search for: print_coverage

Displaying 3 results from an estimated 3 matches for "print_coverage".

2016 Sep 21
3
-sanitizer-coverage-prune-blocks=true and LibFuzzer
Hello, Is this reproducible? > Fuzzing is a probabilistic business and one or even two runs don't prove > much. > I've reproduced the behavior on two different machines. Attached is a script to do so. To use the script, - create an empty folder and copy both prune-blocks.sh and ff-http-parser.sh in there - ensure clang and clang++ are in your $PATH - cd /path/to/prune-blocks.sh
2016 Sep 21
2
-sanitizer-coverage-prune-blocks=true and LibFuzzer
...1640 > > Conclusions: > * testing a fuzzing engine is not trivial :( > * testing it on a very short run with a single seed may be misleading > > > BTW, I am also looking into more automation of libFuzzer testing. > With trace-pc-guard we now have libFuzzer's flag -print_coverage=1 that will print all the covered lines. > My hope is that this feature can be used for more detailed analysis of coverage differences. > > --kcc > > > On Wed, Sep 21, 2016 at 6:00 AM, Jonas Wagner <jonas.wagner at epfl.ch <mailto:jonas.wagner at epfl.ch>> wrote:...
2016 Sep 21
2
-sanitizer-coverage-prune-blocks=true and LibFuzzer
...sions: >> * testing a fuzzing engine is not trivial :( >> * testing it on a very short run with a single seed may be misleading >> >> >> BTW, I am also looking into more automation of libFuzzer testing. >> With trace-pc-guard we now have libFuzzer's flag -print_coverage=1 that will print all the covered lines. >> My hope is that this feature can be used for more detailed analysis of coverage differences. >> >> --kcc >> >> >> On Wed, Sep 21, 2016 at 6:00 AM, Jonas Wagner <jonas.wagner at epfl.ch <mailto:jonas.wagner a...