oss-fuzz icon indicating copy to clipboard operation
oss-fuzz copied to clipboard

Published 20 hours ago verified publisher icon google

Non-zero return values from LLVMFuzzerTestOneInput should be discouraged

Open phi-go opened this issue 10 months ago • 1 comments

Hi, I was investigating a fuzzer target/harness that for some reason failed to create any meaningful coverage. Turns out that libFuzzer discards any inputs where the return value for LLVMFuzzerTestOneInput is non-zero and not only for -1. The documentation for libFuzzer only mentions 0 and -1, while other values are "undefined". While it seems that for Honggfuzz the return value is ignored https://github.com/google/oss-fuzz/issues/11983. This is not documented directly for OSS-Fuzz and as this seems like an easy and potentially severe mistake to make I think the documentation should be expanded.

The use of non-zero exit codes is also something that could potentially be detected and warned of automatically, is this something that you would be interested in?

phi-go avatar Jan 22 '25 12:01 phi-go

I added a PR to update the docs here https://github.com/google/oss-fuzz/pull/12955

phi-go avatar Jan 22 '25 12:01 phi-go

The PR is merged

phi-go avatar Jul 07 '25 07:07 phi-go