mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[dev.fuzz] internal/fuzz: add sharedMem.setValueLen 

This method sets the len of the slice returned by valueRef. The worker
now uses this instead of setting the length in the header directly.

Unfortunately, we can't store the whole slice header in the shared
memory header because the pointer won't be valid across processes.

Change-Id: Icef24acfcd85e098cd8c23810568f04b13649a19
Reviewed-on: https://go-review.googlesource.com/c/go/+/284012
Trust: Jay Conrod <jayconrod@google.com>
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
This commit is contained in:
Jay Conrod 2021-01-14 18:22:41 -05:00
parent 06074108fa
commit cc7f8c3055
2 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/internal/fuzz/mem.go
View File

@ -106,6 +106,20 @@ func (m *sharedMem) setValue(b []byte) {
copy(v[:cap(v)], b)
}
// setValueLen sets the length of the shared memory buffer returned by valueRef
// to n, which may be at most the cap of that slice.
//
// Note that we can only store the length in the shared memory header. The full
// slice header contains a pointer, which is likely only valid for one process,
// since each process can map shared memory at a different virtual address.
func (m *sharedMem) setValueLen(n int) {
v := m.valueRef()
if n > cap(v) {
panic(fmt.Sprintf("length %d larger than shared memory capacity %d", n, cap(v)))
}
m.header().length = n
}
// TODO(jayconrod): add method to resize the buffer. We'll need that when the
// mutator can increase input length. Only the coordinator will be able to
// do it, since we'll need to send a message to the worker telling it to

6
src/internal/fuzz/worker.go
View File

@ -444,10 +444,8 @@ func (ws *workerServer) fuzz(ctx context.Context, args fuzzArgs) fuzzResponse {
default:
b := ws.mem.valueRef()
ws.m.mutate(&b)
// TODO(jayconrod): consider making ws.m.header() contain the whole
// slice header, so the length can be updated when the slice changes
ws.mem.header().length = len(b)
if err := ws.fuzzFn(ws.mem.valueRef()); err != nil {
ws.mem.setValueLen(len(b))
if err := ws.fuzzFn(b); err != nil {
return fuzzResponse{Err: err.Error()}
}
// TODO(jayconrod,katiehockman): return early if we find an