Add --release flag #517
Add --release flag #517
Conversation
There was a problem hiding this comment.
@YanVictorSN Thanks very much for doing this.
Do you have any interest in writing a test for the new flag?
I realize I didn't say anything about that in #20. So "no" is a perfectly acceptable answer.
Yes, sure! Is it possible for me to do that in another PR? Also, I'm just learning Rust—if you can point me to examples in the code or share any tips, I’d really appreciate it. |
Sure.
I'll just record some notes here. I imagine building a test target whose behavior changes based on whether The easiest way I can think to do this is: #[test]
fn test() {
target();
}
#[test_fuzz::test_fuzz]
fn target() {
#[cfg(not(debug_assertions))]
assert(false);
}This should work because The above target code should go in a file in the examples/tests directory. Then there should be a test in the cargo-test-fuzz/tests/integration directory that exercises the target code as follows:
The "run
Finally, the "run I think 80% of this could be achieved by copying one of the |
|
@smoelius Thank you so much. I’ll do that. And if I have any questions, I will definitely reach out to you. |
|
I've done some experiments locally, and I think this is working as expected. I'm going to hold off on releasing this until we have a test in CI, though. Thanks again! |
|
Thank you! @smoelius I'm trying to create the test, but I'm having some trouble. Should I open a draft or can we chat here? |
|
Either is fine. Whatever is easiest for you. |
|
@smoelius Do I need to pass any value in the target? I know I need to test the release tag, but I need to initialize the corpus directory like in the fuzz file to check if it will crash, right? |
|
Direct answer to your question: yes, I was making a mistake, because AFL++ doesn't like and rejects empty corpus files, and "no arguments" would serialize to an empty corpus file. But I just realized that my Here are the things that are enabled in release mode: https://doc.rust-lang.org/cargo/reference/profiles.html#release Hmm... What else in there could be used to produce a crash in release mode? (It's not immediately obvious to me.) |
|
Maybe there's a way to turn the absence of overflow checks into a crash? |
|
Something along these lines maybe? https://stackoverflow.com/a/73224634 Is this something you would like to play with? I realize I've imposed upon you by asking you to write this test. If this has become too much of a hassle, I completely understand. |
|
Yeah, sure. Don’t worry, I’m learning a lot. You make things easier for a beginner like me. So, the idea here is to try to force an overflow to check if the release tag is working or not, right? |
|
Overflow checks will be enabled in debug mode, but not in release mode. On the face of it, that means one could get a panic/crash in debug mode, but not in release mode. But we want the other way around. So, I'm wondering, could we catch the panic with
Does that make sense? |
|
🤦 No that's not going to work either! https://github.com/rust-fuzz/afl.rs/blob/e586a66aadc36977501257ee8b8201d61a452021/cargo-afl/src/main.rs#L286 |
|
Ok, this has become more complicated than I expected. It might be possible to use the But the documentation suggests that variable is set only for build scripts. In other words, writing a test that relies on that variable would require writing a build script. That could be done, but I can't quite see how all of the pieces would fit together. I'm going to have to thing about this some more, unless you can see a solution. |
|
Not yet. I’ll think more about it and, in the meantime, look for another |
--releaseflagClose #20
@smoelius