vanhauser-thc
commented
11 months ago /gcbrun run_experiment.py -a --experiment-config /opt/fuzzbench/service/experiment-config.yaml --experiment-name 2023-12-14-libafl --fuzzers libafl libafl_scoped_cov
Open addisoncrump opened 11 months ago
vanhauser-thc
commented
11 months ago /gcbrun run_experiment.py -a --experiment-config /opt/fuzzbench/service/experiment-config.yaml --experiment-name 2023-12-14-libafl --fuzzers libafl libafl_scoped_cov
Attempting to address or partially resolve a coverage information gap described by Marc Heuse regarding libwebp (cc @vanhauser-thc, you might be interested).
Namely, this implements "scoped" coverage -- the coverage of edges constrained to an observable scope (in this case, stack depth). This allows us to effectively measure the number of times in which a block is executed during a function call, only for that exact frame (i.e. uses of that block in callees do not contribute to this count).
The current implementation does not scope for nested loops, only for function calls; this could potentially be implemented using e.g. sancov's CFG pass to identify cycles, but this will get expensive fast.
Please run this experiment with just
libaflandlibafl_scoped_cov, provided in this PR.