On 6/17/21 9:53 PM, Alexander Bulekov wrote:
> By default, -fsanitize=fuzzer instruments all code with coverage
> information. However, this means that libfuzzer will track coverage over
> hundreds of source files that are unrelated to virtual-devices. This
> means that libfuzzer will optimize inputs for coverage observed in timer
> code, memory APIs etc. This slows down the fuzzer and stores many inputs
> that are not relevant to the actual virtual-devices.
>
> With this change, clang will only instrument a subset of the compiled
> code, that is directly related to virtual-devices.
>
> Signed-off-by: Alexander Bulekov <alx...@bu.edu>
> ---
> configure | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/configure b/configure
> index debd50c085..40412bcfcf 100755
> --- a/configure
> +++ b/configure
> @@ -6089,6 +6089,10 @@ if test "$fuzzing" = "yes" ; then
> # If LIB_FUZZING_ENGINE is set, assume we are running on OSS-Fuzz, and the
> # needed CFLAGS have already been provided
> if test -z "${LIB_FUZZING_ENGINE+xxx}" ; then
> + # Specify a filter to only instrument code that is directly related to
> + # virtual-devices.
> + QEMU_CFLAGS="$QEMU_CFLAGS
> -fsanitize-coverage-allowlist=$source_path/scripts/oss-fuzz/instrumentation-filter"
I'm getting:
cannot access 'scripts/oss-fuzz/instrumentation-filter': No such file or
directory
Did you forgot to add the file, or is this series based on another one?
Regards,
Phil.
