-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
auto-fuzz: umbrella issue for new features #912
Comments
Add a feature for running Python type inference on the code under analysis and then using that type inference to create valid types: we could, e.g. use https://github.com/google/pytype |
Experiment with how we can integrate LLM-style autogeneration. From looking at the ChatGPT code generation we should be able to make it so we take as input a lot of auto-generated fuzzers from ML-based frameworks. |
I think soon we should start to look at how we can update the heuristics to work with C/C++ and also use the same approach as we do in python/java: go through oss-fuzz fuzzers and abstract them into heuristics |
I think in general we should start to align auto-fuzz to be able to utilise existing auto-gen solutions, for example by focusing on infrastructure to evaluate the quality of a large set of projects as well as focusing on making suggested fuzzers easily build against OSS-Fuzz projects. There seems to be a move towards auto-generation by many research groups, and it would be great to be able to utilise each of these. For example https://github.com/Samsung/UTopia is a valid project that would be great to utilise. |
Hi guys, I recently released a gpt-based fuzz driver generator. An evaluation on 86 APIs of 30 OSS-Fuzz C projects shows its potential practicality: it can generate correct fuzz drivers for 55 (64%) APIs fully automatically and 23 more APIs (91%) with manually configured semantic correctness checkers for filtering out the generated drivers. Here lists some example drivers generated by the tool and the technical detail behind this tool. Currently it can directly run on APIs of dozens of OSS-Fuzz C projects. I'm still improving this tool and I have several planning on improvement. Please let me know if you are interested in it. Any suggestion or discussion is welcomed. |
More tools for fuzzing targets generation in 1. Footnotes |
A few to start off with:
The text was updated successfully, but these errors were encountered: