On Mon, May 26, 2014 at 01:53:57PM +0400, M.Kustova wrote: > About fuzzer effectiveness. 'qemu-img' was set as the fuzzer target, > so its commands under interest are any that modify or/and read an > image. As first step, a tested command will be selected randomly or > specified by user. After investigation of code coverage on the final > stage of the project additional constrains will be added to the > algorithm selecting blocks to be fuzzed.
I think that's a good idea. gcov can be used to put together a list of qemu-img command-lines that give good code coverage. Stefan