Adaptive Parallel Fuzzing with Multi-candidate Task Scheduling

Abstract

Parallel fuzzing is a widely used technique for bug detection. It improves fuzzing performance by taking full advantage of the computing resource. Nevertheless, existing parallel fuzzing approaches fail to extend fuzzing optimizations of single mode to parallel mode, due to the lack of efficient information synchronization and task division. To address the challenge, researchers propose a parallel fuzzing framework that combines guiding information synchronization with task division based on branch bitmap to improve the performance of the fuzzers in parallel mode. However, when augmenting existing fuzzers with the parallel framework, we find two types of limitations caused by some mechanisms of the fuzzers, such as task scheduling mechanism. In this paper, we present an optimized parallel fuzzing approach to improve fuzzing efficiency by making valuable tasks executed as much as possible. On the one hand, we introduce a multi-candidate task scheduling mechanism, which takes multiple tasks corresponding to an input as candidates, rather than one to obtain the chances of executing tasks that are valuable but can be missed. On the other hand, we apply a synchronization information-centric design solution to some mechanisms of the fuzzers and take synchronization information as a good indicator to decide whether the parallel instances ought to shift their running mode, which can improve the adaptive ability of parallel instances and facilitate them to timely execute valuable tasks. We implement a prototype system OPAFL on top of Fairfuzz and PAFL, and evaluate its performance on several real-world software. The experimental results show that OPAFL can execute more tasks valuable and achieve higher branch coverage, compared with original parallel mode of Fairfuzz and Fairfuzz augmented with PAFL.