Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

include config and logging in final report #176

Open
DavidKorczynski opened this issue Apr 2, 2022 · 3 comments
Open

include config and logging in final report #176

DavidKorczynski opened this issue Apr 2, 2022 · 3 comments
Assignees

Comments

@DavidKorczynski
Copy link
Contributor

include configs and logs in the final report

This is useful to track, for instance, which functions were discarded from the analysis

@DavidKorczynski
Copy link
Contributor Author

Somewhat related: #468 We need improved metadata in the UI which can be used to trace/track/compare reports.

@evverx
Copy link
Contributor

evverx commented Aug 15, 2022

We need improved metadata in the UI which can be used to trace/track/compare reports

Agreed. I think configs should be included in reports because they should be more or less the same everywhere but links to logs would depend on where reports were built. Usually it's OSS-Fuzz but FI can be used outside of OSS-Fuzz too and I think it would be better if optional links like that could be configurable by passing them explicitly somewhere or something like that.

@evverx
Copy link
Contributor

evverx commented Aug 15, 2022

FWIW I think that even though FI reports are the main way to interact with FI it could (in theory) be used to automate issues like google/oss-fuzz#7190 (where two snapshots of the same project should be compared). That particular issue could have been found by comparing coverage collected at runtime but combined with the static analysis it would be much more useful in general because it would cover scenarios where coverage is seemingly the same (or maybe even a bit better) but it can't keep up with new code that is suddenly reachable but isn't covered at all. I'm just spitballing but all in all I'm not sure FI should limit itself to reports on OSS-Fuzz (though I understand that it's the main use case) :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants