From 97942a9f4924ca4c9cad2a2756e44ad29fb44fca Mon Sep 17 00:00:00 2001 From: Fabian Meumertzheim Date: Fri, 12 Feb 2021 14:18:37 +0100 Subject: Instrument edges instead of basic blocks We are currently deriving edge coverage instrumentation from basic block instrumentation via the AFL XOR-technique. This has several downsides: * Different edges can be assigned the same position in the coverage map, which leads to underreported coverage. * The coverage map needs to be large enough for collisions to be unlikely (on the order of num_edges^2). In addition to being wasteful, it is also hard to determine the correct size given that we don't know the number of edges. In addition to the design limitations, the current implementation additionally does not take into account that most Java method invocations can throw exceptions and thus need to be instrumented. These issues are resolved by switching to true LLVM-style edge coverage instrumentation. The new coverage instrumentation is based on a lightly patched version of the JaCoCo internals. Note: //agent/src/test/java/com/code_intelligence/jazzer/instrumentor:coverage_instrumentation_test is not passing for this commit. It will be fixed with the next commit. --- maven_install.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'maven_install.json') diff --git a/maven_install.json b/maven_install.json index 42d6462c..aad562cd 100644 --- a/maven_install.json +++ b/maven_install.json @@ -1,7 +1,7 @@ { "dependency_tree": { "__AUTOGENERATED_FILE_DO_NOT_MODIFY_THIS_FILE_MANUALLY": "THERE_IS_NO_DATA_ONLY_ZUUL", - "__INPUT_ARTIFACTS_HASH": -1561364904, + "__INPUT_ARTIFACTS_HASH": -13066241, "__RESOLVED_ARTIFACTS_HASH": 2026903625, "conflict_resolution": {}, "dependencies": [ -- cgit v1.2.3