A generic seed scheduler for fuzzers (LibFuzzer and AFL) and concolic execution engine (QSYM). Check the following 1 minute video to get a sense about how K-Scheduler works. Read our paper for more details.
We use harfbuzz as an example
- Open a terminal to run LibFuzzer:
./harfbuzz-1.3.2-fsanitize_fuzzer_kscheduler -kscheduler=1 -min_num_mutations_for_each_seed=200 ./tmp_seeds/ seeds/
- Open another terminal to run graph analysis module:
python3 ./gen_dyn_weight.py
We provide 12 programs from Google FuzzBench to reproduce our results, K-Scheduler/libfuzzer_integration/test_programs, K-Scheduler/afl_integration/test_programs and K-Scheduler/qsym_integration/test_programs
Check tutorials at K-Scheduler/libfuzzer_integration/build_example, K-Scheduler/afl_integration/build_example and K-Scheduler/qsym_integration/build_example
Feel free to send me email about K-Scheduler. dongdong at cs.columbia.edu