Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

LibFuzzer -runs= option gets used in LibFuzzer::verify() #1649

Closed
ranweiler opened this issue Feb 7, 2022 · 0 comments · Fixed by #1651
Closed

LibFuzzer -runs= option gets used in LibFuzzer::verify() #1649

ranweiler opened this issue Feb 7, 2022 · 0 comments · Fixed by #1651
Assignees
@ranweiler
Labels
bug Something isn't working

Comments

@ranweiler
Copy link
Member

The LibFuzzer wrapper has a verify() method for validating that a fuzzer doesn't crash against a corpus.

In the libfuzzer_fuzz task, we invoke it here.

If target_options contains the Libfuzzer -runs=N argument, we will test each randomly-selected input N times. We should expect values of N ranging 10k (for very leaky targets), to much higher.

We stopped passing -runs=N to the non-fuzzing tasks in thelibfuzzer basic template in #1610, but this doesn't fix our re-use of target_options for both fuzzing and input-testing in the verify() stage of libfuzzer_fuzz.
@ranweiler ranweiler added the bug Something isn't working label Feb 7, 2022
@ghost ghost added the Needs: triage label Feb 7, 2022
@ranweiler ranweiler mentioned this issue Feb 8, 2022
Merged
@mgreisen mgreisen assigned mgreisen and ranweiler and unassigned mgreisen Feb 10, 2022
@ghost ghost locked as resolved and limited conversation to collaborators Mar 30, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ranweiler ranweiler

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Force -runs=1 when invoking in repro mode ranweiler/onefuzz
2 participants
@ranweiler @mgreisen