Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

internal/fuzz: limit the number of consecutive mutations applied to an input #49601

Closed
rolandshoemaker opened this issue Nov 16, 2021 · 3 comments
Closed

internal/fuzz: limit the number of consecutive mutations applied to an input #49601

rolandshoemaker opened this issue Nov 16, 2021 · 3 comments
Labels
FrozenDueToAge fuzz Issues related to native fuzzing support NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.18

Comments

@rolandshoemaker
Copy link
Member

Currently, each time an input is sent to the worker a very large number of mutations can be consecutively applied. Resulting in a significantly different input at the end of the fuzzing than at the start. This significantly reduces the diversity of inputs, since a new "interesting" input is likely to be very different from the original input.

Instead we should limit the number of mutations to some small number, resetting the input back to its initial state if nothing new if found after that number of mutations (this matches the behavior of libFuzzer.) This is related to #47090.

Requesting a freeze exception, since this isn't a bug but has a significant impact on the efficiency/performance of the fuzzing engine, and has little risk.

cc @golang/release
@rolandshoemaker rolandshoemaker added this to the Go1.18 milestone Nov 16, 2021
@gopherbot
Copy link

Change https://golang.org/cl/364214 mentions this issue: internal/fuzz: limit number of consecutive mutations

@stevenjohnstone stevenjohnstone mentioned this issue Nov 16, 2021
Closed
@dr2chase
Copy link
Contributor

@dmitshur @toothrot @cagedmantis are y'all the keeper(s) of freeze exceptions?
(It looks reasonable to me, it's a serious performance/usability problem)

@dmitshur
Copy link
Contributor

dmitshur commented Nov 17, 2021
edited

Yes, we've discussed this on the release team. Thanks for letting us know. We don't have objections to this since it's a part of a feature that's already in scope for 1.18, and this change is based on new data from testing/experience. (And we're still relatively early in the freeze period—before beta 1.)

If the fuzzing team would like to proceed with this change, please do proceed. I'll mark this request as a normal Go1.18 issue in scope of freeze by removing the "[freeze exception]" suffix—but thanks again for letting us know about this.

@dmitshur dmitshur added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Nov 17, 2021
@dmitshur dmitshur changed the title internal/fuzz: limit the number of consecutive mutations applied to an input [freeze exception] internal/fuzz: limit the number of consecutive mutations applied to an input Nov 17, 2021
@dmitshur dmitshur added the fuzz Issues related to native fuzzing support label Nov 17, 2021
@dmitshur dmitshur added NeedsFix The path to resolution is known, but the work has not been done. and removed NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Nov 18, 2021
@golang golang locked and limited conversation to collaborators Nov 18, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge fuzz Issues related to native fuzzing support NeedsFix The path to resolution is known, but the work has not been done.
Projects
Go Security
Status: No status
Milestone
Go1.18
Development

No branches or pull requests
4 participants
@dmitshur @dr2chase @rolandshoemaker @gopherbot