jazzer icon indicating copy to clipboard operation
jazzer copied to clipboard
verified publisher icon CodeIntelligenceTesting

Reproducers for mutation graph entries

Open McLarney opened this issue 3 years ago • 3 comments

Currently, the reproducers are only created for the crashes. Would it be possible to have an option for also including the mutation graph or all of the inputs? Currently I've tweaked the code locally to get reproducers for every test case when I only want the mutation graph entries. For longer fuzzing runs, storage problems can be expected.

McLarney avatar Oct 27 '22 03:10 McLarney

Could you elaborate on what you would want to use the reproducers for?

With the new JUnit plugin and a "standalone jar" version of Jazzer, we are trying to get away from a reliance on code generation and instead make it easier to run Jazzer itself on binary input files.

fmeum avatar Oct 28 '22 08:10 fmeum

Sure, if I wanted to see how code coverage changed along a path in the mutation graph from a seed input to a crash, as it stands I would have to fully restart jazzer for each input. Alternatively, I could instrument the reproducers with a jacoco agent and run that.

McLarney avatar Oct 31 '22 16:10 McLarney

Hi @McLarney ! Thanks for raising this issue! Looks like we never really got back to you... I'd love to understand how you're using Jazzer and what your goals are. Lots of folks start off using Jazzer then pivot to our flagship fuzzing suite because it's easier to use. Ping me if you want to discuss? david[dot]merian [at] code-intelligence[dot]com

ghost avatar Feb 26 '24 13:02 ghost