Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

testing: fuzz []byte arguments may be aliased slices #71831

Open
nikolaydubina opened this issue Feb 19, 2025 · 2 comments
Open

testing: fuzz []byte arguments may be aliased slices #71831

nikolaydubina opened this issue Feb 19, 2025 · 2 comments
Labels
BugReport Issues describing a possible bug in the Go implementation. NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.

Comments

@nikolaydubina
Copy link

Go version

go version go1.24.0 darwin/arm64

Output of go env in your module/workspace:

AR='ar'
CC='clang'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='clang++'
GCCGO='gccgo'
GO111MODULE=''
GOARCH='arm64'
GOARM64='v8.0'
GOAUTH='netrc'
GOBIN='//Users/nikolaydubina/go/bin'
GOCACHE='/Users/nikolaydubina/Library/Caches/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/Users/nikolaydubina/Library/Application Support/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -arch arm64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -ffile-prefix-map=/var/folders/dt/1y99_j6s0yj7y151_dr026gh0000gn/T/go-build1433113609=/tmp/go-build -gno-record-gcc-switches -fno-common'
GOHOSTARCH='arm64'
GOHOSTOS='darwin'
GOINSECURE=''
GOMOD='/Users/nikolaydubina/Workspace/go-fuzz-bytes-collision/go.mod'
GOMODCACHE='/Users/nikolaydubina/go/pkg/mod'
GONOPROXY='github.com/ndx-technologies'
GONOSUMDB='github.com/ndx-technologies'
GOOS='darwin'
GOPATH='/Users/nikolaydubina/go'
GOPRIVATE='github.com/ndx-technologies'
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/Users/nikolaydubina/Library/Application Support/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/darwin_arm64'
GOVCS=''
GOVERSION='go1.24.0'
GOWORK=''
PKG_CONFIG='pkg-config'

What did you do?

package main_test

import (
	"bytes"
	"testing"
)

func testCollisionTwoByteSlices(t *testing.T, a, b []byte) {
	aBefore := make([]byte, len(a))
	copy(aBefore, a)

	bBefore := make([]byte, len(b))
	copy(bBefore, b)

	aAfter := append(a, b...)

	if !bytes.Equal(aBefore, aAfter[:len(aBefore)]) {
		t.Error(aBefore, aAfter, a)
	}
	if !bytes.Equal(bBefore, b) {
		// WARNING: b nor bBefore was ever modified!
		t.Error(aBefore, bBefore, a, b, aAfter)
	}
}

func TestCollisionTwoByteSlices(t *testing.T) {
	// same test data from fuzz tests output files
	// fuzz tests keep adding files there, use any new file it creates
	a := []byte("\x8bl")
	b := []byte("\x8bl\xcef\x1ed\x05\x99\xbfu\xac\x1c")

	testCollisionTwoByteSlices(t, a, b)
}

func FuzzCollisionTwoByteSlices(f *testing.F) { f.Fuzz(testCollisionTwoByteSlices) }

Here is minimal example: https://github.com/nikolaydubina/go-fuzz-bytes-collision

What did you see happen?

$ go test -fuzz=FuzzCollisionTwoByteSlices .
fuzz: elapsed: 0s, gathering baseline coverage: 0/3 completed
fuzz: elapsed: 0s, gathering baseline coverage: 3/3 completed, now fuzzing with 16 workers
fuzz: minimizing 110-byte failing input file
fuzz: elapsed: 0s, minimizing
--- FAIL: FuzzCollisionTwoByteSlices (0.02s)
    --- FAIL: FuzzCollisionTwoByteSlices (0.00s)
        fuzz_byte_collision_test.go:22: [158 108 29 51] [158 108 29 51 108 5 153 191 132 158 108 5 153 117 5 153 191 117 140 28] [158 108 29 51] [158 108 29 51 158 108 29 51 108 5 153 191 132 158 108 5 153 117 5 153] [158 108 29 51 158 108 29 51 108 5 153 191 132 158 108 5 153 117 5 153 191 117 140 28]
    
    Failing input written to testdata/fuzz/FuzzCollisionTwoByteSlices/3fc7dfebadf0ffc6
    To re-run:
    go test -run=FuzzCollisionTwoByteSlices/3fc7dfebadf0ffc6
FAIL
exit status 1
FAIL    github.com/nikolaydubina/go-fuzz-bytes-collision        1.196s

keeps failing. each time it records new values to file. but manually running the same values in t.Test succeeds. also fuzz test passes "tests" before starting to fuzz, meaning even to fuzz test itself those values that it recorded is correct upon running again. this leads to believe something is wrong in "generation" / "first time creation of []byte args" step in fuzz tests.

What did you expect to see?

fuzz test should be ok, same as test above it

each argument to fuzz test (including []byte) should be independent from each other
@gabyhelp
Copy link

Related Issues

Related Code Changes

(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)

@gabyhelp gabyhelp added the BugReport Issues describing a possible bug in the Go implementation. label Feb 19, 2025
@seankhliao seankhliao changed the title testing: fuzz tests []byte arguments are colliding testing: fuzz []byte arguments may be overlapping slices Feb 19, 2025
@seankhliao seankhliao added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Feb 19, 2025
@Jorropo Jorropo changed the title testing: fuzz []byte arguments may be overlapping slices testing: fuzz []byte arguments may be aliased slices Feb 20, 2025
@seankhliao
Copy link
Member

a simple solution would probably be to slices.Clip before invoking the test function

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
BugReport Issues describing a possible bug in the Go implementation. NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nikolaydubina @seankhliao @gabyhelp