TCSE logo 
 Sigsoft logo
Sustainability badge
Fri 2 May 2025 12:15 - 12:30 at 205 - Testing and QA 4 Chair(s): Matteo Camilli

Many assisting exploration strategies have been proposed to assist grey-box fuzzers in exploring program states guarded by tight and complex branch conditions such as equality constraints. Although they have shown promising results in their original papers, their evaluations seldom follow equivalent protocols, e.g., they are rarely evaluated on identical benchmarks. Moreover, there is a lack of sufficient investigations on the specifics of the program states explored by these strategies which can obfuscate the future application and development of such strategies. Consequently, there is a pressing need for a comprehensive study of assisting exploration strategies on their effectiveness, versatility, and limitations to enlighten their future development. To this end, we perform the first comprehensive study about the assisting exploration strategies for grey-box fuzzers. Specifically, we first collect nine recent fuzzers representing the mainstream assisting exploration strategies as our studied subjects and 21 real-world projects to form our benchmark suite. After evaluating the subjects on the benchmark suite, we then surprisingly find that the dictionary strategy is the most promising since it not only achieves similar or even slightly better performance over the other studied assisting exploration strategies in terms of exploring program states but also is more practical to be enhanced. Accordingly, we propose CDFUZZ, which generates a customized dictionary for each seed upon the baseline fuzzer AFL to improve over the original dictionary strategy. The evaluation results demonstrate that CDFUZZ increases the edge coverage by 16.1% on average for all benchmark projects over the best performer in our study (i.e., AFL++ with the dictionary strategy). CDFUZZ also successfully exposed 37 previously unknown bugs, with nine confirmed and seven fixed by the corresponding developers.

Fri 2 May

Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:30
Testing and QA 4Research Track at 205
Chair(s): Matteo Camilli Politecnico di Milano
11:00
15m
Talk
DPFuzzer: Discovering Safety Critical Vulnerabilities for Drone Path PlannersSecurity
Research Track
Yue Wang , Chao Yang Xidian University, Xiaodong Zhang , Yuwanqi Deng Xidian University, Jianfeng Ma Xidian University
11:15
15m
Talk
IRFuzzer: Specialized Fuzzing for LLVM Backend Code Generation
Research Track
Yuyang Rong University of California, Davis, Zhanghan Yu University of California, Davis, Zhenkai Weng University of California, Davis, Stephen Neuendorffer Advanced Micro Devices, Inc., Hao Chen University of California at Davis
11:30
15m
Talk
Ranking Relevant Tests for Order-Dependent Flaky Tests
Research Track
Shanto Rahman The University of Texas at Austin, Bala Naren Chanumolu George Mason University, Suzzana Rafi George Mason University, August Shi The University of Texas at Austin, Wing Lam George Mason University
11:45
15m
Talk
Selecting Initial Seeds for Better JVM Fuzzing
Research Track
Tianchang Gao Tianjin University, Junjie Chen Tianjin University, Dong Wang Tianjin University, Yile Guo College of Intelligence and Computing, Tianjin University, Yingquan Zhao Tianjin University, Zan Wang Tianjin University
12:00
15m
Talk
Toward a Better Understanding of Probabilistic Delta DebuggingArtifact-FunctionalArtifact-AvailableArtifact-Reusable
Research Track
Mengxiao Zhang , Zhenyang Xu University of Waterloo, Yongqiang Tian , Xinru Cheng University of Waterloo, Chengnian Sun University of Waterloo
12:15
15m
Talk
Tumbling Down the Rabbit Hole: How do Assisting Exploration Strategies Facilitate Grey-box Fuzzing?Award Winner
Research Track
Mingyuan Wu Southern University of Science and Technology, Jiahong Xiang Southern University of Science and Technology, Kunqiu Chen Southern University of Science and Technology, Peng Di Ant Group & UNSW Sydney, Shin Hwei Tan Concordia University, Heming Cui University of Hong Kong, Yuqun Zhang Southern University of Science and Technology
:
:
:
: