bugbane
bugbane copied to clipboard
gardatech
tools for CI fuzzing automation
Seems like coverage reports generated by some of (or all) modern versions of lcov (>=2.0) have columns in a different order than it used to be with lcov < 2.0....
Testing have shown that current bugbane dev version can run afl++ 4.08c normally, but starting from 4.09c secondary afl-fuzz instances running cmplog seem to freeze on start. Need to investigate...
Currently there's no way to disable helper builds, such as LAF or CMPLOG for AFL++. For some apps it takes a lot of time to make these builds. We need...
It would be good to detect the following situations and bail with bad exit code: 1. No fuzz stats for _some_ time after beginning to fuzz. Note: for AFL++ there...
For golang we save coverage summary file, for lcov we don't. Summary file is easier to store and easier to parse by external tools.
Heavy binaries (e.g. 500+ megs) may timeout while reproducing due to long loading time in gdb.
Happens rarely, mostly on slow targets ran for short (
$i specified in run_env or run_args would allow us to use different port numbers, config files, etc. Running bb-fuzz with 3 instances of AFL++ and `run_env="--bind 808$i"` would do something...
Сейчас не предусмотрен случай, когда файлы gcda/gcno могут располагаться по пути, отличному от папки с исходным кодом (например, CMake с папкой build вне папки src). Также не предусмотрен случай, когда...
1. Нет возможности использовать условие остановки "достигнуто N ядер-часов работы". Следует добавить переменную FUZZ_TOTAL_DURATION или подобную. 2. Когда используются переменные CERT_FUZZ_* можно использовать значение переменной FUZZ_DURATION (и FUZZ_TOTAL_DURATION) как минимальное...