diff options
author | Norbert Schneider <norbert.schneider@code-intelligence.com> | 2022-03-16 15:17:22 +0100 |
---|---|---|
committer | Norbert Schneider <mail@bertschneider.de> | 2022-03-21 12:17:35 +0100 |
commit | e865b3a1a794f4a78437f9de5a6901ebbc1cdbd6 (patch) | |
tree | fe9429ffe57a20f55a292c5a72c7cce4aaaca98a /README.md | |
parent | 5b470bb4ee41d925d100b16fcc9cb0009acb1a93 (diff) | |
download | jazzer-api-e865b3a1a794f4a78437f9de5a6901ebbc1cdbd6.tar.gz |
Build jacoco cli internally
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 46 |
1 files changed, 30 insertions, 16 deletions
@@ -473,30 +473,44 @@ via `--ignore=<token_1>,<token2>`. ### Export coverage information -The internally gathered JaCoCo coverage information can be exported in a human-readable and the JaCoCo dump format. -These can help identify code areas that can not be reached through fuzzing and perhaps need changes to make them more -accessible for the fuzzer. +The internally gathered JaCoCo coverage information can be exported in human-readable and JaCoCo execution data format +(`.exec`). These can help identify code areas that have not been covered by the fuzzer and thus may require more +comprehensive fuzz targets or a more extensive initial corpus to reach. The human-readable report contains coverage information, like branch and line coverage, on file level. It's useful to -get a quick overview about the overall coverage. The flag `--coverage_report=<file>` can be used to generate the report. - -Similar to the JaCoCo `dump` command the flag `--coverage_dump=<file>` specifies the coverage dump file, often called -`coverage.exec`, that should be generated after the fuzzing run. It contains a binary representation of the gathered -coverage data in the JaCoCo format. - -The JaCoCo `report` command can be used to generate reports based on the coverage dump. For example the -following command generates an HTML report in the folder `./report/` containing all classes available in `classes.jar` -and their coverage as captured in the export `coverage.exec`. +get a quick overview about the overall coverage. The flag `--coverage_report=<file>` can be used to generate it. + +Similar to the JaCoCo `dump` command, the flag `--coverage_dump=<file>` specifies a coverage dump file, often called +`jacoco.exec`, that is generated after the fuzzing run. It contains a binary representation of the gathered coverage +data in the JaCoCo format. + +The JaCoCo `report` command can be used to generate reports based on this coverage dump. **Note:** The version of the +JaCoCo agent used by Jazzer internally differs slightly from the official one. As a result, a similarly modified version +of the JaCoCo CLI tool has to be used to generate correct reports. The correct version is available at its +[release page](https://github.com/CodeIntelligenceTesting/jacoco/releases) as `zip` file. The report tool is located in +the `lib` folder and can be used as described in the JaCoCo +[CLI documentation](https://www.eclemma.org/jacoco/trunk/doc/cli.html). For example the following command generates an +HTML report in the folder `report` containing all classes available in `classes.jar` and their coverage as captured in +the export `coverage.exec`. Source code to include in the report is searched for in `some/path/to/sources`. +After execution the `index.html` file in the output folder can be opened in a browser. ```shell -java -jar jacococli.jar report coverage.exec \ +java -jar path/to/jacococli.jar report coverage.exec \ --classfiles classes.jar \ --sourcefiles some/path/to/sources \ - --html ./report/ \ + --html report \ --name FuzzCoverageReport ``` -More information about coverage report generation is available on the JaCoCo -[CLI documentation](https://www.eclemma.org/jacoco/trunk/doc/cli.html) page. +Furthermore, it's also possible to directly use the CLI tools of the internal JaCoCo version via Bazel with the target +`@jazzer_jacoco//:jacoco_cli`. The following command builds an HTML report similar to the one mentioned above: +```shell +bazel run @jazzer_jacoco//:jacoco_cli -- \ + report /coverage.exec \ + --classfiles /classes.jar \ + --sourcefiles /some/path/to/sources \ + --html /tmp/report/ \ + --name FuzzCoverageReport +``` ## Advanced fuzz targets |