sslab-gatech / DIE

Fuzzing JavaScript Engines with Aspect-preserving Mutation

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Can you explain the fuzzer_stats and the command_line used?

Picasso-r opened this issue · comments

Hello @thdusdl1219 @tarafans .I actually get everything working. But I have some questions to help me understand more about DIE.

Here is my fuzzer_stats file:

cat fuzzer_stats
start_time        : 1719463042
last_update       : 1719470780
fuzzer_pid        : 755288
cycles_done       : 0
execs_done        : 95763
execs_per_sec     : 2.03
paths_total       : 0
paths_favored     : 0
paths_found       : 0
paths_imported    : 0
max_depth         : 0
cur_path          : 957
pending_favs      : 0
pending_total     : 0
variable_paths    : 0
stability         : 100.00%
bitmap_cvg        : 0.00%
unique_crashes    : 0
unique_hangs      : 0
last_path         : 0
last_crash        : 0
last_hang         : 0
execs_since_crash : 95763
exec_timeout      : 1000
afl_banner        : d8
afl_version       : 2.52b
target_mode       : crash 
command_line      : ./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 /home/fuzz/v8fuzz/DIE0626/DIE/DIE-corpus/lib.js /home/fuzz/v8fuzz/DIE0626/DIE/DIE-corpus/jsc.js /home/fuzz/v8fuzz/DIE0626/DIE/DIE-corpus/v8.js /home/fuzz/v8fuzz/DIE0626/DIE/DIE-corpus/ffx.js /home/fuzz/v8fuzz/DIE0626/DIE/DIE-corpus/chakra.js @@

I have two questions.

  1. I find that most numbers are 0, I think this is wired. Is this correct? Or is there anything wrong with instrument or coverage collection?

  2. The command line is so long and I can't figure out the function of lib.js, v8.js ... Can I just remove them like:
    ./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 @@
    And I can't figure out where to set the flags of v8 such as --allow-natives-syntax, --expose-gc ... Should I add them manually like:
    ./fuzz/afl/afl-fuzz -C -m none -o output-17 /home/fuzz/v8fuzz/v8/out/fuzzbuild_DIE_2/d8 --allow-natives-syntax --expose-gc @@

Thanks veryyy much.