make lowest stack an internal libfuzzer detail

This value is useful to help determine run uniqueness in the face of recursion, however it is not valuable to expose to the fuzzing UI.
2024-11-30 00:52:52 +00:00 · 2024-09-09 21:16:06 -07:00 · 2024-09-09 21:16:06 -07:00 · 2d005827b8
commit 2d005827b8
parent 0cdccff519
6 changed files with 3 additions and 17 deletions
--- a/lib/fuzzer.zig
+++ b/lib/fuzzer.zig
@ -28,7 +28,8 @@ fn logOverride(
    f.writer().print(prefix1 ++ prefix2 ++ format ++ "\n", args) catch @panic("failed to write to fuzzer log");
 }

-export threadlocal var __sancov_lowest_stack: usize = std.math.maxInt(usize);
+/// Helps determine run uniqueness in the face of recursion.
+export threadlocal var __sancov_lowest_stack: usize = 0;

 export fn __sanitizer_cov_trace_const_cmp1(arg1: u8, arg2: u8) void {
    handleCmp(@returnAddress(), arg1, arg2);
@ -220,7 +221,6 @@ const Fuzzer = struct {
                .n_runs = 0,
                .unique_runs = 0,
                .pcs_len = pcs.len,
-                .lowest_stack = std.math.maxInt(usize),
            };
            f.seen_pcs.appendSliceAssumeCapacity(std.mem.asBytes(&header));
            f.seen_pcs.appendNTimesAssumeCapacity(0, n_bitset_elems * @sizeOf(usize));
@ -261,8 +261,8 @@ const Fuzzer = struct {
            f.input.appendSliceAssumeCapacity(run.input);
            try f.mutate();

-            _ = @atomicRmw(usize, &header.lowest_stack, .Min, __sancov_lowest_stack, .monotonic);
            @memset(f.pc_counters, 0);
+            __sancov_lowest_stack = std.math.maxInt(usize);
            f.coverage.reset();

            fuzzer_one(f.input.items.ptr, f.input.items.len);
--- a/lib/fuzzer/web/index.html
+++ b/lib/fuzzer/web/index.html
@ -147,7 +147,6 @@
        <li>Total Runs: <span id="statTotalRuns"></span></li>
        <li>Unique Runs: <span id="statUniqueRuns"></span></li>
        <li>Coverage: <span id="statCoverage"></span></li>
-        <li>Lowest Stack: <span id="statLowestStack"></span></li>
        <li>Entry Points: <ul id="entryPointsList"></ul></li>
      </ul>
    </div>
--- a/lib/fuzzer/web/main.js
+++ b/lib/fuzzer/web/main.js
@ -6,7 +6,6 @@
  const domStatTotalRuns = document.getElementById("statTotalRuns");
  const domStatUniqueRuns = document.getElementById("statUniqueRuns");
  const domStatCoverage = document.getElementById("statCoverage");
-  const domStatLowestStack = document.getElementById("statLowestStack");
  const domEntryPointsList = document.getElementById("entryPointsList");

  let wasm_promise = fetch("main.wasm");
@ -158,7 +157,6 @@
    domStatTotalRuns.innerText = totalRuns;
    domStatUniqueRuns.innerText = uniqueRuns + " (" + percent(uniqueRuns, totalRuns) + "%)";
    domStatCoverage.innerText = coveredSourceLocations + " / " + totalSourceLocations + " (" + percent(coveredSourceLocations, totalSourceLocations) + "%)";
-    domStatLowestStack.innerText = unwrapString(wasm_exports.lowestStack());

    const entryPoints = unwrapInt32Array(wasm_exports.entryPoints());
    resizeDomList(domEntryPointsList, entryPoints.length, "<li></li>");
--- a/lib/fuzzer/web/main.zig
+++ b/lib/fuzzer/web/main.zig
@ -106,13 +106,6 @@ export fn decl_source_html(decl_index: Decl.Index) String {
    return String.init(string_result.items);
 }

-export fn lowestStack() String {
-    const header: *abi.CoverageUpdateHeader = @ptrCast(recent_coverage_update.items[0..@sizeOf(abi.CoverageUpdateHeader)]);
-    string_result.clearRetainingCapacity();
-    string_result.writer(gpa).print("0x{d}", .{header.lowest_stack}) catch @panic("OOM");
-    return String.init(string_result.items);
-}
-
 export fn totalSourceLocations() usize {
    return coverage_source_locations.items.len;
 }
--- a/lib/std/Build/Fuzz/WebServer.zig
+++ b/lib/std/Build/Fuzz/WebServer.zig
@ -406,7 +406,6 @@ fn sendCoverageContext(
    const seen_pcs = cov_header.seenBits();
    const n_runs = @atomicLoad(usize, &cov_header.n_runs, .monotonic);
    const unique_runs = @atomicLoad(usize, &cov_header.unique_runs, .monotonic);
-    const lowest_stack = @atomicLoad(usize, &cov_header.lowest_stack, .monotonic);
    if (prev_unique_runs.* != unique_runs) {
        // There has been an update.
        if (prev_unique_runs.* == 0) {
@ -431,7 +430,6 @@ fn sendCoverageContext(
        const header: abi.CoverageUpdateHeader = .{
            .n_runs = n_runs,
            .unique_runs = unique_runs,
-            .lowest_stack = lowest_stack,
        };
        const iovecs: [2]std.posix.iovec_const = .{
            makeIov(std.mem.asBytes(&header)),
--- a/lib/std/Build/Fuzz/abi.zig
+++ b/lib/std/Build/Fuzz/abi.zig
@ -13,7 +13,6 @@ pub const SeenPcsHeader = extern struct {
    n_runs: usize,
    unique_runs: usize,
    pcs_len: usize,
-    lowest_stack: usize,

    /// Used for comptime assertions. Provides a mechanism for strategically
    /// causing compile errors.
@ -79,7 +78,6 @@ pub const CoverageUpdateHeader = extern struct {
    flags: Flags = .{},
    n_runs: u64,
    unique_runs: u64,
-    lowest_stack: u64,

    pub const Flags = packed struct(u64) {
        tag: ToClientTag = .coverage_update,