I ran this for a long time with Sanitizers on and had no crashes; the average exec/sec also looks good to me. However, I would really appreciate it if some of the reviewers could try it on their machines too, and give their feedback.
DrahtBot
commented at 1:43 pm on July 13, 2023:
contributor
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.
DrahtBot added the label
Tests
on Jul 13, 2023
Ayush170-Future
commented at 1:49 pm on July 13, 2023:
contributor
In addition to this and CoinControl, I’m working on the FeeBumper and Spend files. The majority of my work in FeeBumper is finished, and I’ll open a PR for it as soon as we reach a conclusion on this PR.
I’m currently working on the Spend file, which should be finished this week or next, hopefully.
in
src/wallet/test/fuzz/crypter.cpp:42
in
6c98f4c137outdated
37+
38+ // Limiting the value of nRounds since it is otherwise uselessly expensive and causes a timeout when fuzzing.
39+ crypt.SetKeyFromPassphrase(/*strKeyData=*/secure_string,
40+ /*chSalt=*/ConsumeRandomLengthByteVector(fuzzed_data_provider),
41+ /*nRounds=*/fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(0, 25000),
42+ /*nDerivationMethod*/ nDerivationMethod);
brunoerg
commented at 2:26 pm on July 13, 2023:
contributor
ACK6c98f4c137c9d557c78ebd52379711ebbd23e24a
non blocker, just an idea: Perhaps we could have encrypt/decrypt stuff outside of LIMITED_WHILE and then we could have a call just to fill them. I suppose this way we would have more chance of decrypting a previous encrypted thing. Just an example:
0const unsigned int derivation_method = fuzzed_data_provider.ConsumeBool() ?0 : fuzzed_data_provider.ConsumeIntegral<unsigned int>();
in
src/wallet/test/fuzz/crypter.cpp:45
in
fe1a27153eoutdated
40+
41+ // Limiting the value of nRounds since it is otherwise uselessly expensive and causes a timeout when fuzzing.
42+ crypt.SetKeyFromPassphrase(/*strKeyData=*/secure_string,
43+ /*chSalt=*/ConsumeRandomLengthByteVector(fuzzed_data_provider),
44+ /*nRounds=*/fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(0, 25000),
45+ /*nDerivationMethod=*/ nDerivationMethod);
I don’t quite understand why the CI isn’t failing here. You’re using the new macro from #28065 but you haven’t rebased past that PR, so this shouldn’t work.
These are the errors that i get locally:
0wallet/test/fuzz/crypter.cpp:22:22: error: too many arguments provided to function-like macro invocation
1FUZZ_TARGET(crypter, .init = initialize_crypter)
2 ^
3./test/fuzz/fuzz.h:31:9: note: macro 'FUZZ_TARGET' defined here
4#define FUZZ_TARGET(name) \
5 ^
6wallet/test/fuzz/crypter.cpp:22:1: error: a type specifier is required for all declarations
7FUZZ_TARGET(crypter, .init = initialize_crypter)
8^
9wallet/test/fuzz/crypter.cpp:24:5: error: 'FuzzedDataProvider' does not refer to a value
10 FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
11 ^
12./test/fuzz/FuzzedDataProvider.h:31:7: note: declared here
13class FuzzedDataProvider {
14 ^
15wallet/test/fuzz/crypter.cpp:89:2: error: expected ';' after top level declarator
16}
17 ^
18 ;
194 errors generated.
CI does a “rebase” before each run. Generally this detects more issues (silent merge conflicts), and I think this is the first case that CI missed a compile failure of this kind. (Generally it is assumed that developers at a minimum try to compile their changes locally, so it would be odd to have a dedicated CI check for that, but maybe there should be?)
Now that we are moving to persistent workers, we can even compile all commits in a pull request. Maybe as a separate task on a runner where it doesn’t matter when the CI run takes a day or two?
I am not sure how much CPU we want to spend on this. It should only ever find an issue once every couple of months. And there could be quite a backlog easily. For example, 3 devs could each force push a 15 commit pull that touches serialize.h at the same time. So the cache would be useless and the CI would have to do 45 builds from scratch. (Assuming each takes half an hour, that’d be a day of backlog)
maflcko
commented at 5:46 pm on September 20, 2023:
In any case, should be trivial to implement by removing the if: github.event.pull_request.commits != 1 and git checkout HEAD~ from #28497 (comment)
This is out of the blue, but the reason I struggle to compile after each change is that I’m currently using a Windows 10 OS. And I can’t run Wallet Fuzz tests on my machine for some unknown reason. I’ve attempted Fuzz tests outside of Wallet code, and they run fine. I’ve also experimented with other Windows machines, and this issue seems to persists across all of them.
So, I’ve been using an Ubuntu VM for code testing. I’ve gone through Makefile.test.include, and everything appears to be in order. I’m uncertain about the reason of this problem here.
maflcko
commented at 2:23 pm on November 10, 2023:
Seems fine to report an issue about this, with exact steps to reproduce.
Yes, I’m on it. Will try to reproduce it once again and create an issue then.
dergoegge changes_requested
Ayush170-Future force-pushed
on Aug 3, 2023
Ayush170-Future
commented at 6:20 pm on August 3, 2023:
contributor
Thank you for pointing this up, @dergoegge. Actually, I thought it was just a one-line change and became overly relaxed about it. But I’m sorry, and from now on I’ll compile before pushing every time.
I’m also going to address your style nits in the next push.
Ayush170-Future force-pushed
on Aug 3, 2023
achow101 requested review from brunoerg
on Sep 20, 2023
achow101 requested review from achow101
on Sep 20, 2023
in
src/wallet/test/fuzz/crypter.cpp:10
in
066402c5c4outdated
maflcko
commented at 5:30 pm on September 20, 2023:
Is this needed?
From iwyu:
0wallet/test/fuzz/crypter.cpp should add these lines:
1#include<memory>// for unique_ptr
2#include<optional>// for optional
3#include<string>// for string
4#include<vector>// for vector
5#include"key.h"// for CKey
6#include"pubkey.h"// for CPubKey
7#include"support/allocators/secure.h"// for secure_allocator, SecureString
8#include"uint256.h"// for uint256
910wallet/test/fuzz/crypter.cpp should remove these lines:
11-#include <wallet/test/util.h>// lines 10-10
However, I think you could check if Encrypt returned true then you could try to decrypt it.
I believe it will attempt to Decrypt it, perhaps not instantly but eventually, so I suppose for a long Fuzz run it won’t matter much. Should I simply (void) it?
Ayush170-Future force-pushed
on Oct 21, 2023
Ayush170-Future
commented at 10:57 pm on October 21, 2023:
contributor
Rebased.
Removed the unnecessary <wallet/test/util.h> import.
Added (void) before the Encrypt function call.
DrahtBot added the label
CI failed
on Oct 22, 2023
Ayush170-Future force-pushed
on Oct 23, 2023
Ayush170-Future
commented at 6:49 pm on October 23, 2023:
contributor
I think check failures are coming after I rebased the code. Because my changes are very basic to produce these fails.
lint failure is due to spelling mistakes in other files.
I’m not sure why the fuzzer is failing, it seems unrelated to my file.
In the meantime, I can pull up a PR correcting all the spelling mistakes in the lint. Or I can correct those in this PR only.
maflcko
commented at 8:03 am on October 24, 2023:
member
The lint task output seems confusing and fragile, but the error here is:
I guess in the future it could make sense to clarify that the spelling output is only generated for people that care about fixing spelling mistakes, and can be ignored by everyone else.
Ayush170-Future force-pushed
on Oct 24, 2023
Ayush170-Future
commented at 9:05 am on October 24, 2023:
contributor
Force pushed fixing the lint issue.
I’m currently looking into why the Fuzzer is failing. Will try to fix it ASAP.
maflcko
commented at 9:15 am on October 24, 2023:
member
The fuzz timeout can be ignored for now and will be fixed this week.
DrahtBot removed the label
CI failed
on Oct 25, 2023
in
src/wallet/test/fuzz/crypter.cpp:81
in
2a3ffe50dboutdated
Did it. I was thinking of moving master_key outside as well but since it is const it wouldn’t make sense. Should I add a function in CallOneOf that updates the random_key occasionally as well?
maflcko approved
maflcko
commented at 10:56 am on December 6, 2023:
member
lgtm
Ayush170-Future force-pushed
on Jan 5, 2024
DrahtBot added the label
CI failed
on Jan 13, 2024
achow101 requested review from dergoegge
on Apr 9, 2024
achow101 requested review from brunoerg
on Apr 9, 2024
Ayush170-Future
commented at 5:28 am on April 18, 2024:
contributor
Can someone tell me why is the previous releases, qt5 dev package and depends packages, DEBUG test is failing?
I’ve ran this on my machine and it works fine.
maflcko
commented at 5:30 am on April 18, 2024:
member
It is using an old CI config. You can rebase on current master to get a fresh CI run.
in
src/wallet/test/fuzz/crypter.cpp:64
in
87dfbe9f56outdated
Since you’re using ConsumeDeserializable, I do believe you should adopt the approach introduced in “fuzz: Avoid timeout and bloat in fuzz targets” fabb5046a7365af3079e6e45606d63576bc6ad12
If I add limits (1024 for example) to ConsumeRandomLengthByteVector and ConsumeRandomLengthString the harness works. But that could be defeating the purpose of fuzzing.
brunoerg
commented at 8:33 pm on May 17, 2024:
contributor
I couldn’t reproduce on MacOS 14.3 with that input file.
If I add limits (1024 for example) to ConsumeRandomLengthByteVector and ConsumeRandomLengthString the harness works. But that could be defeating the purpose of fuzzing.
Changing the harness can invalidate the input. Also, ConsumeRandomLengthByteVector is used in a lot of other targets without a limit. Does it happen for other targets as well, @marcofleon?
marcofleon
commented at 3:50 pm on May 18, 2024:
contributor
If I don’t start with a seed corpus (inputs from scratch) then it seems to run fine. I let it go for a while and no crashes happen. It’s only when I run something like this:
FUZZ=crypter src/test/fuzz/fuzz -set_cover_merge=1 -shuffle=0 -prefer_small=1 -use_value_profile=0 ../qa-assets/fuzz_corpus_copy/crypter ../qa-assets/fuzz_corpus_copy/*
maflcko
commented at 4:09 pm on May 18, 2024:
member
set_cover_merge
This uses more memory than -merge=1, so my recommendation would be to try to add more memory or swap to your machine, or to use -merge=1 for now.
marcofleon
commented at 10:34 am on May 19, 2024:
contributor
Adjusted some things on my machine and used -merge=1 and it successfully merges after several attempts. Thank you for the help @maflcko and @brunoerg
achow101
commented at 0:32 am on June 5, 2024:
member
ACKd7290d662f494503f28e087dd728b492c0bb2c5f
I get that any coverage of these functions is better than no coverage, but it seems less useful to me when we aren’t checking the output. There may not be a crash, but each function could be doing something unexpected, and we should be checking to make sure that they aren’t. I’m going to merge this for now though just so there is coverage, but a followup which verifies the behavior would be welcomed.
achow101 merged this
on Jun 5, 2024
achow101 closed this
on Jun 5, 2024
bitcoin deleted a comment
on Jun 5, 2024
in
src/wallet/test/fuzz/crypter.cpp:65
in
d7290d662f
This is a metadata mirror of the GitHub repository
bitcoin/bitcoin.
This site is not affiliated with GitHub.
Content is generated from a GitHub metadata backup.
generated: 2025-05-30 06:13 UTC
This site is hosted by @0xB10C More mirrored repositories can be found on mirror.b10c.me