Bazel + junit Fuzz Tests

[asudhak]

When running Junit Fuzz Tests triggered using bazel test libfuzzer appears to look for the .cifuzz-corpus in a temp directory under /private/var/tmp/ and also places the crashes in a subdir of /private/var/tmp/ which gets purged after a run.

Is there a right way of specifying a different directory for Jazzer/Libfuzzer to use for the corpus and the reproducers ?

Follow up question - similarly, how do you pass other Jazzer flags such as --keep_going=N when using junit/bazel ?

[bertschneider]

You can try to set jazzer.internal.basedir in junit-platform.properties to change the directory in which .cifuzz-corpus is placed. That being said, using bazel test should execute JUnit in a sandbox and clean up afterwards, shouldn't it?

Jazzer's JUnit integration does not create a dedicated reproduces, as it's quite easy to reproduce findings via JUnit IDE plugins. With those you can execute/debug only specific inputs.

Currently, there is no dedicated, nor easy, way to pass on arguments to libfuzzer through JUnit fuzz tests. Apparently this works, but is less that ideal.

[ghost]

@asudhak - was the suggestion from @bertschneider helpful?
We can give you more detailed support on a call/over email and try other options for you. Just need to understand in detail what you are trying to achieves, and we can give the best options to solve.
Ping me? david[dot]merian [at] code-intelligence[dot]com