test.sh with -no-pie

author: van Hauser <vh@thc.org> 2020-03-21 21:10:38 +0100
committer: van Hauser <vh@thc.org> 2020-03-21 21:10:38 +0100
commit: c6db05c5ae11e2a33df8aa450d6ccac7d6109a02 (patch)
tree: f125708d2fe71c72d1c1ff61e720477e989587be /src
parent: 6f78b67f033f430b2b71f88b9f596847d7cbedb1 (diff)
download: afl++-c6db05c5ae11e2a33df8aa450d6ccac7d6109a02.tar.gz
6 files changed, 10 insertions, 0 deletions
diff --git a/src/afl-fuzz-bitmap.c b/src/afl-fuzz-bitmap.c
index 86474adc..06078fc2 100644
--- a/src/afl-fuzz-bitmap.c
+++ b/src/afl-fuzz-bitmap.c
@@ -578,6 +578,7 @@ u8 save_if_interesting(afl_state_t *afl, void *mem, u32 len, u8 fault) {
     /* Try to calibrate inline; this also calls update_bitmap_score() when
        successful. */
 
+    bmcnt++;
     res = calibrate_case(afl, afl->queue_top, mem, afl->queue_cycle - 1, 0);
 
     if (res == FAULT_ERROR) FATAL("Unable to execute target application");
diff --git a/src/afl-fuzz-globals.c b/src/afl-fuzz-globals.c
index 88633a1b..108952e4 100644
--- a/src/afl-fuzz-globals.c
+++ b/src/afl-fuzz-globals.c
@@ -38,6 +38,8 @@ u8 *doc_path = NULL;                    /* gath to documentation dir        */
 
 /* Initialize MOpt "globals" for this afl state */
 
+u32 bmcnt, initcnt, one1cnt, one2cnt, runcnt;
+
 static void init_mopt_globals(afl_state_t *afl) {
 
   MOpt_globals_t *core = &afl->mopt_globals_core;
diff --git a/src/afl-fuzz-init.c b/src/afl-fuzz-init.c
index c3f3fac0..456415f9 100644
--- a/src/afl-fuzz-init.c
+++ b/src/afl-fuzz-init.c
@@ -473,6 +473,7 @@ void perform_dry_run(afl_state_t *afl) {
 
     close(fd);
 
+    initcnt++;
     res = calibrate_case(afl, q, use_mem, 0, 1);
     ck_free(use_mem);
 
diff --git a/src/afl-fuzz-one.c b/src/afl-fuzz-one.c
index c1458dbb..5211d565 100644
--- a/src/afl-fuzz-one.c
+++ b/src/afl-fuzz-one.c
@@ -442,6 +442,7 @@ u8 fuzz_one_original(afl_state_t *afl) {
 
     if (afl->queue_cur->cal_failed < CAL_CHANCES) {
 
+      one1cnt++;
       res =
           calibrate_case(afl, afl->queue_cur, in_buf, afl->queue_cycle - 1, 0);
 
@@ -2460,6 +2461,7 @@ u8 mopt_common_fuzzing(afl_state_t *afl, MOpt_globals_t MOpt_globals) {
 
     if (afl->queue_cur->cal_failed < CAL_CHANCES) {
 
+      one2cnt++;
       res =
           calibrate_case(afl, afl->queue_cur, in_buf, afl->queue_cycle - 1, 0);
 
diff --git a/src/afl-fuzz-run.c b/src/afl-fuzz-run.c
index c8153857..6fbb7539 100644
--- a/src/afl-fuzz-run.c
+++ b/src/afl-fuzz-run.c
@@ -303,6 +303,8 @@ u8 calibrate_case(afl_state_t *afl, struct queue_entry *q, u8 *use_mem,
      trying to calibrate already-added finds. This helps avoid trouble due
      to intermittent latency. */
 
+  runcnt++;
+
   if (!from_queue || afl->resuming_fuzz)
     use_tmout = MAX(afl->fsrv.exec_tmout + CAL_TMOUT_ADD,
                     afl->fsrv.exec_tmout * CAL_TMOUT_PERC / 100);
diff --git a/src/afl-fuzz.c b/src/afl-fuzz.c
index 15caa65f..9692c1cb 100644
--- a/src/afl-fuzz.c
+++ b/src/afl-fuzz.c
@@ -1196,6 +1196,8 @@ stop_fuzzing:
 
   OKF("We're done here. Have a nice day!\n");
 
+printf("%u %u %u %u %u\n", bmcnt, initcnt, one1cnt, one2cnt, runcnt);
+
   exit(0);
 
 }
author	van Hauser <vh@thc.org>	2020-03-21 21:10:38 +0100
committer	van Hauser <vh@thc.org>	2020-03-21 21:10:38 +0100
commit	c6db05c5ae11e2a33df8aa450d6ccac7d6109a02 (patch)
tree	f125708d2fe71c72d1c1ff61e720477e989587be /src
parent	6f78b67f033f430b2b71f88b9f596847d7cbedb1 (diff)
download	afl++-c6db05c5ae11e2a33df8aa450d6ccac7d6109a02.tar.gz