Expand description
AFL-afl-showmap-style corpus replay.
Replays a persisted corpus through a fresh executor and emits one text file
per trial (or per corpus entry). Each line has the form <id>:<count>:
- EVM IDs use the deterministic
(bytecode_hash, pc)derived from the line-coverageHitMapso that IDs are stable acrossforgeinvocations and meaningful for cross-approach analysis. Format:evm_<bytecode_hash[:16]>_<pc:04x>. - Sancov IDs use the deterministic guard index from the sancov bitmap:
sancov_0x<index:04x>.
Counts are raw saturating-summed hitcounts across the replayed corpus.
Output is consumable by tools like riesentoaster/differential-coverage.
Structsยง
- Showmap
Opts - Per-replay options.
- Showmap
Stats - Stats returned from a single trial replay.
Enumsยง
- Showmap
Domain - Which coverage bitmap(s) to dump.
Functionsยง
- accumulate_
evm ๐ - Saturating-add per-(bytecode, pc) hits from a
HitMapssnapshot intodst. - accumulate_
sancov ๐ - Saturating-add
src(u8 raw counts) intodst(u64 aggregated counts). - replay_
corpus_ to_ showmap - Replay every corpus entry under
corpus_dirand emit showmap files. - write_
evm ๐ - Each EVM ID is
evm_<bytecode_hash[:16hex]>_<pc:04x>. The 16-hex prefix (64 bits) of the keccak256 bytecode hash makes IDs deterministic across processes while keeping line lengths short. - write_
sancov ๐ - write_
showmap_ ๐file - Write a single showmap file. Returns 1 if a file was written, 0 if skipped (no nonzero entries).