[PATCH] D48054: [libFuzzer] Mutation tracking and logging implemented

Max Moroz via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Fri Jun 22 15:19:35 PDT 2018 

Dor1s added a subscriber: morehouse.
Dor1s added a comment.

Left some minor comments, looks good otherwise! Once Jonathan is also happy with that, we should add Matt (@morehouse) as the next review step.



================
Comment at: lib/fuzzer/FuzzerLoop.cpp:667
       ReportNewCoverage(&II, {CurrentUnitData, CurrentUnitData + Size});
+      MD.CountCurrentMutatorSequence();
       break;  // We will mutate this input more in the next rounds.
----------------
I think we should put it under `if (Options.PrintMutationUsefulness)` for now, as the stats aren't used otherwise.


================
Comment at: lib/fuzzer/FuzzerMutate.cpp:529
       CurrentMutatorSequence.push_back(M);
+      MStats->IncTotalMutationCount(M.Identifier);
       return NewSize;
----------------
Let's put it under `if (Options.PrintMutationUsefulness)` for now, as the stats aren't used otherwise.




================
Comment at: lib/fuzzer/FuzzerMutate.h:22
 
+typedef enum {
+  ADD_WORD_FROM_MANUAL_DICTIONARY,
----------------
It would be simpler to do:

```
enum MutationType {
  ADD_WORD_FROM_MANUAL_DICTIONARY,
  ...
  etc
};

```


================
Comment at: lib/fuzzer/FuzzerMutationStats.cpp:23
+  for (int i = 0; i < NUMBER_OF_MUTATION_TYPES; i++) {
+    double CurrentRatio =
+        (TotalMutations.at(i) != 0)
----------------
I think the current version looks unnecessary messy, let's just do something like:

```
// +1 is not significant, but prevents us from dividing by zero.
double Ratio = static_cast<double>(100 * UsefulMutations.at(i)) / (1 + TotalMutations.at(i));
```



================
Comment at: lib/fuzzer/FuzzerMutationStats.h:1
+//===- FuzzerMutationStats.h - Header for mutation tracking ----------*- C++ -* ===//
+//
----------------
please fix this first line to be the same length and format as it is in other files


================
Comment at: test/fuzzer/fuzzer-mutationstats.test:3
+RUN: not %run %t-MutationStatsTest -max_total_time=360 -print_final_stats=1 -print_mutation_stats=1 -print_mutation_usefulness=1 2>&1 | FileCheck %s
+CHECK: stat::mutation_usefulness: {{.*[0-9]+\.[0-9]+[1-9]+.*}}
----------------
add a comment before that line, something like "# Make sure there are some non-zero values in the usefulness percentages printed."


Repository:
  rCRT Compiler Runtime

https://reviews.llvm.org/D48054

More information about the llvm-commits mailing list