Add fuzzing dictionaries #122

pull dergoegge wants to merge 1 commits into bitcoin-core:main from dergoegge:2023-05-fuzz-dicts changing 2 files +86 −0
  1. dergoegge commented at 3:09 pm on May 5, 2023: member
    For use with libFuzzer’s -dict option.
  2. dergoegge commented at 3:11 pm on May 5, 2023: member
    I think oss-fuzz supports these as well (not 100% sure)
  3. fanquake commented at 3:37 pm on May 5, 2023: member
  4. darosior commented at 3:46 pm on May 5, 2023: member

    It could be useful for the miniscript_string target, but as you mentioned libfuzzer was already pretty effective at finding them already. Is it useful beyond guiding the fuzzer through the first runs without coverage?

    For what it’s worth another approach i’ve used for initially seeding the miniscript_string corpus was to generate random miniscripts using the unit test and writing them to the corpus directory.

  5. dergoegge commented at 4:01 pm on May 5, 2023: member

    Is it useful beyond guiding the fuzzer through the first runs without coverage?

    Not sure. From the libFuzzer docs: “For some input languages using a dictionary may significantly improve the search speed.”. I will try to benchmark the miniscript_string target with and without the dict to see if that is the case for miniscript.

    For what it’s worth another approach i’ve used for initially seeding the miniscript_string corpus was to generate random miniscripts using the unit test and writing them to the corpus directory.

    Yea that is good practice but only works for targets with common input formats (e.g. a miniscript string), for targets that use FuzzedDataProvider seeding is not really feasible.

  6. darosior commented at 6:10 pm on May 16, 2023: member
    Just used the dict for a new (more efficient) descriptor parsing target i’m working on, FWIW. Worked great and definitely easier than seeding the dir yourselves with unit tests.
  7. dergoegge commented at 3:41 pm on May 24, 2023: member
    @MarcoFalke thoughts?
  8. maflcko commented at 7:40 am on May 25, 2023: contributor
    lgtm, but I probably won’t be using them. Usually what I do is to add a instrumentation, such as std::cout, to the the data handling function (for example descriptor parse) and then write each call to a file, while running the unit test, functional tests, and some manual fiddling in production. I guess it boils down to personal preference what way people prefer (https://github.com/bitcoin-core/qa-assets/pull/122#issuecomment-1550139013)
  9. in fuzz_dicts/miniscript.dict:23 in d1da2b9e1a outdated
    18+")"
    19+"/"
    20+"()"
    21+":"
    22+"1"
    23+"0"
    


    darosior commented at 7:45 am on May 25, 2023:
    If you undraft this might be worth making it a descriptor dict, including output type expressions (wsh, combo, tr, {, …). Also pk and pkh.

    darosior commented at 12:14 pm on May 25, 2023:

    The descriptors.dict ive been using in case you haven’t written it already:

     0"pk_h"
     1"pk_k"
     2"older"
     3"after"
     4"sha256"
     5"andor"
     6"and_v"
     7"and_b"
     8"and_n"
     9"or_b"
    10"or_c"
    11"or_d"
    12"or_i"
    13"multi"
    14"multi_a"
    15"thresh"
    16"("
    17")"
    18"["
    19"]"
    20"/"
    21"*"
    22"'"
    23"h"
    24":"
    25"1"
    26"0"
    27"combo"
    28"sh"
    29"wsh"
    30"wpkh"
    31"tr"
    32"{"
    33"}"
    34"pkh"
    35"pk"
    36"addr"
    37"raw"
    38"rawtr"
    39"sortedmulti"
    40"sortedmulti_a"
    

    dergoegge commented at 12:24 pm on May 25, 2023:
    Thank you! I’ll use this and undraft shortly
  10. darosior commented at 12:16 pm on May 25, 2023: member
    Concept ACK
  11. dergoegge force-pushed on May 26, 2023
  12. dergoegge marked this as ready for review on May 26, 2023
  13. dergoegge commented at 1:29 pm on May 26, 2023: member
    Updated the descriptor dict and un-drafted.
  14. fanquake requested review from darosior on May 26, 2023
  15. Add initial fuzzing dictionaries
    Co-authored-by: Antoine Poinsot <darosior@protonmail.com>
    e4f07ff3d7
  16. in fuzz_dicts/descriptors.dict:27 in b29cdc9f0b outdated
    22+"*"
    23+"'"
    24+"h"
    25+":"
    26+"1"
    27+"0"
    


    darosior commented at 4:36 pm on May 26, 2023:
    How about adding the Miniscript type modifiers too? Maybe there is little point since it’s only a single letter? image

    dergoegge commented at 9:48 am on June 6, 2023:
    Added them, can’t hurt.
  17. dergoegge force-pushed on Jun 6, 2023
  18. brunoerg commented at 6:42 pm on June 13, 2023: none

    Concept ACK. I’ve been using dicts frequently.

    e.g. for net_permissions:

     0"@"
     1"["
     2"]"
     3"bloomfilter"
     4"bloom"
     5"noban"
     6"forcerelay"
     7"mempool"
     8"download"
     9"all"
    10"relay"
    11"addr"
    
  19. darosior commented at 10:33 am on June 14, 2023: member
    ACK e4f07ff3d7e21d4b747149eb5cf19bf95bdf44ef
  20. fanquake merged this on Jun 16, 2023
  21. fanquake closed this on Jun 16, 2023


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/qa-assets. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-10-30 01:25 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me