Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Adding option to merge all inputs at once #282

Merged
merged 37 commits into from
Nov 24, 2020
Merged

Conversation

chkeita
Copy link
Contributor

@chkeita chkeita commented Nov 10, 2020

No description provided.

@bmc-msft
Copy link
Contributor

Can 'merge' be it's on template, rather than part of the existing libfuzzer template?

@bmc-msft bmc-msft linked an issue Nov 11, 2020 that may be closed by this pull request
@tunz
Copy link
Contributor

tunz commented Nov 12, 2020

What if I want to minimize corpus using "merge", what would be the best approach?

I'm running these commands to minimize corpus.

mkdir empty_dir
azcopy sync {container} ./corpus
./fuzzer -merge=1 ./empty_dir ./corpus
azcopy sync ./empty_dir {container} --deleteDestination=true

I'm wondering if I can use this new merge task for this purpose. I imagine this might be one way:

  1. Create a new container
  2. Run merge with inputs=old container and unique_inputs=new container
  3. Remove the old container
  4. Copy corpus from the new container to the old container
  5. Remove the new container

But then, some other process should wait for the task to be completed and run the copy step.

@chkeita
Copy link
Contributor Author

chkeita commented Nov 12, 2020

What if I want to minimize corpus using "merge", what would be the best approach?

I'm running these commands to minimize corpus.

mkdir empty_dir
azcopy sync {container} ./corpus
./fuzzer -merge=1 ./empty_dir ./corpus
azcopy sync ./empty_dir {container} --deleteDestination=true

I'm wondering if I can use this new merge task for this purpose. I imagine this might be one way:

  1. Create a new container
  2. Run merge with inputs=old container and unique_inputs=new container
  3. Remove the old container
  4. Copy corpus from the new container to the old container
  5. Remove the new container

But then, some other process should wait for the task to be completed and run the copy step.

@tunz you will be able to use this task for that purpose. i am adding a new option to the libfuzzer template that will allow you to do this with this command.

onefuzz template libfuzzer merge  <project> <name> <build> <pool_name> --inputs <input_dir>

@chkeita chkeita marked this pull request as ready for review November 12, 2020 18:19
@tunz
Copy link
Contributor

tunz commented Nov 12, 2020

@chkeita Thanks for the new option :) This will helps us a lot.
But, I was also wondering if I can minimize the corpus within the same container (i.e. pushing results to the same container as the "inputs" container) because I want to run continuous fuzzing keeping the same container. If I understood correctly, I still have to copy the results to the inputs container back.

@chkeita
Copy link
Contributor Author

chkeita commented Nov 12, 2020

@tunz you are correct. You will need to manually copy the result of the merge from the unique_inputs container.
if we output the result of the merge to the inputs container, it can result in some files being deleted. This will prevent other tasks like coverage from functioning properly.

@bmc-msft
Copy link
Contributor

I think it's reasonable to optionally support merging into the inputs container, especially if we're talking about performing in a bulk fashion.

@bmc-msft
Copy link
Contributor

Something important to remember, merge provides a minimum set of inputs that provide the same coverage. By default, we should save the results to an minimized output container.

However, it's common enough to say "ok, this is a known good binary, minimize my corpus such that I can use the minimized set moving forwards" without having manual effort

@bmc-msft bmc-msft requested a review from ranweiler November 20, 2020 16:15
@bmc-msft
Copy link
Contributor

Standard integration tests pass, though I've not tested the new merge job.

docs/webhook_events.md Outdated Show resolved Hide resolved
src/cli/onefuzz/templates/libfuzzer.py Outdated Show resolved Hide resolved
@bmc-msft bmc-msft merged commit 33b7608 into microsoft:main Nov 24, 2020
@chkeita chkeita deleted the chkeita/254 branch March 31, 2021 21:52
@ghost ghost locked as resolved and limited conversation to collaborators May 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Running libfuzzer merge for all new inputs at once
4 participants