diff options
| author | Fabian Meumertzheim <meumertzheim@code-intelligence.com> | 2022-08-12 14:51:23 +0200 |
|---|---|---|
| committer | Fabian Meumertzheim <fabian@meumertzhe.im> | 2022-08-15 17:29:20 +0200 |
| commit | 08b6c8b71f6e5b65c0ef84d16f51be93c303b481 (patch) | |
| tree | 0147142d01546b512ac7df6362062ea508e8e076 /driver | |
| parent | b7837adbd3d34b02a39aaa2d6bad20c95c6be86c (diff) | |
| download | jazzer-api-08b6c8b71f6e5b65c0ef84d16f51be93c303b481.tar.gz | |
driver: Remove unnecessary and ineffective coverage replay
In the newest version, libFuzzer no longer exits when no coverage is
attained during the first two executions, so replaying coverage is no
longer needed. According to the newly added test, replaying the coverage
actually wasn't effective.
Diffstat (limited to 'driver')
| -rw-r--r-- | driver/src/main/java/com/code_intelligence/jazzer/driver/FuzzTargetRunner.java | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/driver/src/main/java/com/code_intelligence/jazzer/driver/FuzzTargetRunner.java b/driver/src/main/java/com/code_intelligence/jazzer/driver/FuzzTargetRunner.java index 0cda6d25..aedf8eb6 100644 --- a/driver/src/main/java/com/code_intelligence/jazzer/driver/FuzzTargetRunner.java +++ b/driver/src/main/java/com/code_intelligence/jazzer/driver/FuzzTargetRunner.java @@ -67,7 +67,6 @@ public final class FuzzTargetRunner { private static final MethodHandle fuzzTarget; public static final boolean useFuzzedDataProvider; private static final ReproducerTemplate reproducerTemplate; - private static long runCount = 0; static { String targetClassName = determineFuzzTargetClassName(); @@ -133,6 +132,9 @@ public final class FuzzTargetRunner { } if (Opt.hooks) { + // libFuzzer will clear the coverage map after this method returns and keeps no record of the + // coverage accumulated so far (e.g. by static initializers). We record it here to keep it + // around for JaCoCo coverage reports. CoverageRecorder.updateCoveredIdsWithCoverageMap(); } @@ -159,15 +161,6 @@ public final class FuzzTargetRunner { * this is always 0. The function may exit the process instead of returning. */ public static int runOne(byte[] data) { - if (Opt.hooks && runCount < 2) { - runCount++; - // For the first two runs only, replay the coverage recorded from static initializers. - // libFuzzer cleared the coverage map after they ran and could fail to see any coverage, - // triggering an early exit, if we don't replay it here. - // https://github.com/llvm/llvm-project/blob/957a5e987444d3193575d6ad8afe6c75da00d794/compiler-rt/lib/fuzzer/FuzzerLoop.cpp#L804-L809 - CoverageRecorder.replayCoveredIds(); - } - Throwable finding = null; try { if (useFuzzedDataProvider) { |