run until end of LLVMFuzzerTestOneInput for collecting coverage (#713)

microsoft · Mar 23, 2021 · 2b61256 · 2b61256
1 parent 516b1e0
commit 2b61256
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/src/agent/script/win64/libfuzzer-coverage/DumpCounters.js b/src/agent/script/win64/libfuzzer-coverage/DumpCounters.js
@@ -98,8 +98,14 @@ function dumpCounters(results_dir, should_disable_sympath) {
     // Disable FCE from sanitizers.
     execute("sxd av");
 
-    // Run to exit break in `ntdll!NtTerminateProcess`.
-    execute("g");
+    // Run until `LLVMFuzzerTestOneInput()`.
+    // This makes us unlikely to have unloaded any modules that the user dynamically loaded,
+    // and so we will still be able to dump the coverage tables for those modules.
+    execute("bm *!LLVMFuzzerTestOneInput")
+    execute("g")
+
+    // run until return from this context
+    execute("pt")
 
     let found = false;
     host.currentProcess.Modules.All(function (module) {