|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 08/14] fuzz/x86_emulate: Add 'afl-cov' target
On Fri, Aug 25, 2017 at 05:43:37PM +0100, George Dunlap wrote: > ...to generate a "normal" coverage-instrumented binary, suitable for > use with gcov or afl-cov. > > This is slightly annoying because: > > - Every object file needs to have been instrumented to work > effectively > > - You generally want to have both an afl-instrumented binary and a > gcov-instrumented binary at the same time, but > > - gcov instrumentation and afl instrumentation are mutually exclusive > > So when making the `afl-cov` target, generate a second set of object > files and a second binary with the `-cov` suffix. > > Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx> > --- > CC: Ian Jackson <ian.jackson@xxxxxxxxxx> > CC: Wei Liu <wei.liu2@xxxxxxxxxx> > CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > CC: Jan Beulich <jbeulich@xxxxxxxx> > --- > .gitignore | 1 + > tools/fuzz/README.afl | 14 ++++++++++++++ > tools/fuzz/x86_instruction_emulator/Makefile | 19 ++++++++++++++++++- > 3 files changed, 33 insertions(+), 1 deletion(-) > > diff --git a/.gitignore b/.gitignore > index 594ffd9a7f..66bceb3ebe 100644 > --- a/.gitignore > +++ b/.gitignore > @@ -159,6 +159,7 @@ tools/fuzz/libelf/afl-libelf-fuzzer > tools/fuzz/x86_instruction_emulator/asm > tools/fuzz/x86_instruction_emulator/x86_emulate* > tools/fuzz/x86_instruction_emulator/afl-harness > +tools/fuzz/x86_instruction_emulator/afl-harness-cov > tools/helpers/_paths.h > tools/helpers/init-xenstore-domain > tools/helpers/xen-init-dom0 > diff --git a/tools/fuzz/README.afl b/tools/fuzz/README.afl > index 4758de2490..0d955b2687 100644 > --- a/tools/fuzz/README.afl > +++ b/tools/fuzz/README.afl > @@ -41,3 +41,17 @@ Use the x86 instruction emulator fuzzer as an example. > $ $AFLPATH/afl-fuzz -t 1000 -i testcase_dir -o findings_dir -- > ./afl-harness > > Please see AFL documentation for more information. > + > +# GENERATING COVERAGE INFORMATION > + > +To use afl-cov or gcov, you need a separate binary instrumented to > +generate coverage data. To do this, use the target `afl-cov`: > + > + $ make afl-cov #produces afl-harness-cov > + > +NOTE: Please also note that the coverage instrumentation hard-codes > +the absolute path for the instrumentation read and write files in the > +binary; so coverage data will always show up in the build directory no > +matter where you run the binary from. > + > +Please see afl-cov and/or gcov documentation for more information. > \ No newline at end of file > diff --git a/tools/fuzz/x86_instruction_emulator/Makefile > b/tools/fuzz/x86_instruction_emulator/Makefile > index 10009dc08f..629e191029 100644 > --- a/tools/fuzz/x86_instruction_emulator/Makefile > +++ b/tools/fuzz/x86_instruction_emulator/Makefile > @@ -23,19 +23,33 @@ x86_emulate_user.c x86_emulate_user.h: %: > > CFLAGS += $(CFLAGS_xeninclude) -D__XEN_TOOLS__ -I. > > +GCOV_FLAGS=--coverage > + > x86.h := asm/x86-vendors.h asm/x86-defns.h asm/msr-index.h > x86_emulate.h := x86_emulate_user.h x86_emulate/x86_emulate.h $(x86.h) > > x86_emulate_user.o: x86_emulate_user.c x86_emulate/x86_emulate.c > $(x86_emulate.h) > > +x86_emulate_user-cov.o: x86_emulate_user.c x86_emulate/x86_emulate.c > $(x86_emulate.h) The dependencies should be factored out and used by this and the non-gcov target. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |