test: Mock IBD in net_processing fuzzers #20332

pull MarcoFalke wants to merge 1 commits into bitcoin:master from MarcoFalke:2011-fuzzNet changing 6 files +56 −4
  1. MarcoFalke commented at 6:56 AM on November 7, 2020: member

    Without this the fuzzers fail to detect trivial crasher bugs, such as #20317 (comment)

  2. test: Mock IBD in net_processing fuzzers fa4234d877
  3. MarcoFalke added the label Tests on Nov 7, 2020
  5. practicalswift commented at 7:42 PM on November 7, 2020: contributor

    Concept ACK

    FWIW this is functionally equivalent to the local fuzzing harness modification that allowed me to find the recent wtxid crash bug. A vulnerability which luckily didn't make it to any release :)

  6. MarcoFalke commented at 9:21 AM on November 10, 2020: member

    @practicalswift Mind reviewing this? Without this, it is not possible to get meaningful coverage in net_processing. Also, I have more patches on top that increase coverage, which are blocked on this one.

  7. practicalswift commented at 10:14 AM on November 10, 2020: contributor

    @MarcoFalke Yes, of course: my plan is to code review this one and verify that it finds the recent wtxid crash bug today or tomorrow at latest :)

    Mutual review beg: Please consider reviewing the fuzzing PRs #19065 (May), #19203 (June), #19259 (June), #19288 (June), #19415 (June), #19972 (September) and #20188 (October) :)

    I urge anyone interested in increasing fuzzing coverage to review MarcoFalke's #20332 (this PR) and the fuzzers above: I want the fuzzing coverage to break the current plateau where we've resided at during the last few months. Let's get the fuzzing momentum moving again! :) 🚀

  8. practicalswift commented at 6:47 PM on November 10, 2020: contributor

    Tested ACK fa4234d877ea3193bfd0e18ff68dcb8fb84b47b5

    With this modification the fuzzer was able to find the recent wtxid crash bug (not part of any release luckily!) within a.) one minute if seeded with the Bitcoin Core qa-assets seed corpus, and b.) three hours if seeded from thin air (empty corpus). Thanks for fixing this!

    Really nice to see the fuzzers catch real issues long before they have a chance to make it to a release.

    <wish list> Now we only need something like OSS-Fuzz' CIFuzz (fuzzing of open PR:s) to catch issues like this before merge. OSS-Fuzz is open source in the form of ClusterFuzz. I hope that some day we'll have a dedicated Bitcoin Core private ClusterFuzz installation where the security team would have immediate access to crash cases.

    CI-Fuzz: "OSS-Fuzz offers CIFuzz, a GitHub action/CI job that runs your fuzz targets on pull requests. This works similarly to running unit tests in CI. CIFuzz helps you find and fix bugs before they make it into your codebase. Currently, CIFuzz only supports projects hosted on GitHub."

    ClusterFuzz: "ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz." </wish list>

  9. MarcoFalke merged this on Nov 10, 2020
  10. MarcoFalke closed this on Nov 10, 2020
  11. MarcoFalke deleted the branch on Nov 10, 2020
  12. sidhujag referenced this in commit bf9794723e on Nov 11, 2020
  13. DrahtBot locked this on Feb 15, 2022
Contributors
MarcoFalkepracticalswift
Labels
Tests
Linked (view graph)
#20317 Backport wtxid orphan fetch to v0.20
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-17 06:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me