From fee6f0e772e012453b3d2167072f0efc011d82e2 Mon Sep 17 00:00:00 2001
From: Xinhao Yuan <xinhaoyuan@google.com>
Date: Thu, 11 Jun 2026 12:19:24 -0700
Subject: [PATCH] Update with target config before invoking Centipede.

So that Centipede gets proper flags instead of the serialized target config. Makes it easier for people to understand/debug.

PiperOrigin-RevId: 930671475
---
 centipede/centipede_flags.inc          |  4 +++-
 centipede/centipede_interface.cc       | 10 ++++++++--
 fuzztest/internal/centipede_adaptor.cc | 19 +++++++++++--------
 3 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/centipede/centipede_flags.inc b/centipede/centipede_flags.inc
index 5dda892a..f6d6da2e 100644
--- a/centipede/centipede_flags.inc
+++ b/centipede/centipede_flags.inc
@@ -456,7 +456,9 @@ CENTIPEDE_FLAG(
     std::string, fuzztest_configuration, "",
     "If set, deserializes the FuzzTest configuration from the value as a "
     "base64url string instead of querying the configuration via runner "
-    "callbacks. For FuzzTest framework only, do not use from end-users.")
+    "callbacks. Specially, if set to `(null)`, assumes no configuration "
+    "without querying the runner. For FuzzTest framework only, do not use from "
+    "end-users.")
 CENTIPEDE_FLAG(
     bool, list_crash_ids, false,
     "If set, lists the crash IDs of a single test of the binary to the "
diff --git a/centipede/centipede_interface.cc b/centipede/centipede_interface.cc
index 386e9222..0131ab60 100644
--- a/centipede/centipede_interface.cc
+++ b/centipede/centipede_interface.cc
@@ -764,7 +764,9 @@ int CentipedeMain(const Environment& env,
       // TODO: b/410051414 Use Centipede flags to pass necessary information
       // instead of passing the entirely serialized Configuration once switched
       // to the unified execution model.
-      if (!env.fuzztest_configuration.empty()) {
+      if (env.fuzztest_configuration == "(null)") {
+        return "";
+      } else if (!env.fuzztest_configuration.empty()) {
         std::string result;
         FUZZTEST_CHECK(
             absl::WebSafeBase64Unescape(env.fuzztest_configuration, &result));
@@ -775,7 +777,11 @@ int CentipedeMain(const Environment& env,
     }();
     Environment updated_env = env;
     if (updated_env.fuzztest_corpus_database.empty()) {
-      FUZZTEST_CHECK_OK(serialized_target_config.status());
+      if (!serialized_target_config.ok()) {
+        FUZZTEST_LOG(ERROR) << "Failed to get the serialized target config: "
+                            << serialized_target_config.status();
+        return EXIT_FAILURE;
+      }
       if (!serialized_target_config->empty()) {
         const auto target_config =
             fuzztest::internal::Configuration::Deserialize(
diff --git a/fuzztest/internal/centipede_adaptor.cc b/fuzztest/internal/centipede_adaptor.cc
index bc505a6a..aafc9e0d 100644
--- a/fuzztest/internal/centipede_adaptor.cc
+++ b/fuzztest/internal/centipede_adaptor.cc
@@ -269,8 +269,8 @@ fuzztest::internal::Environment CreateCentipedeEnvironmentFromConfiguration(
         std::string{test_name}};
     single_test_configuration.time_limit = total_time_limit;
     single_test_configuration.time_budget_type = TimeBudgetType::kTotal;
-    env.fuzztest_configuration =
-        absl::WebSafeBase64Escape(single_test_configuration.Serialize());
+    env.UpdateWithTargetConfig(single_test_configuration);
+    env.fuzztest_configuration = "(null)";
   }
 
   absl::StrAppend(&env.binary,
@@ -390,6 +390,8 @@ void InstallCentipedeTerminationHandler() {
 
 int RunCentipede(const Environment& env,
                  const std::optional<std::string>& centipede_command) {
+  FUZZTEST_CHECK(!IsCentipedeRunner())
+      << "Unexpected RunCentipede() in runner mode.";
   if (Runtime::instance().termination_requested()) {
     absl::FPrintF(GetStderr(),
                   "Not running Centipede due to termination requested - "
@@ -908,11 +910,6 @@ bool CentipedeFuzzerAdaptor::Run(int* argc, char*** argv, RunMode mode,
           CentipedeSetFailureDescription(std::string{crash_type}.c_str());
         });
   }
-  if (!configuration.corpus_database.empty() &&
-      configuration.crashing_input_to_reproduce.has_value() &&
-      configuration.replay_in_single_process) {
-    return ReplayCrashInSingleProcess(configuration);
-  }
   if (runner_mode) {
     std::optional<int> result;
     fuzzer_impl_.fixture_driver_->RunFuzzTest([&, this]() {
@@ -928,7 +925,13 @@ bool CentipedeFuzzerAdaptor::Run(int* argc, char*** argv, RunMode mode,
     FUZZTEST_CHECK(result.has_value())
         << "No result is set for running fuzz test";
     return *result == EXIT_SUCCESS;
-  } else if (is_running_property_function_in_this_process) {
+  }
+  if (!configuration.corpus_database.empty() &&
+      configuration.crashing_input_to_reproduce.has_value() &&
+      configuration.replay_in_single_process) {
+    return ReplayCrashInSingleProcess(configuration);
+  }
+  if (is_running_property_function_in_this_process) {
     // If `is_running_property_function_in_this_process` holds at this point. We
     // assume it is for `ReplayInputsIfAvailable` to handle `FUZZTEST_REPLAY`
     // and `FUZZTEST_MINIMIZE_REPRODUCER`, which Centipede does not support.