diff --git a/sh_script/fuzzing.sh b/sh_script/fuzzing.sh index 133ec9e8e..d79faa710 100644 --- a/sh_script/fuzzing.sh +++ b/sh_script/fuzzing.sh @@ -139,11 +139,6 @@ run_single_case() { echo $test_case | grep "^afl" if [ "$?" == "0" ];then echo "The test method is afl" - if [ "${collect_coverage}" == "YES" ]; then - export RUSTFLAGS="-C instrument-coverage" - export LLVM_PROFILE_FILE="fuzz-%p-%m.profraw" - find . -name "*.profraw" | xargs rm -rf - fi cargo_build=`cargo afl build --manifest-path fuzz/Cargo.toml --bin $test_case --features fuzz --no-default-features` if [ "$?" != "0" ];then @@ -174,8 +169,20 @@ run_single_case() { if [ "${collect_coverage}" == "YES" ]; then [ -d "${test_case}_cov" ] && rm -rf "${test_case}_cov" + rm -rf cov_profraw && mkdir -p cov_profraw + + # Build without AFL runtime for coverage replay + RUSTFLAGS="-C instrument-coverage" cargo build --manifest-path fuzz/Cargo.toml --bin $test_case --no-default-features + export LLVM_PROFILE_FILE="cov_profraw/fuzz-%p-%m.profraw" + + # Replay the AFL queue through the instrumented binary + find fuzz/artifacts/$test_case/default/queue -maxdepth 1 -type f | while read input; do + fuzz/target/debug/$test_case "$input" || true + done + unset LLVM_PROFILE_FILE - grcov . -s src --binary-path fuzz/target/debug/$test_case -t html --branch --ignore-not-existing -o "${test_case}_cov" + grcov cov_profraw -s src --binary-path fuzz/target/debug/ -t html --branch --ignore-not-existing -o "${test_case}_cov" + rm -rf cov_profraw fi fi popd @@ -208,7 +215,7 @@ run_single_case() { find . -name "*.profraw" | xargs rm -rf cargo fuzz coverage $test_case - grcov . -s src -b fuzz/target/x86_64-unknown-linux-gnu/release/$test_case -t html --branch --ignore-not-existing -o "${test_case}_fuzz_cov" + grcov fuzz/coverage/$test_case/raw -s src -b fuzz/target/x86_64-unknown-linux-gnu/release/ -t html --branch --ignore-not-existing -o "${test_case}_fuzz_cov" fi popd fi @@ -236,12 +243,12 @@ run_all_case(){ timeout $test_time cargo fuzz run $fuzz if [ "${collect_coverage}" == "YES" ]; then - if [ ! -d "${fuzz}_fuzz_cov" ]; then + if [ -d "${fuzz}_fuzz_cov" ]; then rm -rf ${fuzz}_fuzz_cov fi find . -name "*.profraw" | xargs rm -rf cargo fuzz coverage $fuzz - grcov . -s src -b fuzz/target/x86_64-unknown-linux-gnu/release/$fuzz -t html --branch --ignore-not-existing -o "${fuzz}_fuzz_cov" + grcov fuzz/coverage/$fuzz/raw -s src -b fuzz/target/x86_64-unknown-linux-gnu/release/ -t html --branch --ignore-not-existing -o "${fuzz}_fuzz_cov" fi done popd @@ -252,12 +259,6 @@ run_all_case(){ fuzz_list=$(cargo fuzz list) for fuzz in $fuzz_list;do if [[ "$fuzz" =~ "afl" ]];then - if [ "${collect_coverage}" == "YES" ]; then - export RUSTFLAGS="-C instrument-coverage" - export LLVM_PROFILE_FILE="fuzz-%p-%m.profraw" - find . -name "*.profraw" | xargs rm -rf - fi - cargo_build=`cargo afl build --manifest-path fuzz/Cargo.toml --bin $fuzz --features fuzz --no-default-features` if [ "$?" != "0" ];then echo "Error: Build execution failed" @@ -279,7 +280,20 @@ run_all_case(){ if [ -d "${fuzz}_cov" ]; then rm -rf "${fuzz}_cov" fi - grcov . -s src --binary-path fuzz/target/debug/$fuzz -t html --branch --ignore-not-existing -o "${fuzz}_cov" + rm -rf cov_profraw && mkdir -p cov_profraw + + # Build without AFL runtime for coverage replay + RUSTFLAGS="-C instrument-coverage" cargo build --manifest-path fuzz/Cargo.toml --bin $fuzz --no-default-features + export LLVM_PROFILE_FILE="cov_profraw/fuzz-%p-%m.profraw" + + # Replay the AFL queue through the instrumented binary + find fuzz/artifacts/$fuzz/default/queue -maxdepth 1 -type f | while read input; do + fuzz/target/debug/$fuzz "$input" || true + done + unset LLVM_PROFILE_FILE + + grcov cov_profraw -s src --binary-path fuzz/target/debug/ -t html --branch --ignore-not-existing -o "${fuzz}_cov" + rm -rf cov_profraw fi fi else diff --git a/sh_script/unit_test_coverage.sh b/sh_script/unit_test_coverage.sh index 646373567..47133b697 100644 --- a/sh_script/unit_test_coverage.sh +++ b/sh_script/unit_test_coverage.sh @@ -1,26 +1,22 @@ #!/bin/bash -if [[ ! $PWD =~ firmware.security.tdx.migtd.td$ ]];then - pushd .. -fi - -unittest_folders=( - "policy" - "migtd" -) +# Navigate to repo root if run from sh_script/ +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" +cd "$REPO_ROOT" export RUSTFLAGS="-Cinstrument-coverage" export LLVM_PROFILE_FILE="unittest-%p-%m.profraw" -find . -name "*.profraw" | xargs rm -rf +find . -name "*.profraw" -not -path "./deps/*" -delete -for path in ${unittest_folders[@]}; do - pushd $path - cargo test - popd -done +cargo test -p policy -p migtd -p crypto -p virtio -p vsock -grcov . --binary-path ./target/debug/ -s . -t html --branch --ignore-not-existing -o unit_test_coverage +grcov . --binary-path ./target/debug/ -s . -t html --branch \ + --ignore-not-existing \ + --ignore "deps/*" \ + --ignore "target/*" \ + -o unit_test_coverage unset RUSTFLAGS unset LLVM_PROFILE_FILE diff --git a/src/std-support/rust-std-stub/Cargo.toml b/src/std-support/rust-std-stub/Cargo.toml index 96a7fcb20..9f25bea8e 100644 --- a/src/std-support/rust-std-stub/Cargo.toml +++ b/src/std-support/rust-std-stub/Cargo.toml @@ -8,6 +8,10 @@ license = "MIT" description = "for rustls no_std use, export rustls used functions, traits and structs in std" readme = "readme.md" +[features] +# Enable to run tests copied from std (requires nightly + full std environment) +std_tests = [] + [dependencies] sys_time = {path = "../sys_time"} diff --git a/src/std-support/rust-std-stub/src/io/error.rs b/src/std-support/rust-std-stub/src/io/error.rs index 3f54de856..f68998a6e 100644 --- a/src/std-support/rust-std-stub/src/io/error.rs +++ b/src/std-support/rust-std-stub/src/io/error.rs @@ -1,4 +1,5 @@ -#[cfg(test)] +// Tests require std features (format!, sys::decode_error_kind) unavailable in this no_std stub +#[cfg(all(test, feature = "std_tests"))] mod tests; use crate::error; diff --git a/src/std-support/rust-std-stub/src/io/impls.rs b/src/std-support/rust-std-stub/src/io/impls.rs index cf8a36a4c..cbe2009ba 100644 --- a/src/std-support/rust-std-stub/src/io/impls.rs +++ b/src/std-support/rust-std-stub/src/io/impls.rs @@ -1,4 +1,5 @@ -#[cfg(test)] +// Tests require #[bench] (unstable) and std prelude unavailable in this no_std stub +#[cfg(all(test, feature = "std_tests"))] mod tests; use crate::io::{self, Error, ErrorKind, Initializer, IoSlice, IoSliceMut, Read, Write}; diff --git a/src/std-support/sys_time/src/lib.rs b/src/std-support/sys_time/src/lib.rs index 944d1cdc2..f8bdda275 100644 --- a/src/std-support/sys_time/src/lib.rs +++ b/src/std-support/sys_time/src/lib.rs @@ -31,6 +31,7 @@ pub fn get_sys_time() -> Option { mod tests { use super::get_sys_time; #[test] + #[ignore = "requires x86 I/O port access (CMOS/RTC), segfaults in userspace"] fn it_works() { assert_ne!(get_sys_time().unwrap(), 0); }