• Peter Ralbovsky's avatar
    Integrate V8 Builtin coverage to Fuzzilli · 923375a4
    Peter Ralbovsky authored
    Goal is to include coverage of builtin functions into coverage
    bitmap send to Fuzzilli fuzzer. In order to do this, after each
    REPRL loop, coverage data of bitmaps are retrieved from JS heap
    and stored into coverage bitmap. Additionally, there is an option,
    to print out statistics about how many of edges from builtin
    functions were turned on by the program inputted into REPRL loop.
    
    This commit introduces two flags:
    --no-fuzzilli-enable-builtins-coverage - when enable-builtins-coverage
     turned of, builtins coverage will not be exported to fuzzilli
    
    --fuzzilli-coverage-statistics - when turned on, d8 prints
     statistics into covlog.txt file after each loop
    
    
    
    
    Change-Id: I8f9cf8dc693b952467b108c6d6bc00134125bc5f
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2263154
    Commit-Queue: Peter Ralbovsky <ralbovsky@google.com>
    Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
    Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
    Reviewed-by: 's avatarMichael Stanton <mvstanton@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#68733}
    923375a4
d8.h 20.6 KB