[libFuzzer] better docs for coverage

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@268656 91177308-0d34-0410-b5e6-96231b3b80d8
2024-11-27 21:50:29 +00:00 · 2016-05-05 18:07:09 +00:00 · 2016-05-05 18:07:09 +00:00 · b69177e91e
commit b69177e91e
parent 2677f2feeb
1 changed files with 8 additions and 5 deletions
--- a/docs/LibFuzzer.rst
+++ b/docs/LibFuzzer.rst
@ -598,12 +598,15 @@ You can get the coverage for your corpus like this:

 .. code-block:: console

-  ASAN_OPTIONS=coverage=1 ./fuzzer CORPUS_DIR -runs=0
+  ASAN_OPTIONS=coverage=1:html_cov_report=1 ./fuzzer CORPUS_DIR -runs=0

-This will run all the tests in the CORPUS_DIR but will not generate any new tests
-and dump covered PCs to disk before exiting.
-Then you can subtract the set of covered PCs from the set of all instrumented PCs in the binary,
-see SanitizerCoverage_ for details.
+This will run all tests in the CORPUS_DIR but will not perform any fuzzing.
+At the end of the process it will dump a single html file with coverage information.
+See SanitizerCoverage_ for details.
+
+You may also use other ways to visualize coverage,
+e.g. `llvm-cov <http://llvm.org/docs/CommandGuide/llvm-cov.html>`_, but those will require
+you to rebuild the code with different compiler flags. 

 User-supplied mutators
 ----------------------