Implement CanTrack - tracking enforcement through rust types #1886
Conversation
|
cc @sadeli413 as you were the one who mentioned this |
|
I've improved this a bit s.t. it dumps a helpful compiler message if you've done it wrong. |
|
I've improved this further by integrating with the existing pattern: |
|
Is this something we want to pursue? I'm happy to make the remaining changes, but it's a lot of work and I don't want to get started without a preliminary review. |
addisoncrump
force-pushed
the
enforced-tracking
branch
from
8e15033 to
d33db5d
Compare
|
Unless there are any complaints I'll start implementing this March 1st. |
|
@domenukk So, now the only new onus on implementors of MapObserver is to The reason is that now, there's a wrapper type ("ExplicitTracking") which just wraps the map observer and forwards its observer implementation. But we can impl TrackingHinted for all map observers now with a default without them needing to do any type-fu at the definition and ExplicitTracking carries the tracking information if it needs to be specified. This works because now |
addisoncrump
force-pushed
the
enforced-tracking
branch
2 times, most recently
from
94f6fa2 to
ff33d7a
Compare
| @@ -15,7 +15,7 @@ use libafl::{ | |||
| GrimoireRandomDeleteMutator, GrimoireRecursiveReplacementMutator, | |||
| GrimoireStringReplacementMutator, Tokens, | |||
| }, | |||
| observers::StdMapObserver, | |||
| observers::{StdMapObserver, TrackingHinted}, | |||
There was a problem hiding this comment.
I think Hinted isn't a great name, it's the how not the what, right? Maybe EnableTracking or something?
There was a problem hiding this comment.
MaybeTracks? :p
There was a problem hiding this comment.
HintsTracking also feels gross.
There was a problem hiding this comment.
I like CanTrack, sounds like CanBus (and is in line with HasXYZ)
There was a problem hiding this comment.
CanTrack seems the best out of these options. I'll do a mass rename once CI is clear.
There was a problem hiding this comment.
Maybe even a CanTrackX for each individual trackable feature?
There was a problem hiding this comment.
Hm, I don't think this is desirable. Splitting this trait further doesn't help us, since map observers will always implement both.
There was a problem hiding this comment.
Ok, I was just thinking we might have a CanTrackfor something else later
addisoncrump
force-pushed
the
enforced-tracking
branch
from
2628ead to
cea4817
Compare
addisoncrump
force-pushed
the
enforced-tracking
branch
from
a83c907 to
93a89de
Compare
|
There is a difference between formatting in stable and nightly... not optimal |
|
See: It seems we are inconsistently using rustfmt somehow. I'll fix this later. |
|
I think we can always use nightly fmt then |
|
Okay, I forced the formatter version and for some reason it continues to format differently. |
[*] Checking fmt for ./fuzzers/libfuzzer_stb_image_concolic/fuzzer
Warning: can't set `imports_granularity = Crate`, unstable features are only available in nightly channel.
Warning: can't set `group_imports = StdExternalCrate`, unstable features are only available in nightly channel.
Warning: can't set `imports_granularity = Crate`, unstable features are only available in nightly channel.
Warning: can't set `group_imports = StdExternalCrate`, unstable features are only available in nightly channel.
Diff in /home/runner/work/LibAFL/LibAFL/fuzzers/libfuzzer_stb_image_concolic/fuzzer/src/main.rs at line 3:
Warning: can't set `imports_granularity = Crate`, unstable features are only available in nightly channel.
Warning: can't set `group_imports = StdExternalCrate`, unstable features are only available in nightly channel.-> It's not using |
addisoncrump
force-pushed
the
enforced-tracking
branch
from
890a530 to
9936d08
Compare
|
Rebased, that was a doozy. |
|
Oooh sorry I had already merged main into this guy locally, but forgot to push 🙈 |
|
Needs more .scripts/fmt-all.sh |
domenukk
force-pushed
the
enforced-tracking
branch
from
4f9fad6 to
6d37e59
Compare
|
Rebasing is way more work than merging, you have to touch the same line multiple times... Will merge again in the future |
|
It seems that this change broke fuzzers/forkserver_libafl_cc. It builds, but the run fails. It first fails because the map size is smaller then the default. If I fix this, it fails because it does not find the observer: |
| @@ -636,13 +636,14 @@ impl<'a, SP> ForkserverExecutorBuilder<'a, SP> { | |||
|
|
|||
| /// Builds `ForkserverExecutor` downsizing the coverage map to fit exaclty the AFL++ map size. | |||
| #[allow(clippy::pedantic)] | |||
| pub fn build_dynamic_map<MO, OT, S>( | |||
| pub fn build_dynamic_map<A, MO, OT, S>( | |||
There was a problem hiding this comment.
i guess this part didn't have to be changed
This comes from a suggestion in the discord to type-enforce whether indices/novelties should be tracked.
It turns out that you cannot infer whether it needs to be or not based purely on usage. This is a limitation of Rust -- I have tried many, many different ways of doing this now with no avail (pure type encoding, GAT encoding, associated constant encoding, even this nightmare-fuel syntax), but we can encode the metadata -- it just has to be manually performed by the user.
I added some docs and only modified
MapFeedbackandMinimizerSchedulerfor the sake of demonstration. Play around withlibfuzzer_stb_imageto see how the compiler output feels and such when intentionally disabling index tracking.