upstream commit

implement a SIGINFO handler so we can discern a stuck
 fuzz test from a merely glacial one; prompted by and ok markus

regress/Makefile

@@ -96,7 +96,7 @@ CLEANFILES=	t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
 		regress.log failed-regress.log ssh-log-wrapper.sh \
 		sftp-server.sh sftp-server.log sftp.log setuid-allowed \
 		data ed25519-agent ed25519-agent.pub key.ed25519-512 \
-		key.ed25519-512.pub netcat
+		key.ed25519-512.pub netcat host_krl_* host_revoked_* user_*key*
 
 SUDO_CLEAN+=	/var/run/testdata_${USER} /var/run/keycommand_${USER}
 

regress/unittests/test_helper/fuzz.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: fuzz.c,v 1.4 2014/11/19 13:35:37 krw Exp $	*/
+/*	$OpenBSD: fuzz.c,v 1.5 2015/01/13 14:51:51 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -20,6 +20,7 @@
 #include "includes.h"
 
 #include <sys/types.h>
+#include <sys/uio.h>
 
 #include <assert.h>
 #include <ctype.h>
@@ -29,8 +30,11 @@
 #endif
 #include <stdlib.h>
 #include <string.h>
+#include <signal.h>
+#include <unistd.h>
 
 #include "test_helper.h"
+#include "atomicio.h"
 
 /* #define FUZZ_DEBUG */
 
@@ -95,59 +99,73 @@ fuzz_ntop(u_int n)
 	}
 }
 
+static int
+fuzz_fmt(struct fuzz *fuzz, char *s, size_t n)
+{
+	if (fuzz == NULL)
+		return -1;
+
+	switch (fuzz->strategy) {
+	case FUZZ_1_BIT_FLIP:
+		snprintf(s, n, "%s case %zu of %zu (bit: %zu)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    fuzz->o1, fuzz->slen * 8, fuzz->o1);
+		return 0;
+	case FUZZ_2_BIT_FLIP:
+		snprintf(s, n, "%s case %llu of %llu (bits: %zu, %zu)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    (((fuzz_ullong)fuzz->o2) * fuzz->slen * 8) + fuzz->o1,
+		    ((fuzz_ullong)fuzz->slen * 8) * fuzz->slen * 8,
+		    fuzz->o1, fuzz->o2);
+		return 0;
+	case FUZZ_1_BYTE_FLIP:
+		snprintf(s, n, "%s case %zu of %zu (byte: %zu)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    fuzz->o1, fuzz->slen, fuzz->o1);
+		return 0;
+	case FUZZ_2_BYTE_FLIP:
+		snprintf(s, n, "%s case %llu of %llu (bytes: %zu, %zu)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    (((fuzz_ullong)fuzz->o2) * fuzz->slen) + fuzz->o1,
+		    ((fuzz_ullong)fuzz->slen) * fuzz->slen,
+		    fuzz->o1, fuzz->o2);
+		return 0;
+	case FUZZ_TRUNCATE_START:
+		snprintf(s, n, "%s case %zu of %zu (offset: %zu)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    fuzz->o1, fuzz->slen, fuzz->o1);
+		return 0;
+	case FUZZ_TRUNCATE_END:
+		snprintf(s, n, "%s case %zu of %zu (offset: %zu)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    fuzz->o1, fuzz->slen, fuzz->o1);
+		return 0;
+	case FUZZ_BASE64:
+		assert(fuzz->o2 < sizeof(fuzz_b64chars) - 1);
+		snprintf(s, n, "%s case %llu of %llu (offset: %zu char: %c)\n",
+		    fuzz_ntop(fuzz->strategy),
+		    (fuzz->o1 * (fuzz_ullong)64) + fuzz->o2,
+		    fuzz->slen * (fuzz_ullong)64, fuzz->o1,
+		    fuzz_b64chars[fuzz->o2]);
+		return 0;
+	default:
+		return -1;
+		abort();
+	}
+}
+
 void
 fuzz_dump(struct fuzz *fuzz)
 {
 	u_char *p = fuzz_ptr(fuzz);
 	size_t i, j, len = fuzz_len(fuzz);
+	char buf[256];
 
-	switch (fuzz->strategy) {
+	if (fuzz_fmt(fuzz, buf, sizeof(buf)) != 0) {
-	case FUZZ_1_BIT_FLIP:
+		fprintf(stderr, "%s: fuzz invalid\n", __func__);
-		fprintf(stderr, "%s case %zu of %zu (bit: %zu)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    fuzz->o1, fuzz->slen * 8, fuzz->o1);
-		break;
-	case FUZZ_2_BIT_FLIP:
-		fprintf(stderr, "%s case %llu of %llu (bits: %zu, %zu)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    (((fuzz_ullong)fuzz->o2) * fuzz->slen * 8) + fuzz->o1,
-		    ((fuzz_ullong)fuzz->slen * 8) * fuzz->slen * 8,
-		    fuzz->o1, fuzz->o2);
-		break;
-	case FUZZ_1_BYTE_FLIP:
-		fprintf(stderr, "%s case %zu of %zu (byte: %zu)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    fuzz->o1, fuzz->slen, fuzz->o1);
-		break;
-	case FUZZ_2_BYTE_FLIP:
-		fprintf(stderr, "%s case %llu of %llu (bytes: %zu, %zu)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    (((fuzz_ullong)fuzz->o2) * fuzz->slen) + fuzz->o1,
-		    ((fuzz_ullong)fuzz->slen) * fuzz->slen,
-		    fuzz->o1, fuzz->o2);
-		break;
-	case FUZZ_TRUNCATE_START:
-		fprintf(stderr, "%s case %zu of %zu (offset: %zu)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    fuzz->o1, fuzz->slen, fuzz->o1);
-		break;
-	case FUZZ_TRUNCATE_END:
-		fprintf(stderr, "%s case %zu of %zu (offset: %zu)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    fuzz->o1, fuzz->slen, fuzz->o1);
-		break;
-	case FUZZ_BASE64:
-		assert(fuzz->o2 < sizeof(fuzz_b64chars) - 1);
-		fprintf(stderr, "%s case %llu of %llu (offset: %zu char: %c)\n",
-		    fuzz_ntop(fuzz->strategy),
-		    (fuzz->o1 * (fuzz_ullong)64) + fuzz->o2,
-		    fuzz->slen * (fuzz_ullong)64, fuzz->o1,
-		    fuzz_b64chars[fuzz->o2]);
-		break;
-	default:
 		abort();
 	}
-
+	fputs(buf, stderr);
 	fprintf(stderr, "fuzz context %p len = %zu\n", fuzz, len);
 	for (i = 0; i < len; i += 16) {
 		fprintf(stderr, "%.4zd: ", i);
@@ -170,6 +188,23 @@ fuzz_dump(struct fuzz *fuzz)
 	}
 }
 
+#ifdef SIGINFO
+static struct fuzz *last_fuzz;
+
+static void
+siginfo(int unused __unused)
+{
+	char buf[256];
+
+	test_info(buf, sizeof(buf));
+	atomicio(vwrite, STDERR_FILENO, buf, strlen(buf));
+	if (last_fuzz != NULL) {
+		fuzz_fmt(last_fuzz, buf, sizeof(buf));
+		atomicio(vwrite, STDERR_FILENO, buf, strlen(buf));
+	}
+}
+#endif
+
 struct fuzz *
 fuzz_begin(u_int strategies, const void *p, size_t l)
 {
@@ -189,6 +224,12 @@ fuzz_begin(u_int strategies, const void *p, size_t l)
 	FUZZ_DBG(("begin, ret = %p", ret));
 
 	fuzz_next(ret);
+
+#ifdef SIGINFO
+	last_fuzz = ret;
+	signal(SIGINFO, siginfo);
+#endif
+
 	return ret;
 }
 
@@ -196,6 +237,10 @@ void
 fuzz_cleanup(struct fuzz *fuzz)
 {
 	FUZZ_DBG(("cleanup, fuzz = %p", fuzz));
+#ifdef SIGINFO
+	last_fuzz = NULL;
+	signal(SIGINFO, SIG_DFL);
+#endif
 	assert(fuzz != NULL);
 	assert(fuzz->seed != NULL);
 	assert(fuzz->fuzzed != NULL);

regress/unittests/test_helper/test_helper.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: test_helper.c,v 1.2 2014/05/02 09:41:32 andre Exp $	*/
+/*	$OpenBSD: test_helper.c,v 1.3 2015/01/13 14:51:51 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -21,6 +21,7 @@
 
 #include <sys/types.h>
 #include <sys/param.h>
+#include <sys/uio.h>
 
 #include <fcntl.h>
 #include <stdio.h>
@@ -31,6 +32,7 @@
 #include <string.h>
 #include <assert.h>
 #include <unistd.h>
+#include <signal.h>
 
 #include <openssl/bn.h>
 
@@ -39,6 +41,7 @@
 #endif
 
 #include "test_helper.h"
+#include "atomicio.h"
 
 #define TEST_CHECK_INT(r, pred) do {		\
 		switch (pred) {			\
@@ -179,6 +182,24 @@ test_data_file(const char *name)
 	return ret;
 }
 
+void
+test_info(char *s, size_t len)
+{
+	snprintf(s, len, "In test %u - \"%s\"\n", test_number,
+	    active_test_name == NULL ? "<none>" : active_test_name);
+}
+
+#ifdef SIGINFO
+static void
+siginfo(int unused __unused)
+{
+	char buf[256];
+
+	test_info(buf, sizeof(buf));
+	atomicio(vwrite, STDERR_FILENO, buf, strlen(buf));
+}
+#endif
+
 void
 test_start(const char *n)
 {
@@ -187,6 +208,9 @@ test_start(const char *n)
 	if (verbose_mode)
 		printf("test %u - \"%s\": ", test_number, active_test_name);
 	test_number++;
+#ifdef SIGINFO
+	signal(SIGINFO, siginfo);
+#endif
 }
 
 void

regress/unittests/test_helper/test_helper.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: test_helper.h,v 1.3 2014/05/02 09:41:32 andre Exp $	*/
+/*	$OpenBSD: test_helper.h,v 1.4 2015/01/13 14:51:51 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -40,6 +40,7 @@ void tests(void);
 
 const char *test_data_file(const char *name);
 void test_start(const char *n);
+void test_info(char *s, size_t len);
 void set_onerror_func(test_onerror_func_t *f, void *ctx);
 void test_done(void);
 void ssl_err_check(const char *file, int line);