[all-commits] [llvm/llvm-project] 1bb1ea: [libFuzzer] Add a command-line option for tracing ...
Dokyung Song via All-commits
all-commits at lists.llvm.org
Tue Sep 8 20:42:43 PDT 2020
Branch: refs/heads/master
Home: https://github.com/llvm/llvm-project
Commit: 1bb1eac6b177739429e78703b265e7546792fd64
https://github.com/llvm/llvm-project/commit/1bb1eac6b177739429e78703b265e7546792fd64
Author: Dokyung Song <dokyungs at google.com>
Date: 2020-09-09 (Wed, 09 Sep 2020)
Changed paths:
M compiler-rt/lib/fuzzer/FuzzerDriver.cpp
M compiler-rt/lib/fuzzer/FuzzerFlags.def
M compiler-rt/lib/fuzzer/FuzzerIO.cpp
M compiler-rt/lib/fuzzer/FuzzerIO.h
M compiler-rt/lib/fuzzer/FuzzerLoop.cpp
M compiler-rt/lib/fuzzer/FuzzerMutate.cpp
M compiler-rt/lib/fuzzer/FuzzerMutate.h
M compiler-rt/lib/fuzzer/FuzzerOptions.h
A compiler-rt/test/fuzzer/mutation-graph.test
Log Message:
-----------
[libFuzzer] Add a command-line option for tracing mutation of corpus inputs in the dot graph format.
This patch adds a new command-line option -mutation_graph_file=FILE for
debugging purposes, which traces how corpus inputs evolve during a fuzzing
run. For each new input that is added to the corpus, a new vertex corresponding
to the added input, as well as a new edge that connects its base input to itself
are written to the given file. Each vertex is labeled with the filename of the
input, and each edge is labeled with the mutation sequence that led to the input
w.r.t. its base input.
The format of the mutation graph file is the dot file format. Once prepended and
appended with "graph {" and "}", respectively, the graph becomes a valid dot
file and can be visualized.
Differential Revision: https://reviews.llvm.org/D86560
More information about the All-commits
mailing list