Open thealberto opened 9 months ago
Hi,
I managed to obtain the file following this documentation. The problem is that if I run the fuzzer with --fuzz
it run forever even if I use --fuzz_for=3s
so the profraw
is never generated.
Any idea on how to solve it?
Thanks for flagging this!
You need to use either --fuzz
or --fuzz_for
, they are mutually exclusive.
We need to check and alert if both flags are set, or maybe we need to change the semantics so that they are not mutually exclusive.
Hi @lszekeres , Happy to help. In my opinion they shouldn't be mutually exclusive so a user could decide which fuzztest to run and how long.
What do you think?
Thanks
Sorry, I misspoke, they can be combined:
I initially understood that the problem was that when you use the two flags together the process doesn't stop. But I think that's not what you meant.
No worries. In the end I now have coverage via the coverage.py file so
If I remember properly even with fuzz_for=3s
the fuzztest didn't stop.
@lszekeres , I had some time and I tried again.
I'm running the fuzzer in this way:
➜ src git:(ccbeb246d2fd) python3 tools/code_coverage/coverage.py vpx_custom_fuzzer \
-b out/asan -o out/report \
-c 'out/asan/vpx_custom_fuzzer --fuzz= --fuzz_for=10s' -f third_party/libvpx
As output I have the following
FUZZTEST_PRNG_SEED=dYUrvZw8g1cSzbKjA6fHBn5d-C8RvzIjezvrE89-4K0
INFO: found LLVMFuzzerCustomMutator (0x556d774ddf00). Disabling -len_control by default.
INFO: libFuzzer ignores flags that start with '--'
INFO: Running with entropic power schedule (0xFF, 100).
Is it possible to pass some sort of timeout for the entire fuzzing process?
I have tried to find an option with no luck.
Thanks
Hi all, I'm trying to get the code coverage of a simple test fuzzer but I cannot obtain a `.profraw" file.
I have enabled
-fprofile-instr-generate
and-fcoverage-mapping
in theBUILD.gn
file.I have tried the following so far