Replace the Suboptimal fuzz_tree.py Harness With a Better Alternative by DaveLak · Pull Request #1910 · gitpython-developers/GitPython (original) (raw)
As discussed in the initial fuzzing integration PR1, fuzz_tree.py's implementation was not ideal in terms of coverage and its reading/writing to hard-coded paths inside /tmp was problematic as (among other concerns), it causes intermittent crashes on ClusterFuzz2 when multiple workers execute the test at the same time on the same machine.
The changes here replace fuzz_tree.py completely with a completely new fuzz_repo.py fuzz target which:
- Uses
tempfile.TemporaryDirectory()to safely manage tmpdir creation and tear down, including during multi-worker execution runs. - Retains the same feature coverage as
fuzz_tree.py, but it also adds considerably more from much smaller data inputs and with less memory consumed (and it doesn't even have a seed corpus or target specific dictionary yet.) - Can likely be improved further in the future by exercising additional features of
Repoto the harness.
Here are some very rough stats to give a very rough idea of the difference:
| Metric | fuzz_repo.py (my local testing) | fuzz_tree.py (most recent successful CF run) |
|---|---|---|
| Coverage | 789 | 163 |
| Features | 1023 | 269 |
| Corpus | 19 entries / 57 bytes | 30 entries / 1872 bytes |
Note on License
Because fuzz_tree.py was removed and fuzz_repo.py was not derived from it, the Apache License call outs in the docs were also updated as they only apply to the singe fuzz_config.py file now.