Move control path selection from fuzzer runtime to fuzzer rendering time

albertZhangTJ / sqlancer-lancerfuzz

SQLancer, with grammar-based fuzzing capability

http://www.sqlancer.com/

MIT License

1 stars 0 forks source link

Move control path selection from fuzzer runtime to fuzzer rendering time #16

Open albertZhangTJ opened 9 months ago

albertZhangTJ commented 9 months ago

Currently we are using same template for each kind of node and modify the control flow using boolean values rendered into fuzzer code. This will lead to a lot of dead code such as

if (false){
    if (false){
        //...
    }
    else {
        //...
    }
}

Despite these will be optimized away by compiler thus does not affect execution efficiency, it is still desirable to forward these overhead to fuzzer rendering time and generate neater and more readable code.

albertZhangTJ commented 4 months ago

This might not be much of a performance improvement as expected since Java compiler/runtime is already doing a pretty good job at optimizing away the unused/unreachable paths.