diff options
| author | Nguyễn Gia Phong <cnx@loang.net> | 2024-11-26 16:04:54 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <cnx@loang.net> | 2024-11-26 16:07:54 +0900 |
| commit | e5c98d0d1d7b9bfac02234607c351c486955d3e4 (patch) | |
| tree | f7471dde6a54d62c87f322f9d7bc34ef039938bb /src | |
| parent | 943b8a3d7ab56a393fe2fe3060a584b35beba1eb (diff) | |
| download | afl++-e5c98d0d1d7b9bfac02234607c351c486955d3e4.tar.gz | |
Calculate mean proximity score
Co-authored-by: 김태은 <goodtaeeun@kaist.ac.kr>
Diffstat (limited to 'src')
| -rw-r--r-- | src/afl-fuzz-run.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c index a3787e5c..2da27453 100644 --- a/src/afl-fuzz-run.c +++ b/src/afl-fuzz-run.c @@ -427,6 +427,12 @@ static void write_with_gap(afl_state_t *afl, u8 *mem, u32 len, u32 skip_at, } +static u64 compute_proximity_score(u32 *dfg_bits) { + u64 result = 0; + for (size_t i = 0; i < DFG_MAP_SIZE; result += dfg_bits[++i]); + return result; +} + /* Calibrate a new test case. This is done when processing the input directory to warn about flaky or otherwise problematic test cases early on; and when new paths are discovered to detect variable behavior and so on. */ @@ -645,6 +651,7 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem, if (unlikely(!q->exec_us)) { q->exec_us = 1; } q->bitmap_size = count_bytes(afl, afl->fsrv.trace_bits); + q->prox_score = compute_proximity_score(); q->handicap = handicap; q->cal_failed = 0; @@ -653,6 +660,9 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem, update_bitmap_score(afl, q); + afl->mean_prox_score += + (q->prox_score - afl->mean_prox_score) / afl->queued_items; + /* If this case didn't result in new output from the instrumentation, tell parent. This is a non-critical problem, but something to warn the user about. */ |