From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:51425) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RLtiO-0005lU-OH for qemu-devel@nongnu.org; Thu, 03 Nov 2011 05:36:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1RLtiN-0000ZW-BJ for qemu-devel@nongnu.org; Thu, 03 Nov 2011 05:36:04 -0400 Received: from mel.act-europe.fr ([194.98.77.210]:35868) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1RLtiM-0000ZM-VE for qemu-devel@nongnu.org; Thu, 03 Nov 2011 05:36:03 -0400 Message-ID: <4EB26060.4060003@adacore.com> Date: Thu, 03 Nov 2011 10:35:28 +0100 From: Fabien Chouteau MIME-Version: 1.0 References: <4639B135-B96A-43A0-B4FA-6DDCBE3FBA92@suse.de> <4EB1805F.6030701@adacore.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] GSoC mentor summit QEMU users session List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Stefan Hajnoczi Cc: =?ISO-8859-1?Q?Llu=EDs_Vilanova?= , Alexander Graf , "qemu-devel@nongnu.org Developers" On 03/11/2011 08:44, Stefan Hajnoczi wrote: > On Wed, Nov 2, 2011 at 5:39 PM, Fabien Chouteau wrote: >> On 29/10/2011 15:52, Alexander Graf wrote: >>> The RTEMS guys use QEMU to do coverage testing of their kernel code. >>> They run their test-cases and see if all of their code and branches >>> have been hit. Adacore seems to have a patches version of QEMU to >>> provide an easily parsable log file for that sort of thing. Might be a >>> good idea to consolidate upstream. Patches welcome :) >> >> That's right we do have a coverage analysis solution based on Qemu. >> Execution traces generated by Qemu are analyzed by the GNATcoverage >> tool to provide object, statement, decision or Modified >> Condition/Decision coverage analysis. >> >> The main interest of Qemu is to provide execution traces without >> code instrumentation. >> >> Alex, it is of course in our plans to submit patches to the upstream Qemu ;) >> >> I give you some pointers if you want to find more on GNATcoverage (technical stuff :) >> >> * GNATcoverage is hosted on forge.open-do.org. You can checkout the >> repository with: >> >> $ svn checkout svn://scm.forge.open-do.org/scmrepos/svn/couverture/trunk/couverture >> >> From there, you have >> * the tool source tree in "tools" >> * a synthesis article in "publications" : 201005-erts2.pdf >> >> * GNATcov's documentation attached to this email > > Thanks for mentioning Couverture. Just yesterday I talked to neo_1987 > on IRC who is trying to get QEMU /w couverture to work for him. Great, good to know! > We ran into a little bit of confusion because the -trace command-line > option is also used in upstream QEMU but for a different purpose > (http://wiki.qemu.org/Features/Tracing). > We had the same problem, the option is now -exec-trace. Checkout the qemu-head branch of https://forge.open-do.org/anonscm/git/couverture-qemu/couverture-qemu.git > I took a quick peak at the qemu-trace.[ch] from couverture and it > looks along the lines of the instrumentation that others have been > doing too. I hope you have time to propose the coverage > instrumentation for upstream QEMU. > I don't know much about other instrumentations in Qemu (pointers are welcome :), but what we have in couverture-qemu is not trivial, especially when it comes to MC/DC analysis. You should take a look at 201005-erts2.pdf if you want technical details. -- Fabien Chouteau