UA11-008 enhance gnatfuzz testing

Fix errors in the 'analyze_generate' test, and add a new
test to check the 'fuzz' workflow.

Change-Id: Ib27a9d4953c2a82c96300afbfcb0420e6664fd32

Author: setton

share/support/ui/gnatfuzz_view.py

@@ -109,7 +109,7 @@ def _selected_row(self):
     def debug_candidate(self, task):
         """Workflow to launch a debugger session on the given crash"""
         t = TargetWrapper("Build Main")
-        yield t.wait_on_execute(main_name="fuzz_test_harness.adb")
+        yield t.wait_on_execute(main_name="gnatfuzz-fuzz_test_harness.adb")
         proj = GPS.Project.root()
         exec = fuzz_executable()
         d = GPS.Debugger.spawn(

testsuite/tests/gnatfuzz.analyze_generate/test.py

@@ -30,7 +30,7 @@ def driver():
         if len(messages) > 0:
             break
 
-    gps_assert(len(messages) > 0, "No messages found after analyze")
+    gps_assert(len(messages) > 0, True, "No messages found after analyze")
     m = messages[0]
 
     # We have one "Fuzzable program" message: click on the action
@@ -44,4 +44,4 @@ def driver():
     yield wait_tasks()
 
     # Check that we've switched to the harness project
-    gps_assert(GPS.Project.root().name() == "Fuzz Testing", "wrong project name after generation")
+    gps_assert(GPS.Project.root().name(), "Fuzz_Test", "wrong project name after generation")

testsuite/tests/gnatfuzz.fuzz_simple/a.adb

@@ -0,0 +1,12 @@
+package body a is
+   procedure fuzzable (X : Integer) is
+      Y : Integer;
+   begin
+      Y := X + 1;
+      if Y > 2 then
+         Y := 2;
+      end if;
+   end;
+
+
+end a;

testsuite/tests/gnatfuzz.fuzz_simple/a.ads

@@ -0,0 +1,3 @@
+package a is
+   procedure fuzzable (X : Integer);
+end a;

testsuite/tests/gnatfuzz.fuzz_simple/p.gpr

@@ -0,0 +1,3 @@
+project p is
+  for Object_Dir use "obj";
+end p;

testsuite/tests/gnatfuzz.fuzz_simple/test.cmd

@@ -0,0 +1,16 @@
+if [ "`type gnatfuzz 2>/dev/null`" = "" ]; then
+  # Mark test as DEAD if gnatfuzz is not found
+  exit 99
+fi
+
+export AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES=1
+export AFL_SKIP_CPUFREQ=1
+
+# gnatfuzz analyze to find the fuzzable subprograms
+gnatfuzz analyze -Pp.gpr > /dev/null
+
+# gnatfuzz generate to generate a fuzz harness
+gnatfuzz generate -Pp.gpr --analysis obj/gnatfuzz/analyze.json --subprogram-id 1 -o harness > /dev/null
+
+# Run the test
+$GNATSTUDIO --load=python:test.py -P harness/fuzz_testing/fuzz_test.gpr

testsuite/tests/gnatfuzz.fuzz_simple/test.py

@@ -0,0 +1,88 @@
+"""Tests the behavior of the GNATfuzz integration, on the
+   "fuzz" parts of the workflow.
+"""
+
+from distutils.log import debug
+from gs_utils.internal.utils import (
+    run_test_driver,
+    timeout,
+    get_button_from_label,
+    get_widget_by_name,
+    get_window_by_title,
+    gps_assert,
+    idle_modal_dialog,
+    wait_for_mdi_child,
+)
+from pygps import double_click_events
+from pygps.tree import click_in_tree
+
+INCREMENTS_MS = 1000     # Timeout increments
+MAX_TIME_MS = 20 * 1000  # Max timeout wait
+
+@run_test_driver
+def driver():
+    # Launch a fuzzing session
+    yield idle_modal_dialog(lambda: GPS.execute_action("gnatfuzz fuzz workflow"))
+    yield wait_for_mdi_child("gnatfuzz fuzz")
+    dialog = get_window_by_title("gnatfuzz fuzz")
+    get_button_from_label("Execute", dialog).clicked()
+
+    yield wait_for_mdi_child("Fuzz Crashes")
+
+    view = get_widget_by_name("fuzz_crash_list_view")
+    model = view.get_model()
+
+    # Wait 20 seconds at most, until messages appear in the "Fuzz crashes" view
+
+    time_waited = 0
+
+    while time_waited < MAX_TIME_MS:
+        if len(model) > 0:
+            break
+        yield timeout(INCREMENTS_MS)
+        time_waited += INCREMENTS_MS
+
+    # Test the contents of the model: presence of the crash...
+    gps_assert(model[0][0], "1 (Crash)", "wrong contents in the first row")
+
+    # ... and the fact that the faulty parameter (causing integer overflow)
+    # is properly found by the fuzzer and displayed in the view.
+    gps_assert(
+        int(model[0, 0][1]),
+        2**31 - 1,
+        "wrong value for the parameter which causes the crash",
+    )
+
+    # We can stop fuzzing now that we've had one crash
+    GPS.execute_action("gnatfuzz fuzz workflow")
+
+    # Click in the view to launch a debug workflow
+    click_in_tree(view, path="0", events=double_click_events)
+
+    # Wait 20 seconds at most, until we have the right data in the debugger view
+
+    debugger_text = None
+
+    time_waited = 0
+
+    expected_text = "Y := X + 1"
+
+    while time_waited < MAX_TIME_MS:
+        yield timeout(INCREMENTS_MS)
+        time_waited += INCREMENTS_MS
+        d = None
+        try:
+            d = GPS.Debugger.get()
+        except GPS.Exception:
+            pass
+        if d is None:
+            continue
+        debugger_text = d.get_console().get_text()
+
+        # The debugger console should contain this
+        if expected_text in debugger_text:
+            break
+
+
+    gps_assert(expected_text in debugger_text, True,
+               f"{expected_text} didn't appear in output:\n{debugger_text}")

testsuite/tests/gnatfuzz.fuzz_simple/test.yaml

@@ -0,0 +1 @@
+title: 'gnatfuzz.fuzz_simple'