored in libFuzzer?
Not sure, but given that clang's coverage (and counters as well) were added by the l ibfuzzer's authors, I guess it could be supported in some way.
--On Wednesday, October 10, 2018 at 3:15:58 PM UTC-4, Robert Święcki wrote:Hi,Sorry for late response, I was on vacations.No, we don't support it, though you can try to compile code with counters and see what happens. I mean, honggfuzz wouldn't use it, but it should work as basic block coverage, and with some small modifications in honggfuzz you can use counters (as in, the increase some counter if the same path is called more times than one). I'm not sure whether it works better than basic block hits, but please feel free to try.czw., 4 paź 2018 o 23:52 Stefan Nagy <sna...@vt.edu> napisał(a):Hello all!--I'm wondering if honggFuzz does any sort of internal tracking of basic block hit counts (like AFL)? I've looked through the code on github but didn't find anything obvious related to this.Thanks!-Stefan
You received this message because you are subscribed to the Google Groups "honggfuzz" group.
To unsubscribe from this group and stop receiving emails from it, send an email to honggfuzz+...@googlegroups.com.
To post to this group, send email to hong...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/honggfuzz/7c504fc7-6fbe-44c9-a4f5-8f782018b451%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--Robert Święcki
You received this message because you are subscribed to the Google Groups "honggfuzz" group.
To unsubscribe from this group and stop receiving emails from it, send an email to honggfuzz+...@googlegroups.com.
To post to this group, send email to hong...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/honggfuzz/fdab2b0d-7631-4e34-850c-3f31b6e9387d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Robert Święcki
Stefan Nagy
Oct 12, 2018, 12:20:40 AM10/12/18
to honggfuzz
Got it. Thank you for the clarification!
Best,
-Stefan
Reply all
Reply to author
Forward
0 new messages