- 08 Jul, 2020 1 commit
-
-
Peter Ralbovsky authored
Goal is to include coverage of builtin functions into coverage bitmap send to Fuzzilli fuzzer. In order to do this, after each REPRL loop, coverage data of bitmaps are retrieved from JS heap and stored into coverage bitmap. Additionally, there is an option, to print out statistics about how many of edges from builtin functions were turned on by the program inputted into REPRL loop. This commit introduces two flags: --no-fuzzilli-enable-builtins-coverage - when enable-builtins-coverage turned of, builtins coverage will not be exported to fuzzilli --fuzzilli-coverage-statistics - when turned on, d8 prints statistics into covlog.txt file after each loop Change-Id: I8f9cf8dc693b952467b108c6d6bc00134125bc5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2263154 Commit-Queue: Peter Ralbovsky <ralbovsky@google.com> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#68733}
-
- 03 Jun, 2020 1 commit
-
-
Peter Ralbovsky authored
Fuzzilli is open source fuzzer by Samuel Groß (saelo@google.com) that can be used to find bugs in v8 javascript engine. As we want to automate fuzzing for current versions of v8, we want to merge fuzzilli toolkit into v8 code, so that fuzzer can automatically update to the newest version. So far Fuzzilli has been maintained at https://github.com/googleprojectzero/fuzzilli . Bug tracker Id: https://bugs.chromium.org/p/v8/issues/detail?id=10571 Change-Id: I83ddc7e8bb31664c19e4044395bb9044a1c12031 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2201760Reviewed-by:
Tamer Tas <tmrts@chromium.org> Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Reviewed-by:
-
