系统环境:Ubuntu22.04 + LLVM-10 + Clang-10
git下载源码进入目录,编译:
安装jdk8:sudo apt-get install openjdk-8-jdk
缺啥装啥,比如报rsync找不到文件:sudo apt-get install rsync
配置环境变量:
编译Daikon
使用方法参考官方文档: https://github.com/eurecom-s3/invscov
- set the env var
INVSCOV_OUTPUT_PATH
to an existing empty folder
- compile the PUT with dump-cc[c++]
- run reconstruct-dump
- run learn-invariants with the dumper binary produced in the second step
- run generate-constraints
- compile with instrument-cc[c++]
Using the NO_CONSTRS=1
env var the instrument-cc compiler wrapper will simply compile the PUT with the classic AFL++ edge coverage instrumentation. Other env variables are available, refer to the source code.
- fuzz this last binary with afl-fuzz
参考: