fuzz: Exclude too expensive inputs in descriptor_parse targets #34317

pull maflcko wants to merge 1 commits into bitcoin:master from maflcko:2601-fuzz-desc-parse changing 2 files +24 −10
  1. maflcko commented at 12:00 pm on January 16, 2026: member

    Accepting “expensive” fuzz inputs which have no real use-case is problematic, because it prevents the fuzz engine from spending time on the next useful fuzz input.

    For example, those will take several seconds (!) and the flamegraph shows that base58 encoding is the cause:

    0curl -fLO 'https://github.com/bitcoin-core/qa-assets/raw/b5ad78e070e4cf36beb415d7b490d948d70ba73f/fuzz_corpora/mocked_descriptor_parse/f5abf41608addcef3538da61d8096c2050235032'
1curl -fLO 'https://github.com/bitcoin-core/qa-assets/raw/b5ad78e070e4cf36beb415d7b490d948d70ba73f/fuzz_corpora/descriptor_parse/78cb3175467f53b467b949883ee6072e92dbb267'
2
3FUZZ=mocked_descriptor_parse ./bld-cmake/bin/fuzz ./f5abf41608addcef3538da61d8096c2050235032
4FUZZ=descriptor_parse ./bld-cmake/bin/fuzz ./78cb3175467f53b467b949883ee6072e92dbb267

    This will also break 32-bit fuzzing, see #34110 (comment).

    Fix all issues by checking for HasTooLargeLeafSize.

    Sorry for creating several pull requests to fix this class of issue, but I think this one should be the last one. :sweat_smile:

  2. DrahtBot added the label Fuzzing on Jan 16, 2026
  3. DrahtBot commented at 12:00 pm on January 16, 2026: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/34317.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK frankomosh

    If your review is incorrectly listed, please copy-paste <!–meta-tag:bot-skip–> into the comment that the bot should ignore.

  4. fuzz: Exclude too expensive inputs in descriptor_parse targets 
    Also, fixup iwyu warnings in the util module.

Also, fixup a typo.
    fa3fe1d7f8
  5. maflcko force-pushed on Jan 16, 2026
  6. DrahtBot added the label CI failed on Jan 16, 2026
  7. DrahtBot removed the label CI failed on Jan 16, 2026
  8. in src/test/fuzz/util/descriptor.cpp:15 in fa3fe1d7f8 
     6@@ -7,12 +7,15 @@
 7 #include <key.h>
 8 #include <key_io.h>
 9 #include <pubkey.h>
10+#include <span.h>
11 #include <util/strencodings.h>
12 
13 #include <ranges>
14 #include <stack>
15+#include <vector>
    hebasto commented at 4:11 pm on January 16, 2026:

    https://github.com/bitcoin/bitcoin/actions/runs/21066056093/job/60583609633?pr=34317:

    0(/home/admin/actions-runner/_work/_temp/src/test/fuzz/util/descriptor.h has correct #includes/fwd-decls)
1
2(/home/admin/actions-runner/_work/_temp/src/test/fuzz/util/descriptor.cpp has correct #includes/fwd-decls)

    Mind appending src/test/fuzz/util/descriptor.cpp to the FILES_WITH_ENFORCED_IWYU variable in ci/test/03_test_script.sh?

    maflcko commented at 4:36 pm on January 16, 2026:
    This will create a conflict with other pulls, so I’ll leave this as-is for now.
  9. frankomosh commented at 5:23 am on January 19, 2026: contributor

    Code Review ACK fa3fe1d7f8d857112b8c5b1a991fe25b3ded9324

    Good refactor that effectively addresses the expensive input issue

  10. fanquake requested review from dergoegge on Jan 20, 2026


maflcko DrahtBot hebasto frankomosh


dergoegge

Labels
Fuzzing

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-01-21 03:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me