as-test 1.0.11 → 1.0.13

package/bin/commands/fuzz-core.js

@@ -8,7 +8,8 @@ import { persistCrashRecord } from "../crash-store.js";
 const DEFAULT_CONFIG_PATH = path.join(process.cwd(), "./as-test.config.json");
 const MAGIC = Buffer.from("WIPC");
 const HEADER_SIZE = 9;
-export async function fuzz(configPath = DEFAULT_CONFIG_PATH, selectors = [], modeName, overrides = {}) {
+const MAX_DEFAULT_SEED = 0x7fffffff;
+export async function fuzz(configPath = DEFAULT_CONFIG_PATH, selectors = [], modeName, overrides = {}, fuzzerSelectors = []) {
     const loadedConfig = loadConfig(configPath, false);
     const mode = applyMode(loadedConfig, modeName);
     const config = resolveFuzzConfig(loadedConfig.fuzz, overrides);
@@ -24,7 +25,7 @@ export async function fuzz(configPath = DEFAULT_CONFIG_PATH, selectors = [], mod
         await build(configPath, [file], modeName, { coverage: false }, { target: "bindings", args: ["--use", "AS_TEST_FUZZ=1"], kind: "fuzz" });
         const buildFinishedAt = Date.now();
         const buildTime = buildFinishedAt - buildStartedAt;
-        results.push(await runFuzzTarget(file, mode.config.outDir, duplicateBasenames, config, buildStartedAt, buildFinishedAt, buildTime, modeName));
+        results.push(await runFuzzTarget(file, mode.config.outDir, duplicateBasenames, config, fuzzerSelectors, buildStartedAt, buildFinishedAt, buildTime, modeName));
     }
     return results;
 }
@@ -33,6 +34,9 @@ function resolveFuzzConfig(raw, overrides) {
     if (typeof overrides.seed == "number") {
         config.seed = overrides.seed;
     }
+    else if (config.seed < 0) {
+        config.seed = generateRandomSeed();
+    }
     if (typeof overrides.runs == "number") {
         config.runs = overrides.runs;
     }
@@ -50,6 +54,9 @@ function resolveFuzzConfig(raw, overrides) {
     }
     return config;
 }
+function generateRandomSeed() {
+    return Math.floor(Math.random() * (MAX_DEFAULT_SEED + 1));
+}
 function encodeRunsOverrideKind(kind) {
     switch (kind) {
         case "set":
@@ -62,7 +69,7 @@ function encodeRunsOverrideKind(kind) {
             return 4;
     }
 }
-async function runFuzzTarget(file, outDir, duplicateBasenames, config, buildStartedAt, buildFinishedAt, buildTime, modeName) {
+async function runFuzzTarget(file, outDir, duplicateBasenames, config, fuzzerSelectors, buildStartedAt, buildFinishedAt, buildTime, modeName) {
     const startedAt = Date.now();
     const artifact = resolveArtifactFileName(file, duplicateBasenames, modeName);
     const wasmPath = path.resolve(process.cwd(), outDir, artifact);
@@ -71,20 +78,56 @@ async function runFuzzTarget(file, outDir, duplicateBasenames, config, buildStar
     const binary = readFileSync(wasmPath);
     const module = new WebAssembly.Module(binary);
     let report = null;
+    let reportParseError = null;
+    const reportStream = {
+        sawChunkStart: false,
+        sawChunkEnd: false,
+        chunkCountExpected: 0,
+        chunkTotalBytesExpected: 0,
+        chunkFramesReceived: 0,
+        chunkBytesReceived: 0,
+        chunks: [],
+    };
     const captured = captureFrames((type, payload, respond) => {
         if (type == 0x02) {
             const event = JSON.parse(payload.toString("utf8"));
-            if (String(event.kind ?? "") == "fuzz:config") {
+            const kind = String(event.kind ?? "");
+            if (kind == "fuzz:config") {
                 const resolved = config;
                 respond(`${config.runs}\n${config.seed}\n${resolved.runsOverrideKind ?? 0}\n${resolved.runsOverrideValue ?? 0}`);
             }
+            else if (kind == "report:start") {
+                reportStream.sawChunkStart = true;
+                reportStream.sawChunkEnd = false;
+                reportStream.chunkCountExpected = Number(event.chunkCount ?? 0);
+                reportStream.chunkTotalBytesExpected = Number(event.totalBytes ?? 0);
+                reportStream.chunkFramesReceived = 0;
+                reportStream.chunkBytesReceived = 0;
+                reportStream.chunks = [];
+            }
+            else if (kind == "report:end") {
+                reportStream.sawChunkEnd = true;
+            }
             else {
                 respond("");
             }
             return;
         }
         if (type == 0x03) {
-            report = JSON.parse(payload.toString("utf8"));
+            if (reportStream.sawChunkStart && !reportStream.sawChunkEnd) {
+                reportStream.chunkFramesReceived++;
+                reportStream.chunkBytesReceived += payload.length;
+                reportStream.chunks.push(payload.toString("utf8"));
+            }
+            else {
+                try {
+                    report = JSON.parse(payload.toString("utf8"));
+                    reportParseError = null;
+                }
+                catch (error) {
+                    reportParseError = String(error);
+                }
+            }
         }
     });
     try {
@@ -119,14 +162,35 @@ async function runFuzzTarget(file, outDir, duplicateBasenames, config, buildStar
         };
     }
     const passthrough = captured.restore();
+    if (reportStream.sawChunkStart) {
+        if (reportStream.sawChunkEnd) {
+            const chunkedPayload = reportStream.chunks.join("");
+            try {
+                report = JSON.parse(chunkedPayload);
+                reportParseError = null;
+            }
+            catch (error) {
+                reportParseError = String(error);
+            }
+        }
+    }
     if (!report?.fuzzers) {
+        const diagnostics = [
+            `chunked=${reportStream.sawChunkStart ? "yes" : "no"}`,
+            `chunkStart=${reportStream.sawChunkStart ? "yes" : "no"}`,
+            `chunkEnd=${reportStream.sawChunkEnd ? "yes" : "no"}`,
+            `chunkFrames=${reportStream.chunkFramesReceived}`,
+            `expectedChunkFrames=${reportStream.chunkCountExpected}`,
+            `chunkBytes=${reportStream.chunkBytesReceived}`,
+            `expectedChunkBytes=${reportStream.chunkTotalBytesExpected}`,
+        ].join(", ");
         const crash = persistCrashRecord(config.crashDir, {
             kind: "fuzz",
             file,
             entryKey: buildFuzzCrashEntryKey(file, modeName ?? "default"),
             mode: modeName ?? "default",
             seed: config.seed,
-            error: `missing fuzz report payload from ${path.basename(file)}`,
+            error: `${reportParseError ? `invalid fuzz report payload: ${reportParseError}` : `missing fuzz report payload from ${path.basename(file)}`} (${diagnostics})`,
             stdout: passthrough.stdout,
             stderr: "",
         });
@@ -146,7 +210,10 @@ async function runFuzzTarget(file, outDir, duplicateBasenames, config, buildStar
         };
     }
     const crashFiles = [];
-    for (const fuzzer of report.fuzzers) {
+    const selectedFuzzers = fuzzerSelectors.length
+        ? filterSelectedFuzzers(report.fuzzers, fuzzerSelectors, file)
+        : report.fuzzers;
+    for (const fuzzer of selectedFuzzers) {
         if (fuzzer.failed <= 0 && fuzzer.crashed <= 0)
             continue;
         const firstFailureSeed = typeof fuzzer.failures?.[0]?.seed == "number"
@@ -158,7 +225,7 @@ async function runFuzzTarget(file, outDir, duplicateBasenames, config, buildStar
             entryKey: buildFuzzFailureEntryKey(file, fuzzer.name, modeName ?? "default"),
             mode: modeName ?? "default",
             seed: firstFailureSeed,
-            reproCommand: buildFuzzReproCommand(file, firstFailureSeed, modeName ?? "default", 1),
+            reproCommand: buildFuzzReproCommand(file, firstFailureSeed, modeName ?? "default", fuzzer.selector, 1),
             error: fuzzer.failure?.message ||
                 `fuzz failure in ${fuzzer.name} after ${fuzzer.runs} runs`,
             stdout: passthrough.stdout,
@@ -173,21 +240,49 @@ async function runFuzzTarget(file, outDir, duplicateBasenames, config, buildStar
         file,
         target: path.basename(file),
         modeName: modeName ?? "default",
-        runs: report.fuzzers.reduce((sum, item) => sum + item.runs, 0),
-        crashes: report.fuzzers.reduce((sum, item) => sum + item.crashed, 0),
+        runs: selectedFuzzers.reduce((sum, item) => sum + item.runs, 0),
+        crashes: selectedFuzzers.reduce((sum, item) => sum + item.crashed, 0),
         crashFiles,
         seed: config.seed,
         time: Date.now() - startedAt,
         buildTime,
         buildStartedAt,
         buildFinishedAt,
-        fuzzers: report.fuzzers,
+        fuzzers: selectedFuzzers,
     };
 }
-function buildFuzzReproCommand(file, seed, modeName, runs) {
+function filterSelectedFuzzers(fuzzers, selectors, file) {
+    const annotated = fuzzers.map((fuzzer) => ({
+        ...fuzzer,
+        selector: slugifyFuzzerSelector(fuzzer.name),
+    }));
+    const selected = new Set();
+    for (const selector of selectors) {
+        const slug = slugifyFuzzerSelector(selector);
+        if (!slug.length)
+            continue;
+        const matches = annotated.filter((fuzzer) => fuzzer.selector == slug);
+        if (!matches.length) {
+            throw new Error(`No fuzz targets matched "${selector}" in ${path.basename(file)}.`);
+        }
+        for (const match of matches) {
+            selected.add(match.selector);
+        }
+    }
+    return annotated.filter((fuzzer) => selected.has(fuzzer.selector ?? ""));
+}
+function slugifyFuzzerSelector(value) {
+    return value
+        .trim()
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, "-")
+        .replace(/^-+|-+$/g, "");
+}
+function buildFuzzReproCommand(file, seed, modeName, fuzzer, runs) {
     const modeArg = modeName != "default" ? ` --mode ${modeName}` : "";
+    const fuzzerArg = fuzzer?.length ? ` --fuzzer ${fuzzer}` : "";
     const runsArg = typeof runs == "number" ? ` --runs ${runs}` : "";
-    return `ast fuzz ${file}${modeArg} --seed ${seed}${runsArg}`;
+    return `ast fuzz ${file}${modeArg}${fuzzerArg} --seed ${seed}${runsArg}`;
 }
 function buildFuzzFailureEntryKey(file, name, modeName) {
     return `${path.basename(file).replace(/\.ts$/, "")}.${sanitizeEntryName(modeName)}.${sanitizeEntryName(name)}`;
@@ -260,12 +355,12 @@ function captureFrames(onFrame) {
         }
     });
     process.stdin.read = ((size) => {
-        const max = Number(size ?? 0);
+        const max = size == null ? 0 : Number(size);
         if (max > 0 && replies.length) {
             return dequeueReply(max);
         }
         if (originalRead) {
-            return originalRead(size);
+            return originalRead(size === null ? undefined : size);
         }
         return null;
     });

package/bin/commands/fuzz.js

@@ -1,10 +1,11 @@
 export async function executeFuzzCommand(rawArgs, configPath, selectedModes, deps) {
     const commandArgs = deps.resolveCommandArgs(rawArgs, "fuzz");
+    const fuzzerSelectors = deps.resolveFuzzerSelectors(rawArgs, "fuzz");
     const listFlags = deps.resolveListFlags(rawArgs, "fuzz");
     const modeTargets = deps.resolveExecutionModes(configPath, selectedModes);
     if (listFlags.list || listFlags.listModes) {
         await deps.listExecutionPlan("fuzz", configPath, commandArgs, modeTargets, listFlags);
         return;
     }
-    await deps.runFuzzModes(configPath, commandArgs, modeTargets, rawArgs);
+    await deps.runFuzzModes(configPath, commandArgs, fuzzerSelectors, modeTargets, rawArgs);
 }

package/bin/commands/init-core.js

@@ -472,7 +472,6 @@ function applyInit(root, target, example, fuzzExample, force) {
                 fuzz: {
                     input: ["assembly/__fuzz__/*.fuzz.ts"],
                     runs: 1000,
-                    seed: 1337,
                     target: "bindings",
                     corpusDir: ".as-test/corpus",
                     crashDir: ".as-test/crashes",