Code coverage analysis has become a standard approach in software development, facilitating the assessment of test suite effectiveness, the identification of under-tested code segments, and the discovery of performance bottlenecks. When code coverage of software for embedded systems needs to be measured, conventional approaches quickly meet their limits. A commonly used approach involves instrumenting the source files with added code that collects and dumps coverage information during runtime. This inserted code usually relies on the existence of an operating and a file system to dump the collected data. These features are not available for bare-metal programs that are executed on embedded systems. To overcome this issue, we present NQC2, a plugin for QEMU.NQC2 extracts coverage information from QEMU during runtime and stores them into a file on the host machine. This approach is even compatible with modified QEMU versions and does not require target-software instrumentation. NQC2 outperforms a comparable approach from Xilinx by up to 8.5 x.

翻译：代码覆盖率分析已成为软件开发中的标准方法，有助于评估测试套件的有效性、识别测试不足的代码段以及发现性能瓶颈。当需要测量嵌入式系统软件的代码覆盖率时，传统方法很快会遇到其局限性。一种常用方法涉及在源文件中插入额外代码，以在运行时收集和转储覆盖率信息。这些插入的代码通常依赖于操作系统和文件系统的存在来转储收集的数据。然而，在嵌入式系统上执行的裸机程序并不具备这些功能。为克服此问题，我们提出了NQC2，一种用于QEMU的插件。NQC2在运行时从QEMU提取覆盖率信息，并将其存储到主机上的文件中。该方法甚至与修改后的QEMU版本兼容，且无需对目标软件进行插桩。NQC2的性能较赛灵思的可比方法提升高达8.5倍。