Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

add srcview crate #1142

Merged
merged 8 commits into from
Aug 11, 2021
Merged

add srcview crate #1142

merged 8 commits into from
Aug 11, 2021

Conversation

jopletchMSFT
Copy link
Contributor

Summary of the Pull Request

srcview is a crate which ingests debug info (currently only PDB) and execution traces and then generates source/line based coverage report which can be visualized elsewhere (ADO, VSCode). Currently the only supported report format is Cobertura. The intent is that fuzzer authors can use these reports to identify gaps in their coverage and address them, as well as track the fuzzers efficacy over time.

PR Checklist

  • Applies to work item: #xxx
  • CLA signed. If not, go over here and sign the CLI.
  • Tests added/passed
  • Requires documentation to be updated
  • I've discussed this with core contributors already. If not checked, I'm ready to accept this work might be rejected in favor of a different grand plan. Issue number where discussion took place: #xxx

Info on Pull Request

The crate is reasonably documented -- cargo doc --open is probably the best current source of info.

This PR includes all the standalone srcview code, documentation, and tests. It does not include any integration work with the rest of the 1f repo.

In terms of specific integration work I'm aware of:

  • We will need to expose the allow and denylist regex's to the user via fuzzer job configuration
  • While we should be able to convert between coverage formats via iter.map(|(module, offset)| ModOff::new(module, offset)).collect(), we might want to introduce a ModOff collection type instead of just using a Vec. Open to feedback here.

Validation Steps Performed

The examples and documentation show usage and validation.

Copy link
Member

@ranweiler ranweiler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to add this header to the top of all source files:

// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.

src/agent/srcview/Cargo.toml Show resolved Hide resolved
src/agent/srcview/Cargo.toml Outdated Show resolved Hide resolved
src/agent/srcview/README.md Outdated Show resolved Hide resolved
src/agent/srcview/tests/srcview.rs Show resolved Hide resolved
@jopletchMSFT
Copy link
Contributor Author

I don't quite understand the current CI failure:

+ cargo audit --deny warnings --deny unmaintained --deny unsound --deny yanked --ignore RUSTSEC-2020-0016 --ignore RUSTSEC-2020-0036 --ignore RUSTSEC-2019-0036 --ignore RUSTSEC-2021-0065
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 323 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
error: not found: Couldn't load Cargo.lock: I/O operation failed: parse error: parse error: ambiguous dependency: nom
Error: Process completed with exit code 2.

the src/agent/Cargo.lock changes it presumably doesn't like as there are now two nom versions (5 and 6) present? Is this something you've encountered before?

@jopletchMSFT
Copy link
Contributor Author

Attaching example.pdb here because I cannot keep track of files to save my life.

example.pdb.txt

@bmc-msft
Copy link
Contributor

I don't quite understand the current CI failure:

+ cargo audit --deny warnings --deny unmaintained --deny unsound --deny yanked --ignore RUSTSEC-2020-0016 --ignore RUSTSEC-2020-0036 --ignore RUSTSEC-2019-0036 --ignore RUSTSEC-2021-0065
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 323 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
error: not found: Couldn't load Cargo.lock: I/O operation failed: parse error: parse error: ambiguous dependency: nom
Error: Process completed with exit code 2.

the src/agent/Cargo.lock changes it presumably doesn't like as there are now two nom versions (5 and 6) present? Is this something you've encountered before?

That's unique error from cargo-audit. We've had multiple versions of packages before.

I think what has happened is the existing dependency of nom being for 5.1.2 was not specified with a version.

If the prereqs are updated using cargo update, then the failure from cargo audit goes away.

@bmc-msft bmc-msft merged commit 332dfd9 into microsoft:main Aug 11, 2021
@jopletchMSFT jopletchMSFT deleted the srcview branch August 11, 2021 22:33
@ghost ghost locked as resolved and limited conversation to collaborators Sep 11, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants