Integrate V8 Builtin coverage to Fuzzilli
Goal is to include coverage of builtin functions into coverage bitmap send to Fuzzilli fuzzer. In order to do this, after each REPRL loop, coverage data of bitmaps are retrieved from JS heap and stored into coverage bitmap. Additionally, there is an option, to print out statistics about how many of edges from builtin functions were turned on by the program inputted into REPRL loop. This commit introduces two flags: --no-fuzzilli-enable-builtins-coverage - when enable-builtins-coverage turned of, builtins coverage will not be exported to fuzzilli --fuzzilli-coverage-statistics - when turned on, d8 prints statistics into covlog.txt file after each loop Change-Id: I8f9cf8dc693b952467b108c6d6bc00134125bc5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2263154 Commit-Queue: Peter Ralbovsky <ralbovsky@google.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#68733}
Showing
Please
register
or
sign in
to comment