mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-02-06 10:18:44 -05:00
8bb40d5f56
fa13e1b0c5build: Add option --enable-danger-fuzz-link-all (MarcoFalke)44444ba759fuzz: Link all targets once (MarcoFalke) Pull request description: Currently the linker is invoked more than 150 times when compiling with `--enable-fuzz`. This is problematic for several reasons: * It wastes disk space north of 20 GB, as all libraries and sanitizers are linked more than 150 times * It wastes CPU time, as the link step can practically not be cached (similar to ccache for object files) * It makes it a blocker to compile the fuzz tests by default for non-fuzz builds #19388, for the aforementioned reasons * The build file is several thousand lines of code, without doing anything meaningful except listing each fuzz target in a highly verbose manner * It makes writing new fuzz tests unnecessarily hard, as build system knowledge is required; Compare that to boost unit tests, which can be added by simply editing an existing cpp file * It encourages fuzz tests that re-use the `buffer` or assume the `buffer` to be concatenations of seeds, which increases complexity of seeds and complexity for the fuzz engine to explore; Thus reducing the effectiveness of the affected fuzz targets Fixes #20088 ACKs for top commit: practicalswift: Tested ACKfa13e1b0c5sipa: ACKfa13e1b0c5. Reviewed the code changes, and tested the 3 different test_runner.py modes (run once, merge, generate). I also tested building with the new --enable-danger-fuzz-link-all Tree-SHA512: 962ab33269ebd51810924c51266ecc62edd6ddf2fcd9a8c359ed906766f58c3f73c223f8d3cc49f2c60f0053f65e8bdd86ce9c19e673f8c2b3cd676e913f2642
157 lines
6.1 KiB
C++
157 lines
6.1 KiB
C++
// Copyright (c) 2020 The Bitcoin Core developers
|
|
// Distributed under the MIT software license, see the accompanying
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
#include <chainparams.h>
|
|
#include <chainparamsbase.h>
|
|
#include <net.h>
|
|
#include <netaddress.h>
|
|
#include <protocol.h>
|
|
#include <test/fuzz/FuzzedDataProvider.h>
|
|
#include <test/fuzz/fuzz.h>
|
|
#include <test/fuzz/util.h>
|
|
#include <util/translation.h>
|
|
|
|
#include <cstdint>
|
|
#include <vector>
|
|
|
|
void initialize_connman()
|
|
{
|
|
InitializeFuzzingContext();
|
|
}
|
|
|
|
FUZZ_TARGET_INIT(connman, initialize_connman)
|
|
{
|
|
FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
|
|
SetMockTime(ConsumeTime(fuzzed_data_provider));
|
|
CConnman connman{fuzzed_data_provider.ConsumeIntegral<uint64_t>(), fuzzed_data_provider.ConsumeIntegral<uint64_t>(), fuzzed_data_provider.ConsumeBool()};
|
|
CAddress random_address;
|
|
CNetAddr random_netaddr;
|
|
CNode random_node = ConsumeNode(fuzzed_data_provider);
|
|
CService random_service;
|
|
CSubNet random_subnet;
|
|
std::string random_string;
|
|
while (fuzzed_data_provider.ConsumeBool()) {
|
|
switch (fuzzed_data_provider.ConsumeIntegralInRange<int>(0, 28)) {
|
|
case 0:
|
|
random_address = ConsumeAddress(fuzzed_data_provider);
|
|
break;
|
|
case 1:
|
|
random_netaddr = ConsumeNetAddr(fuzzed_data_provider);
|
|
break;
|
|
case 2:
|
|
random_service = ConsumeService(fuzzed_data_provider);
|
|
break;
|
|
case 3:
|
|
random_subnet = ConsumeSubNet(fuzzed_data_provider);
|
|
break;
|
|
case 4:
|
|
random_string = fuzzed_data_provider.ConsumeRandomLengthString(64);
|
|
break;
|
|
case 5: {
|
|
std::vector<CAddress> addresses;
|
|
while (fuzzed_data_provider.ConsumeBool()) {
|
|
addresses.push_back(ConsumeAddress(fuzzed_data_provider));
|
|
}
|
|
// Limit nTimePenalty to int32_t to avoid signed integer overflow
|
|
(void)connman.AddNewAddresses(addresses, ConsumeAddress(fuzzed_data_provider), fuzzed_data_provider.ConsumeIntegral<int32_t>());
|
|
break;
|
|
}
|
|
case 6:
|
|
connman.AddNode(random_string);
|
|
break;
|
|
case 7:
|
|
connman.CheckIncomingNonce(fuzzed_data_provider.ConsumeIntegral<uint64_t>());
|
|
break;
|
|
case 8:
|
|
connman.DisconnectNode(fuzzed_data_provider.ConsumeIntegral<NodeId>());
|
|
break;
|
|
case 9:
|
|
connman.DisconnectNode(random_netaddr);
|
|
break;
|
|
case 10:
|
|
connman.DisconnectNode(random_string);
|
|
break;
|
|
case 11:
|
|
connman.DisconnectNode(random_subnet);
|
|
break;
|
|
case 12:
|
|
connman.ForEachNode([](auto) {});
|
|
break;
|
|
case 13:
|
|
connman.ForEachNodeThen([](auto) {}, []() {});
|
|
break;
|
|
case 14:
|
|
(void)connman.ForNode(fuzzed_data_provider.ConsumeIntegral<NodeId>(), [&](auto) { return fuzzed_data_provider.ConsumeBool(); });
|
|
break;
|
|
case 15:
|
|
(void)connman.GetAddresses(fuzzed_data_provider.ConsumeIntegral<size_t>(), fuzzed_data_provider.ConsumeIntegral<size_t>());
|
|
break;
|
|
case 16: {
|
|
(void)connman.GetAddresses(random_node, fuzzed_data_provider.ConsumeIntegral<size_t>(), fuzzed_data_provider.ConsumeIntegral<size_t>());
|
|
break;
|
|
}
|
|
case 17:
|
|
(void)connman.GetDeterministicRandomizer(fuzzed_data_provider.ConsumeIntegral<uint64_t>());
|
|
break;
|
|
case 18:
|
|
(void)connman.GetNodeCount(fuzzed_data_provider.PickValueInArray({CConnman::CONNECTIONS_NONE, CConnman::CONNECTIONS_IN, CConnman::CONNECTIONS_OUT, CConnman::CONNECTIONS_ALL}));
|
|
break;
|
|
case 19:
|
|
connman.MarkAddressGood(random_address);
|
|
break;
|
|
case 20:
|
|
(void)connman.OutboundTargetReached(fuzzed_data_provider.ConsumeBool());
|
|
break;
|
|
case 21:
|
|
// Limit now to int32_t to avoid signed integer overflow
|
|
(void)connman.PoissonNextSendInbound(fuzzed_data_provider.ConsumeIntegral<int32_t>(), fuzzed_data_provider.ConsumeIntegral<int>());
|
|
break;
|
|
case 22: {
|
|
CSerializedNetMsg serialized_net_msg;
|
|
serialized_net_msg.m_type = fuzzed_data_provider.ConsumeRandomLengthString(CMessageHeader::COMMAND_SIZE);
|
|
serialized_net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider);
|
|
connman.PushMessage(&random_node, std::move(serialized_net_msg));
|
|
break;
|
|
}
|
|
case 23:
|
|
connman.RemoveAddedNode(random_string);
|
|
break;
|
|
case 24: {
|
|
const std::vector<bool> asmap = ConsumeRandomLengthBitVector(fuzzed_data_provider);
|
|
if (SanityCheckASMap(asmap)) {
|
|
connman.SetAsmap(asmap);
|
|
}
|
|
break;
|
|
}
|
|
case 25:
|
|
connman.SetBestHeight(fuzzed_data_provider.ConsumeIntegral<int>());
|
|
break;
|
|
case 26:
|
|
connman.SetNetworkActive(fuzzed_data_provider.ConsumeBool());
|
|
break;
|
|
case 27:
|
|
connman.SetServices(random_service, static_cast<ServiceFlags>(fuzzed_data_provider.ConsumeIntegral<uint64_t>()));
|
|
break;
|
|
case 28:
|
|
connman.SetTryNewOutboundPeer(fuzzed_data_provider.ConsumeBool());
|
|
break;
|
|
}
|
|
}
|
|
(void)connman.GetAddedNodeInfo();
|
|
(void)connman.GetBestHeight();
|
|
(void)connman.GetExtraFullOutboundCount();
|
|
(void)connman.GetLocalServices();
|
|
(void)connman.GetMaxOutboundTarget();
|
|
(void)connman.GetMaxOutboundTimeframe();
|
|
(void)connman.GetMaxOutboundTimeLeftInCycle();
|
|
(void)connman.GetNetworkActive();
|
|
std::vector<CNodeStats> stats;
|
|
connman.GetNodeStats(stats);
|
|
(void)connman.GetOutboundTargetBytesLeft();
|
|
(void)connman.GetReceiveFloodSize();
|
|
(void)connman.GetTotalBytesRecv();
|
|
(void)connman.GetTotalBytesSent();
|
|
(void)connman.GetTryNewOutboundPeer();
|
|
(void)connman.GetUseAddrmanOutgoing();
|
|
}
|