DeforaNetworks/deepstate
3
0
Fork 0
Code Releases Activity

update readme, fix first/last test, change clang

Browse Source
This commit is contained in:
Alex Groce 2018-07-30 21:43:55 -07:00
parent c23e4e20b5
commit eea3248bfc
3 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CMakeLists.txt
View File

@ -20,8 +20,8 @@ enable_language(CXX)
set(BUILD_LIBFUZZER "$ENV{BUILD_LIBFUZZER}") set(BUILD_LIBFUZZER "$ENV{BUILD_LIBFUZZER}")
if (BUILD_LIBFUZZER) if (BUILD_LIBFUZZER)
SET(CMAKE_C_COMPILER clang-6.0) SET(CMAKE_C_COMPILER clang)
SET(CMAKE_CXX_COMPILER clang++-6.0) SET(CMAKE_CXX_COMPILER clang++)
endif() endif()
set(CMAKE_POSITION_INDEPENDENT_CODE ON) set(CMAKE_POSITION_INDEPENDENT_CODE ON)

16
README.md
View File

@ -89,9 +89,19 @@ deepstate-angr --num_workers 4 --output_test_dir out $DEEPSTATE/build/examples/I
DeepState consists of a static library, used to write test harnesses, and command-line _executors_ written in Python. At this time, the best documentation is in the [examples](/examples) and in our [paper](https://agroce.github.io/bar18.pdf). DeepState consists of a static library, used to write test harnesses, and command-line _executors_ written in Python. At this time, the best documentation is in the [examples](/examples) and in our [paper](https://agroce.github.io/bar18.pdf).
## Fuzzing ## Fuzzing with libFuzzer
DeepState now can be used with a file-based fuzzer (e.g. AFL). There If you install a recent-enough clang, and run `cmake` when you install
with `BUILD_LIBFUZZER` defined, you can generate tests using LlibFuzzer.
Because both DeepState and libFuzzer want to be `main`, this requires
building a different executable for libFuzzer. The `examples`
directory shows how this can be done. The libFuzzer executable works
like any other libFuzzer executable, and the tests produced can be run
using the normal DeepState executable.
## Fuzzing with AFL
DeepState can also be used with a file-based fuzzer (e.g. AFL). There
are a few steps to this. First, compile DeepState itself with any are a few steps to this. First, compile DeepState itself with any
needed instrumentation. E.g., to use it with AFL, you might want to add needed instrumentation. E.g., to use it with AFL, you might want to add
something like: something like:
@ -128,7 +138,7 @@ Finally, if an example has more than one test, you need to specify,
with a fully qualified name (e.g., with a fully qualified name (e.g.,
`Arithmetic_InvertibleMultiplication_CanFail`), which test to run, `Arithmetic_InvertibleMultiplication_CanFail`), which test to run,
using the `--input_which_test` flag to the binary. By using the `--input_which_test` flag to the binary. By
default, DeepState will run the first test defined. default, DeepState will run the last test defined.
You can compile with `afl-clang-fast` and `afl-clang-fast++` for You can compile with `afl-clang-fast` and `afl-clang-fast++` for
deferred instrumentation. You'll need code like: deferred instrumentation. You'll need code like:

2
src/include/deepstate/DeepState.h
View File

@ -692,7 +692,7 @@ static int DeepState_RunSingleSavedTestDir(void) {
} }
} else { } else {
DeepState_LogFormat(DeepState_LogInfo, DeepState_LogFormat(DeepState_LogInfo,
"No test specified, defaulting to first test"); "No test specified, defaulting to last test defined");
break; break;
} }
} }