fix: Make all the fuzzers work again, and add a test for protodump.

fuzz_select_target wasn't selecting anything, so fuzzers using that
function either did nothing or would only ever select one of the
functions.

.clusterfuzzlite/build.sh

@@ -1,6 +1,6 @@
 #!/bin/bash -eu
 
-FUZZ_TARGETS="bootstrap_fuzzer toxsave_fuzzer"
+FUZZ_TARGETS="bootstrap_fuzz_test toxsave_fuzz_test"
 
 # out of tree build
 cd "$WORK"

other/bootstrap_daemon/docker/tox-bootstrapd.sha256

@@ -1 +1 @@
-10597d4f10d996d850e7f1b5237bcd5c9242d6c6d5ada6c6297fe484052f31fd  /usr/local/bin/tox-bootstrapd
+5061f92a95ba45cfa49d78175fa8fb6e4d66a58d86634ea3fd3ae6d80cb0558a  /usr/local/bin/tox-bootstrapd

testing/coverage_live.sh

@@ -4,4 +4,4 @@
 cd ../
 
 # Run code coverage only on minized corpus to save time
-afl-cov --cover-corpus -d ./_afl_out --overwrite --live --coverage-cmd "_cov_build/bootstrap_fuzzer @@" --code-dir ../
+afl-cov --cover-corpus -d ./_afl_out --overwrite --live --coverage-cmd "_cov_build/bootstrap_fuzz_test @@" --code-dir ../

testing/distill_corpus.sh

@@ -1,7 +1,7 @@
 #!/bin/sh
 
-HARNESS_BIN="../_afl_build/bootstrap_fuzzer"
-COV_BIN="../_cov_build/bootstrap_fuzzer"
+HARNESS_BIN="../_afl_build/bootstrap_fuzz_test"
+COV_BIN="../_cov_build/bootstrap_fuzz_test"
 # move to repo root
 cd ../
 

testing/fuzzing/BUILD.bazel

@@ -1,6 +1,5 @@
-load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library")
+load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_test")
 load("@rules_fuzzing//fuzzing:cc_defs.bzl", "cc_fuzz_test")
-load("@rules_fuzzing//fuzzing/private:binary.bzl", "fuzzing_binary")  # buildifier: disable=bzl-visibility
 
 cc_library(
     name = "fuzz_support",
@@ -27,9 +26,9 @@ cc_library(
 cc_fuzz_test(
     name = "bootstrap_fuzz_test",
     size = "small",
-    srcs = ["bootstrap_harness.cc"],
+    srcs = ["bootstrap_fuzz_test.cc"],
     copts = ["-UNDEBUG"],
-    corpus = ["//tools/toktok-fuzzer/corpus:bootstrap_fuzzer"],
+    corpus = ["//tools/toktok-fuzzer/corpus:bootstrap_fuzz_test"],
     deps = [
         ":fuzz_support",
         ":fuzz_tox",
@@ -58,9 +57,9 @@ cc_fuzz_test(
 cc_fuzz_test(
     name = "toxsave_fuzz_test",
     size = "small",
-    srcs = ["toxsave_harness.cc"],
+    srcs = ["toxsave_fuzz_test.cc"],
     copts = ["-UNDEBUG"],
-    corpus = ["//tools/toktok-fuzzer/corpus:toxsave_fuzzer"],
+    corpus = ["//tools/toktok-fuzzer/corpus:toxsave_fuzz_test"],
     deps = [
         ":fuzz_support",
         "//c-toxcore/toxcore:tox",
@@ -80,12 +79,34 @@ cc_binary(
     ],
 )
 
-fuzzing_binary(
-    name = "protodump_bin",
-    testonly = True,
-    binary = ":protodump",
-    engine = "@rules_fuzzing//fuzzing:cc_engine",
+genrule(
+    name = "e2e_fuzz_test_init",
+    outs = [
+        "e2e_fuzz_test_init.dat",
+        "e2e_fuzz_test_bootstrap.dat",
+    ],
+    cmd = "$(location :protodump) $(location e2e_fuzz_test_init.dat) $(location e2e_fuzz_test_bootstrap.dat)",
+    tags = ["manual"],
+    tools = [":protodump"],
+)
+
+# bazel test --config=asan-libfuzzer //c-toxcore/testing/fuzzing:protodump_reduce_test
+cc_test(
+    name = "protodump_reduce_test",
+    size = "small",
+    srcs = ["protodump_reduce.cc"],
+    args = ["$(location :e2e_fuzz_test_init.dat)"],
+    copts = ["-UNDEBUG"],
+    data = [":e2e_fuzz_test_init.dat"],
     tags = ["manual"],
+    deps = [
+        ":fuzz_support",
+        ":fuzz_tox",
+        "//c-toxcore/toxcore:tox",
+        "//c-toxcore/toxcore:tox_dispatch",
+        "//c-toxcore/toxcore:tox_events",
+        "@rules_fuzzing//fuzzing:cc_engine",
+    ],
 )
 
 cc_fuzz_test(

testing/fuzzing/CMakeLists.txt

@@ -9,22 +9,18 @@ else()
 endif()
 
 function(fuzz_test target source_dir)
-  set(${target}_CORPUS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/toktok-fuzzer/corpus/${target}_fuzz_test)
-  file(GLOB ${target}_fuzz_CORPUS "${${target}_CORPUS_DIR}/*")
+  set(CORPUS_DIR ${CMAKE_CURRENT_SOURCE_DIR}/toktok-fuzzer/corpus/${target}_fuzz_test)
+  file(GLOB CORPUS "${CORPUS_DIR}/*")
   add_executable(${target}_fuzz_test ${source_dir}/${target}_fuzz_test.cc)
   target_link_libraries(${target}_fuzz_test PRIVATE toxcore_fuzz fuzz_support ${LIBFUZZER_LINKER_FLAGS})
-  if(${target}_fuzz_CORPUS)
-    add_test(NAME ${target}_fuzz COMMAND ${CROSSCOMPILING_EMULATOR} ${target}_fuzz_test -max_total_time=10 ${${target}_fuzz_CORPUS})
+  if(CORPUS)
+    add_test(NAME ${target}_fuzz COMMAND ${CROSSCOMPILING_EMULATOR} ${target}_fuzz_test -max_total_time=10 ${CORPUS})
+    set_property(TEST ${target}_fuzz PROPERTY ENVIRONMENT "LLVM_PROFILE_FILE=${target}.profraw;srcdir=${CMAKE_CURRENT_SOURCE_DIR}")
   endif()
 endfunction()
 
-# Fuzzes the toxsave API
-add_executable(toxsave_fuzzer toxsave_harness.cc)
-target_link_libraries(toxsave_fuzzer PRIVATE toxcore_fuzz fuzz_support ${LIBFUZZER_LINKER_FLAGS})
-
-# Fuzzes the bootstrap process
-add_executable(bootstrap_fuzzer bootstrap_harness.cc)
-target_link_libraries(bootstrap_fuzzer PRIVATE toxcore_fuzz fuzz_support ${LIBFUZZER_LINKER_FLAGS})
+fuzz_test(bootstrap        .)  # Fuzzes the bootstrap process
+fuzz_test(toxsave          .)  # Fuzzes the bootstrap process
 
 fuzz_test(DHT              ../../toxcore)
 fuzz_test(forwarding       ../../toxcore)

testing/fuzzing/bootstrap_harness.cc → testing/fuzzing/bootstrap_fuzz_test.cc

@@ -83,9 +83,12 @@ void setup_callbacks(Tox_Dispatch *dispatch)
         dispatch, [](Tox *tox, const Tox_Event_Friend_Request *event, void *user_data) {
             Tox_Err_Friend_Add err;
             tox_friend_add_norequest(tox, tox_event_friend_request_get_public_key(event), &err);
-            assert(err == TOX_ERR_FRIEND_ADD_OK || err == TOX_ERR_FRIEND_ADD_OWN_KEY
-                || err == TOX_ERR_FRIEND_ADD_ALREADY_SENT
-                || err == TOX_ERR_FRIEND_ADD_BAD_CHECKSUM);
+            if (!(err == TOX_ERR_FRIEND_ADD_OK || err == TOX_ERR_FRIEND_ADD_OWN_KEY
+                    || err == TOX_ERR_FRIEND_ADD_ALREADY_SENT
+                    || err == TOX_ERR_FRIEND_ADD_BAD_CHECKSUM
+                    || err == TOX_ERR_FRIEND_ADD_MALLOC)) {
+                printf("unexpected error: %s\n", tox_err_friend_add_to_string(err));
+            }
         });
     tox_events_callback_friend_status(
         dispatch, [](Tox *tox, const Tox_Event_Friend_Status *event, void *user_data) {
@@ -120,7 +123,7 @@ void TestBootstrap(Fuzz_Data &input)
         [](Tox *tox, Tox_Log_Level level, const char *file, uint32_t line, const char *func,
             const char *message, void *user_data) {
             // Log to stdout.
-            if (DEBUG) {
+            if (Fuzz_Data::DEBUG) {
                 std::printf("[tox1] %c %s:%d(%s): %s\n", tox_log_level_name(level), file, line,
                     func, message);
             }
@@ -167,7 +170,7 @@ void TestBootstrap(Fuzz_Data &input)
     assert(dispatch != nullptr);
     setup_callbacks(dispatch);
 
-    while (input.size > 0) {
+    while (!input.empty()) {
         Tox_Err_Events_Iterate error_iterate;
         Tox_Events *events = tox_events_iterate(tox, true, &error_iterate);
         assert(tox_events_equal(null_sys.sys.get(), events, events));

testing/fuzzing/e2e_fuzz_test.cc

@@ -110,9 +110,6 @@ void setup_callbacks(Tox_Dispatch *dispatch)
         dispatch, [](Tox *tox, const Tox_Event_Friend_Request *event, void *user_data) {
             Tox_Err_Friend_Add err;
             tox_friend_add_norequest(tox, tox_event_friend_request_get_public_key(event), &err);
-            assert(err == TOX_ERR_FRIEND_ADD_OK || err == TOX_ERR_FRIEND_ADD_OWN_KEY
-                || err == TOX_ERR_FRIEND_ADD_ALREADY_SENT
-                || err == TOX_ERR_FRIEND_ADD_BAD_CHECKSUM);
         });
     tox_events_callback_friend_status(
         dispatch, [](Tox *tox, const Tox_Event_Friend_Status *event, void *user_data) {
@@ -147,7 +144,7 @@ void TestEndToEnd(Fuzz_Data &input)
         [](Tox *tox, Tox_Log_Level level, const char *file, uint32_t line, const char *func,
             const char *message, void *user_data) {
             // Log to stdout.
-            if (DEBUG) {
+            if (Fuzz_Data::DEBUG) {
                 std::printf("[tox1] %c %s:%d(%s): %s\n", tox_log_level_name(level), file, line,
                     func, message);
             }
@@ -170,7 +167,7 @@ void TestEndToEnd(Fuzz_Data &input)
     assert(dispatch != nullptr);
     setup_callbacks(dispatch);
 
-    while (input.size > 0) {
+    while (!input.empty()) {
         Tox_Err_Events_Iterate error_iterate;
         Tox_Events *events = tox_events_iterate(tox, true, &error_iterate);
         assert(tox_events_equal(null_sys.sys.get(), events, events));