Replace the Suboptimal fuzz_tree.py Harness With a Better Alternative
#1910
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As discussed in the initial fuzzing integration PR[^1], `fuzz_tree.py`'s implementation was not ideal in terms of coverage and its reading/writing to hard-coded paths inside `/tmp` was problematic as (among other concerns), it causes intermittent crashes on ClusterFuzz[^2] when multiple workers execute the test at the same time on the same machine. The changes here replace `fuzz_tree.py` completely with a completely new `fuzz_repo.py` fuzz target which: - Uses `tempfile.TemporaryDirectory()` to safely manage tmpdir creation and tear down, including during multi-worker execution runs. - Retains the same feature coverage as `fuzz_tree.py`, but it also adds considerably more from much smaller data inputs and with less memory consumed (and it doesn't even have a seed corpus or target specific dictionary yet.) - Can likely be improved further in the future by exercising additional features of `Repo` to the harness. Because `fuzz_tree.py` was removed and `fuzz_repo.py` was not derived from it, the Apache License call outs in the docs were also updated as they only apply to the singe `fuzz_config.py` file now. [^1]: gitpython-developers#1901 (comment) [^2]: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68355
|
CC @EliahKagan |
|
and FWIW, if removing |
EliahKagan
approved these changes
Apr 29, 2024
Byron
approved these changes
Apr 29, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As discussed in the initial fuzzing integration PR1,
fuzz_tree.py's implementation was not ideal in terms of coverage and its reading/writing to hard-coded paths inside/tmpwas problematic as (among other concerns), it causes intermittent crashes on ClusterFuzz2 when multiple workers execute the test at the same time on the same machine.The changes here replace
fuzz_tree.pycompletely with a completely newfuzz_repo.pyfuzz target which:tempfile.TemporaryDirectory()to safely manage tmpdir creation and tear down, including during multi-worker execution runs.fuzz_tree.py, but it also adds considerably more from much smaller data inputs and with less memory consumed (and it doesn't even have a seed corpus or target specific dictionary yet.)Repoto the harness.Here are some very rough stats to give a very rough idea of the difference:
fuzz_repo.py(my local testing)fuzz_tree.py(most recent successful CF run)Note on License
Because
fuzz_tree.pywas removed andfuzz_repo.pywas not derived from it, the Apache License call outs in the docs were also updated as they only apply to the singefuzz_config.pyfile now.Footnotes
https://github.com/gitpython-developers/GitPython/pull/1901#discussion_r1565001609 ↩
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68355 ↩