The orginal paper can be here.
- Install
cargo
andprotoc
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
wget https://github.com/protocolbuffers/protobuf/releases/download/v21.5/protoc-21.5-linux-x86_64.zip && \
sudo unzip protoc-21.5-linux-x86_64.zip -d /usr/local
cargo build --release
Basic run (for example, run on 20 cores):
taskset -c 0-19 cargo run --release -- -c "your/command @@" -i input_corpus -o output --core 20
Check the usage:
cargo run --release -- -help
- The code is still under cleanup. Some features are still missing (such as saving the corpus/crashes to disk).
- Assign exclusive cores to
mufuzz
for better performance. - Part of the forkserver code is borrowed from LibAFL, a great project for building fuzzers.
- After you exit the fuzzer, you might need to run
ipcrm -a
to remove the share memory.