$:~/Desktop/Android_Research/fuzzing/frida-fuzzer$ frida-compile -x tests/test_ndk_x64.js -o fuzzer-agent.js $:~/Desktop/Android_Research/fuzzing/frida-fuzzer$ ./frida-fuzzer -U -o output_folder22/ com.example.ndktest1 >> Agent loaded! >> Dry run... >> Dry run output_folder22/uninformed frida-fuzzer 1.3 ╔═════════════╤═══════════════════════╗ ║ target │ com.example.ndktest1 ║ ║ execs │ 0 ║ ║ speed │ 0 exec/s ║ ║ uptime │ 0h-0m-0s ║ ║ last path │ 0h-0m-0s ║ ║ map density │ 0 % ║ ║ current │ ║ ║ queue size │ -1 ║ ║ pending fav │ 0 ║ ║ last stage │ init ║ ║ output path │ output_folder22/ ║ ╚═════════════╧═══════════════════════╝ >> Starting fuzzing loop... frida-fuzzer 1.3 ╔═════════════╤═══════════════════════╗ ║ target │ com.example.ndktest1 ║ ║ execs │ 10043 ║ ║ speed │ 9359 exec/s ║ ║ uptime │ 0h-0m-1s ║ ║ last path │ 0h-0m-1s ║ ║ map density │ 0 % ║ ║ current │ 0 ║ ║ queue size │ 4 ║ ║ pending fav │ 1 ║ ║ last stage │ havoc ║ ║ output path │ output_folder22/ ║ ╚═════════════╧═══════════════════════╝ frida-fuzzer 1.3 ╔═════════════╤═══════════════════════╗ ║ target │ com.example.ndktest1 ║ ║ execs │ 41564 ║ ║ speed │ 9421 exec/s ║ ║ uptime │ 0h-0m-4s ║ ║ last path │ 0h-0m-1s ║ ║ map density │ 0 % ║ ║ current │ 2 ║ ║ queue size │ 4 ║ ║ pending fav │ 5 ║ ║ last stage │ splice-13 ║ ║ output path │ output_folder22/ ║ ╚═════════════╧═══════════════════════╝ ============= CRASH FOUND! ============= type: access-violation write at: 0xdeadbeef >> Saving at 'output_folder22/crash_splice-13_access-violation_1581192222' >> Press Control-C to exit... script is destroyed