Skip to content

fixes to optimization delta #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
hl4x merged 1 commit into from
Oct 15, 2025
Merged

fixes to optimization delta #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 13 additions & 12 deletions Sources/Fuzzilli/Evaluation/ProgramCoverageEvaluator.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,18 +176,19 @@ public class ProgramCoverageEvaluator: ComponentBase, ProgramEvaluator {
// Check for optimization delta separately
let optimizationDelta = libcoverage.cov_evaluate_optimization_bits(&context)

if result == 1 {
// Either new edges found OR feedback nexus delta detected
let hasNewEdges = newEdgeSet.count > 0
let hasFeedbackDelta = feedbackNexusDelta == 1
let hasOptimizationDelta = optimizationDelta == 1

if hasNewEdges {
return CovEdgeSet(edges: newEdgeSet.edge_indices, numEdges: newEdgeSet.count, hasFeedbackNexusDelta: hasFeedbackDelta, hasOptimizationDelta: hasOptimizationDelta)
} else if hasFeedbackDelta || hasOptimizationDelta {
// Only feedback nexus delta or optimization bit delta, no new edges
return ProgramAspects(outcome: .succeeded, hasFeedbackNexusDelta: hasFeedbackDelta, hasOptimizationDelta: hasOptimizationDelta)
}
let hasFeedbackDelta = feedbackNexusDelta == 1
let hasOptimizationDelta = optimizationDelta == 1
let hasNewEdges = newEdgeSet.count > 0

if result == 1 || hasOptimizationDelta || hasFeedbackDelta {
return hasNewEdges
? CovEdgeSet(edges: newEdgeSet.edge_indices,
numEdges: newEdgeSet.count,
hasFeedbackNexusDelta: hasFeedbackDelta,
hasOptimizationDelta: hasOptimizationDelta)
: ProgramAspects(outcome: .succeeded,
hasFeedbackNexusDelta: hasFeedbackDelta,
hasOptimizationDelta: hasOptimizationDelta)
}

assert(newEdgeSet.edge_indices == nil && newEdgeSet.count == 0)
Expand Down
26 changes: 15 additions & 11 deletions Sources/libcoverage/coverage.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,13 @@ int cov_initialize(struct cov_context* context)
context->shmem = mmap(0, SHM_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
close(fd);
#endif

// Initialize turbofan optimization bits tracking
// Perform the initialzation here instead of cov_finish_initialization so when cov_clear_bitmap calls clear_optimization_bits,
// we don't lose track of the previous optimziation bits
context->turbofan_optimization_bits_current = 0;
context->turbofan_optimization_bits_previous = 0;

return 0;
}

Expand Down Expand Up @@ -139,10 +146,6 @@ void cov_finish_initialization(struct cov_context* context, int should_track_edg
context->current_feedback_nexus = NULL;
context->previous_feedback_nexus = NULL;

// Initialize turbofan optimization bits tracking
context->turbofan_optimization_bits_current = 0;
context->turbofan_optimization_bits_previous = 0;

// Zeroth edge is ignored, see above.
clear_edge(context->virgin_bits, 0);
clear_edge(context->crash_bits, 0);
Expand Down Expand Up @@ -360,19 +363,20 @@ void clear_feedback_nexus(struct cov_context* context) {

int cov_evaluate_optimization_bits(struct cov_context* context) {
if (!context->shmem) return 0;
return (context->turbofan_optimization_bits_current != context->turbofan_optimization_bits_previous);
uint8_t delta = 0;
// Only check for a delta if current is not 0 and previous is "something"
// Otherwise if previous is 0, then there is no delta anyway
if (context->turbofan_optimization_bits_current != 0)
delta = (uint8_t)(context->turbofan_optimization_bits_current != context->turbofan_optimization_bits_previous);
return delta;
}

void cov_update_optimization_bits(struct cov_context* context) {
if (!context->shmem) return;
context->turbofan_optimization_bits_previous = context->turbofan_optimization_bits_current;
context->turbofan_optimization_bits_current = context->shmem->turbofan_optimization_bits;
// context->maglev_optimization_bits_current = context->shmem->maglev_optimization_bits;
}

void clear_optimization_bits(struct cov_context* context) {
context->turbofan_optimization_bits_current = 0;
context->turbofan_optimization_bits_previous = 0;
// context->maglev_optimization_bits_previous = context->maglev_optimization_bits_current;
// context->maglev_optimization_bits_current = 0;
context->turbofan_optimization_bits_previous = context->turbofan_optimization_bits_current;
context->shmem->turbofan_optimization_bits = 0;
}