Skip to content

Fixes in corpus minimizer #3403

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tokatoka merged 14 commits into from
Aug 25, 2025
Merged

Fixes in corpus minimizer #3403

tokatoka merged 14 commits into from
Aug 25, 2025

Conversation

@ThomasTNO
Copy link
Collaborator

@ThomasTNO ThomasTNO commented Aug 22, 2025
edited
Loading

Description

In an attempt to implement the corpus minimizer in TNO-S3/WuppieFuzz#146 I stumbled on some issues with the current implementation. My feeling is that parts of the code were unmaintained for too long.

I made a couple of adjustments to get it operational again.

  1. Ensure inputs are loaded. Previously it would fail due to, I assume, lazy loading
  2. Ensure exec_time is set. In my use case exec_time was not set as we want to minimize before starting a fuzzing run.
  3. Removal of corpus entries fails sometimes. Not entirely sure why it happens, but sometimes the read ctr String contains null bytes (string has the form \u{3}000 and therefore can't be cast to u32.

For all these adjustments I am looking forward to your suggestions. In particular,

  1. Ideally I would say we reuse the calibration code to calibrate the entries and ensure all required metadata is present. I could not come up with a better solution.
  2. Currently the code uses read instead of read_exact which is not preferred and not allowed by the rules set in the precommit, suggestions are much appreciated. Weirdly sometimes the read buffer contains a single digit, and sometimes it contains four bytes (single digit + three null bytes). I can't get my head around it.

Checklist

  • I have run ./scripts/precommit.sh and addressed all comments

@ThomasTNO
Copy link
Collaborator Author

ThomasTNO commented Aug 22, 2025

I see 3. was already resolved in 7f0afe8

ThomasTNO and others added 2 commits August 22, 2025 11:37
@ThomasTNO
Revert "Fix removing file with ctr of the form "\u{3}000""
f30e50d 
This reverts commit 4cb3507.
@dergoegge @ThomasTNO
libafl: fix lockfile ctr serialization (AFLplusplus#3319)
7330c67 
All locations reading from the lockfile expect an integer as a string,
but in `InMemoryOnDiskCorpus<I>::remove_testcase` the raw bytes of the
integer are written to the file in little endian byte order.

This may cause "ParseIntError { kind: InvalidDigit }" in e.g.
`InMemoryOnDiskCorpus<I>::save_testcase` during parsing of the file's
contents.

Fix this by writing the integer to the lockfile as a string in
`InMemoryOnDiskCorpus<I>::remove_testcase` as well.
@tokatoka
Copy link
Member

tokatoka commented Aug 22, 2025

can you resolve the conflicts?

@ThomasTNO ThomasTNO requested a review from tokatoka August 22, 2025 12:56
@tokatoka
Copy link
Member

tokatoka commented Aug 22, 2025

Ideally I would say we reuse the calibration code to calibrate the entries and ensure all required metadata is present. I could not come up with a better solution.

yes it's not very good.
can you maybe move the duplicate code in a public function and call them from both calibration and this minimizer code?

@ThomasTNO
Copy link
Collaborator Author

ThomasTNO commented Aug 25, 2025

Some jobs fail due to connection errors apparently.

@tokatoka
Copy link
Member

tokatoka commented Aug 25, 2025

thank you!

@tokatoka tokatoka merged commit 4a8d49e into AFLplusplus:main Aug 25, 2025
109 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tokatoka tokatoka Awaiting requested review from tokatoka

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ThomasTNO @tokatoka @dergoegge