Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Race in coverage recording? #2520

Closed
Porges opened this issue Oct 16, 2022 · 0 comments · Fixed by #2529
Closed

Race in coverage recording? #2520

Porges opened this issue Oct 16, 2022 · 0 comments · Fixed by #2529
Labels
bug Something isn't working

Comments

@Porges
Copy link
Member

Porges commented Oct 16, 2022
edited
Loading

I noticed while trying to repro #1781 locally that sometimes the recording would not work properly:

Commandline:

$ RUST_LOG=trace cargo run --example coverage -- /workspaces/onefuzz/src/integration-tests/libfuzzer/fuzz.exe @@ --inputs  /workspaces/onefuzz/src/integration-tests/libfuzzer/input.txt

Coverage as expected:

[2022-10-16T22:16:40Z INFO  coverage::block::linux] module load: /lib/x86_64-linux-gnu/librt-2.27.so
[2022-10-16T22:16:40Z INFO  coverage::block::linux] module load: /lib/x86_64-linux-gnu/libm-2.27.so
[2022-10-16T22:16:40Z INFO  coverage::block::linux] module load: /lib/x86_64-linux-gnu/libdl-2.27.so
[2022-10-16T22:16:40Z INFO  coverage::block::linux] module load: /lib/x86_64-linux-gnu/libgcc_s.so.1
[2022-10-16T22:16:40Z INFO  coverage::block::linux] module load: /lib/x86_64-linux-gnu/libc-2.27.so
[2022-10-16T22:16:41Z INFO  coverage::block::linux] new thread: 28928
[2022-10-16T22:16:41Z INFO  coverage] recorded in 2.480324274s
[2022-10-16T22:16:41Z INFO  coverage] input = /workspaces/onefuzz/src/integration-tests/libfuzzer/input.txt
[2022-10-16T22:16:41Z INFO  coverage] ld-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libc-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libdl-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libgcc_s.so.1 = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libm-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libpthread-2.27.so = 185 / 3192 (5.80%)
[2022-10-16T22:16:41Z INFO  coverage] librt-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libstdc++.so.6.0.29 = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] fuzz.exe = 5 / 22 (22.73%)
[2022-10-16T22:16:41Z INFO  coverage] ld-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libc-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libdl-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libgcc_s.so.1 = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libm-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libpthread-2.27.so = 185 / 3192 (5.80%)
[2022-10-16T22:16:41Z INFO  coverage] librt-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] libstdc++.so.6.0.29 = 0 / 0 (NaN%)
[2022-10-16T22:16:41Z INFO  coverage] fuzz.exe = 5 / 22 (22.73%)

Coverage not as expected:

[2022-10-16T22:19:43Z INFO  coverage::block::linux] module load: /lib/x86_64-linux-gnu/ld-2.27.so
[2022-10-16T22:19:43Z INFO  coverage] recorded in 11.445283278s
[2022-10-16T22:19:43Z INFO  coverage] input = /workspaces/onefuzz/src/integration-tests/libfuzzer/input.txt
[2022-10-16T22:19:43Z INFO  coverage] ld-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:19:43Z INFO  coverage] fuzz.exe = 0 / 22 (0.00%)
[2022-10-16T22:19:43Z INFO  coverage] ld-2.27.so = 0 / 0 (NaN%)
[2022-10-16T22:19:43Z INFO  coverage] fuzz.exe = 0 / 22 (0.00%)

In the latter case it only receives "module load" events for fuzz.exe & ld. It seems that pete/Ptracer is missing some events?

Traces:

AB#41811543
@Porges Porges added the bug Something isn't working label Oct 16, 2022
@ghost ghost added the Needs: triage label Oct 16, 2022
@Porges Porges mentioned this issue Oct 18, 2022
Merged
Porges added a commit that referenced this issue Oct 18, 2022
@Porges
Produce an error if coverage recording failed due to timeout (#2529)
c46c6be 
Closes #2520.

After investigation the underlying cause here is that the process is getting killed due to timeout, but we don't report the timeout or produce an error. Modify the coverage code so that it fails if timeout is hit.
@ghost ghost locked as resolved and limited conversation to collaborators Nov 17, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Produce an error if coverage recording failed due to timeout microsoft/onefuzz
2 participants
@Porges @stishkin