From 5003ed884a67ee26b4cedbe6f5b1c02bd5eb6630 Mon Sep 17 00:00:00 2001 From: Steven Johnstone Date: Thu, 10 Mar 2022 13:38:00 +0000 Subject: [PATCH] internal/fuzz: minimization should not reduce coverage Minimization should result in a fuzz input which includes the same coverage bits as the original input. Updates #48326 Change-Id: I6c5f30058b57ccd1a096ad0e9452a4dfbb7d9aab Reviewed-on: https://go-review.googlesource.com/c/go/+/391454 Trust: Bryan Mills Reviewed-by: Roland Shoemaker Run-TryBot: Roland Shoemaker Auto-Submit: Roland Shoemaker TryBot-Result: Gopher Robot --- .../script/test_fuzz_minimize_interesting.txt | 11 ----------- src/internal/fuzz/coverage.go | 11 +++++++++++ src/internal/fuzz/worker.go | 3 ++- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/src/cmd/go/testdata/script/test_fuzz_minimize_interesting.txt b/src/cmd/go/testdata/script/test_fuzz_minimize_interesting.txt index 5d0de17f6bc..a09e85b972f 100644 --- a/src/cmd/go/testdata/script/test_fuzz_minimize_interesting.txt +++ b/src/cmd/go/testdata/script/test_fuzz_minimize_interesting.txt @@ -127,19 +127,8 @@ func FuzzMinCache(f *testing.F) { if bytes.Equal(buf, seed) { return } - if n := sum(buf); n < 0 { - t.Error("sum cannot be negative") - } }) } - -func sum(buf []byte) int { - n := 0 - for _, b := range buf { - n += int(b) - } - return n -} -- check_testdata/check_testdata.go -- //go:build ignore // +build ignore diff --git a/src/internal/fuzz/coverage.go b/src/internal/fuzz/coverage.go index 3dee73b81ce..88f98a16b2e 100644 --- a/src/internal/fuzz/coverage.go +++ b/src/internal/fuzz/coverage.go @@ -66,6 +66,17 @@ func countNewCoverageBits(base, snapshot []byte) int { return n } +// isCoverageSubset returns true if all the base coverage bits are set in +// snapshot +func isCoverageSubset(base, snapshot []byte) bool { + for i, v := range base { + if v&snapshot[i] != v { + return false + } + } + return true +} + // hasCoverageBit returns true if snapshot has at least one bit set that is // also set in base. func hasCoverageBit(base, snapshot []byte) bool { diff --git a/src/internal/fuzz/worker.go b/src/internal/fuzz/worker.go index 83d937ee6d1..6e4c4e2d0fb 100644 --- a/src/internal/fuzz/worker.go +++ b/src/internal/fuzz/worker.go @@ -894,7 +894,8 @@ func (ws *workerServer) minimizeInput(ctx context.Context, vals []any, mem *shar } return true } - if keepCoverage != nil && hasCoverageBit(keepCoverage, coverageSnapshot) { + // Minimization should preserve coverage bits. + if keepCoverage != nil && isCoverageSubset(keepCoverage, coverageSnapshot) { return true } vals[args.Index] = prev