This is an archive of the discontinued LLVM Phabricator instance.

Differential D145672

[libfuzzer] add test of cov file-id in control file
ClosedPublic

Authored by yingcong-wu on Mar 9 2023, 1:17 AM.

Details

Reviewers
kcc
vitalybuka
Commits
rGc2df1d8a6d1c: [libfuzzer] add test of cov file-id in control file
Summary

There is test for ft file-id in control file, but no test for cov line.
Without the test, a invalid cov file-id would cause crash.

Diff Detail

Event Timeline

yingcong-wu created this revision.Mar 9 2023, 1:17 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 9 2023, 1:17 AM
Herald added a subscriber: Enna1. · View Herald Transcript
yingcong-wu requested review of this revision.Mar 9 2023, 1:17 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 9 2023, 1:17 AM
Herald added a subscriber: Restricted Project. · View Herald Transcript
yingcong-wu added a reviewer: vitalybuka.Mar 9 2023, 1:24 AM
Harbormaster completed remote builds in B218335: Diff 503685.Mar 9 2023, 2:37 AM
yingcong-wu updated this revision to Diff 506484.Mar 20 2023, 1:03 AM

add a comment to test

yingcong-wu added a comment.Mar 20 2023, 1:04 AM

Hi all, kindly ping.

Harbormaster completed remote builds in B220368: Diff 506484.Mar 20 2023, 1:27 AM
vitalybuka added inline comments.Mar 20 2023, 1:33 PM
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
113

this one is LGTM, and I see the test

123

but i am not sure what this condition for, and I guess it's not covered by test?
maybe it would be easier to understand with a test.

yingcong-wu added inline comments.Mar 20 2023, 6:25 PM
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
123

From the test I see that FT marker is required, but COV marker is optional. In the original code, LastSeenStartMarker also serves as a flag to mark if the FT marker is presented (by setting it to kInvalidStartMarker). However, because we want to keep LastSeenStartMarker's value to check with COV marker, so I add the HaveFtMarker as a flag to see if the FT marker is presented or not.

yingcong-wu updated this revision to Diff 506840.Mar 20 2023, 9:42 PM
yingcong-wu marked an inline comment as done.
  • set init value of HaveFtMarker to ture, for it's ok to not have any STARTED
Harbormaster completed remote builds in B220626: Diff 506840.Mar 20 2023, 10:07 PM
vitalybuka added inline comments.Mar 21 2023, 11:20 AM
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
123–126

I believe your code is equivalent to

if (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker)
  LastFailure = Files[LastSeenStartMarker].Name;

But as I see, the only way to have HaveFtMarker == false is to go through (Marker == "STARTED") so LastSeenStartMarker will be set.
So

LastFailure = Files[LastSeenStartMarker].Name;

will never happen

Would you like to extract HaveFtMarker change into a separate patch, with own test?

yingcong-wu added inline comments.Mar 21 2023, 10:25 PM
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
123–126

I don't see why

LastFailure = Files[LastSeenStartMarker].Name;

will never happen.

When going through (Marker == "STARTED"), HaveFtMarker is set to false and LastSeenStartMarker will have a meaningful value, assuming without going through (Marker == "FT"), then (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker) is true and LastFailure = Files[LastSeenStartMarker].Name; will happen.

But I see that the condition could be simplified as you suggested.

Also, I don't think it's a good idea to move HaveFtMarker change to another patch because without HaveFtMarker, this patch will break some LastFailure assertions in fuzzer unittest.

yingcong-wu added inline comments.Mar 21 2023, 10:30 PM
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
123–126

Also, it is difficult to write a test for HaveFtMarker, bacause:

  1. it does not introduce new behavior
  2. merge control with FT maker is ok, so it cannot be test with lit
  3. there are already unittest to test for LastFailure with merge control file which have STARTED but no FT
yingcong-wu updated this revision to Diff 507236.Mar 21 2023, 10:38 PM

simplify the LastFailure condition

Harbormaster completed remote builds in B220926: Diff 507236.Mar 21 2023, 10:57 PM
vitalybuka accepted this revision.Mar 22 2023, 9:49 PM
vitalybuka added inline comments.
compiler-rt/lib/fuzzer/FuzzerMerge.cpp
123–126

I don't see why

LastFailure = Files[LastSeenStartMarker].Name;

will never happen.

Thanks, you are correct.

When going through (Marker == "STARTED"), HaveFtMarker is set to false and LastSeenStartMarker will have a meaningful value, assuming without going through (Marker == "FT"), then (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker) is true and LastFailure = Files[LastSeenStartMarker].Name; will happen.

But I see that the condition could be simplified as you suggested.

Also, I don't think it's a good idea to move HaveFtMarker change to another patch because without HaveFtMarker, this patch will break some LastFailure assertions in fuzzer unittest.

If this fixes some assertions then we can count that as a test coverage.

This revision is now accepted and ready to land.Mar 22 2023, 9:49 PM
yingcong-wu added a comment.Mar 22 2023, 10:24 PM

Thank you. I will remember to mention if something is added to fix testes.

Closed by commit rGc2df1d8a6d1c: [libfuzzer] add test of cov file-id in control file (authored by yingcong-wu, committed by vitalybuka). · Explain WhyMar 22 2023, 10:56 PM
This revision was automatically updated to reflect the committed changes.
vitalybuka added a commit: rGc2df1d8a6d1c: [libfuzzer] add test of cov file-id in control file.

Revision Contents

PathSize
compiler-rt/
lib/
fuzzer/
8 lines
test/
fuzzer/
14 lines

Diff 507616

compiler-rt/lib/fuzzer/FuzzerMerge.cpp

Show First 20 LinesShow All 71 Lines▼ Show 20 Linesbool Merger::Parse(std::istream &IS, bool ParseCoverage) {
for (size_t i = 0; i < NumFiles; i++) for (size_t i = 0; i < NumFiles; i++)
if (!std::getline(IS, Files[i].Name, '\n')) if (!std::getline(IS, Files[i].Name, '\n'))
return false; return false;
// Parse STARTED, FT, and COV lines. // Parse STARTED, FT, and COV lines.
size_t ExpectedStartMarker = 0; size_t ExpectedStartMarker = 0;
const size_t kInvalidStartMarker = -1; const size_t kInvalidStartMarker = -1;
size_t LastSeenStartMarker = kInvalidStartMarker; size_t LastSeenStartMarker = kInvalidStartMarker;
bool HaveFtMarker = true;
std::vector<uint32_t> TmpFeatures; std::vector<uint32_t> TmpFeatures;
std::set<uint32_t> PCs; std::set<uint32_t> PCs;
while (std::getline(IS, Line, '\n')) { while (std::getline(IS, Line, '\n')) {
std::istringstream ISS1(Line); std::istringstream ISS1(Line);
std::string Marker; std::string Marker;
uint32_t N; uint32_t N;
if (!(ISS1 >> Marker) || !(ISS1 >> N)) if (!(ISS1 >> Marker) || !(ISS1 >> N))
return false; return false;
if (Marker == "STARTED") { if (Marker == "STARTED") {
// STARTED FILE_ID FILE_SIZE // STARTED FILE_ID FILE_SIZE
if (ExpectedStartMarker != N) if (ExpectedStartMarker != N)
return false; return false;
ISS1 >> Files[ExpectedStartMarker].Size; ISS1 >> Files[ExpectedStartMarker].Size;
LastSeenStartMarker = ExpectedStartMarker; LastSeenStartMarker = ExpectedStartMarker;
assert(ExpectedStartMarker < Files.size()); assert(ExpectedStartMarker < Files.size());
ExpectedStartMarker++; ExpectedStartMarker++;
HaveFtMarker = false;
} else if (Marker == "FT") { } else if (Marker == "FT") {
// FT FILE_ID COV1 COV2 COV3 ... // FT FILE_ID COV1 COV2 COV3 ...
size_t CurrentFileIdx = N; size_t CurrentFileIdx = N;
if (CurrentFileIdx != LastSeenStartMarker) if (CurrentFileIdx != LastSeenStartMarker)
return false; return false;
LastSeenStartMarker = kInvalidStartMarker; HaveFtMarker = true;
if (ParseCoverage) { if (ParseCoverage) {
TmpFeatures.clear(); // use a vector from outer scope to avoid resizes. TmpFeatures.clear(); // use a vector from outer scope to avoid resizes.
while (ISS1 >> N) while (ISS1 >> N)
TmpFeatures.push_back(N); TmpFeatures.push_back(N);
std::sort(TmpFeatures.begin(), TmpFeatures.end()); std::sort(TmpFeatures.begin(), TmpFeatures.end());
Files[CurrentFileIdx].Features = TmpFeatures; Files[CurrentFileIdx].Features = TmpFeatures;
} }
} else if (Marker == "COV") { } else if (Marker == "COV") {
size_t CurrentFileIdx = N; size_t CurrentFileIdx = N;
if (CurrentFileIdx != LastSeenStartMarker)
vitalybukaUnsubmitted
Done
ReplyInline Actions

this one is LGTM, and I see the test

vitalybuka: this one is LGTM, and I see the test
return false;
if (ParseCoverage) if (ParseCoverage)
while (ISS1 >> N) while (ISS1 >> N)
if (PCs.insert(N).second) if (PCs.insert(N).second)
Files[CurrentFileIdx].Cov.push_back(N); Files[CurrentFileIdx].Cov.push_back(N);
} else { } else {
return false; return false;
} }
} }
if (LastSeenStartMarker != kInvalidStartMarker) if (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker)
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

but i am not sure what this condition for, and I guess it's not covered by test?
maybe it would be easier to understand with a test.

vitalybuka: but i am not sure what this condition for, and I guess it's not covered by test? maybe it would…
yingcong-wuAuthorUnsubmitted
Done
ReplyInline Actions

From the test I see that FT marker is required, but COV marker is optional. In the original code, LastSeenStartMarker also serves as a flag to mark if the FT marker is presented (by setting it to kInvalidStartMarker). However, because we want to keep LastSeenStartMarker's value to check with COV marker, so I add the HaveFtMarker as a flag to see if the FT marker is presented or not.

yingcong-wu: From the test I see that FT marker is required, but COV marker is optional. In the original…
LastFailure = Files[LastSeenStartMarker].Name; LastFailure = Files[LastSeenStartMarker].Name;
FirstNotProcessedFile = ExpectedStartMarker; FirstNotProcessedFile = ExpectedStartMarker;
vitalybukaUnsubmitted
Not Done
ReplyInline Actions
return false;
}
}
- if (HaveFtMarker)
- LastSeenStartMarker = kInvalidStartMarker;
- if (LastSeenStartMarker != kInvalidStartMarker)
- LastFailure = Files[LastSeenStartMarker].Name;
FirstNotProcessedFile = ExpectedStartMarker;

I believe your code is equivalent to

if (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker)
  LastFailure = Files[LastSeenStartMarker].Name;

But as I see, the only way to have HaveFtMarker == false is to go through (Marker == "STARTED") so LastSeenStartMarker will be set.
So

LastFailure = Files[LastSeenStartMarker].Name;

will never happen

Would you like to extract HaveFtMarker change into a separate patch, with own test?

vitalybuka: I believe your code is equivalent to ``` if (!HaveFtMarker && LastSeenStartMarker !=…
yingcong-wuAuthorUnsubmitted
Done
ReplyInline Actions

I don't see why

LastFailure = Files[LastSeenStartMarker].Name;

will never happen.

When going through (Marker == "STARTED"), HaveFtMarker is set to false and LastSeenStartMarker will have a meaningful value, assuming without going through (Marker == "FT"), then (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker) is true and LastFailure = Files[LastSeenStartMarker].Name; will happen.

But I see that the condition could be simplified as you suggested.

Also, I don't think it's a good idea to move HaveFtMarker change to another patch because without HaveFtMarker, this patch will break some LastFailure assertions in fuzzer unittest.

yingcong-wu: I don't see why ``` LastFailure = Files[LastSeenStartMarker].Name; ``` will never happen.
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

I don't see why

LastFailure = Files[LastSeenStartMarker].Name;

will never happen.

Thanks, you are correct.

When going through (Marker == "STARTED"), HaveFtMarker is set to false and LastSeenStartMarker will have a meaningful value, assuming without going through (Marker == "FT"), then (!HaveFtMarker && LastSeenStartMarker != kInvalidStartMarker) is true and LastFailure = Files[LastSeenStartMarker].Name; will happen.

But I see that the condition could be simplified as you suggested.

Also, I don't think it's a good idea to move HaveFtMarker change to another patch because without HaveFtMarker, this patch will break some LastFailure assertions in fuzzer unittest.

If this fixes some assertions then we can count that as a test coverage.

vitalybuka: > I don't see why > ``` > LastFailure = Files[LastSeenStartMarker].Name; > ``` > will never…
yingcong-wuAuthorUnsubmitted
Done
ReplyInline Actions

Also, it is difficult to write a test for HaveFtMarker, bacause:

  1. it does not introduce new behavior
  2. merge control with FT maker is ok, so it cannot be test with lit
  3. there are already unittest to test for LastFailure with merge control file which have STARTED but no FT
yingcong-wu: Also, it is difficult to write a test for HaveFtMarker, bacause: # it does not introduce new…
return true; return true;
} }
size_t Merger::ApproximateMemoryConsumption() const { size_t Merger::ApproximateMemoryConsumption() const {
size_t Res = 0; size_t Res = 0;
for (const auto &F: Files) for (const auto &F: Files)
Res += sizeof(F) + F.Features.size() * sizeof(F.Features[0]); Res += sizeof(F) + F.Features.size() * sizeof(F.Features[0]);
return Res; return Res;
▲ Show 20 LinesShow All 405 LinesShow Last 20 Lines

compiler-rt/test/fuzzer/merge-control-file.test

Show First 20 LinesShow All 44 Lines▼ Show 20 Lines
RUN: echo STARTED 0 1 >> %t/MCF RUN: echo STARTED 0 1 >> %t/MCF
RUN: echo FT 0 11 >> %t/MCF RUN: echo FT 0 11 >> %t/MCF
RUN: echo STARTED 1 2 >> %t/MCF RUN: echo STARTED 1 2 >> %t/MCF
RUN: echo FT 1 12 >> %t/MCF RUN: echo FT 1 12 >> %t/MCF
RUN: echo STARTED 2 2 >> %t/MCF RUN: echo STARTED 2 2 >> %t/MCF
RUN: echo FT 2 13 >> %t/MCF RUN: echo FT 2 13 >> %t/MCF
RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=OK_3 RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=OK_3
OK_3: MERGE-OUTER: nothing to do, merge has been completed before OK_3: MERGE-OUTER: nothing to do, merge has been completed before
# Test for invalid COV file_id
RUN: rm -f %t/T1/*; cp %t/T0/* %t/T1
RUN: echo 3 > %t/MCF; echo 0 >> %t/MCF; echo %t/T1/1 >> %t/MCF; echo %t/T1/2 >> %t/MCF; echo %t/T1/3 >> %t/MCF
RUN: echo STARTED 0 1 >> %t/MCF
RUN: echo FT 0 11 >> %t/MCF
RUN: echo STARTED 1 2 >> %t/MCF
RUN: echo FT 1 12 >> %t/MCF
RUN: echo STARTED 2 2 >> %t/MCF
RUN: echo FT 2 13 >> %t/MCF
# Invalid file-id 21 here
RUN: echo COV 21 13 >> %t/MCF
RUN: %run %t/T.exe -merge=1 %t/T1 %t/T2 -merge_control_file=%t/MCF 2>&1 | FileCheck %s --check-prefix=COV_INVALID
COV_INVALID: MERGE-OUTER: bad control file, will overwrite it