diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2dd85d7c92..5f07124dd7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,16 +79,24 @@ jobs: key: ${{env.ACTIONS_CACHE_KEY_DATE}} # additional key for cache-busting workspaces: src/agent - name: Linux Prereqs - if: runner.os == 'Linux' && steps.cache-agent-artifacts.outputs.cache-hit != 'true' + if: runner.os == 'Linux' run: | sudo apt-get -y update - sudo apt-get -y install libssl-dev libunwind-dev build-essential pkg-config + sudo apt-get -y install libssl-dev libunwind-dev build-essential pkg-config clang + - name: Clone onefuzz-samples + run: git clone https://github.com/microsoft/onefuzz-samples + - name: Prepare for agent integration tests + shell: bash + working-directory: ./onefuzz-samples/examples/simple-libfuzzer + run: | + make + mkdir -p ../../../src/agent/onefuzz-task/tests/targets/simple + cp fuzz.exe ../../../src/agent/onefuzz-task/tests/targets/simple/fuzz.exe + cp *.pdb ../../../src/agent/onefuzz-task/tests/targets/simple/ 2>/dev/null || : - name: Install Rust Prereqs - if: steps.rust-build-cache.outputs.cache-hit != 'true' && steps.cache-agent-artifacts.outputs.cache-hit != 'true' shell: bash run: src/ci/rust-prereqs.sh - run: src/ci/agent.sh - if: steps.cache-agent-artifacts.outputs.cache-hit != 'true' shell: bash - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 @@ -115,7 +123,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: "3.10" - name: lint shell: bash run: src/ci/check-check-pr.sh @@ -129,7 +137,7 @@ jobs: shell: bash - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: "3.10" - uses: actions/download-artifact@v3 with: name: artifact-onefuzztypes @@ -182,7 +190,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: - python-version: 3.8 + python-version: "3.10" - name: lint shell: bash run: | @@ -200,7 +208,7 @@ jobs: - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: - python-version: 3.8 + python-version: "3.10" - name: lint shell: bash run: | @@ -216,7 +224,7 @@ jobs: - run: src/ci/set-versions.sh - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: "3.10" - run: src/ci/onefuzztypes.sh - uses: actions/upload-artifact@v3 with: @@ -473,7 +481,7 @@ jobs: path: artifacts - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: "3.10" - name: Lint shell: bash run: | diff --git a/CHANGELOG.md b/CHANGELOG.md index be4779ad77..f02721fa44 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,32 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## 8.8.0 + +### Added + +* Agent: Added Mariner Linux support for agent VMs [#3306](https://github.com/microsoft/onefuzz/pull/3306) +* Service: Added support for custom ado fields that mark work items as duplicate [#3467](https://github.com/microsoft/onefuzz/pull/3467) +* Service: Permanently store OneFuzz job result data - # crashing input, # regression crashing input, etc. - in Azure storage [#3380](https://github.com/microsoft/onefuzz/pull/3380), [#3439](https://github.com/microsoft/onefuzz/pull/3439) +* Service: Added validation for Iteration/AreaPath on notifications when a job is submitted with a notification config and for `onefuzz debug notification test_template` [#3386](https://github.com/microsoft/onefuzz/pull/3386) + +### Changed + +* Agent: Updated libfuzzer-fuzz basic template to include required args and make it match cli [#3429](https://github.com/microsoft/onefuzz/pull/3429) +* Agent: Downgraded some debug logs from warn to debug [#3450](https://github.com/microsoft/onefuzz/pull/3450) +* CLI: Removed CLI commands from the local fuzzing tasks as they can now be described via yaml template [#3428](https://github.com/microsoft/onefuzz/pull/3428) +* Service: AutoScale table entries are now deleted on VMSS shutdown [#3455](https://github.com/microsoft/onefuzz/pull/3455) + +### Fixed + +* Agent: Fixed local path generation [#3432](https://github.com/microsoft/onefuzz/pull/3432), [#3460](https://github.com/microsoft/onefuzz/pull/3460) + +## 8.7.1 + +### Fixed + +* Service: Removed deprecated Azure retention policy setting that was causing scaleset deployment errors [#3452](https://github.com/microsoft/onefuzz/pull/3452) + ## 8.7.0 ### Added diff --git a/CURRENT_VERSION b/CURRENT_VERSION index c0bcaebe8f..cfc27b4fab 100644 --- a/CURRENT_VERSION +++ b/CURRENT_VERSION @@ -1 +1 @@ -8.7.0 \ No newline at end of file +8.8.0 \ No newline at end of file diff --git a/README.md b/README.md index 010148dd3a..01daa7f7f1 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,26 @@ # OneFuzz +# :exclamation: IMPORTANT NOTICE :exclamation: + +**_August 31, 2023_**. + +**_Since September 2020 when OneFuzz was first open sourced, we’ve been on a journey to create a best-in-class orchestrator for running fuzzers, driving security and quality into our products._** + + +**_Initially launched by a small group in MSR, OneFuzz has now become a significant internal platform within Microsoft. As such, we are regretfully archiving the project to focus our attention on becoming a more deeply integrated service within the company. Unfortunately, we aren’t a large enough team to live in both the open-source world and the internal Microsoft world with its own unique set of requirements._** + +**_Our current plan is to archive the project in the next few months. That means we’ll still be making updates for a little while. Of course, even after it’s archived, you’ll still be able to fork it and make the changes you need. Once we’ve decided on a specific date for archiving, we’ll update this readme._** + +**_Thanks for taking the journey with us._** + +**_The OneFuzz team._** + +--- +**_Update: September 15 2023:_** +**_Our current target to archive the project is September 30th, 2023._** + +--- + [![Onefuzz build status](https://github.com/microsoft/onefuzz/workflows/Build/badge.svg?branch=main)](https://github.com/microsoft/onefuzz/actions/workflows/ci.yml?query=branch%3Amain) ## A self-hosted Fuzzing-As-A-Service platform diff --git a/contrib/onefuzz-job-azure-devops-pipeline/ado-work-items.json b/contrib/onefuzz-job-azure-devops-pipeline/ado-work-items.json index eb89fc019d..034d97cf15 100644 --- a/contrib/onefuzz-job-azure-devops-pipeline/ado-work-items.json +++ b/contrib/onefuzz-job-azure-devops-pipeline/ado-work-items.json @@ -13,6 +13,10 @@ "System.AreaPath": "OneFuzz-Ado-Integration", "System.Title": "{{report.task_id}}" }, + "ado_duplicate_fields": { + "System.Reason": "My custom value that means a work item is a duplicate", + "Custom.Work.Item.Field": "My custom value that means a work item is a duplicate" + }, "on_duplicate": { "increment": [], "comment": "DUP {{report.input_sha256}}
Repro Command: 
 {{ repro_cmd }}
", diff --git a/docs/notifications/ado.md b/docs/notifications/ado.md index 131986afba..09dd5b9072 100644 --- a/docs/notifications/ado.md +++ b/docs/notifications/ado.md @@ -51,6 +51,13 @@ clickable, make it a link. "System.Title": "{{ report.crash_site }} - {{ report.executable }}", "Microsoft.VSTS.TCM.ReproSteps": "This is my call stack: " }, + "ado_duplicate_fields": { + "System.Reason": "My custom value that means a work item is a duplicate", + "Custom.Work.Item.Field": "My custom value that means a work item is a duplicate" + // note: the fields and values below are checked by default and don't need to be specified + // "System.Reason": "Duplicate" + // "Microsoft.VSTS.Common.ResolvedReason": "Duplicate" + }, "comment": "This is my comment. {{ report.input_sha256 }} {{ input_url }} 
{{ repro_cmd }}
", "unique_fields": ["System.Title", "System.AreaPath"], "on_duplicate": { diff --git a/src/ApiService/ApiService/FeatureFlags.cs b/src/ApiService/ApiService/FeatureFlags.cs index aa4bc87079..e74396e882 100644 --- a/src/ApiService/ApiService/FeatureFlags.cs +++ b/src/ApiService/ApiService/FeatureFlags.cs @@ -8,4 +8,5 @@ public static class FeatureFlagConstants { public const string EnableBlobRetentionPolicy = "EnableBlobRetentionPolicy"; public const string EnableDryRunBlobRetention = "EnableDryRunBlobRetention"; public const string EnableWorkItemCreation = "EnableWorkItemCreation"; + public const string EnableContainerRetentionPolicies = "EnableContainerRetentionPolicies"; } diff --git a/src/ApiService/ApiService/Functions/Jobs.cs b/src/ApiService/ApiService/Functions/Jobs.cs index bef61adfc2..3f8746df1f 100644 --- a/src/ApiService/ApiService/Functions/Jobs.cs +++ b/src/ApiService/ApiService/Functions/Jobs.cs @@ -83,7 +83,7 @@ private async Task Post(HttpRequestData req, FunctionContext c "job"); } - await _context.Events.SendEvent(new EventJobCreated(job.JobId, job.Config, job.UserInfo)); + await _context.Events.SendEvent(new EventJobCreated(job.JobId, job.Config, job.UserInfo, _context.ServiceConfiguration.OneFuzzVersion)); return await RequestHandling.Ok(req, JobResponse.ForJob(job, taskInfo: null)); } diff --git a/src/ApiService/ApiService/Functions/QueueFileChanges.cs b/src/ApiService/ApiService/Functions/QueueFileChanges.cs index acdd3e328d..f1c4711f9d 100644 --- a/src/ApiService/ApiService/Functions/QueueFileChanges.cs +++ b/src/ApiService/ApiService/Functions/QueueFileChanges.cs @@ -1,5 +1,6 @@ using System.Text.Json; using System.Text.Json.Nodes; +using System.Threading.Tasks; using Azure.Core; using Microsoft.Azure.Functions.Worker; using Microsoft.Extensions.Logging; @@ -54,6 +55,8 @@ public async Async.Task Run( return; } + var storageAccount = new ResourceIdentifier(topicElement.GetString()!); + try { // Setting isLastRetryAttempt to false will rethrow any exceptions // With the intention that the azure functions runtime will handle requeing @@ -61,7 +64,7 @@ public async Async.Task Run( // requeuing ourselves because azure functions doesn't support retry policies // for queue based functions. - var result = await FileAdded(fileChangeEvent, isLastRetryAttempt: false); + var result = await FileAdded(storageAccount, fileChangeEvent, isLastRetryAttempt: false); if (!result.IsOk && result.ErrorV.Code == ErrorCode.ADO_WORKITEM_PROCESSING_DISABLED) { await RequeueMessage(msg, TimeSpan.FromDays(1)); } @@ -71,16 +74,47 @@ public async Async.Task Run( } } - private async Async.Task FileAdded(JsonDocument fileChangeEvent, bool isLastRetryAttempt) { + private async Async.Task FileAdded(ResourceIdentifier storageAccount, JsonDocument fileChangeEvent, bool isLastRetryAttempt) { var data = fileChangeEvent.RootElement.GetProperty("data"); var url = data.GetProperty("url").GetString()!; var parts = url.Split("/").Skip(3).ToList(); - var container = parts[0]; + var container = Container.Parse(parts[0]); var path = string.Join('/', parts.Skip(1)); - _log.LogInformation("file added : {Container} - {Path}", container, path); - return await _notificationOperations.NewFiles(Container.Parse(container), path, isLastRetryAttempt); + _log.LogInformation("file added : {Container} - {Path}", container.String, path); + + var (_, result) = await ( + ApplyRetentionPolicy(storageAccount, container, path), + _notificationOperations.NewFiles(container, path, isLastRetryAttempt)); + + return result; + } + + private async Async.Task ApplyRetentionPolicy(ResourceIdentifier storageAccount, Container container, string path) { + if (await _context.FeatureManagerSnapshot.IsEnabledAsync(FeatureFlagConstants.EnableContainerRetentionPolicies)) { + // default retention period can be applied to the container + // if one exists, we will set the expiry date on the newly-created blob, if it doesn't already have one + var account = await _storage.GetBlobServiceClientForAccount(storageAccount); + var containerClient = account.GetBlobContainerClient(container.String); + var containerProps = await containerClient.GetPropertiesAsync(); + var retentionPeriod = RetentionPolicyUtils.GetContainerRetentionPeriodFromMetadata(containerProps.Value.Metadata); + if (!retentionPeriod.IsOk) { + _log.LogError("invalid retention period: {Error}", retentionPeriod.ErrorV); + } else if (retentionPeriod.OkV is TimeSpan period) { + var blobClient = containerClient.GetBlobClient(path); + var tags = (await blobClient.GetTagsAsync()).Value.Tags; + var expiryDate = DateTime.UtcNow + period; + var tag = RetentionPolicyUtils.CreateExpiryDateTag(DateOnly.FromDateTime(expiryDate)); + if (tags.TryAdd(tag.Key, tag.Value)) { + _ = await blobClient.SetTagsAsync(tags); + _log.LogInformation("applied container retention policy ({Policy}) to {Path}", period, path); + return true; + } + } + } + + return false; } private async Async.Task RequeueMessage(string msg, TimeSpan? visibilityTimeout = null) { diff --git a/src/ApiService/ApiService/Functions/QueueNodeHeartbeat.cs b/src/ApiService/ApiService/Functions/QueueNodeHeartbeat.cs index ba19175938..649443cf28 100644 --- a/src/ApiService/ApiService/Functions/QueueNodeHeartbeat.cs +++ b/src/ApiService/ApiService/Functions/QueueNodeHeartbeat.cs @@ -41,9 +41,8 @@ public async Async.Task Run([QueueTrigger("node-heartbeat", Connection = "AzureW var nodeHeartbeatEvent = new EventNodeHeartbeat(node.MachineId, node.ScalesetId, node.PoolName, node.State); // TODO: do we still send event if we fail do update the table ? await events.SendEvent(nodeHeartbeatEvent); - if (await _context.FeatureManagerSnapshot.IsEnabledAsync(FeatureFlagConstants.EnableCustomMetricTelemetry)) { - metrics.SendMetric(1, nodeHeartbeatEvent); - } + metrics.SendMetric(1, nodeHeartbeatEvent); + } } diff --git a/src/ApiService/ApiService/Functions/QueueTaskHeartbeat.cs b/src/ApiService/ApiService/Functions/QueueTaskHeartbeat.cs index 6eba20c9cf..850e77f71f 100644 --- a/src/ApiService/ApiService/Functions/QueueTaskHeartbeat.cs +++ b/src/ApiService/ApiService/Functions/QueueTaskHeartbeat.cs @@ -45,8 +45,7 @@ public async Async.Task Run([QueueTrigger("task-heartbeat", Connection = "AzureW var taskHeartBeatEvent = new EventTaskHeartbeat(newTask.JobId, newTask.TaskId, job.Config.Project, job.Config.Name, newTask.State, newTask.Config); await _events.SendEvent(taskHeartBeatEvent); - if (await _context.FeatureManagerSnapshot.IsEnabledAsync(FeatureFlagConstants.EnableCustomMetricTelemetry)) { - _metrics.SendMetric(1, taskHeartBeatEvent); - } + _metrics.SendMetric(1, taskHeartBeatEvent); + } } diff --git a/src/ApiService/ApiService/OneFuzzTypes/Enums.cs b/src/ApiService/ApiService/OneFuzzTypes/Enums.cs index b1f7225b5f..4692debfe8 100644 --- a/src/ApiService/ApiService/OneFuzzTypes/Enums.cs +++ b/src/ApiService/ApiService/OneFuzzTypes/Enums.cs @@ -49,6 +49,8 @@ public enum ErrorCode { ADO_VALIDATION_MISSING_PAT_SCOPES = 492, ADO_WORKITEM_PROCESSING_DISABLED = 494, ADO_VALIDATION_INVALID_PATH = 495, + ADO_VALIDATION_INVALID_PROJECT = 496, + INVALID_RETENTION_PERIOD = 497, // NB: if you update this enum, also update enums.py } diff --git a/src/ApiService/ApiService/OneFuzzTypes/Events.cs b/src/ApiService/ApiService/OneFuzzTypes/Events.cs index d81e083db4..b06391f12f 100644 --- a/src/ApiService/ApiService/OneFuzzTypes/Events.cs +++ b/src/ApiService/ApiService/OneFuzzTypes/Events.cs @@ -124,7 +124,8 @@ TaskConfig Config public record EventJobCreated( Guid JobId, JobConfig Config, - StoredUserInfo? UserInfo + StoredUserInfo? UserInfo, + string OneFuzzVersion ) : BaseEvent(); diff --git a/src/ApiService/ApiService/OneFuzzTypes/Model.cs b/src/ApiService/ApiService/OneFuzzTypes/Model.cs index b839f52ddc..424669899a 100644 --- a/src/ApiService/ApiService/OneFuzzTypes/Model.cs +++ b/src/ApiService/ApiService/OneFuzzTypes/Model.cs @@ -689,6 +689,7 @@ public record AdoTemplate( List UniqueFields, Dictionary AdoFields, ADODuplicateTemplate OnDuplicate, + Dictionary? AdoDuplicateFields = null, string? Comment = null ) : NotificationTemplate { public async Task Validate() { @@ -704,8 +705,9 @@ public record RenderedAdoTemplate( List UniqueFields, Dictionary AdoFields, ADODuplicateTemplate OnDuplicate, + Dictionary? AdoDuplicateFields = null, string? Comment = null - ) : AdoTemplate(BaseUrl, AuthToken, Project, Type, UniqueFields, AdoFields, OnDuplicate, Comment); + ) : AdoTemplate(BaseUrl, AuthToken, Project, Type, UniqueFields, AdoFields, OnDuplicate, AdoDuplicateFields, Comment); public record TeamsTemplate(SecretData Url) : NotificationTemplate { public Task Validate() { diff --git a/src/ApiService/ApiService/onefuzzlib/NotificationOperations.cs b/src/ApiService/ApiService/onefuzzlib/NotificationOperations.cs index dc133e1fba..0eca5b1e00 100644 --- a/src/ApiService/ApiService/onefuzzlib/NotificationOperations.cs +++ b/src/ApiService/ApiService/onefuzzlib/NotificationOperations.cs @@ -22,13 +22,12 @@ public NotificationOperations(ILogger log, IOnefuzzConte } public async Async.Task NewFiles(Container container, string filename, bool isLastRetryAttempt) { - var result = OneFuzzResultVoid.Ok; - // We don't want to store file added events for the events container because that causes an infinite loop if (container == WellKnownContainers.Events) { - return result; + return Result.Ok(); } + var result = OneFuzzResultVoid.Ok; var notifications = GetNotifications(container); var hasNotifications = await notifications.AnyAsync(); var reportOrRegression = await _context.Reports.GetReportOrRegression(container, filename, expectReports: hasNotifications); diff --git a/src/ApiService/ApiService/onefuzzlib/RententionPolicy.cs b/src/ApiService/ApiService/onefuzzlib/RententionPolicy.cs deleted file mode 100644 index 4052db93e1..0000000000 --- a/src/ApiService/ApiService/onefuzzlib/RententionPolicy.cs +++ /dev/null @@ -1,24 +0,0 @@ -namespace Microsoft.OneFuzz.Service; - - -public interface IRetentionPolicy { - DateOnly GetExpiryDate(); -} - -public class RetentionPolicyUtils { - public const string EXPIRY_TAG = "Expiry"; - public static KeyValuePair CreateExpiryDateTag(DateOnly expiryDate) => - new(EXPIRY_TAG, expiryDate.ToString()); - - public static DateOnly? GetExpiryDateTagFromTags(IDictionary? blobTags) { - if (blobTags != null && - blobTags.TryGetValue(EXPIRY_TAG, out var expiryTag) && - !string.IsNullOrWhiteSpace(expiryTag) && - DateOnly.TryParse(expiryTag, out var expiryDate)) { - return expiryDate; - } - return null; - } - - public static string CreateExpiredBlobTagFilter() => $@"""{EXPIRY_TAG}"" <= '{DateOnly.FromDateTime(DateTime.UtcNow)}'"; -} diff --git a/src/ApiService/ApiService/onefuzzlib/RetentionPolicy.cs b/src/ApiService/ApiService/onefuzzlib/RetentionPolicy.cs new file mode 100644 index 0000000000..48d81df5c7 --- /dev/null +++ b/src/ApiService/ApiService/onefuzzlib/RetentionPolicy.cs @@ -0,0 +1,43 @@ +using System.Xml; + +namespace Microsoft.OneFuzz.Service; + + +public interface IRetentionPolicy { + DateOnly GetExpiryDate(); +} + +public class RetentionPolicyUtils { + public const string EXPIRY_TAG = "Expiry"; + public static KeyValuePair CreateExpiryDateTag(DateOnly expiryDate) => + new(EXPIRY_TAG, expiryDate.ToString()); + + public static DateOnly? GetExpiryDateTagFromTags(IDictionary? blobTags) { + if (blobTags != null && + blobTags.TryGetValue(EXPIRY_TAG, out var expiryTag) && + !string.IsNullOrWhiteSpace(expiryTag) && + DateOnly.TryParse(expiryTag, out var expiryDate)) { + return expiryDate; + } + return null; + } + + public static string CreateExpiredBlobTagFilter() => $@"""{EXPIRY_TAG}"" <= '{DateOnly.FromDateTime(DateTime.UtcNow)}'"; + + // NB: this must match the value used on the CLI side + public const string CONTAINER_RETENTION_KEY = "onefuzz_retentionperiod"; + + public static OneFuzzResult GetContainerRetentionPeriodFromMetadata(IDictionary? containerMetadata) { + if (containerMetadata is not null && + containerMetadata.TryGetValue(CONTAINER_RETENTION_KEY, out var retentionString) && + !string.IsNullOrWhiteSpace(retentionString)) { + try { + return Result.Ok(XmlConvert.ToTimeSpan(retentionString)); + } catch (Exception ex) { + return Error.Create(ErrorCode.INVALID_RETENTION_PERIOD, ex.Message); + } + } + + return Result.Ok(null); + } +} diff --git a/src/ApiService/ApiService/onefuzzlib/notifications/Ado.cs b/src/ApiService/ApiService/onefuzzlib/notifications/Ado.cs index e05bb9bc24..b1442851ba 100644 --- a/src/ApiService/ApiService/onefuzzlib/notifications/Ado.cs +++ b/src/ApiService/ApiService/onefuzzlib/notifications/Ado.cs @@ -89,30 +89,97 @@ private static bool IsTransient(Exception e) { return errorCodes.Any(errorStr.Contains); } - private static async Async.Task ValidatePath(string project, string path, TreeStructureGroup structureGroup, WorkItemTrackingHttpClient client) { - var pathType = (structureGroup == TreeStructureGroup.Areas) ? "Area" : "Iteration"; - var pathParts = path.Split('\\'); - if (!string.Equals(pathParts[0], project, StringComparison.OrdinalIgnoreCase)) { + public static OneFuzzResultVoid ValidateTreePath(IEnumerable path, WorkItemClassificationNode? root) { + if (root is null) { + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PROJECT, new string[] { + $"Path \"{string.Join('\\', path)}\" is invalid. The specified ADO project doesn't exist.", + "Double check the 'project' field in your ADO config.", + }); + } + + string treeNodeTypeName; + switch (root.StructureType) { + case TreeNodeStructureType.Area: + treeNodeTypeName = "Area"; + break; + case TreeNodeStructureType.Iteration: + treeNodeTypeName = "Iteration"; + break; + default: + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { + $"Path root \"{root.Name}\" is an unsupported type. Expected Area or Iteration but got {root.StructureType}.", + }); + } + + // Validate path based on + // https://learn.microsoft.com/en-us/azure/devops/organizations/settings/about-areas-iterations?view=azure-devops#naming-restrictions + var maxNodeLength = 255; + var maxDepth = 13; + // Invalid characters from the link above plus the escape sequences (since they have backslashes and produce confusingly formatted errors if not caught here) + var invalidChars = new char[] { '/', ':', '*', '?', '"', '<', '>', '|', ';', '#', '$', '*', '{', '}', ',', '+', '=', '[', ']' }; + + // Ensure that none of the path parts are too long + var erroneous = path.FirstOrDefault(part => part.Length > maxNodeLength); + if (erroneous != null) { + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. \"{erroneous}\" is too long. It must be less than {maxNodeLength} characters.", + "Learn more about naming restrictions here: https://learn.microsoft.com/en-us/azure/devops/organizations/settings/about-areas-iterations?view=azure-devops#naming-restrictions" + }); + } + + // Ensure that none of the path parts contain invalid characters + erroneous = path.FirstOrDefault(part => invalidChars.Any(part.Contains)); + if (erroneous != null) { return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { - $"Path \"{path}\" is invalid. It must start with the project name, \"{project}\".", - $"Example: \"{project}\\{path}\".", + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. \"{erroneous}\" contains an invalid character ({string.Join(" ", invalidChars)}).", + "Make sure that the path is separated by backslashes (\\) and not forward slashes (/).", + "Learn more about naming restrictions here: https://learn.microsoft.com/en-us/azure/devops/organizations/settings/about-areas-iterations?view=azure-devops#naming-restrictions" }); } - var current = await client.GetClassificationNodeAsync(project, structureGroup, depth: pathParts.Length - 1); - if (current == null) { + // Ensure no unicode control characters + erroneous = path.FirstOrDefault(part => part.Any(ch => char.IsControl(ch))); + if (erroneous != null) { return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { - $"{pathType} Path \"{path}\" is invalid. \"{project}\" is not a valid project.", + // More about control codes and their range here: https://en.wikipedia.org/wiki/Unicode_control_characters + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. \"{erroneous}\" contains a unicode control character (\\u0000 - \\u001F or \\u007F - \\u009F).", + "Make sure that you're path doesn't contain any escape characters (\\0 \\a \\b \\f \\n \\r \\t \\v).", + "Learn more about naming restrictions here: https://learn.microsoft.com/en-us/azure/devops/organizations/settings/about-areas-iterations?view=azure-devops#naming-restrictions" }); } - foreach (var part in pathParts.Skip(1)) { + // Ensure that there aren't too many path parts + if (path.Count() > maxDepth) { + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. It must be less than {maxDepth} levels deep.", + "Learn more about naming restrictions here: https://learn.microsoft.com/en-us/azure/devops/organizations/settings/about-areas-iterations?view=azure-devops#naming-restrictions" + }); + } + + + // Path should always start with the project name ADO expects an absolute path + if (!string.Equals(path.First(), root.Name, StringComparison.OrdinalIgnoreCase)) { + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. It must start with the project name, \"{root.Name}\".", + $"Example: \"{root.Name}\\{path}\".", + }); + } + + // Validate that each part of the path is a valid child of the previous part + var current = root; + foreach (var part in path.Skip(1)) { var child = current.Children?.FirstOrDefault(x => string.Equals(x.Name, part, StringComparison.OrdinalIgnoreCase)); if (child == null) { - return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { - $"{pathType} Path \"{path}\" is invalid. \"{part}\" is not a valid child of \"{current.Name}\".", - $"Valid children of \"{current.Name}\" are: [{string.Join(',', current.Children?.Select(x => $"\"{x.Name}\"") ?? new List())}].", - }); + if (current.Children is null || !current.Children.Any()) { + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. \"{current.Name}\" has no children.", + }); + } else { + return OneFuzzResultVoid.Error(ErrorCode.ADO_VALIDATION_INVALID_PATH, new string[] { + $"{treeNodeTypeName} Path \"{string.Join('\\', path)}\" is invalid. \"{part}\" is not a valid child of \"{current.Name}\".", + $"Valid children of \"{current.Name}\" are: [{string.Join(',', current.Children?.Select(x => $"\"{x.Name}\"") ?? new List())}].", + }); + } } current = child; @@ -195,14 +262,19 @@ await policy.ExecuteAsync(async () => { try { // Validate AreaPath and IterationPath exist + // This also validates that the config.Project exists if (config.AdoFields.TryGetValue("System.AreaPath", out var areaPathString)) { - var validateAreaPath = await ValidatePath(config.Project, areaPathString, TreeStructureGroup.Areas, witClient); + var path = areaPathString.Split('\\'); + var root = await witClient.GetClassificationNodeAsync(config.Project, TreeStructureGroup.Areas, depth: path.Length - 1); + var validateAreaPath = ValidateTreePath(path, root); if (!validateAreaPath.IsOk) { return validateAreaPath; } } if (config.AdoFields.TryGetValue("System.IterationPath", out var iterationPathString)) { - var validateIterationPath = await ValidatePath(config.Project, iterationPathString, TreeStructureGroup.Iterations, witClient); + var path = iterationPathString.Split('\\'); + var root = await witClient.GetClassificationNodeAsync(config.Project, TreeStructureGroup.Iterations, depth: path.Length - 1); + var validateIterationPath = ValidateTreePath(path, root); if (!validateIterationPath.IsOk) { return validateIterationPath; } @@ -291,6 +363,7 @@ public static RenderedAdoTemplate RenderAdoTemplate(ILogger logTracer, Renderer original.UniqueFields, adoFields, onDuplicate, + original.AdoDuplicateFields, original.Comment != null ? Render(renderer, original.Comment, instanceUrl, logTracer) : null ); } @@ -535,7 +608,7 @@ public async Async.Task Process(IList<(string, string)> notificationInfo) { _logTracer.AddTags(new List<(string, string)> { ("MatchingWorkItemIds", $"{workItem.Id}") }); _logTracer.LogInformation("Found matching work item"); } - if (IsADODuplicateWorkItem(workItem)) { + if (IsADODuplicateWorkItem(workItem, _config.AdoDuplicateFields)) { continue; } @@ -575,13 +648,17 @@ public async Async.Task Process(IList<(string, string)> notificationInfo) { } } - private static bool IsADODuplicateWorkItem(WorkItem wi) { + private static bool IsADODuplicateWorkItem(WorkItem wi, Dictionary? duplicateFields) { // A work item could have System.State == Resolve && System.Reason == Duplicate // OR it could have System.State == Closed && System.Reason == Duplicate // I haven't found any other combinations where System.Reason could be duplicate but just to be safe // we're explicitly _not_ checking the state of the work item to determine if it's duplicate return wi.Fields.ContainsKey("System.Reason") && string.Equals(wi.Fields["System.Reason"].ToString(), "Duplicate", StringComparison.OrdinalIgnoreCase) || wi.Fields.ContainsKey("Microsoft.VSTS.Common.ResolvedReason") && string.Equals(wi.Fields["Microsoft.VSTS.Common.ResolvedReason"].ToString(), "Duplicate", StringComparison.OrdinalIgnoreCase) + || duplicateFields?.Any(fieldPair => { + var (field, value) = fieldPair; + return wi.Fields.ContainsKey(field) && string.Equals(wi.Fields[field].ToString(), value, StringComparison.OrdinalIgnoreCase); + }) == true // Alternatively, the work item can also specify a 'relation' to another work item. // This is typically used to create parent/child relationships between work items but can also // Be used to mark duplicates so we should check this as well. diff --git a/src/ApiService/IntegrationTests/JinjaToScribanMigrationTests.cs b/src/ApiService/IntegrationTests/JinjaToScribanMigrationTests.cs index 0ae3b11cb5..4033a05369 100644 --- a/src/ApiService/IntegrationTests/JinjaToScribanMigrationTests.cs +++ b/src/ApiService/IntegrationTests/JinjaToScribanMigrationTests.cs @@ -111,6 +111,7 @@ public async Async.Task OptionalFieldsAreSupported() { }, "{{ if org }} blah {{ end }}" ), + null, "{{ if org }} blah {{ end }}" ); @@ -137,6 +138,7 @@ public async Async.Task All_ADO_Fields_Are_Migrated() { }, "{% if org %} comment {% endif %}" ), + null, "{% if org %} comment {% endif %}" ); diff --git a/src/ApiService/Tests/OrmModelsTest.cs b/src/ApiService/Tests/OrmModelsTest.cs index 1aa7d2d163..956d0c30c5 100644 --- a/src/ApiService/Tests/OrmModelsTest.cs +++ b/src/ApiService/Tests/OrmModelsTest.cs @@ -232,6 +232,7 @@ from authToken in Arb.Generate>() from str in Arb.Generate() from fields in Arb.Generate>() from adoFields in Arb.Generate>() + from adoDuplicateFields in Arb.Generate>() from dupeTemplate in Arb.Generate() select new AdoTemplate( baseUrl, @@ -241,6 +242,7 @@ from dupeTemplate in Arb.Generate() fields, adoFields, dupeTemplate, + adoDuplicateFields, str.Get)); public static Arbitrary ArbTeamsTemplate() diff --git a/src/ApiService/Tests/TreePathTests.cs b/src/ApiService/Tests/TreePathTests.cs new file mode 100644 index 0000000000..fba818793c --- /dev/null +++ b/src/ApiService/Tests/TreePathTests.cs @@ -0,0 +1,148 @@ +using System.Collections.Generic; +using System.Linq; +using Microsoft.OneFuzz.Service; +using Microsoft.TeamFoundation.WorkItemTracking.WebApi.Models; +using Xunit; + +namespace Tests; + +// This might be a good candidate for property based testing +// https://fscheck.github.io/FsCheck//QuickStart.html +public class TreePathTests { + private static IEnumerable SplitPath(string path) { + return path.Split('\\'); + } + + private static WorkItemClassificationNode MockTreeNode(IEnumerable path, TreeNodeStructureType structureType) { + var root = new WorkItemClassificationNode() { + Name = path.First(), + StructureType = structureType + }; + + var current = root; + foreach (var segment in path.Skip(1)) { + var child = new WorkItemClassificationNode { + Name = segment + }; + current.Children = new[] { child }; + current = child; + } + + return root; + } + + + [Fact] + public void TestValidPath() { + var path = SplitPath(@"project\foo\bar\baz"); + var root = MockTreeNode(path, TreeNodeStructureType.Area); + + var result = Ado.ValidateTreePath(path, root); + + Assert.True(result.IsOk); + } + + [Fact] + public void TestNullTreeNode() { // A null tree node indicates an invalid ADO project was used in the query + var path = SplitPath(@"project\foo\bar\baz"); + + var result = Ado.ValidateTreePath(path, null); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PROJECT, result.ErrorV!.Code); + Assert.Contains("ADO project doesn't exist", result.ErrorV!.Errors![0]); + } + + [Fact] + public void TestPathPartTooLong() { + var path = SplitPath(@"project\foo\barbazquxquuxcorgegraultgarplywaldofredplughxyzzythudbarbazquxquuxcorgegraultgarplywaldofredplughxyzzythudbarbazquxquuxcorgegraultgarplywaldofredplughxyzzythudbarbazquxquuxcorgegraultgarplywaldofredplughxyzzythudbarbazquxquuxcorgegraultgarplywaldofredplughxyzzythud\baz"); + var root = MockTreeNode(path, TreeNodeStructureType.Iteration); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("too long", result.ErrorV!.Errors![0]); + } + + [Theory] + [InlineData("project/foo/bar/baz")] + [InlineData("project\\foo:\\bar\\baz")] + public void TestPathContainsInvalidChar(string invalidPath) { + var path = SplitPath(invalidPath); + var treePath = SplitPath(@"project\foo\bar\baz"); + var root = MockTreeNode(treePath, TreeNodeStructureType.Area); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("invalid character", result.ErrorV!.Errors![0]); + } + + [Theory] + [InlineData("project\\foo\\ba\u0005r\\baz")] + [InlineData("project\\\nfoo\\bar\\baz")] + public void TestPathContainsUnicodeControlChar(string invalidPath) { + var path = SplitPath(invalidPath); + var treePath = SplitPath(@"project\foo\bar\baz"); + var root = MockTreeNode(treePath, TreeNodeStructureType.Area); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("unicode control character", result.ErrorV!.Errors![0]); + } + + [Fact] + public void TestPathTooDeep() { + var path = SplitPath(@"project\foo\bar\baz\qux\quux\corge\grault\garply\waldo\fred\plugh\xyzzy\thud"); + var root = MockTreeNode(path, TreeNodeStructureType.Area); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("levels deep", result.ErrorV!.Errors![0]); + } + + [Fact] + public void TestPathWithoutProjectName() { + var path = SplitPath(@"foo\bar\baz"); + var treePath = SplitPath(@"project\foo\bar\baz"); + var root = MockTreeNode(treePath, TreeNodeStructureType.Iteration); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("start with the project name", result.ErrorV!.Errors![0]); + } + + [Fact] + public void TestPathWithInvalidChild() { + var path = SplitPath(@"project\foo\baz"); + var treePath = SplitPath(@"project\foo\bar"); + var root = MockTreeNode(treePath, TreeNodeStructureType.Iteration); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("not a valid child", result.ErrorV!.Errors![0]); + } + + [Fact] + public void TestPathWithExtraChild() { + var path = SplitPath(@"project\foo\bar\baz"); + var treePath = SplitPath(@"project\foo\bar"); + var root = MockTreeNode(treePath, TreeNodeStructureType.Iteration); + + var result = Ado.ValidateTreePath(path, root); + + Assert.False(result.IsOk); + Assert.Equal(ErrorCode.ADO_VALIDATION_INVALID_PATH, result.ErrorV!.Code); + Assert.Contains("has no children", result.ErrorV!.Errors![0]); + } +} diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 254684be97..0bda5f9f8d 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -14,7 +14,7 @@ version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4fa78e18c64fce05e902adecd7a5eed15a5e0a3439f7b0e169f0252214865e3" dependencies = [ - "gimli", + "gimli 0.27.3", ] [[package]] @@ -60,16 +60,15 @@ dependencies = [ [[package]] name = "anstream" -version = "0.3.2" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163" +checksum = "b1f58811cfac344940f1a400b6e6231ce35171f614f26439e80f8c1465c5cc0c" dependencies = [ "anstyle", "anstyle-parse", "anstyle-query", "anstyle-wincon", "colorchoice", - "is-terminal", "utf8parse", ] @@ -99,9 +98,9 @@ dependencies = [ [[package]] name = "anstyle-wincon" -version = "1.0.2" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c677ab05e09154296dd37acecd46420c17b9713e8366facafa8fc0885167cf4c" +checksum = "58f54d10c6dfa51283a066ceab3ec1ab78d13fae00aa49243a45e4571fb79dfd" dependencies = [ "anstyle", "windows-sys 0.48.0", @@ -200,9 +199,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "azure_core" -version = "0.13.0" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86b0f0eea648347e40f5f7f7e6bfea4553bcefad0fbf52044ea339e5ce3aba61" +checksum = "1f20eb684aea745292c540173304383c9cba9697d1c31d307620a57d6f878fa9" dependencies = [ "async-trait", "base64 0.21.2", @@ -214,7 +213,7 @@ dependencies = [ "log", "paste", "pin-project", - "quick-xml 0.29.0", + "quick-xml", "rand 0.8.5", "reqwest", "rustc_version", @@ -227,9 +226,9 @@ dependencies = [ [[package]] name = "azure_storage" -version = "0.13.0" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32d9cfa13ed9acb51cd663e04f343bd550a92b455add96c90de387a9a6bc4dbc" +checksum = "bf64f9d78e573f64e189fa7188c4e6a0f605e27740105a8d32038b3ba8c913be" dependencies = [ "RustyXML", "async-trait", @@ -250,9 +249,9 @@ dependencies = [ [[package]] name = "azure_storage_blobs" -version = "0.13.1" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57cb0fe58af32a3fb49e560613cb1e4937f9f13161a2c1caf1bba0224435f2af" +checksum = "a61299a8b65b88acba1a079a0b5e8a39970a12cb53e35ada2641687edb022d5a" dependencies = [ "RustyXML", "azure_core", @@ -397,9 +396,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.4.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" +checksum = "a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223" dependencies = [ "serde", ] @@ -465,33 +464,31 @@ dependencies = [ [[package]] name = "clap" -version = "4.3.21" +version = "4.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c27cdf28c0f604ba3f512b0c9a409f8de8513e4816705deb0498b627e7c3a3fd" +checksum = "6a13b88d2c62ff462f88e4a121f17a82c1af05693a2f192b5c38d14de73c19f6" dependencies = [ "clap_builder", "clap_derive", - "once_cell", ] [[package]] name = "clap_builder" -version = "4.3.21" +version = "4.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08a9f1ab5e9f01a9b81f202e8562eb9a10de70abf9eaeac1be465c28b75aa4aa" +checksum = "2bb9faaa7c2ef94b2743a21f5a29e6f0010dff4caa69ac8e9d6cf8b6fa74da08" dependencies = [ "anstream", "anstyle", "clap_lex", - "once_cell", "strsim", ] [[package]] name = "clap_derive" -version = "4.3.12" +version = "4.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54a9bb5758fc5dfe728d1019941681eccaf0cf8a4189b692a0ee2f2ecf90a050" +checksum = "0862016ff20d69b84ef8247369fabf5c008a7417002411897d40ee1f4532b873" dependencies = [ "heck", "proc-macro2 1.0.66", @@ -510,7 +507,7 @@ name = "cobertura" version = "0.1.0" dependencies = [ "anyhow", - "quick-xml 0.30.0", + "quick-xml", ] [[package]] @@ -575,6 +572,7 @@ dependencies = [ "nix", "pete", "pretty_assertions", + "process_control", "procfs", "regex", "symbolic", @@ -749,7 +747,7 @@ dependencies = [ "anyhow", "clap", "elsa", - "gimli", + "gimli 0.28.0", "goblin", "iced-x86", "log", @@ -768,7 +766,7 @@ dependencies = [ "goblin", "iced-x86", "log", - "memmap2 0.7.1", + "memmap2 0.8.0", "rand 0.8.5", "serde", "win-util", @@ -863,7 +861,7 @@ dependencies = [ "regex", "thiserror", "windows", - "winreg 0.50.0", + "winreg 0.51.0", ] [[package]] @@ -883,9 +881,9 @@ dependencies = [ [[package]] name = "elsa" -version = "1.8.1" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5e0aca8dce8856e420195bd13b6a64de3334235ccc9214e824b86b12bf26283" +checksum = "714f766f3556b44e7e4776ad133fcc3445a489517c25c704ace411bb14790194" dependencies = [ "stable_deref_trait", ] @@ -968,6 +966,12 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4443176a9f2c162692bd3d352d745ef9413eec5782a80d8fd6f8a1ac692a07f7" +[[package]] +name = "fallible-iterator" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2acce4a10f12dc2fb14a218589d4f1f62ef011b2d0cc4b3cb1bba8e94da14649" + [[package]] name = "fastrand" version = "1.9.0" @@ -1257,8 +1261,18 @@ version = "0.27.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e" dependencies = [ - "fallible-iterator", - "indexmap 1.9.3", + "fallible-iterator 0.2.0", + "stable_deref_trait", +] + +[[package]] +name = "gimli" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fb8d784f27acf97159b40fc4db5ecd8aa23b9ad5ef69cdd136d3bc80665f0c0" +dependencies = [ + "fallible-iterator 0.3.0", + "indexmap 2.0.0", "stable_deref_trait", ] @@ -1590,9 +1604,9 @@ dependencies = [ [[package]] name = "insta" -version = "1.31.0" +version = "1.32.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0770b0a3d4c70567f0d58331f3088b0e4c4f56c9b8d764efe654b4a5d46de3a" +checksum = "a3e02c584f4595792d09509a94cdb92a3cef7592b1eb2d9877ee6f527062d0ea" dependencies = [ "console", "globset", @@ -1845,9 +1859,9 @@ dependencies = [ [[package]] name = "memmap2" -version = "0.7.1" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f49388d20533534cd19360ad3d6a7dadc885944aa802ba3995040c5ec11288c6" +checksum = "43a5a03cefb0d953ec0be133036f14e109412fa594edc2f77227249db66cc3ed" dependencies = [ "libc", ] @@ -2035,18 +2049,19 @@ dependencies = [ [[package]] name = "notify" -version = "6.0.1" +version = "6.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5738a2795d57ea20abec2d6d76c6081186709c0024187cd5977265eda6598b51" +checksum = "6205bd8bb1e454ad2e27422015fb5e4f2bcc7e08fa8f27058670d208324a4d2d" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.3.3", "filetime", "inotify", "kqueue", "libc", + "log", "mio 0.8.8", "walkdir", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] @@ -2151,7 +2166,7 @@ dependencies = [ "urlparse", "uuid", "windows", - "winreg 0.50.0", + "winreg 0.51.0", ] [[package]] @@ -2193,7 +2208,7 @@ dependencies = [ "coverage", "debuggable-module", "pretty_assertions", - "quick-xml 0.30.0", + "quick-xml", "serde", "serde_json", ] @@ -2403,7 +2418,7 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "82040a392923abe6279c00ab4aff62d5250d1c8555dc780e4b02783a7aa74863" dependencies = [ - "fallible-iterator", + "fallible-iterator 0.2.0", "scroll", "uuid", ] @@ -2436,9 +2451,9 @@ checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" [[package]] name = "pete" -version = "0.10.0" +version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "229eb6b3cb0d3d075727c614687ab08384cac3b75fa100e1e08b30d7bee39d00" +checksum = "0f09c1c1ad40df294ff8643fe88a3dc64fff3293b6bc0ed9f71aff71f7086cbd" dependencies = [ "libc", "memoffset 0.8.0", @@ -2587,16 +2602,6 @@ dependencies = [ "snafu", ] -[[package]] -name = "quick-xml" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81b9228215d82c7b61490fec1de287136b5de6f5700f6e58ea9ad61a7964ca51" -dependencies = [ - "memchr", - "serde", -] - [[package]] name = "quick-xml" version = "0.30.0" @@ -2724,9 +2729,9 @@ dependencies = [ [[package]] name = "rayon" -version = "1.7.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d2df5196e37bcc87abebc0053e20787d73847bb33134a69841207dd0a47f03b" +checksum = "9c27db03db7734835b3f53954b534c91069375ce6ccaa2e065441e07d9b6cdb1" dependencies = [ "either", "rayon-core", @@ -2734,14 +2739,12 @@ dependencies = [ [[package]] name = "rayon-core" -version = "1.11.0" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b8f95bd6966f5c87776639160a66bd8ab9895d9d4ab01ddba9fc60661aebe8d" +checksum = "5ce3fb6ad83f861aac485e76e1985cd109d9a3713802152be56c3b1f0e0658ed" dependencies = [ - "crossbeam-channel", "crossbeam-deque", "crossbeam-utils", - "num_cpus", ] [[package]] @@ -3278,7 +3281,7 @@ dependencies = [ "flume", "num_cpus", "queue-file", - "quick-xml 0.30.0", + "quick-xml", "regex", "reqwest", "reqwest-retry", @@ -3368,9 +3371,9 @@ dependencies = [ "dmsort", "elementtree", "elsa", - "fallible-iterator", + "fallible-iterator 0.2.0", "flate2", - "gimli", + "gimli 0.27.3", "goblin", "lazy_static", "nom", @@ -3468,9 +3471,9 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.7.1" +version = "3.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc02fddf48964c42031a0b3fe0428320ecf3a73c401040fc0096f97794310651" +checksum = "cb94d2f3cc536af71caac6b6fcebf65860b347e7ce0cc9ebe8f70d3e521054ef" dependencies = [ "cfg-if 1.0.0", "fastrand 2.0.0", @@ -3555,9 +3558,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.30.0" +version = "1.32.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d3ce25f50619af8b0aec2eb23deebe84249e19e2ddd393a6e16e3300a6dadfd" +checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9" dependencies = [ "backtrace", "bytes", @@ -3950,7 +3953,7 @@ dependencies = [ "os_pipe", "tempfile", "windows", - "winreg 0.50.0", + "winreg 0.51.0", ] [[package]] @@ -4148,9 +4151,9 @@ dependencies = [ [[package]] name = "winreg" -version = "0.50.0" +version = "0.51.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +checksum = "937f3df7948156640f46aacef17a70db0de5917bda9c92b0f751f3a955b588fc" dependencies = [ "cfg-if 1.0.0", "windows-sys 0.48.0", diff --git a/src/agent/coverage/Cargo.toml b/src/agent/coverage/Cargo.toml index 29e67523d9..e1ced7050f 100644 --- a/src/agent/coverage/Cargo.toml +++ b/src/agent/coverage/Cargo.toml @@ -20,23 +20,24 @@ symbolic = { version = "12.3", features = [ "symcache", ] } thiserror = "1.0" +process_control = "4.0" [target.'cfg(target_os = "windows")'.dependencies] debugger = { path = "../debugger" } [target.'cfg(target_os = "linux")'.dependencies] nix = "0.26" -pete = "0.10" +pete = "0.12" # For procfs, opt out of the `chrono` freature; it pulls in an old version # of `time`. We do not use the methods that the `chrono` feature enables. procfs = { version = "0.15.1", default-features = false, features = ["flate2"] } [dev-dependencies] -clap = { version = "4.3", features = ["derive"] } +clap = { version = "4.4", features = ["derive"] } env_logger = "0.10.0" pretty_assertions = "1.4.0" -insta = { version = "1.31.0", features = ["glob"] } +insta = { version = "1.32.0", features = ["glob"] } coverage = { path = "../coverage" } cc = "1.0" -tempfile = "3.7.0" +tempfile = "3.8.0" dunce = "1.0" diff --git a/src/agent/coverage/fuzz/.gitignore b/src/agent/coverage/fuzz/.gitignore new file mode 100644 index 0000000000..1a45eee776 --- /dev/null +++ b/src/agent/coverage/fuzz/.gitignore @@ -0,0 +1,4 @@ +target +corpus +artifacts +coverage diff --git a/src/agent/coverage/fuzz/Cargo.lock b/src/agent/coverage/fuzz/Cargo.lock new file mode 100644 index 0000000000..6096b84473 --- /dev/null +++ b/src/agent/coverage/fuzz/Cargo.lock @@ -0,0 +1,1480 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "addr2line" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4fa78e18c64fce05e902adecd7a5eed15a5e0a3439f7b0e169f0252214865e3" +dependencies = [ + "gimli 0.27.3", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "aho-corasick" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43f6cb1bf222025340178f382c426f13757b2960e89779dfcb319c32542a5a41" +dependencies = [ + "memchr", +] + +[[package]] +name = "anyhow" +version = "1.0.72" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b13c32d80ecc7ab747b80c3784bce54ee8a7a0cc4fbda9bf4cda2cf6fe90854" +dependencies = [ + "backtrace", +] + +[[package]] +name = "arbitrary" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2d098ff73c1ca148721f37baad5ea6a465a13f9573aba8641fbbbae8164a54e" + +[[package]] +name = "arrayvec" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711" + +[[package]] +name = "atexit" +version = "0.1.0" +dependencies = [ + "ctrlc", + "lazy_static", + "log", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "backtrace" +version = "0.3.68" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4319208da049c43661739c5fade2ba182f09d1dc2299b32298d3a31692b17e12" +dependencies = [ + "addr2line", + "cc", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", +] + +[[package]] +name = "binary-merge" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "597bb81c80a54b6a4381b23faba8d7774b144c94cbd1d6fe3f1329bd776554ab" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bitflags" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "630be753d4e58660abd17930c71b647fe46c27ea6b63cc59e1e3851406972e42" + +[[package]] +name = "brownstone" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c5839ee4f953e811bfdcf223f509cb2c6a3e1447959b0bff459405575bc17f22" +dependencies = [ + "arrayvec", +] + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "cc" +version = "1.0.79" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" +dependencies = [ + "jobserver", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "cobertura" +version = "0.1.0" +dependencies = [ + "anyhow", + "quick-xml", +] + +[[package]] +name = "coverage" +version = "0.1.0" +dependencies = [ + "anyhow", + "cobertura", + "debuggable-module", + "debugger", + "iced-x86", + "log", + "nix", + "pete", + "procfs", + "regex", + "symbolic", + "thiserror", +] + +[[package]] +name = "coverage-fuzz" +version = "0.0.0" +dependencies = [ + "coverage", + "debuggable-module", + "libfuzzer-sys", + "tempfile", +] + +[[package]] +name = "cpp_demangle" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee34052ee3d93d6d8f3e6f81d85c47921f6653a19a7b70e939e3e602d893a674" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crc32fast" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "ctrlc" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a011bbe2c35ce9c1f143b7af6f94f29a167beb4cd1d29e6740ce836f723120e" +dependencies = [ + "nix", + "windows-sys 0.48.0", +] + +[[package]] +name = "debuggable-module" +version = "0.1.0" +dependencies = [ + "anyhow", + "elsa", + "gimli 0.28.0", + "goblin 0.6.1", + "iced-x86", + "log", + "pdb", + "regex", + "symbolic", + "thiserror", +] + +[[package]] +name = "debugger" +version = "0.1.0" +dependencies = [ + "anyhow", + "fnv", + "goblin 0.6.1", + "iced-x86", + "log", + "memmap2 0.7.1", + "rand", + "serde", + "win-util", + "windows", +] + +[[package]] +name = "debugid" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef552e6f588e446098f6ba40d89ac146c8c7b64aade83c051ee00bb5d2bc18d" +dependencies = [ + "serde", + "uuid", +] + +[[package]] +name = "dmsort" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0bc8fbe9441c17c9f46f75dfe27fa1ddb6c68a461ccaed0481419219d4f10d3" + +[[package]] +name = "elementtree" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3efd4742acf458718a6456e0adf0b4d734d6b783e452bbf1ac36bf31f4085cb3" +dependencies = [ + "string_cache", +] + +[[package]] +name = "elsa" +version = "1.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "714f766f3556b44e7e4776ad133fcc3445a489517c25c704ace411bb14790194" +dependencies = [ + "stable_deref_trait", +] + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a" +dependencies = [ + "errno-dragonfly", + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "errno-dragonfly" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" +dependencies = [ + "cc", + "libc", +] + +[[package]] +name = "fallible-iterator" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4443176a9f2c162692bd3d352d745ef9413eec5782a80d8fd6f8a1ac692a07f7" + +[[package]] +name = "fallible-iterator" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2acce4a10f12dc2fb14a218589d4f1f62ef011b2d0cc4b3cb1bba8e94da14649" + +[[package]] +name = "fastrand" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6999dc1837253364c2ebb0704ba97994bd874e8f195d665c50b7548f6ea92764" + +[[package]] +name = "flate2" +version = "1.0.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" +dependencies = [ + "crc32fast", + "miniz_oxide", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "form_urlencoded" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a62bc1cf6f830c2ec14a513a9fb124d0a213a629668a4186f329db21fe045652" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "getrandom" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "gimli" +version = "0.27.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e" + +[[package]] +name = "gimli" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fb8d784f27acf97159b40fc4db5ecd8aa23b9ad5ef69cdd136d3bc80665f0c0" +dependencies = [ + "fallible-iterator 0.3.0", + "indexmap 2.0.0", + "stable_deref_trait", +] + +[[package]] +name = "goblin" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d6b4de4a8eb6c46a8c77e1d3be942cb9a8bf073c22374578e5ba4b08ed0ff68" +dependencies = [ + "log", + "plain", + "scroll", +] + +[[package]] +name = "goblin" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f27c1b4369c2cd341b5de549380158b105a04c331be5db9110eef7b6d2742134" +dependencies = [ + "log", + "plain", + "scroll", +] + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "hashbrown" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" + +[[package]] +name = "hermit-abi" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" + +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + +[[package]] +name = "iced-x86" +version = "1.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdd366a53278429c028367e0ba22a46cab6d565a57afb959f06e92c7a69e7828" +dependencies = [ + "lazy_static", +] + +[[package]] +name = "idna" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d20d6b07bfbc108882d88ed8e37d39636dcc260e15e30c45e6ba089610b917c" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "indent_write" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0cfe9645a18782869361d9c8732246be7b410ad4e919d3609ebabdac00ba12c3" + +[[package]] +name = "indexmap" +version = "1.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +dependencies = [ + "autocfg", + "hashbrown 0.12.3", +] + +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown 0.14.0", +] + +[[package]] +name = "inplace-vec-builder" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf64c2edc8226891a71f127587a2861b132d2b942310843814d5001d99a1d307" +dependencies = [ + "smallvec", +] + +[[package]] +name = "io-lifetimes" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" +dependencies = [ + "hermit-abi", + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "itoa" +version = "1.0.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" + +[[package]] +name = "jobserver" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "936cfd212a0155903bcbc060e316fb6cc7cbf2e1907329391ebadc1fe0ce77c2" +dependencies = [ + "libc", +] + +[[package]] +name = "joinery" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72167d68f5fce3b8655487b8038691a3c9984ee769590f93f2a631f4ad64e4f5" + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "leb128" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" + +[[package]] +name = "libc" +version = "0.2.147" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" + +[[package]] +name = "libfuzzer-sys" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "beb09950ae85a0a94b27676cccf37da5ff13f27076aa1adbc6545dd0d0e1bd4e" +dependencies = [ + "arbitrary", + "cc", + "once_cell", +] + +[[package]] +name = "linux-raw-sys" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" + +[[package]] +name = "linux-raw-sys" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09fc20d2ca12cb9f044c93e3bd6d32d523e6e2ec3db4f7b2939cd99026ecd3f0" + +[[package]] +name = "lock_api" +version = "0.4.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1cc9717a20b1bb222f333e6a92fd32f7d8a18ddc5a3191a11af45dcbf4dcd16" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" + +[[package]] +name = "maybe-owned" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4facc753ae494aeb6e3c22f839b158aebd4f9270f55cd3c79906c45476c47ab4" + +[[package]] +name = "memchr" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" + +[[package]] +name = "memmap2" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83faa42c0a078c393f6b29d5db232d8be22776a891f8f56e5284faee4a20b327" +dependencies = [ + "libc", +] + +[[package]] +name = "memmap2" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f49388d20533534cd19360ad3d6a7dadc885944aa802ba3995040c5ec11288c6" +dependencies = [ + "libc", +] + +[[package]] +name = "memoffset" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5de893c32cde5f383baa4c04c5d6dbdd735cfd4a794b0debdb2bb1b421da5ff4" +dependencies = [ + "autocfg", +] + +[[package]] +name = "memoffset" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1" +dependencies = [ + "autocfg", +] + +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + +[[package]] +name = "miniz_oxide" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" +dependencies = [ + "adler", +] + +[[package]] +name = "msvc-demangler" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfb67c6dd0fa9b00619c41c5700b6f92d5f418be49b45ddb9970fbd4569df3c8" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "new_debug_unreachable" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4a24736216ec316047a1fc4252e27dabb04218aa4a3f37c6e7ddbf1f9782b54" + +[[package]] +name = "nix" +version = "0.26.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfdda3d196821d6af13126e40375cdf7da646a96114af134d5f417a9a1dc8e1a" +dependencies = [ + "bitflags 1.3.2", + "cfg-if", + "libc", + "memoffset 0.7.1", + "pin-utils", + "static_assertions", +] + +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + +[[package]] +name = "nom-supreme" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2bd3ae6c901f1959588759ff51c95d24b491ecb9ff91aa9c2ef4acc5b1dcab27" +dependencies = [ + "brownstone", + "indent_write", + "joinery", + "memchr", + "nom", +] + +[[package]] +name = "object" +version = "0.31.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8bda667d9f2b5051b8833f59f3bf748b28ef54f850f4fcb389a252aa383866d1" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.18.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" + +[[package]] +name = "os_pipe" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ae859aa07428ca9a929b936690f8b12dc5f11dd8c6992a18ca93919f28bc177" +dependencies = [ + "libc", + "windows-sys 0.48.0", +] + +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93f00c865fe7cabf650081affecd3871070f26767e7b2070a3ffae14c654b447" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets 0.48.1", +] + +[[package]] +name = "pdb" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82040a392923abe6279c00ab4aff62d5250d1c8555dc780e4b02783a7aa74863" +dependencies = [ + "fallible-iterator 0.2.0", + "scroll", + "uuid", +] + +[[package]] +name = "pdb-addr2line" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4e89a9f2f40b2389ba6da0814c8044bf942bece03dffa1514f84e3b525f4f9a" +dependencies = [ + "bitflags 1.3.2", + "elsa", + "maybe-owned", + "pdb", + "range-collections", + "thiserror", +] + +[[package]] +name = "percent-encoding" +version = "2.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" + +[[package]] +name = "pete" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f09c1c1ad40df294ff8643fe88a3dc64fff3293b6bc0ed9f71aff71f7086cbd" +dependencies = [ + "libc", + "memoffset 0.8.0", + "nix", + "thiserror", +] + +[[package]] +name = "phf_shared" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6796ad771acdc0123d2a88dc428b5e38ef24456743ddb1744ed628f9815c096" +dependencies = [ + "siphasher", +] + +[[package]] +name = "pin-project-lite" +version = "0.2.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c40d25201921e5ff0c862a505c6557ea88568a4e3ace775ab55e93f2f4f9d57" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "plain" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6" + +[[package]] +name = "ppv-lite86" +version = "0.2.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" + +[[package]] +name = "precomputed-hash" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c" + +[[package]] +name = "proc-macro2" +version = "1.0.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "procfs" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "943ca7f9f29bab5844ecd8fdb3992c5969b6622bb9609b9502fef9b4310e3f1f" +dependencies = [ + "bitflags 1.3.2", + "byteorder", + "flate2", + "hex", + "lazy_static", + "rustix 0.36.15", +] + +[[package]] +name = "quick-xml" +version = "0.30.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eff6510e86862b57b210fd8cbe8ed3f0d7d600b9c2863cd4549a2e033c66e956" +dependencies = [ + "memchr", +] + +[[package]] +name = "quote" +version = "1.0.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5fe8a65d69dd0808184ebb5f836ab526bb259db23c657efa38711b1072ee47f0" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "range-collections" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "61fdfd79629e2b44a1d34b4d227957174cb858e6b86ee45fad114edbcfc903ab" +dependencies = [ + "binary-merge", + "inplace-vec-builder", + "smallvec", +] + +[[package]] +name = "redox_syscall" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] +name = "regex" +version = "1.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2eae68fc220f7cf2532e4494aded17545fce192d59cd996e0fe7887f4ceb575" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "39354c10dd07468c2e73926b23bb9c2caca74c5501e38a35da70406f1d923310" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ea92a5b6195c6ef2a0295ea818b312502c6fc94dde986c5553242e18fd4ce2" + +[[package]] +name = "rustc-demangle" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" + +[[package]] +name = "rustix" +version = "0.36.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c37f1bd5ef1b5422177b7646cba67430579cfe2ace80f284fee876bca52ad941" +dependencies = [ + "bitflags 1.3.2", + "errno", + "io-lifetimes", + "libc", + "linux-raw-sys 0.1.4", + "windows-sys 0.45.0", +] + +[[package]] +name = "rustix" +version = "0.38.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a962918ea88d644592894bc6dc55acc6c0956488adcebbfb6e273506b7fd6e5" +dependencies = [ + "bitflags 2.3.3", + "errno", + "libc", + "linux-raw-sys 0.4.3", + "windows-sys 0.48.0", +] + +[[package]] +name = "ryu" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "scroll" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04c565b551bafbef4157586fa379538366e4385d42082f255bfd96e4fe8519da" +dependencies = [ + "scroll_derive", +] + +[[package]] +name = "scroll_derive" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1db149f81d46d2deba7cd3c50772474707729550221e69588478ebf9ada425ae" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde" +version = "1.0.174" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b88756493a5bd5e5395d53baa70b194b05764ab85b59e43e4b8f4e1192fa9b1" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.174" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e5c3a298c7f978e53536f95a63bdc4c4a64550582f31a0359a9afda6aede62e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "serde_json" +version = "1.0.103" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d03b412469450d4404fe8499a268edd7f8b79fecb074b0d812ad64ca21f4031b" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "siphasher" +version = "0.3.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" + +[[package]] +name = "smallvec" +version = "1.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "static_assertions" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" + +[[package]] +name = "string_cache" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f91138e76242f575eb1d3b38b4f1362f10d3a43f47d182a5b359af488a02293b" +dependencies = [ + "new_debug_unreachable", + "once_cell", + "parking_lot", + "phf_shared", + "precomputed-hash", + "serde", +] + +[[package]] +name = "symbolic" +version = "12.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3b5247a96aeefec188691938459892bffd23f1c3e9900dc08ac5248fe3bf08e" +dependencies = [ + "symbolic-common", + "symbolic-debuginfo", + "symbolic-demangle", + "symbolic-symcache", +] + +[[package]] +name = "symbolic-common" +version = "12.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e0e9bc48b3852f36a84f8d0da275d50cb3c2b88b59b9ec35fdd8b7fa239e37d" +dependencies = [ + "debugid", + "memmap2 0.5.10", + "stable_deref_trait", + "uuid", +] + +[[package]] +name = "symbolic-debuginfo" +version = "12.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ef9a1b95a8ea7b5afb550da0d93ecc706de3ce869a9674fc3bc51fadc019feb" +dependencies = [ + "debugid", + "dmsort", + "elementtree", + "elsa", + "fallible-iterator 0.3.0", + "flate2", + "gimli 0.28.0", + "goblin 0.7.1", + "lazy_static", + "nom", + "nom-supreme", + "once_cell", + "parking_lot", + "pdb-addr2line", + "regex", + "scroll", + "serde", + "serde_json", + "smallvec", + "symbolic-common", + "symbolic-ppdb", + "thiserror", + "wasmparser", + "zip", +] + +[[package]] +name = "symbolic-demangle" +version = "12.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "691e53bdc0702aba3a5abc2cffff89346fcbd4050748883c7e2f714b33a69045" +dependencies = [ + "cc", + "cpp_demangle", + "msvc-demangler", + "rustc-demangle", + "symbolic-common", +] + +[[package]] +name = "symbolic-ppdb" +version = "12.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b95399a30236ac95fd9ce69a008b8a18e58859e9780a13bcb16fda545802f876" +dependencies = [ + "flate2", + "indexmap 1.9.3", + "serde", + "serde_json", + "symbolic-common", + "thiserror", + "uuid", + "watto", +] + +[[package]] +name = "symbolic-symcache" +version = "12.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4339f37007c0fd6d6dddaf6f04619a4a5d6308e71eabbd45c30e0af124014259" +dependencies = [ + "indexmap 2.0.0", + "symbolic-common", + "symbolic-debuginfo", + "thiserror", + "tracing", + "watto", +] + +[[package]] +name = "syn" +version = "2.0.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b60f673f44a8255b9c8c657daf66a596d435f2da81a555b06dc644d080ba45e0" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "tempfile" +version = "3.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5486094ee78b2e5038a6382ed7645bc084dc2ec433426ca4c3cb61e2007b8998" +dependencies = [ + "cfg-if", + "fastrand", + "redox_syscall", + "rustix 0.38.4", + "windows-sys 0.48.0", +] + +[[package]] +name = "thiserror" +version = "1.0.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "611040a08a0439f8248d1990b111c95baa9c704c805fa1f62104b39655fd7f90" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + +[[package]] +name = "tracing" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +dependencies = [ + "cfg-if", + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tracing-core" +version = "0.1.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" +dependencies = [ + "once_cell", +] + +[[package]] +name = "unicode-bidi" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" + +[[package]] +name = "unicode-ident" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" + +[[package]] +name = "unicode-normalization" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "url" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50bff7831e19200a85b17131d085c25d7811bc4e186efdaf54bbd132994a88cb" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "uuid" +version = "1.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79daa5ed5740825c40b389c5e50312b9c86df53fccd33f281df655642b43869d" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasmparser" +version = "0.102.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48134de3d7598219ab9eaf6b91b15d8e50d31da76b8519fe4ecfcec2cf35104b" +dependencies = [ + "indexmap 1.9.3", + "url", +] + +[[package]] +name = "watto" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6746b5315e417144282a047ebb82260d45c92d09bf653fa9ec975e3809be942b" +dependencies = [ + "leb128", + "thiserror", +] + +[[package]] +name = "win-util" +version = "0.1.0" +dependencies = [ + "anyhow", + "atexit", + "log", + "os_pipe", + "windows", + "winreg", +] + +[[package]] +name = "windows" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f" +dependencies = [ + "windows-targets 0.48.1", +] + +[[package]] +name = "windows-sys" +version = "0.45.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" +dependencies = [ + "windows-targets 0.42.2", +] + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.1", +] + +[[package]] +name = "windows-targets" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e5180c00cd44c9b1c88adb3693291f1cd93605ded80c250a75d472756b4d071" +dependencies = [ + "windows_aarch64_gnullvm 0.42.2", + "windows_aarch64_msvc 0.42.2", + "windows_i686_gnu 0.42.2", + "windows_i686_msvc 0.42.2", + "windows_x86_64_gnu 0.42.2", + "windows_x86_64_gnullvm 0.42.2", + "windows_x86_64_msvc 0.42.2", +] + +[[package]] +name = "windows-targets" +version = "0.48.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05d4b17490f70499f20b9e791dcf6a299785ce8af4d709018206dc5b4953e95f" +dependencies = [ + "windows_aarch64_gnullvm 0.48.0", + "windows_aarch64_msvc 0.48.0", + "windows_i686_gnu 0.48.0", + "windows_i686_msvc 0.48.0", + "windows_x86_64_gnu 0.48.0", + "windows_x86_64_gnullvm 0.48.0", + "windows_x86_64_msvc 0.48.0", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "91ae572e1b79dba883e0d315474df7305d12f569b400fcf90581b06062f7e1bc" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2ef27e0d7bdfcfc7b868b317c1d32c641a6fe4629c171b8928c7b08d98d7cf3" + +[[package]] +name = "windows_i686_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "622a1962a7db830d6fd0a69683c80a18fda201879f0f447f065a3b7467daa241" + +[[package]] +name = "windows_i686_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4542c6e364ce21bf45d69fdd2a8e455fa38d316158cfd43b3ac1c5b1b19f8e00" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca2b8a661f7628cbd23440e50b05d705db3686f894fc9580820623656af974b1" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.42.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" + +[[package]] +name = "winreg" +version = "0.51.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "937f3df7948156640f46aacef17a70db0de5917bda9c92b0f751f3a955b588fc" +dependencies = [ + "cfg-if", + "windows-sys 0.48.0", +] + +[[package]] +name = "zip" +version = "0.6.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261" +dependencies = [ + "byteorder", + "crc32fast", + "crossbeam-utils", + "flate2", +] diff --git a/src/agent/coverage/fuzz/Cargo.toml b/src/agent/coverage/fuzz/Cargo.toml new file mode 100644 index 0000000000..6f23f1b7a0 --- /dev/null +++ b/src/agent/coverage/fuzz/Cargo.toml @@ -0,0 +1,30 @@ +[package] +name = "coverage-fuzz" +version = "0.0.0" +publish = false +edition = "2021" + +[package.metadata] +cargo-fuzz = true + +[dependencies] +libfuzzer-sys = "0.4" +tempfile = "3.7" +debuggable-module = { path = "../../debuggable-module" } + + +[dependencies.coverage] +path = ".." + +# Prevent this from interfering with workspaces +[workspace] +members = ["."] + +[profile.release] +debug = 1 + +[[bin]] +name = "fuzz_target_record_coverage" +path = "fuzz_targets/fuzz_target_record_coverage.rs" +test = false +doc = false diff --git a/src/agent/coverage/fuzz/fuzz_targets/fuzz_target_record_coverage.rs b/src/agent/coverage/fuzz/fuzz_targets/fuzz_target_record_coverage.rs new file mode 100644 index 0000000000..c097a1f279 --- /dev/null +++ b/src/agent/coverage/fuzz/fuzz_targets/fuzz_target_record_coverage.rs @@ -0,0 +1,51 @@ +#![no_main] + +use libfuzzer_sys::fuzz_target; +use std::env; +use std::fs; +use std::io::Write; +use std::process::Command; +use std::sync::Arc; +use std::time::Duration; + +use tempfile::NamedTempFile; + +use coverage::allowlist::AllowList; +use coverage::binary::BinaryCoverage; +use coverage::record::CoverageRecorder; + +use debuggable_module::loader::Loader; + +const INPUT_MARKER: &str = "@@"; + +fuzz_target!(|data: &[u8]| { + if data.len() == 0 { + return; + } + + // Write mutated bytes to a file + let mut file = NamedTempFile::new_in(env::current_dir().unwrap()).unwrap(); + file.write_all(data); + let path = String::from(file.path().to_str().unwrap()); + + // Make sure the file is executable + Command::new("chmod").args(["+wrx", &path]).spawn().unwrap().wait(); + file.keep().unwrap(); + + let timeout = Duration::from_secs(5); + + let allowlist = AllowList::default(); + + let _coverage = BinaryCoverage::default(); + let loader = Arc::new(Loader::new()); + + let cmd = Command::new(&path); + + let _recorded = CoverageRecorder::new(cmd) + .module_allowlist(allowlist.clone()) + .loader(loader) + .timeout(timeout) + .record(); + + fs::remove_file(path); +}); diff --git a/src/agent/coverage/src/allowlist.rs b/src/agent/coverage/src/allowlist.rs index 079f415004..2c67130375 100644 --- a/src/agent/coverage/src/allowlist.rs +++ b/src/agent/coverage/src/allowlist.rs @@ -142,7 +142,12 @@ fn glob_to_regex(expr: &str) -> Result { let expr = expr.replace(r"\*", ".*"); // Anchor to line start and end. - let expr = format!("^{expr}$"); + // On Windows we should also ignore case. + let expr = if cfg!(windows) { + format!("(?i)^{expr}$") + } else { + format!("^{expr}$") + }; Ok(Regex::new(&expr)?) } diff --git a/src/agent/coverage/src/allowlist/tests.rs b/src/agent/coverage/src/allowlist/tests.rs index 0f46ef3df8..8d22d93962 100644 --- a/src/agent/coverage/src/allowlist/tests.rs +++ b/src/agent/coverage/src/allowlist/tests.rs @@ -175,3 +175,21 @@ fn test_allowlist_escape() -> Result<()> { Ok(()) } + +#[cfg(target_os = "windows")] +#[test] +fn test_windows_allowlists_are_not_case_sensitive() -> Result<()> { + let allowlist = AllowList::parse("vccrt")?; + assert!(allowlist.is_allowed("VCCRT")); + + Ok(()) +} + +#[cfg(not(target_os = "windows"))] +#[test] +fn test_linux_allowlists_are_case_sensitive() -> Result<()> { + let allowlist = AllowList::parse("vccrt")?; + assert!(!allowlist.is_allowed("VCCRT")); + + Ok(()) +} diff --git a/src/agent/coverage/src/record.rs b/src/agent/coverage/src/record.rs index 534d1d4d63..44faded302 100644 --- a/src/agent/coverage/src/record.rs +++ b/src/agent/coverage/src/record.rs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. -use std::process::{Command, ExitStatus, Stdio}; +use std::process::{Command, Stdio}; use std::sync::Arc; use std::time::Duration; @@ -120,32 +120,58 @@ impl CoverageRecorder { #[cfg(target_os = "windows")] pub fn record(self) -> Result { + use anyhow::bail; use debugger::Debugger; + use process_control::{ChildExt, Control}; use windows::WindowsRecorder; + let child = Debugger::create_child(self.cmd)?; + + // Spawn a thread to wait for the target process to exit. + let taget_process = std::thread::spawn(move || { + let output = child + .controlled_with_output() + .time_limit(self.timeout) + .terminate_for_timeout() + .wait(); + output + }); + let loader = self.loader.clone(); + let mut recorder = + WindowsRecorder::new(&loader, self.module_allowlist, self.cache.as_ref()); - crate::timer::timed(self.timeout, move || { - let mut recorder = - WindowsRecorder::new(&loader, self.module_allowlist, self.cache.as_ref()); - let (mut dbg, child) = Debugger::init(self.cmd, &mut recorder)?; - dbg.run(&mut recorder)?; - - // If the debugger callbacks fail, this may return with a spurious clean exit. - let output = child.wait_with_output()?.into(); - - // Check if debugging was stopped due to a callback error. - // - // If so, the debugger terminated the target, and the recorded coverage and - // output are both invalid. - if let Some(err) = recorder.stop_error { - return Err(err); + // The debugger is initialized in the same thread that created the target process to be able to receive the debug events + let mut dbg = Debugger::init_debugger(&mut recorder)?; + dbg.run(&mut recorder)?; + + // If the debugger callbacks fail, this may return with a spurious clean exit. + let output = match taget_process.join() { + Err(err) => { + bail!("failed to launch target thread: {:?}", err) + } + Ok(Err(err)) => { + bail!("failed to launch target process: {:?}", err) } + Ok(Ok(None)) => { + bail!(crate::timer::TimerError::Timeout(self.timeout)) + } + Ok(Ok(Some(output))) => output, + }; - let coverage = recorder.coverage; + // Check if debugging was stopped due to a callback error. + // + // If so, the debugger terminated the target, and the recorded coverage and + // output are both invalid. + if let Some(err) = recorder.stop_error { + return Err(err); + } - Ok(Recorded { coverage, output }) - })? + let coverage = recorder.coverage; + Ok(Recorded { + coverage, + output: output.into(), + }) } } @@ -157,11 +183,24 @@ pub struct Recorded { #[derive(Clone, Debug, Default)] pub struct Output { - pub status: Option, + pub status: Option, pub stderr: String, pub stdout: String, } +impl From for Output { + fn from(output: process_control::Output) -> Self { + let status = Some(output.status); + let stdout = String::from_utf8_lossy(&output.stdout).into_owned(); + let stderr = String::from_utf8_lossy(&output.stderr).into_owned(); + Self { + status, + stdout, + stderr, + } + } +} + impl From for Output { fn from(output: std::process::Output) -> Self { let status = Some(output.status); @@ -169,7 +208,7 @@ impl From for Output { let stderr = String::from_utf8_lossy(&output.stderr).into_owned(); Self { - status, + status: status.map(Into::into), stdout, stderr, } diff --git a/src/agent/coverage/src/record/linux/debugger.rs b/src/agent/coverage/src/record/linux/debugger.rs index e2502e8d2e..c4512c4fbb 100644 --- a/src/agent/coverage/src/record/linux/debugger.rs +++ b/src/agent/coverage/src/record/linux/debugger.rs @@ -4,6 +4,7 @@ use std::collections::BTreeMap; use std::io::Read; use std::process::{Child, Command}; +use std::time::Duration; use anyhow::{bail, format_err, Result}; use debuggable_module::path::FilePath; @@ -75,7 +76,11 @@ impl<'eh> Debugger<'eh> { // These calls should also be unnecessary no-ops, but we really want to avoid any dangling // or zombie child processes. let _ = child.kill(); - let _ = child.wait(); + + // We don't need to call child.wait() because of the following series of events: + // 1. pete, our ptracing library, spawns the child process with ptrace flags + // 2. rust stdlib set SIG_IGN as the SIGCHLD handler: https://github.com/rust-lang/rust/issues/110317 + // 3. linux kernel automatically reaps pids when the above 2 hold: https://github.com/torvalds/linux/blob/44149752e9987a9eac5ad78e6d3a20934b5e018d/kernel/signal.c#L2089-L2110 let output = Output { status, @@ -198,8 +203,8 @@ impl DebuggerContext { pub fn new() -> Self { let breakpoints = Breakpoints::default(); let images = None; - let tracer = Ptracer::new(); - + let mut tracer = Ptracer::new(); + *tracer.poll_delay_mut() = Duration::from_millis(1); Self { breakpoints, images, diff --git a/src/agent/coverage/src/record/windows.rs b/src/agent/coverage/src/record/windows.rs index 076aa70d37..32d22b5534 100644 --- a/src/agent/coverage/src/record/windows.rs +++ b/src/agent/coverage/src/record/windows.rs @@ -4,7 +4,7 @@ use std::collections::BTreeMap; use std::path::Path; -use anyhow::{anyhow, bail, Error, Result}; +use anyhow::{anyhow, Error, Result}; use debuggable_module::debuginfo::{DebugInfo, Function}; use debuggable_module::load_module::LoadModule; use debuggable_module::loader::Loader; @@ -132,20 +132,24 @@ impl<'cache, 'data> WindowsRecorder<'cache, 'data> { return Ok(()); } - let breakpoint = self.breakpoints.remove(id); - - let Some(breakpoint) = breakpoint else { - let stack = dbg.get_current_stack()?; - bail!("stopped on dangling breakpoint, debuggee stack:\n{}", stack); - }; - - let coverage = self - .coverage - .modules - .get_mut(&breakpoint.module) - .ok_or_else(|| anyhow!("coverage not initialized for module: {}", breakpoint.module))?; - - coverage.increment(breakpoint.offset); + match self.breakpoints.remove(id) { + Some(breakpoint) => { + let coverage = self + .coverage + .modules + .get_mut(&breakpoint.module) + .ok_or_else(|| { + anyhow!("coverage not initialized for module: {}", breakpoint.module) + })?; + + coverage.increment(breakpoint.offset); + } + // ASAN can set breakpoints which we don't know about, meaning they're not in `self.breakpoints` + None => { + let stack = dbg.get_current_stack()?; + warn!("stopped on dangling breakpoint, debuggee stack:\n{}", stack); + } + } Ok(()) } diff --git a/src/agent/coverage/src/source.rs b/src/agent/coverage/src/source.rs index b556fe447a..e06e8aa285 100644 --- a/src/agent/coverage/src/source.rs +++ b/src/agent/coverage/src/source.rs @@ -2,6 +2,7 @@ // Licensed under the MIT License. use std::collections::{BTreeMap, BTreeSet}; + use std::num::NonZeroU32; use anyhow::{Context, Result}; @@ -11,6 +12,7 @@ use debuggable_module::load_module::LoadModule; use debuggable_module::loader::Loader; use debuggable_module::path::FilePath; use debuggable_module::{Module, Offset}; +use symbolic::symcache::transform::{SourceLocation, Transformer}; use crate::allowlist::AllowList; use crate::binary::BinaryCoverage; @@ -69,6 +71,30 @@ pub fn binary_to_source_coverage( let mut symcache = vec![]; let mut converter = SymCacheConverter::new(); + if cfg!(windows) { + use symbolic::symcache::transform::Function; + struct CaseInsensitive {} + impl Transformer for CaseInsensitive { + fn transform_function<'f>(&'f mut self, f: Function<'f>) -> Function<'f> { + f + } + + fn transform_source_location<'f>( + &'f mut self, + mut sl: SourceLocation<'f>, + ) -> SourceLocation<'f> { + sl.file.name = sl.file.name.to_ascii_lowercase().into(); + sl.file.directory = sl.file.directory.map(|d| d.to_ascii_lowercase().into()); + sl.file.comp_dir = sl.file.comp_dir.map(|d| d.to_ascii_lowercase().into()); + sl + } + } + + let case_insensitive_transformer = CaseInsensitive {}; + + converter.add_transformer(case_insensitive_transformer); + } + let exe = Object::parse(module.executable_data())?; converter.process_object(&exe)?; diff --git a/src/agent/coverage/src/timer.rs b/src/agent/coverage/src/timer.rs index 760e453b28..3271666d67 100644 --- a/src/agent/coverage/src/timer.rs +++ b/src/agent/coverage/src/timer.rs @@ -7,6 +7,7 @@ use std::time::Duration; use thiserror::Error; +#[allow(dead_code)] pub fn timed(timeout: Duration, function: F) -> Result where T: Send + 'static, diff --git a/src/agent/coverage/tests/snapshot.rs b/src/agent/coverage/tests/snapshot.rs index 75d524e2da..7c6cb301b4 100644 --- a/src/agent/coverage/tests/snapshot.rs +++ b/src/agent/coverage/tests/snapshot.rs @@ -43,7 +43,8 @@ fn windows_snapshot_tests() { }; // filter to just the input test file: - let source_allowlist = AllowList::parse(&input_path.to_string_lossy()).unwrap(); + let source_allowlist = + AllowList::parse(&input_path.to_string_lossy().to_ascii_lowercase()).unwrap(); let exe_cmd = std::process::Command::new(&exe_name); let recorded = coverage::CoverageRecorder::new(exe_cmd) @@ -57,9 +58,18 @@ fn windows_snapshot_tests() { coverage::source::binary_to_source_coverage(&recorded.coverage, &source_allowlist) .expect("binary_to_source_coverage"); + println!("{:?}", source.files.keys()); + + // For Windows, the source coverage is tracked using case-insensitive paths. + // The conversion from case-sensitive to insensitive is done when converting from binary to source coverage. + // By naming our test file with a capital letter, we can ensure that the case-insensitive conversion is working. + source.files.keys().for_each(|k| { + assert_eq!(k.to_string().to_ascii_lowercase(), k.to_string()); + }); + let file_coverage = source .files - .get(&FilePath::new(input_path.to_string_lossy()).unwrap()) + .get(&FilePath::new(input_path.to_string_lossy().to_ascii_lowercase()).unwrap()) .expect("coverage for input"); let mut result = String::new(); diff --git a/src/agent/coverage/tests/snapshots/snapshot__windows_snapshot_tests.snap b/src/agent/coverage/tests/snapshots/snapshot__windows_snapshot_tests.snap index 016717f8ab..12a38f4ef0 100644 --- a/src/agent/coverage/tests/snapshots/snapshot__windows_snapshot_tests.snap +++ b/src/agent/coverage/tests/snapshots/snapshot__windows_snapshot_tests.snap @@ -1,7 +1,7 @@ --- source: coverage/tests/snapshot.rs expression: result -input_file: coverage/tests/windows/inlinee.cpp +input_file: coverage/tests/windows/Inlinee.cpp --- [ ] #include [ ] diff --git a/src/agent/coverage/tests/windows/inlinee.cpp b/src/agent/coverage/tests/windows/Inlinee.cpp similarity index 100% rename from src/agent/coverage/tests/windows/inlinee.cpp rename to src/agent/coverage/tests/windows/Inlinee.cpp diff --git a/src/agent/debuggable-module/Cargo.toml b/src/agent/debuggable-module/Cargo.toml index 1cd11dfd30..a227432830 100644 --- a/src/agent/debuggable-module/Cargo.toml +++ b/src/agent/debuggable-module/Cargo.toml @@ -6,8 +6,8 @@ license = "MIT" [dependencies] anyhow = "1.0" -elsa = "1.8.1" -gimli = "0.27.2" +elsa = "1.9.0" +gimli = "0.28.0" goblin = "0.6" iced-x86 = "1.20" log = "0.4.17" @@ -21,4 +21,4 @@ symbolic = { version = "12.3", features = [ thiserror = "1.0" [dev-dependencies] -clap = { version = "4.3", features = ["derive"] } +clap = { version = "4.4", features = ["derive"] } diff --git a/src/agent/debugger/Cargo.toml b/src/agent/debugger/Cargo.toml index a218b4905d..56d00837b8 100644 --- a/src/agent/debugger/Cargo.toml +++ b/src/agent/debugger/Cargo.toml @@ -11,7 +11,7 @@ fnv = "1.0" goblin = "0.6" iced-x86 = "1.20" log = "0.4" -memmap2 = "0.7" +memmap2 = "0.8" rand = "0.8" serde = { version = "1.0", features = ["derive"] } win-util = { path = "../win-util" } diff --git a/src/agent/debugger/src/debugger.rs b/src/agent/debugger/src/debugger.rs index d7c0f1ba5e..ae67f66fed 100644 --- a/src/agent/debugger/src/debugger.rs +++ b/src/agent/debugger/src/debugger.rs @@ -134,15 +134,7 @@ pub struct Debugger { } impl Debugger { - pub fn init( - mut command: Command, - callbacks: &mut impl DebugEventHandler, - ) -> Result<(Self, Child)> { - let child = command - .creation_flags(DEBUG_ONLY_THIS_PROCESS.0) - .spawn() - .context("debugee failed to start")?; - + pub fn init_debugger(callbacks: &mut impl DebugEventHandler) -> Result { unsafe { DebugSetProcessKillOnExit(TRUE) } .ok() .context("Setting DebugSetProcessKillOnExit to TRUE")?; @@ -186,12 +178,27 @@ impl Debugger { return Err(last_os_error()); } - Ok((debugger, child)) + Ok(debugger) } else { anyhow::bail!("Unexpected event: {}", de) } } + pub fn create_child(mut command: Command) -> Result { + let child = command + .creation_flags(DEBUG_ONLY_THIS_PROCESS.0) + .spawn() + .context("debugee failed to start")?; + + Ok(child) + } + + pub fn init(command: Command, callbacks: &mut impl DebugEventHandler) -> Result<(Self, Child)> { + let child = Self::create_child(command)?; + let debugger = Self::init_debugger(callbacks)?; + Ok((debugger, child)) + } + pub fn target(&mut self) -> &mut Target { &mut self.target } diff --git a/src/agent/debugger/src/module.rs b/src/agent/debugger/src/module.rs index acea7ace7f..aefdb8a92e 100644 --- a/src/agent/debugger/src/module.rs +++ b/src/agent/debugger/src/module.rs @@ -46,7 +46,6 @@ impl Module { error!("Error getting path from file handle: {}", e); "???".into() }); - let image_details = get_image_details(&path)?; Ok(Module { diff --git a/src/agent/dynamic-library/Cargo.toml b/src/agent/dynamic-library/Cargo.toml index 604d221700..ad3cc482d2 100644 --- a/src/agent/dynamic-library/Cargo.toml +++ b/src/agent/dynamic-library/Cargo.toml @@ -6,14 +6,14 @@ license = "MIT" [dependencies] anyhow = "1.0" -clap = { version = "4.3.0", features = ["derive"] } +clap = { version = "4.4.2", features = ["derive"] } lazy_static = "1.4" regex = "1.9" thiserror = "1.0" [target.'cfg(windows)'.dependencies] debugger = { path = "../debugger" } -winreg = "0.50" +winreg = "0.51" [dependencies.windows] version = "0.48" diff --git a/src/agent/input-tester/Cargo.toml b/src/agent/input-tester/Cargo.toml index fe5ac6032c..93aac3172b 100644 --- a/src/agent/input-tester/Cargo.toml +++ b/src/agent/input-tester/Cargo.toml @@ -13,7 +13,7 @@ fnv = "1.0" hex = "0.4" log = "0.4" num_cpus = "1.15" -rayon = "1.7" +rayon = "1.8" sha2 = "0.10.2" win-util = { path = "../win-util" } diff --git a/src/agent/onefuzz-agent/Cargo.toml b/src/agent/onefuzz-agent/Cargo.toml index 5ce8669766..3e7f00a8b0 100644 --- a/src/agent/onefuzz-agent/Cargo.toml +++ b/src/agent/onefuzz-agent/Cargo.toml @@ -22,7 +22,7 @@ reqwest = { version = "0.11", features = [ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" storage-queue = { path = "../storage-queue" } -tokio = { version = "1.29", features = ["full"] } +tokio = { version = "1.32", features = ["full"] } url = { version = "2.4", features = ["serde"] } uuid = { version = "1.4", features = ["serde", "v4"] } clap = { version = "4", features = ["derive", "cargo"] } @@ -31,13 +31,13 @@ onefuzz-telemetry = { path = "../onefuzz-telemetry" } backtrace = "0.3" ipc-channel = { git = "https://github.com/servo/ipc-channel", rev = "7f432aa" } dynamic-library = { path = "../dynamic-library" } -azure_core = { version = "0.13", default-features = false, features = [ +azure_core = { version = "0.15", default-features = false, features = [ "enable_reqwest", ] } -azure_storage = { version = "0.13", default-features = false, features = [ +azure_storage = { version = "0.15", default-features = false, features = [ "enable_reqwest", ] } -azure_storage_blobs = { version = "0.13", default-features = false, features = [ +azure_storage_blobs = { version = "0.15", default-features = false, features = [ "enable_reqwest", ] } diff --git a/src/agent/onefuzz-task/Cargo.toml b/src/agent/onefuzz-task/Cargo.toml index 4e0bd381b0..4b3e8e8c43 100644 --- a/src/agent/onefuzz-task/Cargo.toml +++ b/src/agent/onefuzz-task/Cargo.toml @@ -6,6 +6,14 @@ edition = "2021" publish = false license = "MIT" +[lib] +path = "src/lib.rs" +name = "onefuzz_task_lib" + +[[bin]] +path = "src/main.rs" +name = "onefuzz-task" + [features] integration_test = [] @@ -46,9 +54,9 @@ strum = "0.25" strum_macros = "0.25" stacktrace-parser = { path = "../stacktrace-parser" } storage-queue = { path = "../storage-queue" } -tempfile = "3.7.0" +tempfile = "3.8.0" thiserror = "1.0" -tokio = { version = "1.29", features = ["full"] } +tokio = { version = "1.32", features = ["full"] } tokio-util = { version = "0.7", features = ["full"] } tokio-stream = "0.1" tui = { package = "ratatui", version = "0.22.0", default-features = false, features = [ @@ -62,13 +70,13 @@ chrono = { version = "0.4", default-features = false, features = [ ] } ipc-channel = { git = "https://github.com/servo/ipc-channel", rev = "7f432aa" } -azure_core = { version = "0.13", default-features = false, features = [ +azure_core = { version = "0.15", default-features = false, features = [ "enable_reqwest", ] } -azure_storage = { version = "0.13", default-features = false, features = [ +azure_storage = { version = "0.15", default-features = false, features = [ "enable_reqwest", ] } -azure_storage_blobs = { version = "0.13", default-features = false, features = [ +azure_storage_blobs = { version = "0.15", default-features = false, features = [ "enable_reqwest", ] } @@ -77,3 +85,4 @@ schemars = { version = "0.8.12", features = ["uuid1"] } [dev-dependencies] pretty_assertions = "1.4" +tempfile = "3.8" diff --git a/src/agent/onefuzz-task/src/check_for_update.rs b/src/agent/onefuzz-task/src/check_for_update.rs new file mode 100644 index 0000000000..51c0178158 --- /dev/null +++ b/src/agent/onefuzz-task/src/check_for_update.rs @@ -0,0 +1,78 @@ +use std::process::Stdio; + +use anyhow::Result; +use serde_json::Value; + +pub fn run(onefuzz_built_version: &str) -> Result<()> { + // Find onefuzz cli + let common_names = ["onefuzz", "onefuzz.exe", "onefuzz.cmd"]; + let mut valid_commands: Vec<_> = common_names + .into_iter() + .map(|name| { + ( + name, + std::process::Command::new(name) + .stderr(Stdio::null()) + .stdout(Stdio::null()) + .arg("-h") + .spawn(), + ) + }) + .filter_map(|(name, child)| child.ok().map(|c| (name, c))) + .collect(); + + if valid_commands.is_empty() { + bail!( + "Could not find any of the following common names for the onefuzz-cli: {:?}", + common_names + ); + } + + let (name, child) = valid_commands + .first_mut() + .expect("Expected valid_commands to not be empty"); + + info!("Found the onefuzz cli at: {}", name); + + // We just used this to check if it exists, we'll invoke it again later + let _ = child.kill(); + + // Run onefuzz info get + let output = std::process::Command::new(&name) + .args(["info", "get"]) + .output()?; + + if !output.status.success() { + bail!( + "Failed to run command `{} info get`. stderr: {:?}, stdout: {:?}", + name, + String::from_utf8(output.stderr), + String::from_utf8(output.stdout) + ) + } + + let stdout = String::from_utf8(output.stdout)?; + let info: Value = serde_json::from_str(&stdout)?; + + if let Some(onefuzz_service_version) = info["versions"]["onefuzz"]["version"].as_str() { + if onefuzz_service_version == onefuzz_built_version { + println!("You are up to date!"); + } else { + println!( + "Version mismatch. onefuzz-task version: {} | onefuzz service version: {}", + onefuzz_built_version, onefuzz_service_version + ); + println!( + "To update, please run the following command: {} tools get .", + name + ); + println!("Then extract the onefuzz-task binary from the appropriate OS folder"); + } + return Ok(()); + } + + bail!( + "Failed to get onefuzz service version from cli response: {}", + stdout + ) +} diff --git a/src/agent/onefuzz-task/src/lib.rs b/src/agent/onefuzz-task/src/lib.rs new file mode 100644 index 0000000000..997eea549d --- /dev/null +++ b/src/agent/onefuzz-task/src/lib.rs @@ -0,0 +1,9 @@ +#[macro_use] +extern crate anyhow; +#[macro_use] +extern crate clap; +#[macro_use] +extern crate onefuzz_telemetry; + +pub mod local; +pub mod tasks; diff --git a/src/agent/onefuzz-task/src/local/cmd.rs b/src/agent/onefuzz-task/src/local/cmd.rs index eabefb71ee..cb800d445e 100644 --- a/src/agent/onefuzz-task/src/local/cmd.rs +++ b/src/agent/onefuzz-task/src/local/cmd.rs @@ -1,19 +1,18 @@ // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. +use super::{create_template, template}; #[cfg(any(target_os = "linux", target_os = "windows"))] use crate::local::coverage; use crate::local::{common::add_common_config, libfuzzer_fuzz, tui::TerminalUi}; use anyhow::{Context, Result}; + use clap::{Arg, ArgAction, Command}; use std::time::Duration; use std::{path::PathBuf, str::FromStr}; use strum::IntoEnumIterator; use strum_macros::{EnumIter, EnumString, IntoStaticStr}; use tokio::{select, time::timeout}; - -use super::template; - #[derive(Debug, PartialEq, Eq, EnumString, IntoStaticStr, EnumIter)] #[strum(serialize_all = "kebab-case")] enum Commands { @@ -21,6 +20,7 @@ enum Commands { Coverage, LibfuzzerFuzz, Template, + CreateTemplate, } const TIMEOUT: &str = "timeout"; @@ -43,7 +43,7 @@ pub async fn run(args: clap::ArgMatches) -> Result<()> { let sub_args = sub_args.clone(); - let terminal = if start_ui { + let terminal = if start_ui && command != Commands::CreateTemplate { Some(TerminalUi::init()?) } else { env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("info")).init(); @@ -62,6 +62,7 @@ pub async fn run(args: clap::ArgMatches) -> Result<()> { template::launch(config, event_sender).await } + Commands::CreateTemplate => create_template::run(), } }); @@ -116,6 +117,7 @@ pub fn args(name: &'static str) -> Command { .args(vec![Arg::new("config") .value_parser(value_parser!(std::path::PathBuf)) .required(true)]), + Commands::CreateTemplate => create_template::args(subcommand.into()), }; cmd = if add_common { diff --git a/src/agent/onefuzz-task/src/local/coverage.rs b/src/agent/onefuzz-task/src/local/coverage.rs index d091b70695..48e32cb861 100644 --- a/src/agent/onefuzz-task/src/local/coverage.rs +++ b/src/agent/onefuzz-task/src/local/coverage.rs @@ -148,7 +148,20 @@ pub struct Coverage { } #[async_trait] -impl Template for Coverage { +impl Template for Coverage { + fn example_values() -> Coverage { + Coverage { + target_exe: PathBuf::from("path_to_your_exe"), + target_env: HashMap::new(), + target_options: vec![], + target_timeout: None, + module_allowlist: None, + source_allowlist: None, + input_queue: Some(PathBuf::from("path_to_your_inputs")), + readonly_inputs: vec![PathBuf::from("path_to_readonly_inputs")], + coverage: PathBuf::from("path_to_where_you_want_coverage_to_be_output"), + } + } async fn run(&self, context: &RunContext) -> Result<()> { let ri: Result> = self .readonly_inputs diff --git a/src/agent/onefuzz-task/src/local/create_template.rs b/src/agent/onefuzz-task/src/local/create_template.rs new file mode 100644 index 0000000000..474b677ad0 --- /dev/null +++ b/src/agent/onefuzz-task/src/local/create_template.rs @@ -0,0 +1,285 @@ +use crate::local::template::CommonProperties; + +use super::template::{TaskConfig, TaskConfigDiscriminants, TaskGroup}; +use anyhow::Result; +use clap::Command; +use std::str::FromStr; +use std::{ + io, + path::{Path, PathBuf}, +}; + +use strum::VariantNames; + +use crate::local::{ + coverage::Coverage, generic_analysis::Analysis, generic_crash_report::CrashReport, + generic_generator::Generator, libfuzzer::LibFuzzer, + libfuzzer_crash_report::LibfuzzerCrashReport, libfuzzer_merge::LibfuzzerMerge, + libfuzzer_regression::LibfuzzerRegression, libfuzzer_test_input::LibfuzzerTestInput, + template::Template, test_input::TestInput, +}; + +use crossterm::{ + event::{self, DisableMouseCapture, EnableMouseCapture, Event, KeyCode, KeyEventKind}, + execute, + terminal::{disable_raw_mode, enable_raw_mode, EnterAlternateScreen, LeaveAlternateScreen}, +}; +use tui::{prelude::*, widgets::*}; + +pub fn args(name: &'static str) -> Command { + Command::new(name).about("interactively create a template") +} + +pub fn run() -> Result<()> { + // setup terminal + enable_raw_mode()?; + let mut stdout = io::stdout(); + execute!(stdout, EnterAlternateScreen, EnableMouseCapture)?; + let backend = CrosstermBackend::new(stdout); + let mut terminal = Terminal::new(backend)?; + + // create app and run it + let app = App::new(); + let res = run_app(&mut terminal, app); + + // restore terminal + disable_raw_mode()?; + execute!( + terminal.backend_mut(), + LeaveAlternateScreen, + DisableMouseCapture + )?; + terminal.show_cursor()?; + + match res { + Ok(None) => { /* user quit, do nothing */ } + Ok(Some(path)) => match path.canonicalize() { + Ok(canonical_path) => println!("Wrote the template to: {:?}", canonical_path), + _ => println!("Wrote the template to: {:?}", path), + }, + Err(e) => println!("Failed to write template due to {}", e), + } + + Ok(()) +} + +fn run_app(terminal: &mut Terminal, mut app: App) -> Result> { + loop { + terminal.draw(|f| ui(f, &mut app))?; + if let Event::Key(key) = event::read()? { + if key.kind == KeyEventKind::Press { + match key.code { + KeyCode::Char('q') => return Ok(None), + KeyCode::Char(' ') => app.items.toggle(), + KeyCode::Down => app.items.next(), + KeyCode::Up => app.items.previous(), + KeyCode::Enter => { + return match generate_template(app.items.items) { + Ok(p) => Ok(Some(p)), + Err(e) => Err(e), + } + } + _ => {} + } + } + } + } +} + +fn generate_template(items: Vec) -> Result { + let tasks: Vec = items + .iter() + .filter(|item| item.is_included) + .filter_map(|list_element| { + match TaskConfigDiscriminants::from_str(list_element.task_type) { + Err(e) => { + error!( + "Failed to match task config {:?} - {}", + list_element.task_type, e + ); + None + } + Ok(t) => match t { + TaskConfigDiscriminants::LibFuzzer => { + Some(TaskConfig::LibFuzzer(LibFuzzer::example_values())) + } + TaskConfigDiscriminants::Analysis => { + Some(TaskConfig::Analysis(Analysis::example_values())) + } + TaskConfigDiscriminants::Coverage => { + Some(TaskConfig::Coverage(Coverage::example_values())) + } + TaskConfigDiscriminants::CrashReport => { + Some(TaskConfig::CrashReport(CrashReport::example_values())) + } + TaskConfigDiscriminants::Generator => { + Some(TaskConfig::Generator(Generator::example_values())) + } + TaskConfigDiscriminants::LibfuzzerCrashReport => Some( + TaskConfig::LibfuzzerCrashReport(LibfuzzerCrashReport::example_values()), + ), + TaskConfigDiscriminants::LibfuzzerMerge => { + Some(TaskConfig::LibfuzzerMerge(LibfuzzerMerge::example_values())) + } + TaskConfigDiscriminants::LibfuzzerRegression => Some( + TaskConfig::LibfuzzerRegression(LibfuzzerRegression::example_values()), + ), + TaskConfigDiscriminants::LibfuzzerTestInput => Some( + TaskConfig::LibfuzzerTestInput(LibfuzzerTestInput::example_values()), + ), + TaskConfigDiscriminants::TestInput => { + Some(TaskConfig::TestInput(TestInput::example_values())) + } + TaskConfigDiscriminants::Radamsa => Some(TaskConfig::Radamsa), + }, + } + }) + .collect(); + + let definition = TaskGroup { + common: CommonProperties { + setup_dir: None, + extra_setup_dir: None, + extra_dir: None, + create_job_dir: false, + }, + tasks, + }; + + let filename = "template"; + let mut filepath = format!("./{}.yaml", filename); + let mut output_file = Path::new(&filepath); + let mut counter = 0; + while output_file.exists() { + filepath = format!("./{}-{}.yaml", filename, counter); + output_file = Path::new(&filepath); + counter += 1; + } + + std::fs::write(output_file, serde_yaml::to_string(&definition)?)?; + + Ok(output_file.into()) +} + +fn ui(f: &mut Frame, app: &mut App) { + let areas = Layout::default() + .direction(Direction::Vertical) + .constraints([Constraint::Percentage(100)]) + .split(f.size()); + // Iterate through all elements in the `items` app and append some debug text to it. + let items: Vec = app + .items + .items + .iter() + .map(|list_element| { + let title = if list_element.is_included { + format!("✅ {}", list_element.task_type) + } else { + list_element.task_type.to_string() + }; + ListItem::new(title).style(Style::default().fg(Color::Black).bg(Color::White)) + }) + .collect(); + + // Create a List from all list items and highlight the currently selected one + let items = List::new(items) + .block( + Block::default() + .borders(Borders::ALL) + .title("Select which tasks you want to include in the template. Use ⬆/⬇ to navigate and to select. Press when you're done."), + ) + .highlight_style( + Style::default() + .bg(Color::LightGreen) + .add_modifier(Modifier::BOLD), + ) + .highlight_symbol(">> "); + + // We can now render the item list + f.render_stateful_widget(items, areas[0], &mut app.items.state); +} + +struct ListElement<'a> { + pub task_type: &'a str, + pub is_included: bool, +} + +pub trait Toggle { + fn toggle(&mut self) {} +} + +impl<'a> Toggle for ListElement<'a> { + fn toggle(&mut self) { + self.is_included = !self.is_included + } +} + +struct App<'a> { + items: StatefulList>, +} + +impl<'a> App<'a> { + fn new() -> App<'a> { + App { + items: StatefulList::with_items( + TaskConfig::VARIANTS + .iter() + .map(|name| ListElement { + task_type: name, + is_included: false, + }) + .collect(), + ), + } + } +} + +struct StatefulList { + state: ListState, + items: Vec, +} + +impl StatefulList { + fn with_items(items: Vec) -> StatefulList { + StatefulList { + state: ListState::default(), + items, + } + } + + fn next(&mut self) { + let i = match self.state.selected() { + Some(i) => { + if self.items.first().is_some() { + (i + 1) % self.items.len() + } else { + 0 + } + } + None => 0, + }; + self.state.select(Some(i)); + } + + fn previous(&mut self) { + let i = match self.state.selected() { + Some(i) => { + if i == 0 { + self.items.len() - 1 + } else { + i - 1 + } + } + None => 0, + }; + self.state.select(Some(i)); + } + + fn toggle(&mut self) { + if let Some(index) = self.state.selected() { + if let Some(element) = self.items.get_mut(index) { + element.toggle() + } + } + } +} diff --git a/src/agent/onefuzz-task/src/local/generic_analysis.rs b/src/agent/onefuzz-task/src/local/generic_analysis.rs index 429e7b0e3b..cbb31a1ff9 100644 --- a/src/agent/onefuzz-task/src/local/generic_analysis.rs +++ b/src/agent/onefuzz-task/src/local/generic_analysis.rs @@ -27,7 +27,23 @@ pub struct Analysis { } #[async_trait] -impl Template for Analysis { +impl Template for Analysis { + fn example_values() -> Analysis { + Analysis { + analyzer_exe: String::new(), + analyzer_options: vec![], + analyzer_env: HashMap::new(), + target_exe: PathBuf::from("path_to_your_exe"), + target_options: vec![], + input_queue: Some(PathBuf::from("path_to_your_inputs")), + crashes: Some(PathBuf::from("path_where_crashes_written")), + analysis: PathBuf::new(), + tools: None, + reports: Some(PathBuf::from("path_where_reports_written")), + unique_reports: Some(PathBuf::from("path_where_reports_written")), + no_repro: Some(PathBuf::from("path_where_no_repro_reports_written")), + } + } async fn run(&self, context: &RunContext) -> Result<()> { let input_q = if let Some(w) = &self.input_queue { Some(context.monitor_dir(w).await?) diff --git a/src/agent/onefuzz-task/src/local/generic_crash_report.rs b/src/agent/onefuzz-task/src/local/generic_crash_report.rs index 347a8cac76..91dec1ae44 100644 --- a/src/agent/onefuzz-task/src/local/generic_crash_report.rs +++ b/src/agent/onefuzz-task/src/local/generic_crash_report.rs @@ -39,7 +39,25 @@ pub struct CrashReport { minimized_stack_depth: Option, } #[async_trait] -impl Template for CrashReport { +impl Template for CrashReport { + fn example_values() -> CrashReport { + CrashReport { + target_exe: PathBuf::from("path_to_your_exe"), + target_options: vec![], + target_env: HashMap::new(), + input_queue: Some(PathBuf::from("path_to_your_inputs")), + crashes: Some(PathBuf::from("path_where_crashes_written")), + reports: Some(PathBuf::from("path_where_reports_written")), + unique_reports: Some(PathBuf::from("path_where_reports_written")), + no_repro: Some(PathBuf::from("path_where_no_repro_reports_written")), + target_timeout: None, + check_asan_log: true, + check_debugger: true, + check_retry_count: 5, + check_queue: false, + minimized_stack_depth: None, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let input_q_fut: OptionFuture<_> = self .input_queue diff --git a/src/agent/onefuzz-task/src/local/generic_generator.rs b/src/agent/onefuzz-task/src/local/generic_generator.rs index ae9f6a3cc6..3c26af4cf8 100644 --- a/src/agent/onefuzz-task/src/local/generic_generator.rs +++ b/src/agent/onefuzz-task/src/local/generic_generator.rs @@ -35,7 +35,26 @@ pub struct Generator { } #[async_trait] -impl Template for Generator { +impl Template for Generator { + fn example_values() -> Generator { + Generator { + generator_exe: String::new(), + generator_env: HashMap::new(), + generator_options: vec![], + readonly_inputs: vec![PathBuf::from("path_to_readonly_inputs")], + crashes: PathBuf::new(), + tools: None, + target_exe: PathBuf::from("path_to_your_exe"), + target_env: HashMap::new(), + target_options: vec![], + target_timeout: None, + check_asan_log: true, + check_debugger: true, + check_retry_count: 5, + rename_output: false, + ensemble_sync_delay: None, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let generator_config = crate::tasks::fuzz::generator::Config { generator_exe: self.generator_exe.clone(), diff --git a/src/agent/onefuzz-task/src/local/libfuzzer.rs b/src/agent/onefuzz-task/src/local/libfuzzer.rs index 433636be1c..472a6ae9e8 100644 --- a/src/agent/onefuzz-task/src/local/libfuzzer.rs +++ b/src/agent/onefuzz-task/src/local/libfuzzer.rs @@ -32,7 +32,22 @@ pub struct LibFuzzer { } #[async_trait] -impl Template for LibFuzzer { +impl Template for LibFuzzer { + fn example_values() -> LibFuzzer { + LibFuzzer { + inputs: PathBuf::new(), + readonly_inputs: vec![PathBuf::from("path_to_readonly_inputs")], + crashes: PathBuf::new(), + crashdumps: None, + target_exe: PathBuf::from("path_to_your_exe"), + target_env: HashMap::new(), + target_options: vec![], + target_workers: None, + ensemble_sync_delay: None, + check_fuzzer_help: true, + expect_crash_on_failure: true, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let ri: Result> = self .readonly_inputs diff --git a/src/agent/onefuzz-task/src/local/libfuzzer_crash_report.rs b/src/agent/onefuzz-task/src/local/libfuzzer_crash_report.rs index 04ba4f9225..9de1fc66ce 100644 --- a/src/agent/onefuzz-task/src/local/libfuzzer_crash_report.rs +++ b/src/agent/onefuzz-task/src/local/libfuzzer_crash_report.rs @@ -36,7 +36,24 @@ pub struct LibfuzzerCrashReport { } #[async_trait] -impl Template for LibfuzzerCrashReport { +impl Template for LibfuzzerCrashReport { + fn example_values() -> LibfuzzerCrashReport { + LibfuzzerCrashReport { + target_exe: PathBuf::from("path_to_your_exe"), + target_env: HashMap::new(), + target_options: vec![], + target_timeout: None, + input_queue: Some(PathBuf::from("path_to_your_inputs")), + crashes: Some(PathBuf::from("path_where_crashes_written")), + reports: Some(PathBuf::from("path_where_reports_written")), + unique_reports: Some(PathBuf::from("path_where_reports_written")), + no_repro: Some(PathBuf::from("path_where_no_repro_reports_written")), + check_fuzzer_help: true, + check_retry_count: 5, + minimized_stack_depth: None, + check_queue: true, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let input_q_fut: OptionFuture<_> = self .input_queue diff --git a/src/agent/onefuzz-task/src/local/libfuzzer_merge.rs b/src/agent/onefuzz-task/src/local/libfuzzer_merge.rs index 4b3e4ce58f..d4915e6b4c 100644 --- a/src/agent/onefuzz-task/src/local/libfuzzer_merge.rs +++ b/src/agent/onefuzz-task/src/local/libfuzzer_merge.rs @@ -27,7 +27,19 @@ pub struct LibfuzzerMerge { } #[async_trait] -impl Template for LibfuzzerMerge { +impl Template for LibfuzzerMerge { + fn example_values() -> LibfuzzerMerge { + LibfuzzerMerge { + target_exe: PathBuf::from("path_to_your_exe"), + target_env: HashMap::new(), + target_options: vec![], + input_queue: Some(PathBuf::from("path_to_your_inputs")), + inputs: vec![], + unique_inputs: PathBuf::new(), + preserve_existing_outputs: true, + check_fuzzer_help: true, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let input_q_fut: OptionFuture<_> = self .input_queue diff --git a/src/agent/onefuzz-task/src/local/libfuzzer_regression.rs b/src/agent/onefuzz-task/src/local/libfuzzer_regression.rs index 3fbb9f0bd6..b53fb84c22 100644 --- a/src/agent/onefuzz-task/src/local/libfuzzer_regression.rs +++ b/src/agent/onefuzz-task/src/local/libfuzzer_regression.rs @@ -40,7 +40,25 @@ pub struct LibfuzzerRegression { } #[async_trait] -impl Template for LibfuzzerRegression { +impl Template for LibfuzzerRegression { + fn example_values() -> LibfuzzerRegression { + LibfuzzerRegression { + target_exe: PathBuf::from("path_to_your_exe"), + target_options: vec![], + target_env: HashMap::new(), + target_timeout: None, + crashes: PathBuf::new(), + regression_reports: PathBuf::new(), + report_list: None, + unique_reports: Some(PathBuf::from("path_where_reports_written")), + reports: Some(PathBuf::from("path_where_reports_written")), + no_repro: Some(PathBuf::from("path_where_no_repro_reports_written")), + readonly_inputs: None, + check_fuzzer_help: true, + check_retry_count: 5, + minimized_stack_depth: None, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let libfuzzer_regression = crate::tasks::regression::libfuzzer::Config { target_exe: self.target_exe.clone(), diff --git a/src/agent/onefuzz-task/src/local/libfuzzer_test_input.rs b/src/agent/onefuzz-task/src/local/libfuzzer_test_input.rs index 5bef2347f7..88c3cd1a3d 100644 --- a/src/agent/onefuzz-task/src/local/libfuzzer_test_input.rs +++ b/src/agent/onefuzz-task/src/local/libfuzzer_test_input.rs @@ -24,7 +24,21 @@ pub struct LibfuzzerTestInput { } #[async_trait] -impl Template for LibfuzzerTestInput { +impl Template for LibfuzzerTestInput { + fn example_values() -> LibfuzzerTestInput { + LibfuzzerTestInput { + input: PathBuf::new(), + target_exe: PathBuf::from("path_to_your_exe"), + target_options: vec![], + target_env: HashMap::new(), + setup_dir: PathBuf::new(), + extra_setup_dir: None, + extra_output_dir: None, + target_timeout: None, + check_retry_count: 5, + minimized_stack_depth: None, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let c = self.clone(); let t = tokio::spawn(async move { diff --git a/src/agent/onefuzz-task/src/local/mod.rs b/src/agent/onefuzz-task/src/local/mod.rs index 385ff8ffcd..6020cb0fa6 100644 --- a/src/agent/onefuzz-task/src/local/mod.rs +++ b/src/agent/onefuzz-task/src/local/mod.rs @@ -5,6 +5,7 @@ pub mod cmd; pub mod common; #[cfg(any(target_os = "linux", target_os = "windows"))] pub mod coverage; +pub mod create_template; pub mod generic_analysis; pub mod generic_crash_report; pub mod generic_generator; diff --git a/src/agent/onefuzz-task/src/local/template.rs b/src/agent/onefuzz-task/src/local/template.rs index 73ae6e5e48..3393edd89a 100644 --- a/src/agent/onefuzz-task/src/local/template.rs +++ b/src/agent/onefuzz-task/src/local/template.rs @@ -5,6 +5,7 @@ use path_absolutize::Absolutize; use serde::Deserialize; use std::path::{Path, PathBuf}; use storage_queue::QueueClient; +use strum_macros::{EnumDiscriminants, EnumString, EnumVariantNames}; use tokio::{sync::Mutex, task::JoinHandle}; use url::Url; use uuid::Uuid; @@ -27,14 +28,14 @@ use schemars::JsonSchema; #[derive(Debug, Serialize, Deserialize, Clone, JsonSchema)] pub struct TaskGroup { #[serde(flatten)] - common: CommonProperties, + pub common: CommonProperties, /// The list of tasks - tasks: Vec, + pub tasks: Vec, } #[derive(Debug, Deserialize, Serialize, Clone, JsonSchema)] -struct CommonProperties { +pub struct CommonProperties { pub setup_dir: Option, pub extra_setup_dir: Option, pub extra_dir: Option, @@ -42,9 +43,10 @@ struct CommonProperties { pub create_job_dir: bool, } -#[derive(Debug, Serialize, Deserialize, Clone, JsonSchema)] +#[derive(Debug, Serialize, Deserialize, Clone, JsonSchema, EnumVariantNames, EnumDiscriminants)] +#[strum_discriminants(derive(EnumString))] #[serde(tag = "type")] -enum TaskConfig { +pub enum TaskConfig { LibFuzzer(LibFuzzer), Analysis(Analysis), Coverage(Coverage), @@ -61,7 +63,8 @@ enum TaskConfig { } #[async_trait] -pub trait Template { +pub trait Template { + fn example_values() -> T; async fn run(&self, context: &RunContext) -> Result<()>; } @@ -136,16 +139,16 @@ impl RunContext { name: impl AsRef, path: impl AsRef, ) -> Result { - if !path.as_ref().exists() { - std::fs::create_dir_all(&path)?; - } - self.to_sync_dir(name, path)? .monitor_count(&self.event_sender) } pub fn to_sync_dir(&self, name: impl AsRef, path: impl AsRef) -> Result { let path = path.as_ref(); + if !path.exists() { + std::fs::create_dir_all(path)?; + } + let name = name.as_ref(); let current_dir = std::env::current_dir()?; if self.create_job_dir { diff --git a/src/agent/onefuzz-task/src/local/test_input.rs b/src/agent/onefuzz-task/src/local/test_input.rs index b8027a7f41..0018494ec0 100644 --- a/src/agent/onefuzz-task/src/local/test_input.rs +++ b/src/agent/onefuzz-task/src/local/test_input.rs @@ -28,7 +28,24 @@ pub struct TestInput { } #[async_trait] -impl Template for TestInput { +impl Template for TestInput { + fn example_values() -> TestInput { + TestInput { + input: PathBuf::new(), + target_exe: PathBuf::from("path_to_your_exe"), + target_options: vec![], + target_env: HashMap::new(), + setup_dir: PathBuf::new(), + extra_setup_dir: None, + task_id: Uuid::new_v4(), + job_id: Uuid::new_v4(), + target_timeout: None, + check_retry_count: 5, + check_asan_log: true, + check_debugger: true, + minimized_stack_depth: None, + } + } async fn run(&self, context: &RunContext) -> Result<()> { let c = self.clone(); let t = tokio::spawn(async move { diff --git a/src/agent/onefuzz-task/src/main.rs b/src/agent/onefuzz-task/src/main.rs index 77fd7a59ea..d230f92ff5 100644 --- a/src/agent/onefuzz-task/src/main.rs +++ b/src/agent/onefuzz-task/src/main.rs @@ -11,8 +11,10 @@ extern crate onefuzz; use anyhow::Result; use clap::{ArgMatches, Command}; + use std::io::{stdout, Write}; +mod check_for_update; mod local; mod managed; mod tasks; @@ -20,12 +22,15 @@ mod tasks; const LICENSE_CMD: &str = "licenses"; const LOCAL_CMD: &str = "local"; const MANAGED_CMD: &str = "managed"; +const CHECK_FOR_UPDATE: &str = "check_for_update"; + +const ONEFUZZ_BUILT_VERSION: &str = env!("ONEFUZZ_VERSION"); fn main() -> Result<()> { let built_version = format!( "{} onefuzz:{} git:{}", crate_version!(), - env!("ONEFUZZ_VERSION"), + ONEFUZZ_BUILT_VERSION, env!("GIT_VERSION") ); @@ -33,7 +38,11 @@ fn main() -> Result<()> { .version(built_version) .subcommand(managed::cmd::args(MANAGED_CMD)) .subcommand(local::cmd::args(LOCAL_CMD)) - .subcommand(Command::new(LICENSE_CMD).about("display third-party licenses")); + .subcommand(Command::new(LICENSE_CMD).about("display third-party licenses")) + .subcommand( + Command::new(CHECK_FOR_UPDATE) + .about("compares the version of onefuzz-task with the onefuzz service"), + ); let matches = app.get_matches(); @@ -55,6 +64,7 @@ async fn run(args: ArgMatches) -> Result<()> { Some((LICENSE_CMD, _)) => licenses(), Some((LOCAL_CMD, sub)) => local::cmd::run(sub.to_owned()).await, Some((MANAGED_CMD, sub)) => managed::cmd::run(sub).await, + Some((CHECK_FOR_UPDATE, _)) => check_for_update::run(ONEFUZZ_BUILT_VERSION), _ => anyhow::bail!("No command provided. Run with 'help' to see available commands."), } } diff --git a/src/agent/onefuzz-task/src/tasks/coverage/generic.rs b/src/agent/onefuzz-task/src/tasks/coverage/generic.rs index 4fde9efb31..53a45e9948 100644 --- a/src/agent/onefuzz-task/src/tasks/coverage/generic.rs +++ b/src/agent/onefuzz-task/src/tasks/coverage/generic.rs @@ -141,6 +141,9 @@ impl CoverageTask { context.heartbeat.alive(); + info!("report initial coverage"); + context.report_coverage_stats().await; + for dir in &self.config.readonly_inputs { debug!("recording coverage for {}", dir.local_path.display()); @@ -161,7 +164,6 @@ impl CoverageTask { } if seen_inputs { - context.report_coverage_stats().await?; context.save_and_sync_coverage().await?; } @@ -454,7 +456,7 @@ impl<'a> TaskContext<'a> { Ok(count) } - pub async fn report_coverage_stats(&self) -> Result<()> { + pub async fn report_coverage_stats(&self) { use EventData::*; let coverage = RwLock::read(&self.coverage).await; @@ -471,7 +473,6 @@ impl<'a> TaskContext<'a> { ]), ) .await; - Ok(()) } pub async fn save_coverage( @@ -565,7 +566,7 @@ impl<'a> Processor for TaskContext<'a> { self.heartbeat.alive(); self.record_input(input).await?; - self.report_coverage_stats().await?; + self.report_coverage_stats().await; self.save_and_sync_coverage().await?; Ok(()) diff --git a/src/agent/onefuzz-task/src/tasks/coverage/generic/windows-interceptor.list b/src/agent/onefuzz-task/src/tasks/coverage/generic/windows-interceptor.list index 3669bbadec..0994295944 100644 --- a/src/agent/onefuzz-task/src/tasks/coverage/generic/windows-interceptor.list +++ b/src/agent/onefuzz-task/src/tasks/coverage/generic/windows-interceptor.list @@ -1,5 +1,6 @@ # Required to avoid recording errors. ! *\llvm-project\compiler-rt\* +! *\llvm\compiler-rt\* ! *\vctools\crt\* ! *\Windows Kits\10\Include\*\ucrt\* ! *\ExternalAPIs\Windows\10\sdk\* diff --git a/src/agent/onefuzz-task/src/tasks/fuzz/libfuzzer/common.rs b/src/agent/onefuzz-task/src/tasks/fuzz/libfuzzer/common.rs index bfd9f3f5cc..32f3372958 100644 --- a/src/agent/onefuzz-task/src/tasks/fuzz/libfuzzer/common.rs +++ b/src/agent/onefuzz-task/src/tasks/fuzz/libfuzzer/common.rs @@ -272,7 +272,7 @@ where info!("config is: {:?}", self.config); let fuzzer = L::from_config(&self.config).await?; - let mut running = fuzzer.fuzz(crash_dir.path(), local_inputs, &inputs).await?; + let mut running = fuzzer.fuzz(crash_dir.path(), local_inputs, &inputs)?; info!("child is: {:?}", running); diff --git a/src/agent/onefuzz-task/tests/template_integration.rs b/src/agent/onefuzz-task/tests/template_integration.rs new file mode 100644 index 0000000000..bcfefd3bda --- /dev/null +++ b/src/agent/onefuzz-task/tests/template_integration.rs @@ -0,0 +1,208 @@ +use std::{ + collections::HashSet, + ffi::OsStr, + path::{Path, PathBuf}, +}; + +use path_absolutize::Absolutize; +use tokio::fs; + +use anyhow::Result; +use log::info; +use onefuzz_task_lib::local::template; +use std::time::Duration; +use tokio::time::timeout; + +macro_rules! libfuzzer_tests { + ($($name:ident: $value:expr,)*) => { + $( + #[tokio::test(flavor = "multi_thread")] + #[cfg_attr(not(feature = "integration_test"), ignore)] + async fn $name() { + let _ = env_logger::builder().is_test(true).try_init(); + let (config, libfuzzer_target) = $value; + test_libfuzzer_basic_template(PathBuf::from(config), PathBuf::from(libfuzzer_target)).await; + } + )* + } +} + +// This is the format for adding other templates/targets for this macro +// $TEST_NAME: ($RELATIVE_PATH_TO_TEMPLATE, $RELATIVE_PATH_TO_TARGET), +// Make sure that you place the target binary in CI +libfuzzer_tests! { + libfuzzer_basic: ("./tests/templates/libfuzzer_basic.yml", "./tests/targets/simple/fuzz.exe"), +} + +async fn test_libfuzzer_basic_template(config: PathBuf, libfuzzer_target: PathBuf) { + assert_exists_and_is_file(&config).await; + assert_exists_and_is_file(&libfuzzer_target).await; + + let test_layout = create_test_directory(&config, &libfuzzer_target) + .await + .expect("Failed to create test directory layout"); + + info!("Executed test from: {:?}", &test_layout.root); + info!("Running template for 1 minute..."); + if let Ok(template_result) = timeout( + Duration::from_secs(60), + template::launch(&test_layout.config, None), + ) + .await + { + // Something went wrong when running the template so lets print out the template to be helpful + info!("Printing config as it was used in the test:"); + info!("{:?}", fs::read_to_string(&test_layout.config).await); + template_result.unwrap(); + } + + verify_test_layout_structure_did_not_change(&test_layout).await; + assert_directory_is_not_empty(&test_layout.inputs).await; + assert_directory_is_not_empty(&test_layout.crashes).await; + verify_coverage_dir(&test_layout.coverage).await; + + let _ = fs::remove_dir_all(&test_layout.root).await; +} + +async fn verify_test_layout_structure_did_not_change(test_layout: &TestLayout) { + assert_exists_and_is_dir(&test_layout.root).await; + assert_exists_and_is_file(&test_layout.config).await; + assert_exists_and_is_file(&test_layout.target_exe).await; + assert_exists_and_is_dir(&test_layout.crashdumps).await; + assert_exists_and_is_dir(&test_layout.coverage).await; + assert_exists_and_is_dir(&test_layout.crashes).await; + assert_exists_and_is_dir(&test_layout.inputs).await; + assert_exists_and_is_dir(&test_layout.regression_reports).await; +} + +async fn verify_coverage_dir(coverage: &Path) { + warn_if_empty(coverage).await; +} + +async fn assert_exists_and_is_dir(dir: &Path) { + assert!(dir.exists(), "Expected directory to exist. dir = {:?}", dir); + assert!( + dir.is_dir(), + "Expected path to be a directory. dir = {:?}", + dir + ); +} + +async fn warn_if_empty(dir: &Path) { + if dir_is_empty(dir).await { + println!("Expected directory to not be empty: {:?}", dir); + } +} + +async fn assert_exists_and_is_file(file: &Path) { + assert!(file.exists(), "Expected file to exist. file = {:?}", file); + assert!( + file.is_file(), + "Expected path to be a file. file = {:?}", + file + ); +} + +async fn dir_is_empty(dir: &Path) -> bool { + fs::read_dir(dir) + .await + .unwrap_or_else(|_| panic!("Failed to list files in directory. dir = {:?}", dir)) + .next_entry() + .await + .unwrap_or_else(|_| { + panic!( + "Failed to get next file in directory listing. dir = {:?}", + dir + ) + }) + .is_some() +} + +async fn assert_directory_is_not_empty(dir: &Path) { + assert!( + dir_is_empty(dir).await, + "Expected directory to not be empty. dir = {:?}", + dir + ); +} + +async fn create_test_directory(config: &Path, target_exe: &Path) -> Result { + let mut test_directory = PathBuf::from(".").join(uuid::Uuid::new_v4().to_string()); + fs::create_dir_all(&test_directory).await?; + test_directory = test_directory.canonicalize()?; + + let mut inputs_directory = PathBuf::from(&test_directory).join("inputs"); + inputs_directory = inputs_directory.absolutize()?.into(); + + let mut crashes_directory = PathBuf::from(&test_directory).join("crashes"); + crashes_directory = crashes_directory.absolutize()?.into(); + + let mut crashdumps_directory = PathBuf::from(&test_directory).join("crashdumps"); + crashdumps_directory = crashdumps_directory.absolutize()?.into(); + + let mut coverage_directory = PathBuf::from(&test_directory).join("coverage"); + coverage_directory = coverage_directory.absolutize()?.into(); + + let mut regression_reports_directory = + PathBuf::from(&test_directory).join("regression_reports"); + regression_reports_directory = regression_reports_directory.absolutize()?.into(); + + let mut target_in_test = PathBuf::from(&test_directory).join("fuzz.exe"); + fs::copy(target_exe, &target_in_test).await?; + target_in_test = target_in_test.canonicalize()?; + + let mut interesting_extensions = HashSet::new(); + interesting_extensions.insert(Some(OsStr::new("so"))); + interesting_extensions.insert(Some(OsStr::new("pdb"))); + let mut f = fs::read_dir(target_exe.parent().unwrap()).await?; + while let Ok(Some(f)) = f.next_entry().await { + if interesting_extensions.contains(&f.path().extension()) { + fs::copy(f.path(), PathBuf::from(&test_directory).join(f.file_name())).await?; + } + } + + let mut config_data = fs::read_to_string(config).await?; + + config_data = config_data + .replace("{TARGET_PATH}", target_in_test.to_str().unwrap()) + .replace("{INPUTS_PATH}", inputs_directory.to_str().unwrap()) + .replace("{CRASHES_PATH}", crashes_directory.to_str().unwrap()) + .replace("{CRASHDUMPS_PATH}", crashdumps_directory.to_str().unwrap()) + .replace("{COVERAGE_PATH}", coverage_directory.to_str().unwrap()) + .replace( + "{REGRESSION_REPORTS_PATH}", + regression_reports_directory.to_str().unwrap(), + ) + .replace("{TEST_DIRECTORY}", test_directory.to_str().unwrap()); + + let mut config_in_test = + PathBuf::from(&test_directory).join(config.file_name().unwrap_or_else(|| { + panic!("Failed to get file name for config. config = {:?}", config) + })); + + fs::write(&config_in_test, &config_data).await?; + config_in_test = config_in_test.canonicalize()?; + + Ok(TestLayout { + root: test_directory, + config: config_in_test, + target_exe: target_in_test, + inputs: inputs_directory, + crashes: crashes_directory, + crashdumps: crashdumps_directory, + coverage: coverage_directory, + regression_reports: regression_reports_directory, + }) +} + +#[derive(Debug)] +struct TestLayout { + root: PathBuf, + config: PathBuf, + target_exe: PathBuf, + inputs: PathBuf, + crashes: PathBuf, + crashdumps: PathBuf, + coverage: PathBuf, + regression_reports: PathBuf, +} diff --git a/src/agent/onefuzz-task/tests/templates/libfuzzer_basic.yml b/src/agent/onefuzz-task/tests/templates/libfuzzer_basic.yml new file mode 100644 index 0000000000..f6740cbc96 --- /dev/null +++ b/src/agent/onefuzz-task/tests/templates/libfuzzer_basic.yml @@ -0,0 +1,33 @@ +# yaml-language-server: $schema=../../src/local/schema.json + +required_args: &required_args + target_exe: '{TARGET_PATH}' + inputs: &inputs '{INPUTS_PATH}' # A folder containining your inputs + crashes: &crashes '{CRASHES_PATH}' # The folder where you want the crashing inputs to be output + crashdumps: '{CRASHDUMPS_PATH}' # The folder where you want the crash dumps to be output + coverage: '{COVERAGE_PATH}' # The folder where you want the code coverage to be output + regression_reports: '{REGRESSION_REPORTS_PATH}' # The folder where you want the regression reports to be output + target_env: { + 'LD_LIBRARY_PATH': '{TEST_DIRECTORY}', + } + target_options: [] + check_fuzzer_help: false + +tasks: + - type: LibFuzzer + <<: *required_args + readonly_inputs: [] + + - type: LibfuzzerRegression + <<: *required_args + + - type: "LibfuzzerCrashReport" + <<: *required_args + input_queue: *crashes + + - type: "Coverage" + <<: *required_args + target_options: + - "{input}" + input_queue: *inputs + readonly_inputs: [*inputs] diff --git a/src/agent/onefuzz-telemetry/Cargo.toml b/src/agent/onefuzz-telemetry/Cargo.toml index 23574a013f..8f91478b1f 100644 --- a/src/agent/onefuzz-telemetry/Cargo.toml +++ b/src/agent/onefuzz-telemetry/Cargo.toml @@ -15,5 +15,5 @@ chrono = { version = "0.4", default-features = false, features = [ lazy_static = "1.4" log = "0.4" serde = { version = "1.0", features = ["derive"] } -tokio = { version = "1.29", features = ["full"] } +tokio = { version = "1.32", features = ["full"] } uuid = { version = "1.4", features = ["serde", "v4"] } diff --git a/src/agent/onefuzz/Cargo.toml b/src/agent/onefuzz/Cargo.toml index 1f3c27985c..55042607fa 100644 --- a/src/agent/onefuzz/Cargo.toml +++ b/src/agent/onefuzz/Cargo.toml @@ -10,7 +10,7 @@ license = "MIT" anyhow = "1.0" async-trait = "0.1" base64 = "0.21" -bytes = "1.4" +bytes = "1.5" dunce = "1.0" dynamic-library = { path = "../dynamic-library" } futures = "0.3" @@ -18,7 +18,7 @@ futures-util = "0.3" hex = "0.4" lazy_static = "1.4" log = "0.4" -notify = { version = "6.0.1", default-features = false } +notify = { version = "6.1.1", default-features = false } regex = "1.9.1" reqwest = { version = "0.11", features = [ "json", @@ -31,7 +31,7 @@ serde = "1.0" serde_json = "1.0" rand = "0.8" serde_derive = "1.0" -tokio = { version = "1.29", features = ["full"] } +tokio = { version = "1.32", features = ["full"] } tokio-stream = { version = "0.1", features = ["fs", "time", "tokio-util"] } tokio-util = { version = "0.7", features = ["full"] } uuid = { version = "1.4", features = ["serde", "v4"] } @@ -40,7 +40,7 @@ url-escape = "0.1.0" storage-queue = { path = "../storage-queue" } strum = "0.25" strum_macros = "0.25" -tempfile = "3.7.0" +tempfile = "3.8.0" process_control = "4.0" reqwest-retry = { path = "../reqwest-retry" } onefuzz-telemetry = { path = "../onefuzz-telemetry" } @@ -49,7 +49,7 @@ stacktrace-parser = { path = "../stacktrace-parser" } backoff = { version = "0.4", features = ["tokio"] } [target.'cfg(target_family = "windows")'.dependencies] -winreg = "0.50" +winreg = "0.51" input-tester = { path = "../input-tester" } debugger = { path = "../debugger" } windows = { version = "0.48", features = [ @@ -62,10 +62,10 @@ cpp_demangle = "0.4" nix = "0.26" [target.'cfg(target_os = "linux")'.dependencies] -pete = "0.10" +pete = "0.12" rstack = "0.3" proc-maps = { version = "0.3", default-features = false } [dev-dependencies] -clap = { version = "4.3.0", features = ["derive"] } +clap = { version = "4.4.2", features = ["derive"] } pretty_assertions = "1.4.0" diff --git a/src/agent/onefuzz/src/expand.rs b/src/agent/onefuzz/src/expand.rs index 93587a6b58..7f1813899f 100644 --- a/src/agent/onefuzz/src/expand.rs +++ b/src/agent/onefuzz/src/expand.rs @@ -128,7 +128,8 @@ impl<'a> Expand<'a> { fn input_file_sha256(&self) -> Result> { let Some(val) = self.values.get(PlaceHolder::Input.get_string()) else { - bail!("no value found for {}, unable to evaluate {}", + bail!( + "no value found for {}, unable to evaluate {}", PlaceHolder::Input.get_string(), PlaceHolder::InputFileSha256.get_string(), ) @@ -149,7 +150,8 @@ impl<'a> Expand<'a> { fn extract_file_name_no_ext(&self) -> Result> { let Some(val) = self.values.get(PlaceHolder::Input.get_string()) else { - bail!("no value found for {}, unable to evaluate {}", + bail!( + "no value found for {}, unable to evaluate {}", PlaceHolder::Input.get_string(), PlaceHolder::InputFileNameNoExt.get_string(), ) @@ -173,7 +175,8 @@ impl<'a> Expand<'a> { fn extract_file_name(&self) -> Result> { let Some(val) = self.values.get(PlaceHolder::Input.get_string()) else { - bail!("no value found for {}, unable to evaluate {}", + bail!( + "no value found for {}, unable to evaluate {}", PlaceHolder::Input.get_string(), PlaceHolder::InputFileName.get_string(), ) diff --git a/src/agent/onefuzz/src/libfuzzer.rs b/src/agent/onefuzz/src/libfuzzer.rs index 495f401bae..00b24bf4e9 100644 --- a/src/agent/onefuzz/src/libfuzzer.rs +++ b/src/agent/onefuzz/src/libfuzzer.rs @@ -339,7 +339,7 @@ impl LibFuzzer { Ok(missing) } - pub async fn fuzz( + pub fn fuzz( &self, fault_dir: impl AsRef, corpus_dir: impl AsRef, @@ -352,8 +352,7 @@ impl LibFuzzer { // specify that a new file `crash-` should be written to a // _directory_ ``, we must ensure that the prefix includes a // trailing path separator. - let artifact_prefix: OsString = - format!("-artifact_prefix={}/", fault_dir.as_ref().display()).into(); + let artifact_prefix = artifact_prefix(fault_dir.as_ref()); let mut cmd = self.build_command( Some(fault_dir.as_ref()), @@ -363,10 +362,11 @@ impl LibFuzzer { None, )?; + debug!("Running command: {:?}", &cmd); + let child = cmd .spawn() .with_context(|| format_err!("libfuzzer failed to start: {}", self.exe.display()))?; - Ok(child) } @@ -441,6 +441,20 @@ impl LibFuzzer { } } +#[cfg(target_os = "windows")] +fn artifact_prefix(fault_dir: &Path) -> OsString { + if fault_dir.is_absolute() { + format!("-artifact_prefix={}\\", fault_dir.display()).into() + } else { + format!("-artifact_prefix={}/", fault_dir.display()).into() + } +} + +#[cfg(not(target_os = "windows"))] +fn artifact_prefix(fault_dir: &Path) -> OsString { + format!("-artifact_prefix={}/", fault_dir.display()).into() +} + pub struct LibFuzzerLine { _line: String, iters: u64, diff --git a/src/agent/onefuzz/src/syncdir.rs b/src/agent/onefuzz/src/syncdir.rs index 2e73b7a694..efd8f8e0e3 100644 --- a/src/agent/onefuzz/src/syncdir.rs +++ b/src/agent/onefuzz/src/syncdir.rs @@ -283,7 +283,7 @@ impl SyncedDir { Event::new_coverage => { jr_client .send_direct( - JobResultData::CoverageData, + JobResultData::NewCoverage, HashMap::from([("count".to_string(), 1.0)]), ) .await; @@ -351,7 +351,7 @@ impl SyncedDir { Event::new_coverage => { jr_client .send_direct( - JobResultData::CoverageData, + JobResultData::NewCoverage, HashMap::from([("count".to_string(), 1.0)]), ) .await; diff --git a/src/agent/reqwest-retry/Cargo.toml b/src/agent/reqwest-retry/Cargo.toml index d7d12ff4e8..5ddfbbe419 100644 --- a/src/agent/reqwest-retry/Cargo.toml +++ b/src/agent/reqwest-retry/Cargo.toml @@ -19,5 +19,5 @@ reqwest = { version = "0.11", features = [ thiserror = "1.0" [dev-dependencies] -tokio = { version = "1.29", features = ["macros"] } +tokio = { version = "1.32", features = ["macros"] } wiremock = "0.5" diff --git a/src/agent/stacktrace-parser/Cargo.toml b/src/agent/stacktrace-parser/Cargo.toml index 9cb92d9bcf..2428047e66 100644 --- a/src/agent/stacktrace-parser/Cargo.toml +++ b/src/agent/stacktrace-parser/Cargo.toml @@ -16,5 +16,5 @@ serde_json = "1.0" libclusterfuzz = { path = "../libclusterfuzz" } [dev-dependencies] -insta = { version = "1.31.0", features = ["glob", "json"] } +insta = { version = "1.32.0", features = ["glob", "json"] } pretty_assertions = "1.4" diff --git a/src/agent/storage-queue/Cargo.toml b/src/agent/storage-queue/Cargo.toml index d5c1c09d08..58034cff18 100644 --- a/src/agent/storage-queue/Cargo.toml +++ b/src/agent/storage-queue/Cargo.toml @@ -10,7 +10,7 @@ anyhow = "1.0" async-trait = "0.1" backoff = { version = "0.4", features = ["tokio"] } base64 = "0.21" -bytes = { version = "1.4", features = ["serde"] } +bytes = { version = "1.5", features = ["serde"] } derivative = "2.2" flume = "0.10" num_cpus = "1.15" @@ -26,6 +26,6 @@ serde = { version = "1.0", features = ["derive"] } serde_derive = "1.0" serde_json = "1.0" bincode = "1.3" -tokio = { version = "1.29", features = ["full"] } +tokio = { version = "1.32", features = ["full"] } queue-file = "1.4" uuid = { version = "1.4", features = ["serde", "v4"] } diff --git a/src/agent/win-util/Cargo.toml b/src/agent/win-util/Cargo.toml index 1edaa3fc58..460ee0e197 100644 --- a/src/agent/win-util/Cargo.toml +++ b/src/agent/win-util/Cargo.toml @@ -12,7 +12,7 @@ log = "0.4" os_pipe = "1.1" [target.'cfg(windows)'.dependencies] -winreg = "0.50" +winreg = "0.51" [dependencies.windows] version = "0.48" @@ -33,4 +33,4 @@ features = [ ] [dev-dependencies] -tempfile = "3.7.0" +tempfile = "3.8.0" diff --git a/src/ci/agent.sh b/src/ci/agent.sh index 4a49c975b3..4cca93168b 100755 --- a/src/ci/agent.sh +++ b/src/ci/agent.sh @@ -37,7 +37,7 @@ export RUST_BACKTRACE=full # Run tests and collect coverage # https://github.com/taiki-e/cargo-llvm-cov -cargo llvm-cov nextest --all-targets --features slow-tests --locked --workspace --lcov --output-path "$output_dir/lcov.info" +cargo llvm-cov nextest --all-targets --features slow-tests,integration_test --locked --workspace --lcov --output-path "$output_dir/lcov.info" # TODO: re-enable integration tests. # cargo test --release --manifest-path ./onefuzz-task/Cargo.toml --features integration_test -- --nocapture diff --git a/src/ci/set-versions.sh b/src/ci/set-versions.sh index 34c30ea37c..2271a752f4 100755 --- a/src/ci/set-versions.sh +++ b/src/ci/set-versions.sh @@ -10,8 +10,12 @@ GET_VERSION=${SCRIPT_DIR}/get-version.sh VERSION=${1:-$(${GET_VERSION})} cd ${SCRIPT_DIR}/../../ +arrVer=(${VERSION//./ }) +MAJOR=${arrVer[0]} +MINOR=${arrVer[1]} + SET_VERSIONS="src/pytypes/onefuzztypes/__version__.py src/cli/onefuzz/__version__.py" SET_REQS="src/cli/requirements.txt" sed -i "s/0.0.0/${VERSION}/" ${SET_VERSIONS} -sed -i "s/onefuzztypes==0.0.0/onefuzztypes==${VERSION}/" ${SET_REQS} +sed -i "s/onefuzztypes==0.0.0/onefuzztypes==${MAJOR}.${MINOR}.*/" ${SET_REQS} diff --git a/src/cli/examples/domato.py b/src/cli/examples/domato.py index 7c2abc6301..4bdf2a297c 100755 --- a/src/cli/examples/domato.py +++ b/src/cli/examples/domato.py @@ -67,7 +67,7 @@ def upload_to_fuzzer_container(of: Onefuzz, fuzzer_name: str, fuzzer_url: str) - def upload_to_setup_container(of: Onefuzz, helper: JobHelper, setup_dir: str) -> None: - setup_sas = of.containers.get(helper.containers[ContainerType.setup]).sas_url + setup_sas = of.containers.get(helper.container_name(ContainerType.setup)).sas_url if AZCOPY_PATH is None: raise Exception("missing azcopy") command = [AZCOPY_PATH, "sync", setup_dir, setup_sas] @@ -143,13 +143,16 @@ def main() -> None: helper.create_containers() helper.setup_notifications(notification_config) upload_to_setup_container(of, helper, args.setup_dir) - add_setup_script(of, helper.containers[ContainerType.setup]) + add_setup_script(of, helper.container_name(ContainerType.setup)) containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.reports, helper.containers[ContainerType.reports]), - (ContainerType.unique_reports, helper.containers[ContainerType.unique_reports]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), + ( + ContainerType.unique_reports, + helper.container_name(ContainerType.unique_reports), + ), ] of.logger.info("Creating generic_crash_report task") @@ -164,11 +167,11 @@ def main() -> None: containers = [ (ContainerType.tools, Container(FUZZER_NAME)), - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), ( ContainerType.readonly_inputs, - helper.containers[ContainerType.readonly_inputs], + helper.container_name(ContainerType.readonly_inputs), ), ] diff --git a/src/cli/examples/honggfuzz.py b/src/cli/examples/honggfuzz.py index 225b7f7510..9466716d98 100644 --- a/src/cli/examples/honggfuzz.py +++ b/src/cli/examples/honggfuzz.py @@ -88,13 +88,16 @@ def main() -> None: if args.inputs: helper.upload_inputs(args.inputs) - add_setup_script(of, helper.containers[ContainerType.setup]) + add_setup_script(of, helper.container_name(ContainerType.setup)) containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.reports, helper.containers[ContainerType.reports]), - (ContainerType.unique_reports, helper.containers[ContainerType.unique_reports]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), + ( + ContainerType.unique_reports, + helper.container_name(ContainerType.unique_reports), + ), ] of.logger.info("Creating generic_crash_report task") @@ -109,11 +112,11 @@ def main() -> None: containers = [ (ContainerType.tools, Container("honggfuzz")), - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), ( ContainerType.inputs, - helper.containers[ContainerType.inputs], + helper.container_name(ContainerType.inputs), ), ] diff --git a/src/cli/examples/llvm-source-coverage/source-coverage-libfuzzer.py b/src/cli/examples/llvm-source-coverage/source-coverage-libfuzzer.py index a8a6a91ac9..b8ab5f347a 100755 --- a/src/cli/examples/llvm-source-coverage/source-coverage-libfuzzer.py +++ b/src/cli/examples/llvm-source-coverage/source-coverage-libfuzzer.py @@ -74,15 +74,15 @@ def main() -> None: helper.create_containers() of.containers.files.upload_file( - helper.containers[ContainerType.tools], f"{args.tools}/source-coverage.sh" + helper.container_name(ContainerType.tools), f"{args.tools}/source-coverage.sh" ) containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.analysis, helper.containers[ContainerType.analysis]), - (ContainerType.tools, helper.containers[ContainerType.tools]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.analysis, helper.container_name(ContainerType.analysis)), + (ContainerType.tools, helper.container_name(ContainerType.tools)), # note, analysis is typically for crashes, but this is analyzing inputs - (ContainerType.crashes, helper.containers[ContainerType.inputs]), + (ContainerType.crashes, helper.container_name(ContainerType.inputs)), ] of.logger.info("Creating generic_analysis task") diff --git a/src/cli/examples/llvm-source-coverage/source-coverage.py b/src/cli/examples/llvm-source-coverage/source-coverage.py index 749662caba..ae903cd3b5 100755 --- a/src/cli/examples/llvm-source-coverage/source-coverage.py +++ b/src/cli/examples/llvm-source-coverage/source-coverage.py @@ -61,15 +61,15 @@ def main() -> None: helper.upload_inputs(args.inputs) of.containers.files.upload_file( - helper.containers[ContainerType.tools], f"{args.tools}/source-coverage.sh" + helper.container_name(ContainerType.tools), f"{args.tools}/source-coverage.sh" ) containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.analysis, helper.containers[ContainerType.analysis]), - (ContainerType.tools, helper.containers[ContainerType.tools]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.analysis, helper.container_name(ContainerType.analysis)), + (ContainerType.tools, helper.container_name(ContainerType.tools)), # note, analysis is typically for crashes, but this is analyzing inputs - (ContainerType.crashes, helper.containers[ContainerType.inputs]), + (ContainerType.crashes, helper.container_name(ContainerType.inputs)), ] of.logger.info("Creating generic_analysis task") diff --git a/src/cli/onefuzz/api.py b/src/cli/onefuzz/api.py index 6968192642..852021e5f9 100644 --- a/src/cli/onefuzz/api.py +++ b/src/cli/onefuzz/api.py @@ -9,7 +9,6 @@ import pkgutil import re import subprocess # nosec -import time import uuid from enum import Enum from shutil import which @@ -35,8 +34,7 @@ from .__version__ import __version__ from .azcopy import azcopy_sync -from .backend import Backend, BackendConfig, ContainerWrapper, wait -from .ssh import build_ssh_command, ssh_connect, temp_file +from .backend import Backend, BackendConfig, ContainerWrapper UUID_EXPANSION = TypeVar("UUID_EXPANSION", UUID, str) @@ -530,316 +528,6 @@ def _download_tasks( azcopy_sync(to_download[name], outdir) -class Repro(Endpoint): - """Interact with Reproduction VMs""" - - endpoint = "repro_vms" - - def get(self, vm_id: UUID_EXPANSION) -> models.Repro: - """get information about a Reproduction VM""" - vm_id_expanded = self._disambiguate_uuid( - "vm_id", vm_id, lambda: [str(x.vm_id) for x in self.list()] - ) - - self.logger.debug("get repro vm: %s", vm_id_expanded) - return self._req_model( - "GET", models.Repro, data=requests.ReproGet(vm_id=vm_id_expanded) - ) - - def get_files( - self, - report_container: primitives.Container, - report_name: str, - include_setup: bool = False, - output_dir: primitives.Directory = primitives.Directory("."), - ) -> None: - """downloads the files necessary to locally repro the crash from a given report""" - report_bytes = self.onefuzz.containers.files.get(report_container, report_name) - report = json.loads(report_bytes) - - crash_info = { - "input_blob_container": primitives.Container(""), - "input_blob_name": "", - "job_id": "", - } - if "input_blob" in report: - crash_info["input_blob_container"] = report["input_blob"]["container"] - crash_info["input_blob_name"] = report["input_blob"]["name"] - crash_info["job_id"] = report["job_id"] - elif "crash_test_result" in report and "original_crash_test_result" in report: - if report["original_crash_test_result"]["crash_report"] is None: - self.logger.error( - "No crash report found in the original crash test result, repro files cannot be retrieved" - ) - return - elif report["crash_test_result"]["crash_report"] is None: - self.logger.info( - "No crash report found in the new crash test result, falling back on the original crash test result for job_id" - "Note: if using --include_setup, the downloaded fuzzer binaries may be out-of-date" - ) - - original_report = report["original_crash_test_result"]["crash_report"] - new_report = ( - report["crash_test_result"]["crash_report"] or original_report - ) # fallback on original_report - - crash_info["input_blob_container"] = original_report["input_blob"][ - "container" - ] - crash_info["input_blob_name"] = original_report["input_blob"]["name"] - crash_info["job_id"] = new_report["job_id"] - else: - self.logger.error( - "Encountered an unhandled report format, repro files cannot be retrieved" - ) - return - - self.logger.info( - "downloading files necessary to locally repro crash %s", - crash_info["input_blob_name"], - ) - self.onefuzz.containers.files.download( - primitives.Container(crash_info["input_blob_container"]), - crash_info["input_blob_name"], - os.path.join(output_dir, crash_info["input_blob_name"]), - ) - - if include_setup: - setup_container = list( - self.onefuzz.jobs.containers.list( - crash_info["job_id"], enums.ContainerType.setup - ) - )[0] - - self.onefuzz.containers.files.download_dir( - primitives.Container(setup_container), output_dir - ) - - def create( - self, container: primitives.Container, path: str, duration: int = 24 - ) -> models.Repro: - """Create a Reproduction VM from a Crash Report""" - self.logger.info( - "creating repro vm: %s %s (%d hours)", container, path, duration - ) - return self._req_model( - "POST", - models.Repro, - data=models.ReproConfig(container=container, path=path, duration=duration), - ) - - def delete(self, vm_id: UUID_EXPANSION) -> models.Repro: - """Delete a Reproduction VM""" - vm_id_expanded = self._disambiguate_uuid( - "vm_id", vm_id, lambda: [str(x.vm_id) for x in self.list()] - ) - - self.logger.debug("deleting repro vm: %s", vm_id_expanded) - return self._req_model( - "DELETE", models.Repro, data=requests.ReproGet(vm_id=vm_id_expanded) - ) - - def list(self) -> List[models.Repro]: - """List all VMs""" - self.logger.debug("listing repro vms") - return self._req_model_list("GET", models.Repro, data=requests.ReproGet()) - - def _dbg_linux( - self, repro: models.Repro, debug_command: Optional[str] - ) -> Optional[str]: - """Launch gdb with GDB script that includes 'target remote | ssh ...'""" - - if ( - repro.auth is None - or repro.ip is None - or repro.state != enums.VmState.running - ): - raise Exception("vm setup failed: %s" % repro.state) - - with build_ssh_command( - repro.ip, repro.auth.private_key, command="-T" - ) as ssh_cmd: - gdb_script = [ - "target remote | %s sudo /onefuzz/bin/repro-stdout.sh" - % " ".join(ssh_cmd) - ] - - if debug_command: - gdb_script += [debug_command, "quit"] - - with temp_file("gdb.script", "\n".join(gdb_script)) as gdb_script_path: - dbg = ["gdb", "--silent", "--command", gdb_script_path] - - if debug_command: - dbg += ["--batch"] - - try: - # security note: dbg is built from content coming from - # the server, which is trusted in this context. - return subprocess.run( # nosec - dbg, stdout=subprocess.PIPE, stderr=subprocess.STDOUT - ).stdout.decode(errors="ignore") - except subprocess.CalledProcessError as err: - self.logger.error( - "debug failed: %s", err.output.decode(errors="ignore") - ) - raise err - else: - # security note: dbg is built from content coming from the - # server, which is trusted in this context. - subprocess.call(dbg) # nosec - return None - - def _dbg_windows( - self, - repro: models.Repro, - debug_command: Optional[str], - retry_limit: Optional[int], - ) -> Optional[str]: - """Setup an SSH tunnel, then connect via CDB over SSH tunnel""" - - if ( - repro.auth is None - or repro.ip is None - or repro.state != enums.VmState.running - ): - raise Exception("vm setup failed: %s" % repro.state) - - retry_count = 0 - bind_all = which("wslpath") is not None and repro.os == enums.OS.windows - proxy = "*:" + REPRO_SSH_FORWARD if bind_all else REPRO_SSH_FORWARD - while retry_limit is None or retry_count <= retry_limit: - if retry_limit: - retry_count = retry_count + 1 - with ssh_connect(repro.ip, repro.auth.private_key, proxy=proxy): - dbg = ["cdb.exe", "-remote", "tcp:port=1337,server=localhost"] - if debug_command: - dbg_script = [debug_command, "qq"] - with temp_file( - "db.script", "\r\n".join(dbg_script) - ) as dbg_script_path: - dbg += ["-cf", _wsl_path(dbg_script_path)] - - logging.debug("launching: %s", dbg) - try: - # security note: dbg is built from content coming from the server, - # which is trusted in this context. - return subprocess.run( # nosec - dbg, stdout=subprocess.PIPE, stderr=subprocess.STDOUT - ).stdout.decode(errors="ignore") - except subprocess.CalledProcessError as err: - if err.returncode == 0x8007274D: - self.logger.info( - "failed to connect to debug-server trying again in 10 seconds..." - ) - time.sleep(10.0) - else: - self.logger.error( - "debug failed: %s", - err.output.decode(errors="ignore"), - ) - raise err - else: - logging.debug("launching: %s", dbg) - # security note: dbg is built from content coming from the - # server, which is trusted in this context. - try: - subprocess.check_call(dbg) # nosec - return None - except subprocess.CalledProcessError as err: - if err.returncode == 0x8007274D: - self.logger.info( - "failed to connect to debug-server trying again in 10 seconds..." - ) - time.sleep(10.0) - else: - return None - - if retry_limit is not None: - self.logger.info( - f"failed to connect to debug-server after {retry_limit} attempts. Please try again later " - + f"with onefuzz debug connect {repro.vm_id}" - ) - return None - - def connect( - self, - vm_id: UUID_EXPANSION, - delete_after_use: bool = False, - debug_command: Optional[str] = None, - retry_limit: Optional[int] = None, - ) -> Optional[str]: - """Connect to an existing Reproduction VM""" - - self.logger.info("connecting to reproduction VM: %s", vm_id) - - if which("ssh") is None: - raise Exception("unable to find ssh on local machine") - - def missing_os() -> Tuple[bool, str, models.Repro]: - repro = self.get(vm_id) - return ( - repro.os is not None, - "waiting for os determination", - repro, - ) - - repro = wait(missing_os) - - if repro.os == enums.OS.windows: - if which("cdb.exe") is None: - raise Exception("unable to find cdb.exe on local machine") - if repro.os == enums.OS.linux: - if which("gdb") is None: - raise Exception("unable to find gdb on local machine") - - def func() -> Tuple[bool, str, models.Repro]: - repro = self.get(vm_id) - state = repro.state - return ( - repro.auth is not None - and repro.ip is not None - and state not in [enums.VmState.init, enums.VmState.extensions_launch], - "launching reproducing vm. current state: %s" % state, - repro, - ) - - repro = wait(func) - # give time for debug server to initialize - time.sleep(30.0) - result: Optional[str] = None - if repro.os == enums.OS.windows: - result = self._dbg_windows(repro, debug_command, retry_limit) - elif repro.os == enums.OS.linux: - result = self._dbg_linux(repro, debug_command) - else: - raise NotImplementedError - - if delete_after_use: - self.logger.debug("deleting vm %s", repro.vm_id) - self.delete(repro.vm_id) - - return result - - def create_and_connect( - self, - container: primitives.Container, - path: str, - duration: int = 24, - delete_after_use: bool = False, - debug_command: Optional[str] = None, - retry_limit: Optional[int] = None, - ) -> Optional[str]: - """Create and connect to a Reproduction VM""" - repro = self.create(container, path, duration=duration) - return self.connect( - repro.vm_id, - delete_after_use=delete_after_use, - debug_command=debug_command, - retry_limit=retry_limit, - ) - - class Notifications(Endpoint): """Interact with models.Notifications""" @@ -1900,7 +1588,6 @@ def __init__( client_secret=client_secret, ) self.containers = Containers(self) - self.repro = Repro(self) self.notifications = Notifications(self) self.tasks = Tasks(self) self.jobs = Jobs(self) diff --git a/src/cli/onefuzz/debug.py b/src/cli/onefuzz/debug.py index dc93f49f81..cde03adf57 100644 --- a/src/cli/onefuzz/debug.py +++ b/src/cli/onefuzz/debug.py @@ -28,9 +28,6 @@ from onefuzz.api import UUID_EXPANSION, Command, Endpoint, Onefuzz from .azure_identity_credential_adapter import AzureIdentityCredentialAdapter -from .backend import wait -from .rdp import rdp_connect -from .ssh import ssh_connect EMPTY_SHA256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" ZERO_SHA256 = "0" * len(EMPTY_SHA256) @@ -39,143 +36,6 @@ DEFAULT_TAIL_DELAY = 10.0 -class DebugRepro(Command): - """Debug repro instances""" - - def _disambiguate(self, vm_id: UUID_EXPANSION) -> str: - return str( - self.onefuzz.repro._disambiguate_uuid( - "vm_id", - vm_id, - lambda: [str(x.vm_id) for x in self.onefuzz.repro.list()], - ) - ) - - def _info(self) -> Tuple[str, str]: - info = self.onefuzz.info.get() - return info.resource_group, info.subscription - - def ssh(self, vm_id: str) -> None: - vm_id = self._disambiguate(vm_id) - repro = self.onefuzz.repro.get(vm_id) - if repro.ip is None: - raise Exception("missing IP: %s" % repro) - if repro.auth is None: - raise Exception("missing Auth: %s" % repro) - - with ssh_connect(repro.ip, repro.auth.private_key, call=True): - pass - - def rdp(self, vm_id: str) -> None: - vm_id = self._disambiguate(vm_id) - repro = self.onefuzz.repro.get(vm_id) - if repro.ip is None: - raise Exception("missing IP: %s" % repro) - if repro.auth is None: - raise Exception("missing Auth: %s" % repro) - - RDP_PORT = 3389 - with rdp_connect(repro.ip, repro.auth.password, port=RDP_PORT): - return - - -class DebugNode(Command): - """Debug a specific node on a scaleset""" - - def rdp(self, machine_id: UUID_EXPANSION, duration: Optional[int] = 1) -> None: - node = self.onefuzz.nodes.get(machine_id) - if node.scaleset_id is None: - raise Exception("node is not part of a scaleset") - self.onefuzz.debug.scalesets.rdp( - scaleset_id=node.scaleset_id, machine_id=node.machine_id, duration=duration - ) - - def ssh(self, machine_id: UUID_EXPANSION, duration: Optional[int] = 1) -> None: - node = self.onefuzz.nodes.get(machine_id) - if node.scaleset_id is None: - raise Exception("node is not part of a scaleset") - self.onefuzz.debug.scalesets.ssh( - scaleset_id=node.scaleset_id, machine_id=node.machine_id, duration=duration - ) - - -class DebugScaleset(Command): - """Debug tasks""" - - def _get_proxy_setup( - self, scaleset_id: str, machine_id: UUID, port: int, duration: Optional[int] - ) -> Tuple[bool, str, Optional[Tuple[str, int]]]: - proxy = self.onefuzz.scaleset_proxy.create( - scaleset_id, machine_id, port, duration=duration - ) - if proxy.ip is None: - return (False, "waiting on proxy ip", None) - - return (True, "waiting on proxy port", (proxy.ip, proxy.forward.src_port)) - - def rdp( - self, - scaleset_id: str, - machine_id: UUID_EXPANSION, - duration: Optional[int] = 1, - ) -> None: - ( - scaleset, - machine_id_expanded, - ) = self.onefuzz.scalesets._expand_scaleset_machine( - scaleset_id, machine_id, include_auth=True - ) - - RDP_PORT = 3389 - setup = wait( - lambda: self._get_proxy_setup( - scaleset.scaleset_id, machine_id_expanded, RDP_PORT, duration - ) - ) - if setup is None: - raise Exception("no proxy for RDP port configured") - - if scaleset.auth is None: - raise Exception("auth is not available for scaleset") - - ip, port = setup - with rdp_connect(ip, scaleset.auth.password, port=port): - return - - def ssh( - self, - scaleset_id: str, - machine_id: UUID_EXPANSION, - duration: Optional[int] = 1, - command: Optional[str] = None, - ) -> None: - ( - scaleset, - machine_id_expanded, - ) = self.onefuzz.scalesets._expand_scaleset_machine( - scaleset_id, machine_id, include_auth=True - ) - - SSH_PORT = 22 - setup = wait( - lambda: self._get_proxy_setup( - scaleset.scaleset_id, machine_id_expanded, SSH_PORT, duration - ) - ) - if setup is None: - raise Exception("no proxy for SSH port configured") - - ip, port = setup - - if scaleset.auth is None: - raise Exception("auth is not available for scaleset") - - with ssh_connect( - ip, scaleset.auth.private_key, port=port, call=True, command=command - ): - return - - class DebugTask(Command): """Debug a specific task""" @@ -202,26 +62,6 @@ def _get_node( raise Exception("unable to find scaleset node running on task") - def ssh( - self, - task_id: UUID_EXPANSION, - *, - node_id: Optional[UUID] = None, - duration: Optional[int] = 1, - ) -> None: - scaleset_id, node_id = self._get_node(task_id, node_id) - return self.onefuzz.debug.scalesets.ssh(scaleset_id, node_id, duration=duration) - - def rdp( - self, - task_id: UUID_EXPANSION, - *, - node_id: Optional[UUID] = None, - duration: Optional[int] = 1, - ) -> None: - scaleset_id, node_id = self._get_node(task_id, node_id) - return self.onefuzz.debug.scalesets.rdp(scaleset_id, node_id, duration=duration) - def libfuzzer_coverage( self, task_id: UUID_EXPANSION, @@ -276,37 +116,12 @@ def _get_task(self, job_id: UUID_EXPANSION, task_type: TaskType) -> UUID: "unable to find task type %s for job:%s" % (task_type.name, job_id) ) - def ssh( - self, - job_id: UUID_EXPANSION, - task_type: TaskType, - *, - duration: Optional[int] = 1, - ) -> None: - """SSH into the first node running the specified task type in the job""" - return self.onefuzz.debug.task.ssh( - self._get_task(job_id, task_type), duration=duration - ) - - def rdp( - self, - job_id: UUID_EXPANSION, - task_type: TaskType, - *, - duration: Optional[int] = 1, - ) -> None: - """RDP into the first node running the specified task type in the job""" - return self.onefuzz.debug.task.rdp( - self._get_task(job_id, task_type), duration=duration - ) - class DebugJob(Command): """Debug a specific Job""" def __init__(self, onefuzz: Any, logger: logging.Logger): super().__init__(onefuzz, logger) - self.task = DebugJobTask(onefuzz, logger) def libfuzzer_coverage( self, @@ -883,10 +698,7 @@ class Debug(Command): def __init__(self, onefuzz: Any, logger: logging.Logger): super().__init__(onefuzz, logger) - self.scalesets = DebugScaleset(onefuzz, logger) - self.repro = DebugRepro(onefuzz, logger) self.job = DebugJob(onefuzz, logger) self.notification = DebugNotification(onefuzz, logger) self.task = DebugTask(onefuzz, logger) self.logs = DebugLog(onefuzz, logger) - self.node = DebugNode(onefuzz, logger) diff --git a/src/cli/onefuzz/templates/__init__.py b/src/cli/onefuzz/templates/__init__.py index c7bb21d41a..a88db46303 100644 --- a/src/cli/onefuzz/templates/__init__.py +++ b/src/cli/onefuzz/templates/__init__.py @@ -6,6 +6,7 @@ import os import tempfile import zipfile +from datetime import timedelta from typing import Any, Dict, List, Optional, Tuple from uuid import uuid4 @@ -22,6 +23,30 @@ class StoppedEarly(Exception): pass +class ContainerTemplate: + def __init__( + self, + name: Container, + exists: bool, + *, + retention_period: Optional[timedelta] = None, + ): + self.name = name + self.retention_period = retention_period + # TODO: exists is not yet used/checked + self.exists = exists + + @staticmethod + def existing(name: Container) -> "ContainerTemplate": + return ContainerTemplate(name, True) + + @staticmethod + def fresh( + name: Container, *, retention_period: Optional[timedelta] = None + ) -> "ContainerTemplate": + return ContainerTemplate(name, False, retention_period=retention_period) + + class JobHelper: def __init__( self, @@ -59,7 +84,7 @@ def __init__( self.wait_for_running: bool = False self.wait_for_stopped: bool = False - self.containers: Dict[ContainerType, Container] = {} + self.containers: Dict[ContainerType, ContainerTemplate] = {} self.tags: Dict[str, str] = {"project": project, "name": name, "build": build} if job is None: self.onefuzz.versions.check() @@ -71,6 +96,20 @@ def __init__( else: self.job = job + def add_existing_container( + self, container_type: ContainerType, container: Container + ) -> None: + self.containers[container_type] = ContainerTemplate.existing(container) + + def container_name(self, container_type: ContainerType) -> Container: + return self.containers[container_type].name + + def container_names(self) -> Dict[ContainerType, Container]: + return { + container_type: container.name + for (container_type, container) in self.containers.items() + } + def define_containers(self, *types: ContainerType) -> None: """ Define default container set based on provided types @@ -79,13 +118,23 @@ def define_containers(self, *types: ContainerType) -> None: """ for container_type in types: - self.containers[container_type] = self.onefuzz.utils.build_container_name( + container_name = self.onefuzz.utils.build_container_name( container_type=container_type, project=self.project, name=self.name, build=self.build, platform=self.platform, ) + self.containers[container_type] = ContainerTemplate.fresh( + container_name, + retention_period=JobHelper._default_retention_period(container_type), + ) + + @staticmethod + def _default_retention_period(container_type: ContainerType) -> Optional[timedelta]: + if container_type == ContainerType.crashdumps: + return timedelta(days=90) + return None def get_unique_container_name(self, container_type: ContainerType) -> Container: return Container( @@ -97,11 +146,17 @@ def get_unique_container_name(self, container_type: ContainerType) -> Container: ) def create_containers(self) -> None: - for container_type, container_name in self.containers.items(): - self.logger.info("using container: %s", container_name) - self.onefuzz.containers.create( - container_name, metadata={"container_type": container_type.name} - ) + for container_type, container in self.containers.items(): + self.logger.info("using container: %s", container.name) + metadata = {"container_type": container_type.name} + if container.retention_period is not None: + # format as ISO8601 period + # NB: this must match the value used on the server side + metadata[ + "onefuzz_retentionperiod" + ] = f"P{container.retention_period.days}D" + + self.onefuzz.containers.create(container.name, metadata=metadata) def delete_container(self, container_name: Container) -> None: self.onefuzz.containers.delete(container_name) @@ -112,12 +167,12 @@ def setup_notifications(self, config: Optional[NotificationConfig]) -> None: containers: List[Container] = [] if ContainerType.unique_reports in self.containers: - containers.append(self.containers[ContainerType.unique_reports]) + containers.append(self.container_name(ContainerType.unique_reports)) else: - containers.append(self.containers[ContainerType.reports]) + containers.append(self.container_name(ContainerType.reports)) if ContainerType.regression_reports in self.containers: - containers.append(self.containers[ContainerType.regression_reports]) + containers.append(self.container_name(ContainerType.regression_reports)) for container in containers: self.logger.info("creating notification config for %s", container) @@ -141,25 +196,25 @@ def upload_setup( self.logger.info("uploading setup dir `%s`" % setup_dir) self.onefuzz.containers.files.upload_dir( - self.containers[ContainerType.setup], setup_dir + self.container_name(ContainerType.setup), setup_dir ) else: self.logger.info("uploading target exe `%s`" % target_exe) self.onefuzz.containers.files.upload_file( - self.containers[ContainerType.setup], target_exe + self.container_name(ContainerType.setup), target_exe ) pdb_path = os.path.splitext(target_exe)[0] + ".pdb" if os.path.exists(pdb_path): pdb_name = os.path.basename(pdb_path) self.onefuzz.containers.files.upload_file( - self.containers[ContainerType.setup], pdb_path, pdb_name + self.container_name(ContainerType.setup), pdb_path, pdb_name ) if setup_files: for filename in setup_files: self.logger.info("uploading %s", filename) self.onefuzz.containers.files.upload_file( - self.containers[ContainerType.setup], filename + self.container_name(ContainerType.setup), filename ) def upload_inputs(self, path: Directory, read_only: bool = False) -> None: @@ -167,7 +222,9 @@ def upload_inputs(self, path: Directory, read_only: bool = False) -> None: container_type = ContainerType.inputs if read_only: container_type = ContainerType.readonly_inputs - self.onefuzz.containers.files.upload_dir(self.containers[container_type], path) + self.onefuzz.containers.files.upload_dir( + self.container_name(container_type), path + ) def upload_inputs_zip(self, path: File) -> None: with tempfile.TemporaryDirectory() as tmp_dir: @@ -176,7 +233,7 @@ def upload_inputs_zip(self, path: File) -> None: self.logger.info("uploading inputs from zip: `%s`" % path) self.onefuzz.containers.files.upload_dir( - self.containers[ContainerType.inputs], Directory(tmp_dir) + self.container_name(ContainerType.inputs), Directory(tmp_dir) ) @classmethod @@ -195,8 +252,8 @@ def wait_on( wait_for_files = [] self.to_monitor = { - self.containers[x]: len( - self.onefuzz.containers.files.list(self.containers[x]).files + self.container_name(x): len( + self.onefuzz.containers.files.list(self.container_name(x)).files ) for x in wait_for_files } diff --git a/src/cli/onefuzz/templates/afl.py b/src/cli/onefuzz/templates/afl.py index d3019a19cf..e4d49233dc 100644 --- a/src/cli/onefuzz/templates/afl.py +++ b/src/cli/onefuzz/templates/afl.py @@ -98,7 +98,7 @@ def basic( if existing_inputs: self.onefuzz.containers.get(existing_inputs) - helper.containers[ContainerType.inputs] = existing_inputs + helper.add_existing_container(ContainerType.inputs, existing_inputs) else: helper.define_containers(ContainerType.inputs) @@ -112,7 +112,7 @@ def basic( if ( len( self.onefuzz.containers.files.list( - helper.containers[ContainerType.inputs] + helper.containers[ContainerType.inputs].name ).files ) == 0 @@ -131,16 +131,16 @@ def basic( containers = [ (ContainerType.tools, afl_container), - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.inputs, helper.containers[ContainerType.inputs]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.inputs, helper.container_name(ContainerType.inputs)), ] if extra_setup_container is not None: containers.append( ( ContainerType.extra_setup, - helper.containers[ContainerType.extra_setup], + extra_setup_container, ) ) @@ -169,12 +169,12 @@ def basic( ) report_containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.reports, helper.containers[ContainerType.reports]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), ( ContainerType.unique_reports, - helper.containers[ContainerType.unique_reports], + helper.container_name(ContainerType.unique_reports), ), ] @@ -182,7 +182,7 @@ def basic( report_containers.append( ( ContainerType.extra_setup, - helper.containers[ContainerType.extra_setup], + helper.container_name(ContainerType.extra_setup), ) ) diff --git a/src/cli/onefuzz/templates/libfuzzer.py b/src/cli/onefuzz/templates/libfuzzer.py index 7716cfefed..f487372121 100644 --- a/src/cli/onefuzz/templates/libfuzzer.py +++ b/src/cli/onefuzz/templates/libfuzzer.py @@ -85,7 +85,7 @@ def _create_tasks( task_env: Optional[Dict[str, str]] = None, ) -> None: target_options = target_options or [] - regression_containers = [ + regression_containers: List[Tuple[ContainerType, Container]] = [ (ContainerType.setup, containers[ContainerType.setup]), (ContainerType.crashes, containers[ContainerType.crashes]), (ContainerType.unique_reports, containers[ContainerType.unique_reports]), @@ -129,7 +129,7 @@ def _create_tasks( task_env=task_env, ) - fuzzer_containers = [ + fuzzer_containers: List[Tuple[ContainerType, Container]] = [ (ContainerType.setup, containers[ContainerType.setup]), (ContainerType.crashes, containers[ContainerType.crashes]), (ContainerType.crashdumps, containers[ContainerType.crashdumps]), @@ -184,7 +184,7 @@ def _create_tasks( prereq_tasks = [fuzzer_task.task_id, regression_task.task_id] - coverage_containers = [ + coverage_containers: List[Tuple[ContainerType, Container]] = [ (ContainerType.setup, containers[ContainerType.setup]), (ContainerType.coverage, containers[ContainerType.coverage]), (ContainerType.readonly_inputs, containers[ContainerType.inputs]), @@ -245,7 +245,7 @@ def _create_tasks( task_env=task_env, ) - report_containers = [ + report_containers: List[Tuple[ContainerType, Container]] = [ (ContainerType.setup, containers[ContainerType.setup]), (ContainerType.crashes, containers[ContainerType.crashes]), (ContainerType.reports, containers[ContainerType.reports]), @@ -285,7 +285,7 @@ def _create_tasks( if analyzer_exe is not None: self.logger.info("creating custom analysis") - analysis_containers = [ + analysis_containers: List[Tuple[ContainerType, Container]] = [ (ContainerType.setup, containers[ContainerType.setup]), (ContainerType.analysis, containers[ContainerType.analysis]), (ContainerType.crashes, containers[ContainerType.crashes]), @@ -428,15 +428,17 @@ def basic( ) if existing_inputs: - helper.containers[ContainerType.inputs] = existing_inputs + helper.add_existing_container(ContainerType.inputs, existing_inputs) else: helper.define_containers(ContainerType.inputs) if readonly_inputs: - helper.containers[ContainerType.readonly_inputs] = readonly_inputs + helper.add_existing_container( + ContainerType.readonly_inputs, readonly_inputs + ) if crashes: - helper.containers[ContainerType.crashes] = crashes + helper.add_existing_container(ContainerType.crashes, crashes) if analyzer_exe is not None: helper.define_containers(ContainerType.analysis) @@ -465,17 +467,19 @@ def basic( else: source_allowlist_blob_name = None - containers = helper.containers - if extra_setup_container is not None: - containers[ContainerType.extra_setup] = extra_setup_container + helper.add_existing_container( + ContainerType.extra_setup, extra_setup_container + ) if extra_output_container is not None: - containers[ContainerType.extra_output] = extra_output_container + helper.add_existing_container( + ContainerType.extra_output, extra_output_container + ) self._create_tasks( job=helper.job, - containers=containers, + containers=helper.container_names(), pool_name=pool_name, target_exe=target_exe_blob_name, vm_count=vm_count, @@ -600,19 +604,35 @@ def merge( target_exe_blob_name = helper.setup_relative_blob_name(target_exe, setup_dir) merge_containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - ( - ContainerType.unique_inputs, - output_container or helper.containers[ContainerType.unique_inputs], - ), + (ContainerType.setup, helper.container_name(ContainerType.setup)), ] + if output_container: + merge_containers.append( + ( + ContainerType.unique_inputs, + output_container, + ) + ) + else: + merge_containers.append( + ( + ContainerType.unique_inputs, + helper.container_name(ContainerType.unique_inputs), + ) + ) + if extra_setup_container is not None: - merge_containers.append((ContainerType.extra_setup, extra_setup_container)) + merge_containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) if inputs: merge_containers.append( - (ContainerType.inputs, helper.containers[ContainerType.inputs]) + (ContainerType.inputs, helper.container_name(ContainerType.inputs)) ) if existing_inputs: for existing_container in existing_inputs: @@ -735,18 +755,18 @@ def dotnet( ContainerType.no_repro, ) - containers = helper.containers - if existing_inputs: - helper.containers[ContainerType.inputs] = existing_inputs + helper.add_existing_container(ContainerType.inputs, existing_inputs) else: helper.define_containers(ContainerType.inputs) if readonly_inputs: - helper.containers[ContainerType.readonly_inputs] = readonly_inputs + helper.add_existing_container( + ContainerType.readonly_inputs, readonly_inputs + ) if crashes: - helper.containers[ContainerType.crashes] = crashes + helper.add_existing_container(ContainerType.crashes, crashes) # Assumes that `libfuzzer-dotnet` and supporting tools were uploaded upon deployment. fuzzer_tools_container = Container( @@ -754,15 +774,20 @@ def dotnet( ) fuzzer_containers = [ - (ContainerType.setup, containers[ContainerType.setup]), - (ContainerType.crashes, containers[ContainerType.crashes]), - (ContainerType.crashdumps, containers[ContainerType.crashdumps]), - (ContainerType.inputs, containers[ContainerType.inputs]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.crashdumps, helper.container_name(ContainerType.crashdumps)), + (ContainerType.inputs, helper.container_name(ContainerType.inputs)), (ContainerType.tools, fuzzer_tools_container), ] if extra_setup_container is not None: - fuzzer_containers.append((ContainerType.extra_setup, extra_setup_container)) + fuzzer_containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) helper.create_containers() helper.setup_notifications(notification_config) @@ -814,15 +839,21 @@ def dotnet( libfuzzer_dotnet_loader_dll = LIBFUZZER_DOTNET_LOADER_PATH coverage_containers = [ - (ContainerType.setup, containers[ContainerType.setup]), - (ContainerType.coverage, containers[ContainerType.coverage]), - (ContainerType.readonly_inputs, containers[ContainerType.inputs]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.coverage, helper.container_name(ContainerType.coverage)), + ( + ContainerType.readonly_inputs, + helper.container_name(ContainerType.inputs), + ), (ContainerType.tools, fuzzer_tools_container), ] if extra_setup_container is not None: coverage_containers.append( - (ContainerType.extra_setup, extra_setup_container) + ( + ContainerType.extra_setup, + extra_setup_container, + ) ) self.logger.info("creating `dotnet_coverage` task") @@ -846,16 +877,24 @@ def dotnet( ) report_containers = [ - (ContainerType.setup, containers[ContainerType.setup]), - (ContainerType.crashes, containers[ContainerType.crashes]), - (ContainerType.reports, containers[ContainerType.reports]), - (ContainerType.unique_reports, containers[ContainerType.unique_reports]), - (ContainerType.no_repro, containers[ContainerType.no_repro]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), + ( + ContainerType.unique_reports, + helper.container_name(ContainerType.unique_reports), + ), + (ContainerType.no_repro, helper.container_name(ContainerType.no_repro)), (ContainerType.tools, fuzzer_tools_container), ] if extra_setup_container is not None: - report_containers.append((ContainerType.extra_setup, extra_setup_container)) + report_containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) self.logger.info("creating `dotnet_crash_report` task") self.onefuzz.tasks.create( @@ -972,27 +1011,37 @@ def qemu_user( if existing_inputs: self.onefuzz.containers.get(existing_inputs) # ensure it exists - helper.containers[ContainerType.inputs] = existing_inputs + helper.add_existing_container(ContainerType.inputs, existing_inputs) else: helper.define_containers(ContainerType.inputs) if crashes: self.onefuzz.containers.get(crashes) - helper.containers[ContainerType.crashes] = crashes + helper.add_existing_container(ContainerType.crashes, crashes) fuzzer_containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.crashdumps, helper.containers[ContainerType.crashdumps]), - (ContainerType.inputs, helper.containers[ContainerType.inputs]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.crashdumps, helper.container_name(ContainerType.crashdumps)), + (ContainerType.inputs, helper.container_name(ContainerType.inputs)), ] if extra_setup_container is not None: - fuzzer_containers.append((ContainerType.extra_setup, extra_setup_container)) + fuzzer_containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) if readonly_inputs is not None: self.onefuzz.containers.get(readonly_inputs) # ensure it exists - fuzzer_containers.append((ContainerType.readonly_inputs, readonly_inputs)) + fuzzer_containers.append( + ( + ContainerType.readonly_inputs, + readonly_inputs, + ) + ) helper.create_containers() @@ -1079,18 +1128,23 @@ def qemu_user( ) report_containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.reports, helper.containers[ContainerType.reports]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), ( ContainerType.unique_reports, - helper.containers[ContainerType.unique_reports], + helper.container_name(ContainerType.unique_reports), ), - (ContainerType.no_repro, helper.containers[ContainerType.no_repro]), + (ContainerType.no_repro, helper.container_name(ContainerType.no_repro)), ] if extra_setup_container is not None: - report_containers.append((ContainerType.extra_setup, extra_setup_container)) + report_containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) self.logger.info("creating libfuzzer_crash_report task") self.onefuzz.tasks.create( diff --git a/src/cli/onefuzz/templates/ossfuzz.py b/src/cli/onefuzz/templates/ossfuzz.py index fde1da0708..94024add83 100644 --- a/src/cli/onefuzz/templates/ossfuzz.py +++ b/src/cli/onefuzz/templates/ossfuzz.py @@ -215,13 +215,15 @@ def libfuzzer( ) if extra_setup_container is not None: - helper.containers[ContainerType.extra_setup] = extra_setup_container + helper.add_existing_container( + ContainerType.extra_setup, extra_setup_container + ) helper.create_containers() helper.setup_notifications(notification_config) dst_sas = self.onefuzz.containers.get( - helper.containers[ContainerType.setup] + helper.containers[ContainerType.setup].name ).sas_url self._copy_exe(container_sas["build"], dst_sas, File(fuzzer)) self._copy_all(container_sas["base"], dst_sas) @@ -245,7 +247,7 @@ def libfuzzer( self.onefuzz.template.libfuzzer._create_tasks( job=base_helper.job, - containers=helper.containers, + containers=helper.container_names(), pool_name=pool_name, target_exe=fuzzer_blob_name, vm_count=VM_COUNT, diff --git a/src/cli/onefuzz/templates/radamsa.py b/src/cli/onefuzz/templates/radamsa.py index ea0b57fdb3..d9ec34e15f 100644 --- a/src/cli/onefuzz/templates/radamsa.py +++ b/src/cli/onefuzz/templates/radamsa.py @@ -3,7 +3,7 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. -from typing import Dict, List, Optional +from typing import Dict, List, Optional, Tuple from onefuzztypes.enums import OS, ContainerType, TaskDebugFlag, TaskType from onefuzztypes.models import Job, NotificationConfig @@ -94,7 +94,9 @@ def basic( if existing_inputs: self.onefuzz.containers.get(existing_inputs) - helper.containers[ContainerType.readonly_inputs] = existing_inputs + helper.add_existing_container( + ContainerType.readonly_inputs, existing_inputs + ) else: helper.define_containers(ContainerType.readonly_inputs) helper.create_containers() @@ -108,7 +110,7 @@ def basic( if ( len( self.onefuzz.containers.files.list( - helper.containers[ContainerType.readonly_inputs] + helper.containers[ContainerType.readonly_inputs].name ).files ) == 0 @@ -147,18 +149,23 @@ def basic( self.logger.info("creating radamsa task") - containers = [ + containers: List[Tuple[ContainerType, Container]] = [ (ContainerType.tools, tools), - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), ( ContainerType.readonly_inputs, - helper.containers[ContainerType.readonly_inputs], + helper.container_name(ContainerType.readonly_inputs), ), ] if extra_setup_container is not None: - containers.append((ContainerType.extra_setup, extra_setup_container)) + containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) fuzzer_task = self.onefuzz.tasks.create( helper.job.job_id, @@ -183,18 +190,23 @@ def basic( ) report_containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.reports, helper.containers[ContainerType.reports]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), ( ContainerType.unique_reports, - helper.containers[ContainerType.unique_reports], + helper.container_name(ContainerType.unique_reports), ), - (ContainerType.no_repro, helper.containers[ContainerType.no_repro]), + (ContainerType.no_repro, helper.container_name(ContainerType.no_repro)), ] if extra_setup_container is not None: - report_containers.append((ContainerType.extra_setup, extra_setup_container)) + report_containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) self.logger.info("creating generic_crash_report task") self.onefuzz.tasks.create( @@ -233,15 +245,18 @@ def basic( self.logger.info("creating custom analysis") analysis_containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), (ContainerType.tools, tools), - (ContainerType.analysis, helper.containers[ContainerType.analysis]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), + (ContainerType.analysis, helper.container_name(ContainerType.analysis)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), ] if extra_setup_container is not None: analysis_containers.append( - (ContainerType.extra_setup, extra_setup_container) + ( + ContainerType.extra_setup, + extra_setup_container, + ) ) self.onefuzz.tasks.create( diff --git a/src/cli/onefuzz/templates/regression.py b/src/cli/onefuzz/templates/regression.py index 00d8a10c37..0aa2550da6 100644 --- a/src/cli/onefuzz/templates/regression.py +++ b/src/cli/onefuzz/templates/regression.py @@ -12,7 +12,7 @@ from onefuzz.api import Command -from . import JobHelper +from . import ContainerTemplate, JobHelper class Regression(Command): @@ -207,31 +207,36 @@ def _create_job( ) containers = [ - (ContainerType.setup, helper.containers[ContainerType.setup]), - (ContainerType.crashes, helper.containers[ContainerType.crashes]), - (ContainerType.reports, helper.containers[ContainerType.reports]), - (ContainerType.no_repro, helper.containers[ContainerType.no_repro]), + (ContainerType.setup, helper.container_name(ContainerType.setup)), + (ContainerType.crashes, helper.container_name(ContainerType.crashes)), + (ContainerType.reports, helper.container_name(ContainerType.reports)), + (ContainerType.no_repro, helper.container_name(ContainerType.no_repro)), ( ContainerType.unique_reports, - helper.containers[ContainerType.unique_reports], + helper.container_name(ContainerType.unique_reports), ), ( ContainerType.regression_reports, - helper.containers[ContainerType.regression_reports], + helper.container_name(ContainerType.regression_reports), ), ] if extra_setup_container: - containers.append((ContainerType.extra_setup, extra_setup_container)) + containers.append( + ( + ContainerType.extra_setup, + extra_setup_container, + ) + ) if crashes: - helper.containers[ - ContainerType.readonly_inputs - ] = helper.get_unique_container_name(ContainerType.readonly_inputs) + helper.containers[ContainerType.readonly_inputs] = ContainerTemplate.fresh( + helper.get_unique_container_name(ContainerType.readonly_inputs) + ) containers.append( ( ContainerType.readonly_inputs, - helper.containers[ContainerType.readonly_inputs], + helper.container_name(ContainerType.readonly_inputs), ) ) @@ -239,7 +244,7 @@ def _create_job( if crashes: for file in crashes: self.onefuzz.containers.files.upload_file( - helper.containers[ContainerType.readonly_inputs], file + helper.container_name(ContainerType.readonly_inputs), file ) helper.setup_notifications(notification_config) @@ -276,7 +281,7 @@ def _create_job( if task.error: raise Exception("task failed: %s", task.error) - container = helper.containers[ContainerType.regression_reports] + container = helper.containers[ContainerType.regression_reports].name for filename in self.onefuzz.containers.files.list(container).files: self.logger.info("checking file: %s", filename) if self._check_regression(container, File(filename)): @@ -287,4 +292,6 @@ def _create_job( delete_input_container and ContainerType.readonly_inputs in helper.containers ): - helper.delete_container(helper.containers[ContainerType.readonly_inputs]) + helper.delete_container( + helper.containers[ContainerType.readonly_inputs].name + ) diff --git a/src/deployment/bicep-templates/feature-flags.bicep b/src/deployment/bicep-templates/feature-flags.bicep index a845d69a9d..46fccb0856 100644 --- a/src/deployment/bicep-templates/feature-flags.bicep +++ b/src/deployment/bicep-templates/feature-flags.bicep @@ -89,4 +89,17 @@ resource enableWorkItemCreation 'Microsoft.AppConfiguration/configurationStores/ } } +resource enableContainerRetentionPolicies 'Microsoft.AppConfiguration/configurationStores/keyValues@2021-10-01-preview' = { + parent: featureFlags + name: '.appconfig.featureflag~2FEnableContainerRetentionPolicies' + properties: { + value: string({ + id: 'EnableContainerRetentionPolicies' + description: 'Enable retention policies on containers' + enabled: true + }) + contentType: 'application/vnd.microsoft.appconfig.ff+json;charset=utf-8' + } +} + output AppConfigEndpoint string = 'https://${appConfigName}.azconfig.io' diff --git a/src/integration-tests/integration-test.py b/src/integration-tests/integration-test.py index 15ffcfb9fe..1ba572e3f3 100755 --- a/src/integration-tests/integration-test.py +++ b/src/integration-tests/integration-test.py @@ -244,7 +244,7 @@ class Integration(BaseModel): "--test:{extra_setup_dir}", "--write_test_file={extra_output_dir}/test.txt", ], - pool=PoolName("mariner") + pool=PoolName("mariner"), ), "windows-libfuzzer": Integration( template=TemplateType.libfuzzer, @@ -401,10 +401,13 @@ def try_info_get(data: Any) -> None: self.of.pools.create(name, OS.linux) self.logger.info("creating scaleset for pool: %s", name) self.of.scalesets.create( - name, pool_size, region=region, initial_size=pool_size, image="MicrosoftCBLMariner:cbl-mariner:cbl-mariner-2-gen2:latest" + name, + pool_size, + region=region, + initial_size=pool_size, + image="MicrosoftCBLMariner:cbl-mariner:cbl-mariner-2-gen2:latest", ) - class UnmanagedPool: def __init__( self, @@ -644,7 +647,7 @@ def launch( setup = Directory(os.path.join(setup, config.nested_setup_dir)) job: Optional[Job] = None - + job = self.build_job( duration, pool, target, config, setup, target_exe, inputs ) @@ -1277,7 +1280,7 @@ def check_logs_for_errors(self) -> None: if seen_errors: raise Exception("logs included errors") - + def build_pool_name(self, os_type: str) -> PoolName: return PoolName(f"testpool-{os_type}-{self.test_id}") @@ -1462,18 +1465,6 @@ def check_results( job_ids=job_ids, ) - if skip_repro: - self.logger.warning("not testing crash repro") - else: - self.check_repros( - test_id, - endpoint=endpoint, - authority=authority, - client_id=client_id, - client_secret=client_secret, - job_ids=job_ids, - ) - def test_unmanaged( self, samples: Directory, diff --git a/src/proxy-manager/Cargo.lock b/src/proxy-manager/Cargo.lock index ca4813995e..e86da294a7 100644 --- a/src/proxy-manager/Cargo.lock +++ b/src/proxy-manager/Cargo.lock @@ -43,16 +43,15 @@ dependencies = [ [[package]] name = "anstream" -version = "0.3.2" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163" +checksum = "b1f58811cfac344940f1a400b6e6231ce35171f614f26439e80f8c1465c5cc0c" dependencies = [ "anstyle", "anstyle-parse", "anstyle-query", "anstyle-wincon", "colorchoice", - "is-terminal", "utf8parse", ] @@ -82,9 +81,9 @@ dependencies = [ [[package]] name = "anstyle-wincon" -version = "1.0.2" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c677ab05e09154296dd37acecd46420c17b9713e8366facafa8fc0885167cf4c" +checksum = "58f54d10c6dfa51283a066ceab3ec1ab78d13fae00aa49243a45e4571fb79dfd" dependencies = [ "anstyle", "windows-sys", @@ -236,23 +235,22 @@ dependencies = [ [[package]] name = "clap" -version = "4.3.21" +version = "4.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c27cdf28c0f604ba3f512b0c9a409f8de8513e4816705deb0498b627e7c3a3fd" +checksum = "6a13b88d2c62ff462f88e4a121f17a82c1af05693a2f192b5c38d14de73c19f6" dependencies = [ "clap_builder", ] [[package]] name = "clap_builder" -version = "4.3.21" +version = "4.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08a9f1ab5e9f01a9b81f202e8562eb9a10de70abf9eaeac1be465c28b75aa4aa" +checksum = "2bb9faaa7c2ef94b2743a21f5a29e6f0010dff4caa69ac8e9d6cf8b6fa74da08" dependencies = [ "anstream", "anstyle", "clap_lex", - "once_cell", "strsim", ] @@ -1474,9 +1472,9 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.7.1" +version = "3.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc02fddf48964c42031a0b3fe0428320ecf3a73c401040fc0096f97794310651" +checksum = "cb94d2f3cc536af71caac6b6fcebf65860b347e7ce0cc9ebe8f70d3e521054ef" dependencies = [ "cfg-if", "fastrand", @@ -1531,9 +1529,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.30.0" +version = "1.32.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d3ce25f50619af8b0aec2eb23deebe84249e19e2ddd393a6e16e3300a6dadfd" +checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9" dependencies = [ "backtrace", "bytes", diff --git a/src/proxy-manager/Cargo.toml b/src/proxy-manager/Cargo.toml index c783e8d3aa..b2258e994b 100644 --- a/src/proxy-manager/Cargo.toml +++ b/src/proxy-manager/Cargo.toml @@ -20,7 +20,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" storage-queue = { path = "../agent/storage-queue" } thiserror = "1.0" -tokio = { version = "1.29", features = [ +tokio = { version = "1.32", features = [ "macros", "rt-multi-thread", "fs", @@ -31,4 +31,4 @@ reqwest-retry = { path = "../agent/reqwest-retry" } onefuzz-telemetry = { path = "../agent/onefuzz-telemetry" } uuid = { version = "1.4", features = ["serde"] } log = "0.4" -tempfile = "3.7.0" +tempfile = "3.8.0" diff --git a/src/pytypes/onefuzztypes/enums.py b/src/pytypes/onefuzztypes/enums.py index 4d59945c85..317325de0b 100644 --- a/src/pytypes/onefuzztypes/enums.py +++ b/src/pytypes/onefuzztypes/enums.py @@ -303,6 +303,8 @@ class ErrorCode(Enum): ADO_VALIDATION_UNEXPECTED_ERROR = 491 ADO_VALIDATION_MISSING_PAT_SCOPES = 492 ADO_VALIDATION_INVALID_PATH = 495 + ADO_VALIDATION_INVALID_PROJECT = 496 + INVALID_RETENTION_PERIOD = 497 # NB: if you update this enum, also update Enums.cs diff --git a/src/pytypes/onefuzztypes/models.py b/src/pytypes/onefuzztypes/models.py index a5f8139e97..c888621600 100644 --- a/src/pytypes/onefuzztypes/models.py +++ b/src/pytypes/onefuzztypes/models.py @@ -273,6 +273,7 @@ class ADOTemplate(BaseModel): unique_fields: List[str] comment: Optional[str] ado_fields: Dict[str, str] + ado_duplicate_fields: Optional[Dict[str, str]] on_duplicate: ADODuplicateTemplate # validator needed to convert auth_token to SecretData