Open nevilad opened 6 years ago
ivanfratric
commented
6 years ago @0vercl0k FYI since he's the author of showmap.
You are correct, but I think a simpler way to handle this is just to update the usage instructions. Instrumentation options only make sense in the case of DynamoRIO instrumentation so it makes sense to leave that parameter section omitted otherwise.
nevilad
commented
6 years ago That's too a possible solution. I tried showmap to diagnose variable behaviour runs and found it unuseful. It's output is a file of tuples of value:count, where value is calculated used unique values associated with each branch and previously executed branches. I can't map these values to a sequence of executed branches, which would be useful.
During my experiments with showmap, i've got some errors. I don't created issues for them, since I found the utility unuseful. When interested, I can create them.
ivanfratric
commented
6 years ago afl-showmap should output the same thing as the Linux AFL version, no? AFAIK its primary use is corpus minimization (it's used by cmin) so it might not be 100% suitable for other things. Perhaps something like drcov (coverage tool included with DynamoRIO) might be closer to what you're trying to do.
nevilad
commented
6 years ago Right! I forgot about cmin. Cmin code creates showmap command line using two "--" symbols, so when you update showmaps usage don't forget to change cmin. I will try drcov for my task.
0vercl0k
commented
6 years ago ACK Ivan. I'll send a PR when I get the time to update the documentation then.
@nevilad - if you want to investigate stability issues between test-cases I used to get the tuples of the same file in 2 run, compare them and set hardware write breakpoint in the specific offsets in the bytemap. If you dig a bit around you usually find where the variance comes from :-). I have done that a bunch with the static mode though, but I guess it should be feasible with DRIO too.
Cheers
2018-03-13 6:35 GMT-07:00 nevilad notifications@github.com:
Right! I forgot about cmin. Cmin code creates showmap command line using two "--" symbols, so when you update showmaps usage don't forget to change cmin. I will try drcov for my task.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ivanfratric/winafl/issues/88#issuecomment-372666907, or mute the thread https://github.com/notifications/unsubscribe-auth/ABaHRYcu0XEll-_h1b6oWQejgJIVBy_Fks5td8s7gaJpZM4SbXeJ .
Showmap usage says that the expected arguments are [options] -- [instrumentation options] -- pathToProgram
But in case of static instrumentation instrumentation options are skipped in the code, see extract_client_params: if(drioless) return; This means that after the first found "--" string pathToProgram is expected. It should search for the second "--".