Re: [PATCH 4/4] docs/fuzz: add instructions for generating a coverage re

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 4/4] docs/fuzz: add instructions for generating a coverage re

From:	Thomas Huth
Subject:	Re: [PATCH 4/4] docs/fuzz: add instructions for generating a coverage report
Date:	Tue, 21 Jul 2020 07:31:56 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0

On 07/07/2020 06.41, Alexander Bulekov wrote:
> On 200706 1555, Alexander Bulekov wrote:
>> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
>> ---
>>  docs/devel/fuzzing.txt | 19 +++++++++++++++++++
>>  1 file changed, 19 insertions(+)
>>
>> diff --git a/docs/devel/fuzzing.txt b/docs/devel/fuzzing.txt
>> index 284d57f8fd..a9816ffce9 100644
>> --- a/docs/devel/fuzzing.txt
>> +++ b/docs/devel/fuzzing.txt
>> @@ -85,6 +85,25 @@ better coverage performance, depending on the target.
>>  Note that libFuzzer's exact behavior will depend on the version of
>>  clang and libFuzzer used to build the device fuzzers.
>>  
>> +== Generating Coverage Reports ==
>> +Code coverage is a crucial metric for evaluating a fuzzer's performance.
>> +libFuzzer's output provides a "cov: " column that provides a total number of
>> +unique blocks/edges covered. To examine coverage on a line-by-line basis we
>> +can use Clang coverage:
>> +
>> + 1. Configure libFuzzer to store a corpus of all interesting inputs (see
>> +    CORPUS_DIR above)
>> + 2. ./configure the QEMU build with:
>> +    --enable-sanitizers \
> Oops... that should be --enable-fuzzing \

I've pushed it with the fix applied to my qtest-next branch:

 https://gitlab.com/huth/qemu/-/commits/qtest-next/

  Thomas

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/4] fuzz: misc patches, Alexander Bulekov, 2020/07/06
- [PATCH 1/4] fuzz: build without AddressSanitizer, by default, Alexander Bulekov, 2020/07/06
  - Re: [PATCH 1/4] fuzz: build without AddressSanitizer, by default, Philippe Mathieu-Daudé, 2020/07/07
  - Re: [PATCH 1/4] fuzz: build without AddressSanitizer, by default, Thomas Huth, 2020/07/20
- [PATCH 2/4] docs/fuzz: describe building fuzzers with enable-sanitizers, Alexander Bulekov, 2020/07/06
  - Re: [PATCH 2/4] docs/fuzz: describe building fuzzers with enable-sanitizers, Philippe Mathieu-Daudé, 2020/07/07
  - Re: [PATCH 2/4] docs/fuzz: describe building fuzzers with enable-sanitizers, Thomas Huth, 2020/07/21
- [PATCH 3/4] docs/fuzz: add information about useful libFuzzer flags, Alexander Bulekov, 2020/07/06
- [PATCH 4/4] docs/fuzz: add instructions for generating a coverage report, Alexander Bulekov, 2020/07/06
  - Re: [PATCH 4/4] docs/fuzz: add instructions for generating a coverage report, Alexander Bulekov, 2020/07/07
    - Re: [PATCH 4/4] docs/fuzz: add instructions for generating a coverage report, Thomas Huth <=

Prev by Date: Re: [PATCH v2] e1000e: using bottom half to send packets
Next by Date: [PATCH] MAINTAINERS: Extend the device fuzzing section
Previous by thread: Re: [PATCH 4/4] docs/fuzz: add instructions for generating a coverage report
Next by thread: Re: [PATCH 02/13] qcow2: introduce icount field for snapshots
Index(es):
- Date
- Thread