Issue 923411 link

Starred by 1 user

Issue metadata

Status:	Assigned
Owner:	metzman@chromium.org
Cc:	w...@chromium.org mmoroz@chromium.org kcc@chromium.org metzman@chromium.org mbarbe...@chromium.org infe...@chromium.org och...@chromium.org
Components:	Tools>Stability>libFuzzer
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	2
Type:	Bug

LLVMFuzzerInitialize is too attractive to use for developers

Project Member Reported by metzman@chromium.org, Jan 18 (4 days ago)

Issue description

It is easy for devs to think they should be using LLVMFuzzerInitialize when they should be using static initalization, we should make it harder for devs to use it unnecessarily. Some ideas for this are:

* Documenting when it shouldn't be used - I have doubts about how effective this will be since devs have used it without us documenting it.
* Fixing examples where it is unnecessary - I think this will help as devs are probably emulating other code.
* Make a clang static analyzer pass to catch uses of LLVMFuzzerInitialize that don't use argv or argc and turn this on during fuzzer builds - probably overkill but I suspect the most thorough solution.

Comment 1 by mmoroz@chromium.org, Jan 20 (2 days ago)

Yeah, documenting that it shouldn't be used in most of the cases likely won't help, as we have a preferred solution documented: https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/efficient_fuzzer.md#initialization_cleanup

It might be worth moving it to the Getting Started Guide though.

I feel like we have recently fixed some cases where it wasn't necessary, but it would be nice to double check and fix if needed.

►

Issue 923411 link

Issue metadata

LLVMFuzzerInitialize is too attractive to use for developers

Issue description

Comment 1 by mmoroz@chromium.org, Jan 20 (2 days ago)

Comment 1 Deleted

Sign in to add a comment