diff options
author | Abhishek Arya <inferno@chromium.org> | 2020-07-24 16:41:45 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-24 16:41:45 -0700 |
commit | dbeab81f5d10a2b0c8c1715c48132fc631c52699 (patch) | |
tree | 8fdd4ea19265049656914d9289b370cf290aeed2 /docs | |
parent | 793ed709079f9b409c06413c196df4d94c105b6d (diff) | |
download | oss-fuzz-dbeab81f5d10a2b0c8c1715c48132fc631c52699.tar.gz |
Add corpus-dir to run_fuzzer, for later use in coverage cmd. (#4191)
* Add corpus-dir to run_fuzzer, for later use in coverage cmd.
* Update as per comment.
Diffstat (limited to 'docs')
-rw-r--r-- | docs/getting-started/new_project_guide.md | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/docs/getting-started/new_project_guide.md b/docs/getting-started/new_project_guide.md index 17ff2376f..5e752e7b0 100644 --- a/docs/getting-started/new_project_guide.md +++ b/docs/getting-started/new_project_guide.md @@ -306,11 +306,23 @@ You can build your docker image and fuzz targets locally, so you can test them b 3. If you want to test changes against a particular fuzz target, run the following command: ```bash - $ python infra/helper.py run_fuzzer $PROJECT_NAME <fuzz_target> + $ python infra/helper.py run_fuzzer $PROJECT_NAME <fuzz_target> --corpus-dir=<path-to-temp-corpus-dir> ``` -4. We recommend taking a look at your code coverage as a sanity check to make sure that your -fuzz targets get to the code you expect. Please refer to [code coverage]({{ site.baseurl }}/advanced-topics/code-coverage/). +4. We recommend taking a look at your code coverage as a sanity check to make +sure that your fuzz targets get to the code you expect. This would use the +corpus generated from the previous `run_fuzzer` step in your local corpus +directory. + + ```bash + $ python infra/helper.py build_fuzzers --sanitizer coverage $PROJECT_NAME + $ python infra/helper.py coverage $PROJECT_NAME --fuzz-target=<fuzz_target> --corpus-dir=<path-to-temp-corpus-dir> + ``` + +Please refer to +[code coverage]({{ site.baseurl }}/advanced-topics/code-coverage/) for detailed +information on code coverage generation. + **Note:** Currently, we only support AddressSanitizer (address) and UndefinedBehaviorSanitizer (undefined) configurations. MemorySanitizer is recommended, but needs to be enabled manually once you verify |