[v2] fuzz: improve crash case minimization

[PATCH v2 0/7] fuzz: improve crash case minimization

Posted by Qiuhao Li 4 years, 10 months ago

Extend and refine the crash case minimization process.

Test input:
  Bug 1909261 full_reproducer
  6500 QTest instructions (write mostly)

Refined (-M1 minimization level) vs. Original version:
  real  38m31.942s  <-- real  532m57.192s
  user  28m18.188s  <-- user  89m0.536s
  sys   12m42.239s  <-- sys   50m33.074s
  2558 instructions <-- 2846 instructions

Test Enviroment:
  i7-8550U, 16GB LPDDR3, SSD 
  Ubuntu 20.04.1 5.4.0-58-generic x86_64
  Python 3.8.5

v1 --> v2: 
  New: [PATCH v2 1/7]
  New: [PATCH v2 2/7]
  New: [PATCH v2 4/7]
  New: [PATCH v2 6/7]
  New: [PATCH v2 7/7]
  Fix: [PATCH 2/4] split using binary approach
  Fix: [PATCH 3/4] typo in comments
  Discard: [PATCH 1/4] the hardcoded regex match for crash detection
  Discard: [PATCH 4/4] the delaying minimizer
  
Thanks for the suggestions from:
  Alexander Bulekov

Qiuhao Li (7):
  fuzz: accelerate non-crash detection
  fuzz: double the IOs to remove for every loop
  fuzz: split write operand using binary approach
  fuzz: loop the remove minimizer and refactoring
  fuzz: set bits in operand of write/out to zero
  fuzz: add minimization options
  fuzz: heuristic split write based on past IOs

 scripts/oss-fuzz/minimize_qtest_trace.py | 256 ++++++++++++++++++-----
 1 file changed, 208 insertions(+), 48 deletions(-)

-- 
2.25.1

Re: [PATCH v2 0/7] fuzz: improve crash case minimization

Posted by no-reply@patchew.org 4 years, 10 months ago

Patchew URL: https://patchew.org/QEMU/ME3P282MB17458B2705C43E860A26171DFCD90@ME3P282MB1745.AUSP282.PROD.OUTLOOK.COM/



Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: ME3P282MB17458B2705C43E860A26171DFCD90@ME3P282MB1745.AUSP282.PROD.OUTLOOK.COM
Subject: [PATCH v2 0/7] fuzz: improve crash case minimization

=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
 * [new tag]         patchew/ME3P282MB17458B2705C43E860A26171DFCD90@ME3P282MB1745.AUSP282.PROD.OUTLOOK.COM -> patchew/ME3P282MB17458B2705C43E860A26171DFCD90@ME3P282MB1745.AUSP282.PROD.OUTLOOK.COM
Switched to a new branch 'test'
ddad9b9 fuzz: heuristic split write based on past IOs
9ff99f8 fuzz: add minimization options
ff015d1 fuzz: set bits in operand of write/out to zero
fd57227 fuzz: loop the remove minimizer and refactoring
d956f38 fuzz: split write operand using binary approach
06ea622 fuzz: double the IOs to remove for every loop
6e7708d fuzz: accelerate non-crash detection

=== OUTPUT BEGIN ===
1/7 Checking commit 6e7708db32d3 (fuzz: accelerate non-crash detection)
ERROR: trailing whitespace
#38: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:34:
+crash output but indicates the same bug. Under this situation, our minimizer is $

ERROR: trailing whitespace
#39: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:35:
+incapable of recognizing and stopped from removing it. In the future, we may $

total: 2 errors, 0 warnings, 65 lines checked

Patch 1/7 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

2/7 Checking commit 06ea6221a492 (fuzz: double the IOs to remove for every loop)
3/7 Checking commit d956f387fad9 (fuzz: split write operand using binary approach)
ERROR: trailing whitespace
#104: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:135:
+        # it into two separate write commands. If splitting the data operand $

ERROR: trailing whitespace
#107: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:138:
+        # is to prune unneccessary bytes from long writes, while accommodating $

total: 2 errors, 0 warnings, 62 lines checked

Patch 3/7 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

4/7 Checking commit fd57227237c1 (fuzz: loop the remove minimizer and refactoring)
ERROR: trailing whitespace
#101: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:187:
+    $

total: 1 errors, 0 warnings, 54 lines checked

Patch 4/7 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

5/7 Checking commit ff015d1f3945 (fuzz: set bits in operand of write/out to zero)
6/7 Checking commit 9ff99f86d34b (fuzz: add minimization options)
7/7 Checking commit ddad9b911ad1 (fuzz: heuristic split write based on past IOs)
ERROR: trailing whitespace
#48: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:113:
+    $

ERROR: trailing whitespace
#54: FILE: scripts/oss-fuzz/minimize_qtest_trace.py:119:
+    $

total: 2 errors, 0 warnings, 67 lines checked

Patch 7/7 has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

=== OUTPUT END ===

Test command exited with code: 1


The full log is available at
http://patchew.org/logs/ME3P282MB17458B2705C43E860A26171DFCD90@ME3P282MB1745.AUSP282.PROD.OUTLOOK.COM/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com