This repository has been archived by the owner on Nov 1, 2023. It is now read-only.
Detect and distinguish dual-use libfuzzer args for fuzzing #1437
Labels
enhancement
New feature or request
When creating libfuzzer jobs, users may add
-runs=N
totarget_options
to try to handle situations like target code that leaks memory. This is fine and expected, and handled by thelibfuzzer_fuzz
task.However, when a libFuzzer is invoked in test case repro mode, the
-runs=N
option says "test the given input(s)N
times each". This is definitely not what we want in analysis tasks likecoverage
,libfuzzer_crash_report
, &c.Revisit our task arguments, and fix this end-user facing API. Make it easy (at the job template level) to clearly distinguish between libFuzzer args meant for fuzzing only, test case repro, or both. This is more easily avoided outside of templates, where tasks must be created individually.
The text was updated successfully, but these errors were encountered: