Missing "Functions Statically Reachable" in Introspector Report #1010
Comments
|
There are a couple of issues at place, but I have some progress which I'll add for now, although I will try and come up with something better in the near future. The first issue is due to some limitations in fuzz introspector's way of recognizing which modules are used. This can be overcome by helping fuzz introspector in identifying which package is being analysed. If you add this line to the export PYFUZZPACKAGE=$SRC/croniter/src/croniterThen you will see something more meaningful, and my calltrees grow to size ~70/~80 for two of the fuzzers. Can you confirm? The other issue at play is probably a deeper limitation in the callgraph analysis -- I'll need some more time to go over this though. |
|
Thanks, setting that variable gives an initial improvement
|
Work around for issue resolving croniter function names, see ossf/fuzz-introspector#1010 . Setting the `PYFUZZPACKAGE` environment variable takes coverage from `2/48` functions reachable to an improved `22/48` reachable. I've also updated how croniter is imported to have a higher number of matches. There are still some issues in the callgraph analysis but this is a big improvement in the metrics.
Looking at a recent croniter coverage report https://storage.googleapis.com/oss-fuzz-introspector/croniter/inspector-report/20230501/fuzz_report.html the "Functions Statically Reachable" is very low
2/48.However function coverage is pretty good. It looks like there are lots of functions that are counted as having coverage but not being "Reached by Fuzzers".
Picking
croniter.croniter.croniter.get_nextas a example, which is lines 191-193. We can see clear coverage in fuzz_iter - all_cov.json.The text was updated successfully, but these errors were encountered: