Giters

cherry-wb / afl-qemu-cov

Measure Basic Blocks coverage of all testcases in the AFL queue using a patched QEMU

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

afl-qemu-cov

This is an utility to measure the basic blocks coverage of all testcases in the AFL/AFL++ queue using a patched QEMU.

Written and maintained by Andrea Fioraldi andreafioraldi@gmail.com

Usage

To count the number of basic blocks covered by all the testcases in the queue run bb_cov.py:

./afl-qemu-cov -i /path/to/AFL/queue -o output1.csv -- ./binary <args>

This output.csv file contains tuples in the format (testcase id, basic block address). Of course the testcase id not no unique as a testcase may discover more than one basic block.

./afl-qemu-ts-cov -i /path/to/AFL/queue -l output1.csv -o output2.csv

This script will create output2.csv that contains the tuples (unix timestamp, testcase id, number of new basic blocks discovered).

This script uses the time fields in the name of the testcase and so cannot be used with AFL but only with AFL++.

About

Measure Basic Blocks coverage of all testcases in the AFL queue using a patched QEMU

Languages

Language:C 70.9%Language:C++ 21.5%Language:Shell 4.8%Language:Python 2.4%Language:Makefile 0.3%