blob: 76d2b6139a77b3c88d1ab526738269101d8afdca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
# Code that we actually want the fuzzer to target
# See: https://clang.llvm.org/docs/SanitizerCoverage.html#disabling-instrumentation-without-source-modification
#
src:*/hw/*
src:*/include/hw/*
src:*/slirp/*
src:*/net/*
# We don't care about coverage over fuzzer-specific code, however we should
# instrument the fuzzer entry-point so libFuzzer always sees at least some
# coverage - otherwise it will exit after the first input
src:*/tests/qtest/fuzz/fuzz.c
# Enable instrumentation for all functions in those files
fun:*
|
