Page MenuHomePhabricator

gtt1995 (taotao gu)
User

Projects

User does not belong to any projects.

User Details

User Since
Apr 8 2021, 7:16 PM (23 w, 1 d)

Recent Activity

Wed, Sep 8

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Looks like an issue with fork mode. I don't think this patch caused it, so you don't need to fix it here.

I'll go ahead and land this patch today.

Wed, Sep 8, 9:16 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I think the problem was probably there before this patch. Can you reproduce the issue without this patch?

Wed, Sep 8, 8:31 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.
WARNING: unrecognized flag '-fork_corpus_groups=0'; use -help=1 to list all flags
Wed, Sep 8, 8:28 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Does it still happen with -fork=3 -fork_corpus_groups=0? From the code I'm guessing the issue is with fork mode, not the new fork_corpus_groups mode.

Wed, Sep 8, 8:01 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Does it still happen with -fork=3 -fork_corpus_groups=0? From the code I'm guessing the issue is with fork mode, not the new fork_corpus_groups mode.

Wed, Sep 8, 7:58 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Does it still happen with -fork=3 -fork_corpus_groups=0? From the code I'm guessing the issue is with fork mode, not the new fork_corpus_groups mode.

Wed, Sep 8, 7:56 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

#19820674: cov: 869 ft: 2528 corp: 687 exec/s 46456 oom/timeout/crash: 3/0/0 time: 219s job: 35 dft_time: 0
#20722822: cov: 870 ft: 2543 corp: 698 exec/s 24382 oom/timeout/crash: 3/0/0 time: 225s job: 36 dft_time: 0
#20891453: cov: 870 ft: 2549 corp: 704 exec/s 4437 oom/timeout/crash: 3/0/0 time: 250s job: 37 dft_time: 0
^Z
[5]+ 已停止 ./woff2-2016-05-06-fsanitize_fuzzer 1/ -fork=3 -fork_corpus_groups=1 -max_total_time=2000 -ignore_crashes=1 -keep_seed=1
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$ mkdir test
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$ ./woff2-2016-05-06-fsanitize_fuzzer test/ 1/ -merge=1
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 2915063534
INFO: Loaded 1 modules (11117 inline 8-bit counters): 11117 [0x72cff3, 0x72fb60),
INFO: Loaded 1 PC tables (11117 PCs): 11117 [0x6cb5c0,0x6f6c90),
MERGE-OUTER: 840 files, 0 in the initial corpus, 0 processed earlier
MERGE-OUTER: attempt 1
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 2946813034
INFO: Loaded 1 modules (11117 inline 8-bit counters): 11117 [0x72cff3, 0x72fb60),
INFO: Loaded 1 PC tables (11117 PCs): 11117 [0x6cb5c0,0x6f6c90),
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
MERGE-INNER: using the control file '/tmp/libFuzzerTemp.Merge3268439.txt'
MERGE-INNER: 840 total files; 0 processed earlier; will process 840 files now
#1 pulse cov: 15 ft: 16 exec/s: 0 rss: 31Mb
#2 pulse cov: 15 ft: 16 exec/s: 0 rss: 31Mb
#4 pulse cov: 17 ft: 18 exec/s: 0 rss: 31Mb
#8 pulse cov: 18 ft: 19 exec/s: 0 rss: 31Mb
#16 pulse cov: 23 ft: 24 exec/s: 0 rss: 31Mb
#32 pulse cov: 301 ft: 315 exec/s: 0 rss: 315Mb
#64 pulse cov: 648 ft: 1141 exec/s: 0 rss: 321Mb
#128 pulse cov: 724 ft: 1575 exec/s: 0 rss: 327Mb
#256 pulse cov: 795 ft: 1976 exec/s: 0 rss: 327Mb
#512 pulse cov: 843 ft: 2317 exec/s: 0 rss: 364Mb
#840 DONE cov: 870 ft: 2550 exec/s: 0 rss: 430Mb
MERGE-OUTER: succesfull in 1 attempt(s)
MERGE-OUTER: the control file has 81658 bytes
MERGE-OUTER: consumed 0Mb (32Mb rss) to parse the control file
MERGE-OUTER: 542 new files with 2550 new features added; 870 new coverage edges
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$


#2725439: cov: 2924 ft: 2562 corp: 549 exec/s 726 oom/timeout/crash: 0/0/0 time: 22s job: 9 dft_time: 0
#3332558: cov: 2924 ft: 2562 corp: 549 exec/s 55192 oom/timeout/crash: 0/0/0 time: 27s job: 10 dft_time: 0
#3978193: cov: 2928 ft: 2565 corp: 550 exec/s 53802 oom/timeout/crash: 0/0/0 time: 31s job: 11 dft_time: 0
^Z
[6]+ 已停止 ./woff2-2016-05-06-fsanitize_fuzzer 1/ -fork=3 -fork_corpus_groups=1 -max_total_time=2000 -ignore_crashes=1
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$ ./woff2-2016-05-06-fsanitize_fuzzer test/ 1/ -merge=1
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 908055613
INFO: Loaded 1 modules (11117 inline 8-bit counters): 11117 [0x72cff3, 0x72fb60),
INFO: Loaded 1 PC tables (11117 PCs): 11117 [0x6cb5c0,0x6f6c90),
MERGE-OUTER: 1392 files, 542 in the initial corpus, 0 processed earlier
MERGE-OUTER: attempt 1
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 938266106
INFO: Loaded 1 modules (11117 inline 8-bit counters): 11117 [0x72cff3, 0x72fb60),
INFO: Loaded 1 PC tables (11117 PCs): 11117 [0x6cb5c0,0x6f6c90),
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
MERGE-INNER: using the control file '/tmp/libFuzzerTemp.Merge3268550.txt'
MERGE-INNER: 1392 total files; 0 processed earlier; will process 1392 files now
#1 pulse cov: 15 ft: 16 exec/s: 0 rss: 31Mb
#2 pulse cov: 16 ft: 17 exec/s: 0 rss: 31Mb
#4 pulse cov: 18 ft: 19 exec/s: 0 rss: 31Mb
#8 pulse cov: 22 ft: 23 exec/s: 0 rss: 31Mb
#16 pulse cov: 208 ft: 210 exec/s: 0 rss: 32Mb
#32 pulse cov: 535 ft: 773 exec/s: 0 rss: 35Mb
#64 pulse cov: 654 ft: 1273 exec/s: 0 rss: 322Mb
#128 pulse cov: 747 ft: 1693 exec/s: 0 rss: 322Mb
#256 pulse cov: 814 ft: 2074 exec/s: 0 rss: 322Mb
#512 pulse cov: 868 ft: 2498 exec/s: 0 rss: 322Mb
#542 LOADED cov: 870 ft: 2550 exec/s: 0 rss: 322Mb
#1024 pulse cov: 870 ft: 2557 exec/s: 0 rss: 399Mb
#1392 DONE cov: 871 ft: 2567 exec/s: 1392 rss: 439Mb
MERGE-OUTER: succesfull in 1 attempt(s)
MERGE-OUTER: the control file has 125428 bytes
MERGE-OUTER: consumed 0Mb (33Mb rss) to parse the control file
MERGE-OUTER: 10 new files with 17 new features added; 1 new coverage edges
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$

Wed, Sep 8, 7:34 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

#19820674: cov: 869 ft: 2528 corp: 687 exec/s 46456 oom/timeout/crash: 3/0/0 time: 219s job: 35 dft_time: 0
#20722822: cov: 870 ft: 2543 corp: 698 exec/s 24382 oom/timeout/crash: 3/0/0 time: 225s job: 36 dft_time: 0
#20891453: cov: 870 ft: 2549 corp: 704 exec/s 4437 oom/timeout/crash: 3/0/0 time: 250s job: 37 dft_time: 0
^Z
[5]+ 已停止 ./woff2-2016-05-06-fsanitize_fuzzer 1/ -fork=3 -fork_corpus_groups=1 -max_total_time=2000 -ignore_crashes=1 -keep_seed=1
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$ mkdir test
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$ ./woff2-2016-05-06-fsanitize_fuzzer test/ 1/ -merge=1
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 2915063534
INFO: Loaded 1 modules (11117 inline 8-bit counters): 11117 [0x72cff3, 0x72fb60),
INFO: Loaded 1 PC tables (11117 PCs): 11117 [0x6cb5c0,0x6f6c90),
MERGE-OUTER: 840 files, 0 in the initial corpus, 0 processed earlier
MERGE-OUTER: attempt 1
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 2946813034
INFO: Loaded 1 modules (11117 inline 8-bit counters): 11117 [0x72cff3, 0x72fb60),
INFO: Loaded 1 PC tables (11117 PCs): 11117 [0x6cb5c0,0x6f6c90),
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
MERGE-INNER: using the control file '/tmp/libFuzzerTemp.Merge3268439.txt'
MERGE-INNER: 840 total files; 0 processed earlier; will process 840 files now
#1 pulse cov: 15 ft: 16 exec/s: 0 rss: 31Mb
#2 pulse cov: 15 ft: 16 exec/s: 0 rss: 31Mb
#4 pulse cov: 17 ft: 18 exec/s: 0 rss: 31Mb
#8 pulse cov: 18 ft: 19 exec/s: 0 rss: 31Mb
#16 pulse cov: 23 ft: 24 exec/s: 0 rss: 31Mb
#32 pulse cov: 301 ft: 315 exec/s: 0 rss: 315Mb
#64 pulse cov: 648 ft: 1141 exec/s: 0 rss: 321Mb
#128 pulse cov: 724 ft: 1575 exec/s: 0 rss: 327Mb
#256 pulse cov: 795 ft: 1976 exec/s: 0 rss: 327Mb
#512 pulse cov: 843 ft: 2317 exec/s: 0 rss: 364Mb
#840 DONE cov: 870 ft: 2550 exec/s: 0 rss: 430Mb
MERGE-OUTER: succesfull in 1 attempt(s)
MERGE-OUTER: the control file has 81658 bytes
MERGE-OUTER: consumed 0Mb (32Mb rss) to parse the control file
MERGE-OUTER: 542 new files with 2550 new features added; 870 new coverage edges
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-woff2-2016-05-06$

Wed, Sep 8, 7:27 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

The cov on the panel and the cov result after -merge=1 are very different, and ft is accurate.

Wed, Sep 8, 6:22 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

LGTM

Wed, Sep 8, 6:19 AM · Restricted Project

Tue, Sep 7

gtt1995 removed reviewers for D105084: Redistribute energy for Corpus: pcc, kcc, metzman, Dor1s, vitalybuka.
Tue, Sep 7, 8:59 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

LGTM

Tue, Sep 7, 8:58 AM · Restricted Project

Sun, Sep 5

gtt1995 added a comment to D105084: Redistribute energy for Corpus.
  • add a fork_corpus_groups.test
Sun, Sep 5, 7:53 PM · Restricted Project

Sat, Sep 4

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • add a fork_corpus_groups.test
Sat, Sep 4, 7:09 PM · Restricted Project

Fri, Sep 3

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

@gtt1995 Can you add a simple test that verifies -fork_corpus_groups=1 works? Something like https://github.com/llvm/llvm-project/blob/main/compiler-rt/test/fuzzer/fork.test.

Other than that, LGTM. All existing tests pass for me locally.

Fri, Sep 3, 5:50 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

@gtt1995 Can you add a simple test that verifies -fork_corpus_groups=1 works? Something like https://github.com/llvm/llvm-project/blob/main/compiler-rt/test/fuzzer/fork.test.

Other than that, LGTM. All existing tests pass for me locally.

Fri, Sep 3, 5:47 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

@gtt1995 Can you add a simple test that verifies -fork_corpus_groups=1 works? Something like https://github.com/llvm/llvm-project/blob/main/compiler-rt/test/fuzzer/fork.test.

Other than that, LGTM. All existing tests pass for me locally.

Fri, Sep 3, 5:25 PM · Restricted Project

Sun, Aug 29

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

try to fix Unit test

Sun, Aug 29, 5:05 AM · Restricted Project

Fri, Aug 27

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I found a serious problem. After adding this new method, libfuzzer's panel data ”cov“ becomes inaccurate, and its initial value is the same as "ft". I haven't been able to find the problem, so I didn't solve it, can you help me?

This is glibfuzzer:
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-boringssl-2016-02-12$ ./boringssl-2016-02-12-fsanitize_fuzzer 2 seeds/ -fork=3 -fork_corpus_groups=1 -max_total_time=600
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 1768398068
INFO: Loaded 1 modules (16551 inline 8-bit counters): 16551 [0x7c8fc3, 0x7cd06a),
INFO: Loaded 1 PC tables (16551 PCs): 16551 [0x714b10,0x755580),
INFO: -fork=3: fuzzing in separate process(s)
INFO: -fork=3: 100 seed inputs, starting to fuzz in /tmp/libFuzzerTemp.FuzzWithFork1195053.dir
#11250: cov: 2285 ft: 2285 corp: 100 exec/s 5625 oom/timeout/crash: 0/0/0 time: 2s job: 1 dft_time: 0

NEW_FUNC: 0x4c93a0 in EVP_PKEY_new /workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-boringssl-2016-02-12/BUILD/crypto/evp/evp.c:75

The initial values ​​of cov and ft should be different.

However, this is only a display error and has no effect on the actual performance. Fuzzbench directly measures the performance by evaluating the actual seeds in the corpus.

Hello, how should this issue be handled?

I'm not sure whether it's a problem. I think sometimes cov and ft can be the same. But in general ft >= cov. And as long as the default behavior is unchanged I'm not too worried.

Fri, Aug 27, 7:18 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • if -> else if
Fri, Aug 27, 7:01 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I'll be gone until late next week. Then I'll apply it locally and experiment. If all looks good, we can land it after fixing my last comment

Fri, Aug 27, 6:43 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I found a serious problem. After adding this new method, libfuzzer's panel data ”cov“ becomes inaccurate, and its initial value is the same as "ft". I haven't been able to find the problem, so I didn't solve it, can you help me?

This is glibfuzzer:
gutaotao@x1-1:/workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-boringssl-2016-02-12$ ./boringssl-2016-02-12-fsanitize_fuzzer 2 seeds/ -fork=3 -fork_corpus_groups=1 -max_total_time=600
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 1768398068
INFO: Loaded 1 modules (16551 inline 8-bit counters): 16551 [0x7c8fc3, 0x7cd06a),
INFO: Loaded 1 PC tables (16551 PCs): 16551 [0x714b10,0x755580),
INFO: -fork=3: fuzzing in separate process(s)
INFO: -fork=3: 100 seed inputs, starting to fuzz in /tmp/libFuzzerTemp.FuzzWithFork1195053.dir
#11250: cov: 2285 ft: 2285 corp: 100 exec/s 5625 oom/timeout/crash: 0/0/0 time: 2s job: 1 dft_time: 0

NEW_FUNC: 0x4c93a0 in EVP_PKEY_new /workspace/fuzzer-test-suite/build-libfuzzer/RUNDIR-boringssl-2016-02-12/BUILD/crypto/evp/evp.c:75

The initial values ​​of cov and ft should be different.

However, this is only a display error and has no effect on the actual performance. Fuzzbench directly measures the performance by evaluating the actual seeds in the corpus.

Fri, Aug 27, 7:05 AM · Restricted Project

Wed, Aug 25

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • change the NumCorpuses
Wed, Aug 25, 5:31 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • a little fix
Wed, Aug 25, 5:19 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • ok
Wed, Aug 25, 1:38 AM · Restricted Project
gtt1995 added inline comments to D105084: Redistribute energy for Corpus.
Wed, Aug 25, 1:34 AM · Restricted Project

Thu, Aug 19

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • simplify
Thu, Aug 19, 7:22 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • some fix
Thu, Aug 19, 5:32 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I have corrected most of the problems.

Thu, Aug 19, 5:25 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I found a serious problem. After adding this new method, libfuzzer's panel data ”cov“ becomes inaccurate, and its initial value is the same as "ft". I haven't been able to find the problem, so I didn't solve it, can you help me?

Thu, Aug 19, 9:35 AM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
  • 0820
  • delete something
Thu, Aug 19, 9:26 AM · Restricted Project
gtt1995 added inline comments to D105084: Redistribute energy for Corpus.
Thu, Aug 19, 9:17 AM · Restricted Project

Aug 17 2021

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

OK!!!
It seems that some irrelevant things have also been added, you can ignore it

Aug 17 2021, 6:31 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Yeah, I don't want the whole file clang-formatted, just the changes you made. Also the "Context not available" makes it tricky to review.

I'm not sure how you're uploading patches, maybe you could try using Arcanist? My local workflow is like this:

$ git checkout main
$ git pull -r origin main
$ git checkout -b fuzzer-fork-group-mode
... (apply patch) ...
$ git add -A
$ git clang-format
$ git add -A
$ git commit
$ arc diff main --update D105084

When I do it this way, only the changed lines are clang-formatted, and the uploaded diff has full context.

Aug 17 2021, 4:36 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

This is the diff after clang-format --style=LLVM. Maybe it modified something irrelevant, but I don’t know how to undo the operation, and the git apply --check operation always fails.

Aug 17 2021, 6:12 AM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

I used git diff -U0 HEAD^ ./
This is a no-clang-format diff.
Can you help me adjust the format using clang-format? I always have problems here.

Aug 17 2021, 5:00 AM · Restricted Project

Aug 16 2021

gtt1995 added inline comments to D105084: Redistribute energy for Corpus.
Aug 16 2021, 6:28 PM · Restricted Project

Aug 14 2021

gtt1995 added inline comments to D105084: Redistribute energy for Corpus.
Aug 14 2021, 6:46 AM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

Hello,

  1. We can turn on the new function by setting group-flags.
  2. I have fixed the error( one seed).
  3. It's like my clang-format doesn't work anymore.
Aug 14 2021, 4:45 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Some high level comments:

  • Please run clang-format to fix all the lint errors. This will make it easier to review.
  • I'd like to guard the new functionality with a flag, so that we can further experiment with this mode without losing the current defaults. If we see good results in production over time, we can turn the flag on by default.
Aug 14 2021, 12:35 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Thanks for running the experiment; the FuzzBench results look quite good overall!

Any idea what happened on the lcms and vorbis benchmarks? Why does glibfuzzer have 0 coverage there?

This patch will need some work to get it in a submittable state, but we can start reviewing today and continue next week.

Aug 14 2021, 12:31 AM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Hello, hello, hello
@morehouse @morehouse @morehouse

Aug 14 2021, 12:23 AM · Restricted Project

Aug 12 2021

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Fuzzbench experiment data
Hello, @morehouse the results of the parallel experiment deployed some time ago have come out. Here I explain the results to you. Among them, glibfuzzer performs better in large programs, especially in fuzzers that generate a large number of seeds (generating more than 10,000 seeds) ), its scheduling strategy can always choose better seeds. In the end, the average size of each seed is 50% of the baseline. On the other hand, the glibfuzzer test results are very stable with very small variance.
Since the large targets such as ffmpeg, php-executed... are not included in the benchmark, I deployed these large programs on my own machine.name ,glibfuzzer is more effective on large programs.
Finally, do you have time to help me review these patches?

Aug 12 2021, 5:24 AM · Restricted Project

Aug 2 2021

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Thanks for the patch. I see you have https://github.com/google/clusterfuzz/issues/2373 about testing it on FuzzBench. If the FuzzBench results are better than the current libFuzzer configuration, I'll do a proper review of this patch.

Aug 2 2021, 7:39 AM · Restricted Project

Jul 30 2021

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

@morehouse
Hello. Parallel fuzzing experiments have not been deployed so far. PR believes that some special customizations are needed for parallel fuzzing, because the previous experiments were deployed on a single-core single-core virtual machine. So I want you to help me ask your friend about the progress of the experiment.
According to the plan, it should be completed last week, I left a message to @metzman , and he has not yet responded to me.
Thanks
https://github.com/google/fuzzbench/pull/1197#issuecomment-880775133
https://github.com/google/fuzzbench/pull/1197#issuecomment-880795471

Jul 30 2021, 7:12 PM · Restricted Project

Jul 9 2021

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Hello,Master morehouse , you finally replied to me!
I don’t know if the experiment has been deployed. No one responded to my latest pr? Can you help me confirm it on Fuzzbench.
https://github.com/google/fuzzbench/pull/1197

Jul 9 2021, 6:27 PM · Restricted Project

Jul 8 2021

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

Fix an error in CreateOneJob() ,it happens when use a empty corpus to start fuzzing.

Jul 8 2021, 11:42 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Hello,Master morehouse , you finally replied to me!
I don’t know if the experiment has been deployed. No one responded to my latest pr? Can you help me confirm it on Fuzzbench.
https://github.com/google/fuzzbench/pull/1197

Jul 8 2021, 7:39 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

I already applied for PR at https://github.com/google/fuzzbench/pull/1197
But no response ....

Jul 8 2021, 7:35 PM · Restricted Project

Jul 5 2021

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

Add the corpus merge stage.

Jul 5 2021, 9:27 PM · Restricted Project

Jul 2 2021

gtt1995 added a comment to D100161: Redistribute energy for Corpus.
I redesigned the algorithm and did a complete long-term evaluation by myself, and got very good results. Whether it is -entropic=0 or 1, it performs very well, and -fork mode is now better than paralllel fuzzing mode Better performance, 
please move to D105084. There are detailed data. Thanks  a lot.
Jul 2 2021, 2:13 AM · Restricted Project, Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

This is a lastet CHANGE!

Jul 2 2021, 1:20 AM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
Jul 2 2021, 12:43 AM · Restricted Project

Jul 1 2021

gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
Jul 1 2021, 9:51 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

clang-format -i xxx.cpp -style=LLVM

Jul 1 2021, 7:45 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

I used this cmd : clang-format -i xxx.cpp -style=LLVM.

Jul 1 2021, 6:56 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.
Jul 1 2021, 6:01 PM · Restricted Project
gtt1995 updated the diff for D105084: Redistribute energy for Corpus.

nothing

Jul 1 2021, 8:24 AM · Restricted Project

Jun 30 2021

gtt1995 edited reviewers for D105084: Redistribute energy for Corpus, added: kcc, metzman, Dor1s, vitalybuka; removed: samsonov, rsmith, aizatsky, eugenis.
Jun 30 2021, 9:45 PM · Restricted Project
gtt1995 edited reviewers for D105084: Redistribute energy for Corpus, added: aizatsky, eugenis; removed: howard.hinnant, kcc.
Jun 30 2021, 9:26 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.

Why no one cares about me............

Jun 30 2021, 4:54 PM · Restricted Project

Jun 29 2021

gtt1995 added reviewers for D105084: Redistribute energy for Corpus: pcc, rsmith.
Jun 29 2021, 7:15 PM · Restricted Project
gtt1995 awarded D105084: Redistribute energy for Corpus a Like token.
Jun 29 2021, 5:14 PM · Restricted Project

Jun 28 2021

gtt1995 added a comment to D105084: Redistribute energy for Corpus.

In my experiment, the code edge coverage has increased by 32.29%, and the number of executions is 28.65 times that of libfuzzer .

Jun 28 2021, 11:25 PM · Restricted Project
gtt1995 added a comment to D105084: Redistribute energy for Corpus.


Google’s Fuzzbench project is very good, but unfortunately it does not accept the evaluation of parallel fuzzing. Therefore, I selected some real-world programs of the OSS-FUZZ project and conducted an 8cores, 12hours experiment.
In order to better evaluate the strength of the new strategy, I am testing In, I disabled -entropic=0. Of course, in actual use, -entropic=1 Our strategy can also perform very well. In addition, using the new strategy, we found new bugs in widely tested targets such as php and harfbuzz.
The attachment is part of the original data of the experiment.
Finally, if possible, can you contact the person in charge of fuzzbench for me, and help me conduct a complete and fair experiment on fuzbench?

Jun 28 2021, 11:20 PM · Restricted Project
gtt1995 updated subscribers of D105084: Redistribute energy for Corpus.
Jun 28 2021, 11:11 PM · Restricted Project
gtt1995 added reviewers for D105084: Redistribute energy for Corpus: morehouse, howard.hinnant, kcc, samsonov.
Jun 28 2021, 11:01 PM · Restricted Project
gtt1995 requested review of D105084: Redistribute energy for Corpus.
Jun 28 2021, 10:57 PM · Restricted Project

Apr 14 2021

gtt1995 added a comment to D100161: Redistribute energy for Corpus.

At this point I am not convinced this patch will provide benefit for the default use case when -entropic=1. I am hesitant to add complexity to the code for unsure benefit.

If you request a FuzzBench experiment to get some data on this, and the results look good, then I'll be willing to invest more time into reviewing this patch.

Please CC me on the FuzzBench pull request, so I can make sure we are evaluating this properly.

Apr 14 2021, 5:34 PM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

Hello.
Due to the time zone difference, I think our communication is a bit inefficient. Can we arrange a convenient time for you to focus on the discussion?
We use CST.
Thanks.

Apr 14 2021, 8:20 AM · Restricted Project, Restricted Project

Apr 13 2021

gtt1995 added a comment to D100161: Redistribute energy for Corpus.

If the effect is similar to entropic, why do we need this patch as well?

Apr 13 2021, 5:30 PM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

Maybe uniform-random approach change efficacy!

Apr 13 2021, 7:38 AM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

If not sorted by size , Just a simple grouping of corpus, the effect is similar to entropic.

Apr 13 2021, 1:09 AM · Restricted Project, Restricted Project

Apr 12 2021

gtt1995 added a comment to D100161: Redistribute energy for Corpus.

Also, the descriptions states:

Divide the corpus into n parts according to size.

Is it really according to size? IIUC when there are multiple worker processes, any new coverage they have simply gets appended to Files. So Files is not necessarily sorted by size.

Apr 12 2021, 7:33 PM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

Thanks for sharing your data. Took a quick look and seems promising.

I would like to try this on FuzzBench before accepting the patch though. FuzzBench has a very nice experimental framework for evaluating changes like this.

It seems that FuzzBench does not accept this parallel mode evaluation.

I talked to @metzman who manages FuzzBench. Sounds like you're correct, FuzzBench uses only one worker process in fork mode. @metzman said we could probably run a special experiment with more workers to evaluate this patch.

Another approach that might be worth doing, is to make the patch effective even for a single worker. For example, maybe we randomly pick from a subset of the corpus for that single worker.

Also, I'm curious how the number of fork-mode workers affects efficacy. I can imagine with lots of workers that this patch could perform much worse. Specifically if we have a small number of corpus elements per wOorker, the crossover mutation becomes quite limited.

Apr 12 2021, 6:47 PM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

Also, the descriptions states:

Divide the corpus into n parts according to size.

Is it really according to size? IIUC when there are multiple worker processes, any new coverage they have simply gets appended to Files. So Files is not necessarily sorted by size.

Apr 12 2021, 6:07 PM · Restricted Project, Restricted Project

Apr 10 2021

gtt1995 added a comment to D100161: Redistribute energy for Corpus.

This is part of raw data , the object from oss-fuzz project.

Apr 10 2021, 1:38 AM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

This is part of raw data , the object from oss-fuzz project.

Apr 10 2021, 1:21 AM · Restricted Project, Restricted Project
gtt1995 added a comment to D100161: Redistribute energy for Corpus.

Thanks for the patch! Would you mind sharing the experimental data/results you obtained for this patch?

Additionally, could you submit this patch to FuzzBench for an independent evaluation?

Thanks,
Matt

Apr 10 2021, 1:13 AM · Restricted Project, Restricted Project

Apr 8 2021

gtt1995 updated the summary of D100161: Redistribute energy for Corpus.
Apr 8 2021, 8:11 PM · Restricted Project, Restricted Project
gtt1995 added a reviewer for D100161: Redistribute energy for Corpus: charco.
Apr 8 2021, 8:11 PM · Restricted Project, Restricted Project
gtt1995 edited reviewers for D100161: Redistribute energy for Corpus, added: morehouse; removed: 01alchemist.
Apr 8 2021, 8:10 PM · Restricted Project, Restricted Project
gtt1995 removed 1 blocking reviewer(s) for D100161: Redistribute energy for Corpus: kcc.
Apr 8 2021, 8:09 PM · Restricted Project, Restricted Project
gtt1995 edited reviewers for D100161: Redistribute energy for Corpus, added: kcc; removed: 0b01.
Apr 8 2021, 8:08 PM · Restricted Project, Restricted Project
gtt1995 requested review of D100161: Redistribute energy for Corpus.
Apr 8 2021, 7:53 PM · Restricted Project, Restricted Project