select relevant third-party tests to run their tests with garble on CI #240

mvdan · 2021-02-27T14:10:52Z

For example, #190 shows us that programs using basic protobuf-generated code panic at init time. We could (and probably should) try to minimize the failure into a test case in garble, but we should also ensure that garble test ./... in a recent version of protobuf succeeds.

I propose this short list of projects as a start:

https://pkg.go.dev/google.golang.org/protobuf, since protos are very common, and it's a good stress test of generated code and reflection
https://pkg.go.dev/github.com/sirupsen/logrus, a pretty common and non-trivial logging library
https://pkg.go.dev/github.com/spf13/cobra, a common CLI tool framework, pulling other common libraries like spf13/pflag

If this works well, we can add more. The selection criteria should roughly be:

Popularity - estimated, at this time
Quality - modules whose tests fail at times or take too long aren't useful
Diversity - a second CLI framework is less likely to introduce more edge cases
Past bugs - those libraries which have surfaced garble bugs before, like protobuf

I think we could have a nested module for this, like testdata/libraries/go.mod. A libs.go file would import at least one package from each module, to keep go mod tidy happy. We could then use GOPRIVATE='*' garble test all or somesuch, to run obfuscated versions of all tests in direct and indirect dependencies.

Some notes:

We probably want to use test's -short flag to save time, at least as a start.
We should check that go test all succeeds first, to reduce confusion if one of the tests is just broken.
Are we interested in running the tests of indirect dependencies? Probably yes, as test failures in those could break the direct dependencies.
Ideally, the CI check would run everywhere, including pushes to master and PRs. In practice, we'll see how fast or slow it ends up being. Maybe we end up using a subset of the tests, or -short, for PRs.

The text was updated successfully, but these errors were encountered:

mvdan · 2021-02-27T14:13:14Z

Also, this is blocked by #241.

mvdan · 2021-02-28T21:44:25Z

I forgot to say what is perhaps obvious; garble test std should be at the top of the list, because standard library packages are by far the most commonly used.

We already kind of cover this in goprivate.txt, since we do garble build std, but that's not running any tests.

mvdan · 2021-03-07T20:27:45Z

Here's a complication: by design, some tests will fail when obfuscated:

$ wgo1 garble test -short runtime/debug
allocating objects
starting gc
starting dump
done dump
--- FAIL: TestStack (0.00s)
    stack_test.go:63: expected "src/runtime/debug/stack.go" in "\truntime/debug/stack.go:24 +0x9f"
    stack_test.go:63: expected "src/runtime/debug/stack_test.go" in "\truntime/debug_test/stack_test.go:16"
    stack_test.go:63: expected "src/runtime/debug/stack_test.go" in "\truntime/debug_test/stack_test.go:19"
    stack_test.go:63: expected "src/runtime/debug/stack_test.go" in "\truntime/debug_test/stack_test.go:41 +0x36"
    stack_test.go:63: expected "src/testing/testing.go" in "\ttesting/testing.go:1194 +0xef"
FAIL
FAIL	runtime/debug	0.026s

Unfortunately there isn't an opposite to -run. It wouldn't really help either, as it doesn't allow selecting test names from specific packages.

Another option might be to use garble test -json, process the OK/FAIL results, and have a table of known-to-break tests which we expect to fail instead of succeed.

mvdan · 2021-04-25T20:55:02Z

As a first goal, this should check that the third party packages build. #310 is a good example of when we can't even build due to garble bugs.

Packages P1 and P2 can define identical struct types T1 and T2, and one can convert from type T1 to T2 or vice versa. The spec defines two identical struct types as: Two struct types are identical if they have the same sequence of fields, and if corresponding fields have the same names, and identical types, and identical tags. Non-exported field names from different packages are always different. Unfortunately, garble broke this: since we obfuscated field names differently depending on the package, cross-package conversions like the case above would result in typechecking errors. To fix this, implement Joe Tsai's idea: hash struct field names with the string representation of the entire struct. This way, identical struct types will have their field names obfuscated in the same way in all packages across a build. Note that we had to refactor "reverse" a bit to start using transformer, since now it needs to keep track of struct types as well. This failure was affecting the build of google.golang.org/protobuf, since it makes regular use of cross-package struct conversions. Note that the protobuf module still fails to build, but for other reasons. The package that used to fail now succeeds, so the build gets a bit further than before. burrowers#240 tracks adding relevant third-party Go modules to CI, so we'll track the other remaining failures there. Fixes burrowers#310.

Packages P1 and P2 can define identical struct types T1 and T2, and one can convert from type T1 to T2 or vice versa. The spec defines two identical struct types as: Two struct types are identical if they have the same sequence of fields, and if corresponding fields have the same names, and identical types, and identical tags. Non-exported field names from different packages are always different. Unfortunately, garble broke this: since we obfuscated field names differently depending on the package, cross-package conversions like the case above would result in typechecking errors. To fix this, implement Joe Tsai's idea: hash struct field names with the string representation of the entire struct. This way, identical struct types will have their field names obfuscated in the same way in all packages across a build. Note that we had to refactor "reverse" a bit to start using transformer, since now it needs to keep track of struct types as well. This failure was affecting the build of google.golang.org/protobuf, since it makes regular use of cross-package struct conversions. Note that the protobuf module still fails to build, but for other reasons. The package that used to fail now succeeds, so the build gets a bit further than before. #240 tracks adding relevant third-party Go modules to CI, so we'll track the other remaining failures there. Fixes #310.

mvdan · 2021-11-16T15:38:22Z

Another important point is that, for these relevant third-party codebases, we should try building them with a variety of GOOS/GOARCH targets that CI doesn't directly cover. For example:

plan9/386 (uncommon OS, plus 32-bit arch)
js/wasm (fairly different platform overall)
freebsd/arm64 (relatively common OS and arch, but not covered by CI)

For instance, the first of those three would have caught #417 just by using GOPRIVATE=* garble build std.

mvdan · 2022-02-03T16:07:09Z

From #410, it seems like Wireguard (the Go implementation) should also be in the list of relevant third-party tests.

Our tests should already be pretty extensive, and any bug fixes should result in more regression test cases, but testing against a few diverse and popular third party modules will help prevent unintended regressions while developing garble. The list is short for now. More can be added later. This adds protobuf and wireguard from the original issue, but not cobra and logrus, as they aren't particularly complex nor add significant variety on top of protobuf and wireguard. While here, we remove the job that only runs crlf-test.sh, as we don't really need a separate job for a tiny script. Fixes burrowers#240.

Our tests should already be pretty extensive, and any bug fixes should result in more regression test cases, but testing against a few diverse and popular third party modules will help prevent unintended regressions while developing garble. The list is short for now. More can be added later. This adds protobuf and wireguard from the original issue, but not cobra and logrus, as they aren't particularly complex nor add significant variety on top of protobuf and wireguard. While here, we remove the job that only runs crlf-test.sh, as we don't really need a separate job for a tiny script. Fixes #240.

mvdan mentioned this issue Sep 10, 2021

Better reflection detection #380

Merged

mvdan mentioned this issue Nov 16, 2021

plan9 builds broken on go1.18-b69b2f63d6 with garble @ 64cbbbaa #417

Closed

mvdan mentioned this issue Dec 3, 2021

deprecate using GOPRIVATE in favor of GOGARBLE #427

Merged

mvdan mentioned this issue Feb 3, 2022

Obfuscation Fails on inet.af/netstack/tcpip/transport/tcp #410

Closed

mvdan mentioned this issue Mar 15, 2022

Be smarter about which methods can have their names changed #3

Open

mvdan mentioned this issue May 13, 2022

start checking some third party builds for regressions #537

Merged

mvdan closed this as completed in #537 May 14, 2022

mvdan added this to the v0.6.0 milestone May 23, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

select relevant third-party tests to run their tests with garble on CI #240

select relevant third-party tests to run their tests with garble on CI #240

mvdan commented Feb 27, 2021

mvdan commented Feb 27, 2021

mvdan commented Feb 28, 2021

mvdan commented Mar 7, 2021

mvdan commented Apr 25, 2021

mvdan commented Nov 16, 2021

mvdan commented Feb 3, 2022

select relevant third-party tests to run their tests with garble on CI #240

select relevant third-party tests to run their tests with garble on CI #240

Comments

mvdan commented Feb 27, 2021

mvdan commented Feb 27, 2021

mvdan commented Feb 28, 2021

mvdan commented Mar 7, 2021

mvdan commented Apr 25, 2021

mvdan commented Nov 16, 2021

mvdan commented Feb 3, 2022