view tests/test-fuzz-targets.t @ 49000:dd6b67d5c256 stable

rust: fix unsound `OwningDirstateMap` As per the previous patch, `OwningDirstateMap` is unsound. Self-referential structs are difficult to implement correctly in Rust since the compiler is free to move structs around as much as it wants to. They are also very rarely needed in practice, so the state-of-the-art on how they should be done within the Rust rules is still a bit new. The crate `ouroboros` is an attempt at providing a safe way (in the Rust sense) of declaring self-referential structs. It is getting a lot attention and was improved very quickly when soundness issues were found in the past: rather than relying on our own (limited) review circle, we might as well use the de-facto common crate to fix this problem. This will give us a much better chance of finding issues should any new ones be discovered as well as the benefit of fewer `unsafe` APIs of our own. I was starting to think about how I would present a safe API to the old struct but soon realized that the callback-based approach was already done in `ouroboros`, along with a lot more care towards refusing incorrect structs. In short: we don't return a mutable reference to the `DirstateMap` anymore, we expect users of its API to pass a `FnOnce` that takes the map as an argument. This allows our `OwningDirstateMap` to control the input and output lifetimes of the code that modifies it to prevent such issues. Changing to `ouroboros` meant changing every API with it, but it is relatively low churn in the end. It correctly identified the example buggy modification of `copy_map_insert` outlined in the previous patch as violating the borrow rules. Differential Revision: https://phab.mercurial-scm.org/D12429
author Raphaël Gomès <rgomes@octobus.net>
date Tue, 05 Apr 2022 10:55:28 +0200
parents 1d075b857c90
children
line wrap: on
line source

#require test-repo py3

  $ cd $TESTDIR/../contrib/fuzz
  $ OUT=$TESTTMP ; export OUT

which(1) could exit nonzero, but that's fine because we'll still end
up without a valid executable, so we don't need to check $? here.

  $ if which gmake >/dev/null 2>&1; then
  >     MAKE=gmake
  > else
  >     MAKE=make
  > fi

  $ havefuzz() {
  >     cat > $TESTTMP/dummy.cc <<EOF
  > #include <stdlib.h>
  > #include <stdint.h>
  > int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { return 0; }
  > int main(int argc, char **argv) {
  >     const char data[] = "asdf";
  >     return LLVMFuzzerTestOneInput((const uint8_t *)data, 4);
  > }
  > EOF
  >     $CXX $TESTTMP/dummy.cc -o $TESTTMP/dummy \
  >        -fsanitize=fuzzer-no-link,address || return 1
  > }

Try to find a python3-config that's next to our sys.executable. If
that doesn't work, fall back to looking for a global python3-config
and hope that works out for the best.
  $ PYBIN=`"$PYTHON" -c 'import sys, os; print(os.path.dirname(sys.executable))'`
  $ if [ -x "$PYBIN/python3-config" ] ; then
  >   PYTHON_CONFIG="$PYBIN/python3-config"
  > else
  >   PYTHON_CONFIG="`which python3-config`"
  > fi

#if clang-libfuzzer
  $ CXX=clang++ havefuzz || exit 80
  $ $MAKE -s clean all PYTHON_CONFIG="$PYTHON_CONFIG"
#endif
#if no-clang-libfuzzer clang-6.0
  $ CXX=clang++-6.0 havefuzz || exit 80
  $ $MAKE -s clean all CC=clang-6.0 CXX=clang++-6.0 PYTHON_CONFIG="$PYTHON_CONFIG"
#endif
#if no-clang-libfuzzer no-clang-6.0
  $ exit 80
#endif

  $ cd $TESTTMP

Run each fuzzer using dummy.cc as a fake input, to make sure it runs
at all. In the future we should instead unpack the corpus for each
fuzzer and use that instead.

  $ for fuzzer in `ls *_fuzzer | sort` ; do
  >   echo run $fuzzer...
  >   ./$fuzzer dummy.cc > /dev/null 2>&1 
  > done
  run bdiff_fuzzer...
  run dirs_fuzzer...
  run dirstate_fuzzer...
  run fm1readmarkers_fuzzer...
  run fncache_fuzzer...
  run jsonescapeu8fast_fuzzer...
  run manifest_fuzzer...
  run mpatch_fuzzer...
  run revlog_fuzzer...
  run xdiff_fuzzer...

Clean up.
  $ cd $TESTDIR/../contrib/fuzz
  $ $MAKE -s clean