Merge pull request #392 from AFLplusplus/dev

Push to master
author: van Hauser <vh@thc.org> 2020-06-09 19:25:09 +0200
committer: GitHub <noreply@github.com> 2020-06-09 19:25:09 +0200
commit: 12bdefe00e38cdc3dd8cb028eeac325ab2e94e16 (patch)
tree: 0d321d362a19ff19a4a98dcd1b9b72601945695f /src/afl-fuzz-stats.c
parent: 748238d6ab4aeb7f34958d4c37c5ef200ad22463 (diff)
parent: 81829d132bebcb42c0e289bb5788b8f2b29c1599 (diff)
download: afl++-12bdefe00e38cdc3dd8cb028eeac325ab2e94e16.tar.gz
1 files changed, 43 insertions, 13 deletions
diff --git a/src/afl-fuzz-stats.c b/src/afl-fuzz-stats.c
index 014ed34d..374b2411 100644
--- a/src/afl-fuzz-stats.c
+++ b/src/afl-fuzz-stats.c
@@ -98,12 +98,13 @@ void write_stats_file(afl_state_t *afl, double bitmap_cvg, double stability,
       "exec_timeout      : %u\n"
       "slowest_exec_ms   : %u\n"
       "peak_rss_mb       : %lu\n"
+      "cpu_affinity      : %d\n"
       "edges_found       : %u\n"
       "var_byte_count    : %u\n"
       "afl_banner        : %s\n"
       "afl_version       : " VERSION
       "\n"
-      "target_mode       : %s%s%s%s%s%s%s%s\n"
+      "target_mode       : %s%s%s%s%s%s%s%s%s\n"
       "command_line      : %s\n",
       afl->start_time / 1000, cur_time / 1000,
       (cur_time - afl->start_time) / 1000, (u32)getpid(),
@@ -123,13 +124,14 @@ void write_stats_file(afl_state_t *afl, double bitmap_cvg, double stability,
 #else
       (unsigned long int)(rus.ru_maxrss >> 10),
 #endif
-      t_bytes, afl->var_byte_count, afl->use_banner,
+      afl->cpu_aff, t_bytes, afl->var_byte_count, afl->use_banner,
       afl->unicorn_mode ? "unicorn" : "", afl->fsrv.qemu_mode ? "qemu " : "",
-      afl->dumb_mode ? " dumb " : "", afl->no_forkserver ? "no_fsrv " : "",
-      afl->crash_mode ? "crash " : "",
+      afl->non_instrumented_mode ? " non_instrumented " : "",
+      afl->no_forkserver ? "no_fsrv " : "", afl->crash_mode ? "crash " : "",
       afl->persistent_mode ? "persistent " : "",
+      afl->shmem_testcase_mode ? "shmem_testcase " : "",
       afl->deferred_mode ? "deferred " : "",
-      (afl->unicorn_mode || afl->fsrv.qemu_mode || afl->dumb_mode ||
+      (afl->unicorn_mode || afl->fsrv.qemu_mode || afl->non_instrumented_mode ||
        afl->no_forkserver || afl->crash_mode || afl->persistent_mode ||
        afl->deferred_mode)
           ? ""
@@ -137,6 +139,32 @@ void write_stats_file(afl_state_t *afl, double bitmap_cvg, double stability,
       afl->orig_cmdline);
   /* ignore errors */
 
+  if (afl->debug) {
+
+    uint32_t i = 0;
+    fprintf(f, "virgin_bytes     :");
+    for (i = 0; i < afl->fsrv.map_size; i++) {
+
+      if (afl->virgin_bits[i] != 0xff) {
+
+        fprintf(f, " %d[%02x]", i, afl->virgin_bits[i]);
+
+      }
+
+    }
+
+    fprintf(f, "\n");
+    fprintf(f, "var_bytes        :");
+    for (i = 0; i < afl->fsrv.map_size; i++) {
+
+      if (afl->var_bytes[i]) { fprintf(f, " %d", i); }
+
+    }
+
+    fprintf(f, "\n");
+
+  }
+
   fclose(f);
 
 }
@@ -326,7 +354,7 @@ void show_stats(afl_state_t *afl) {
 
   /* Honor AFL_EXIT_WHEN_DONE and AFL_BENCH_UNTIL_CRASH. */
 
-  if (!afl->dumb_mode && afl->cycles_wo_finds > 100 &&
+  if (!afl->non_instrumented_mode && afl->cycles_wo_finds > 100 &&
       !afl->pending_not_fuzzed && afl->afl_env.afl_exit_when_done) {
 
     afl->stop_soon = 2;
@@ -414,7 +442,7 @@ void show_stats(afl_state_t *afl) {
        " process timing " bSTG bH30 bH5 bH bHB bH bSTOP cCYA
        " overall results " bSTG bH2 bH2                 bRT "\n");
 
-  if (afl->dumb_mode) {
+  if (afl->non_instrumented_mode) {
 
     strcpy(tmp, cRST);
 
@@ -460,7 +488,7 @@ void show_stats(afl_state_t *afl) {
   /* We want to warn people about not seeing new paths after a full cycle,
      except when resuming fuzzing or running in non-instrumented mode. */
 
-  if (!afl->dumb_mode &&
+  if (!afl->non_instrumented_mode &&
       (afl->last_path_time || afl->resuming_fuzz || afl->queue_cycle == 1 ||
        afl->in_bitmap || afl->crash_mode)) {
 
@@ -469,7 +497,7 @@ void show_stats(afl_state_t *afl) {
 
   } else {
 
-    if (afl->dumb_mode) {
+    if (afl->non_instrumented_mode) {
 
       SAYF(bV bSTOP "   last new path : " cPIN "n/a" cRST
                     " (non-instrumented mode)       ");
@@ -524,8 +552,9 @@ void show_stats(afl_state_t *afl) {
           t_byte_ratio);
 
   SAYF("    map density : %s%-21s" bSTG bV "\n",
-       t_byte_ratio > 70 ? cLRD
-                         : ((t_bytes < 200 && !afl->dumb_mode) ? cPIN : cRST),
+       t_byte_ratio > 70
+           ? cLRD
+           : ((t_bytes < 200 && !afl->non_instrumented_mode) ? cPIN : cRST),
        tmp);
 
   sprintf(tmp, "%s (%0.02f%%)", u_stringify_int(IB(0), afl->cur_skipped_paths),
@@ -1020,10 +1049,11 @@ void show_init_stats(afl_state_t *afl) {
 
   }
 
-  /* In dumb mode, re-running every timing out test case with a generous time
+  /* In non-instrumented mode, re-running every timing out test case with a
+     generous time
      limit is very expensive, so let's select a more conservative default. */
 
-  if (afl->dumb_mode && !(afl->afl_env.afl_hang_tmout)) {
+  if (afl->non_instrumented_mode && !(afl->afl_env.afl_hang_tmout)) {
 
     afl->hang_tmout = MIN(EXEC_TIMEOUT, afl->fsrv.exec_tmout * 2 + 100);
author	van Hauser <vh@thc.org>	2020-06-09 19:25:09 +0200
committer	GitHub <noreply@github.com>	2020-06-09 19:25:09 +0200
commit	12bdefe00e38cdc3dd8cb028eeac325ab2e94e16 (patch)
tree	0d321d362a19ff19a4a98dcd1b9b72601945695f /src/afl-fuzz-stats.c
parent	748238d6ab4aeb7f34958d4c37c5ef200ad22463 (diff)
parent	81829d132bebcb42c0e289bb5788b8f2b29c1599 (diff)
download	afl++-12bdefe00e38cdc3dd8cb028eeac325ab2e94e16.tar.gz