LibAFL icon indicating copy to clipboard operation
LibAFL copied to clipboard

Published 20 hours ago verified publisher icon AFLplusplus

Added qemu_tmin

Open WorksButNotTested opened this issue 1 year ago • 5 comments

Based on this. Seems to generate multiple outputs for each input though?

WorksButNotTested avatar Oct 06 '23 16:10 WorksButNotTested

The qemu part looks legit to me, I don't get the multiple output part, you should find multiple testcases in the corpus as they are generated in each iteration of the tmin stage (cc @addisoncrump ) but pick only the smaller one IIRC

andreafioraldi avatar Oct 10 '23 08:10 andreafioraldi

Only think I can think is I have glued the components together wrong? The baby_fuzzer_minimizing I was copying seems to construct a state without any feedback here and then an executor without any observers here, but if I try to copy that it doesn't seem to generate any output at all!?

WorksButNotTested avatar Oct 10 '23 16:10 WorksButNotTested

I've managed to copy the baby_fuzzer_minimizing more closely, and now it only seems to generate one output for each input. But it doesn't seem to actually minimize anything?! I modified one of the files in the corpus by simply appending 512Kb of zeroes to the end, so I would expect the minimizer to be able to easily reduce the size of that input even if it cannot reduce any of the others?

WorksButNotTested avatar Oct 10 '23 17:10 WorksButNotTested

@addisoncrump can you take a look by any chance? You have the most minimizer experience

domenukk avatar Nov 03 '23 18:11 domenukk

@addisoncrump ping

domenukk avatar Jan 01 '24 17:01 domenukk