clusterfuzz icon indicating copy to clipboard operation
clusterfuzz copied to clipboard
verified publisher icon google

Feature request: allocate more time when minimizing long inputs

Open Dor1s opened this issue 6 years ago • 6 comments

This was requested in https://bugs.chromium.org/p/chromium/issues/detail?id=997940, //cc @pwnall

I think we're currently using a constant timeout for minimization. Should we consider increasing it for large testcases and maybe decreasing for smaller ones?

Dor1s avatar Aug 29 '19 15:08 Dor1s

Maybe just bump up for now. 180 feels too low. timeout = environment.get_value('LIBFUZZER_MINIMIZATION_TIMEOUT', 180)

inferno-chromium avatar Aug 29 '19 15:08 inferno-chromium

I'm thinking for large testcases (e.g. more than 10KBs) we could try to allocate up to an hour? But don't want to spend that much for smaller things :/

Dor1s avatar Aug 29 '19 15:08 Dor1s

It would be nice if developers could override this from the console where we see the bugs. This saves you from having to come up with a threshold that works for all fuzzers, and lets you be judicious about spending compute -- when someone asks for a minimization, you know that the bug is being looked at.

pwnall avatar Aug 31 '19 03:08 pwnall

A little bump up has been done in https://github.com/google/clusterfuzz/pull/1059

inferno-chromium avatar Sep 30 '19 19:09 inferno-chromium

Sorry I still didn't get to it. Wanted to gather some data on how long we need to minimize depending on the size of the input, and didn't have time to run such experiments.

Dor1s avatar Sep 30 '19 19:09 Dor1s

No worries, 3 min is crazy low anyway, so bumpup was necessary.

inferno-chromium avatar Sep 30 '19 19:09 inferno-chromium