highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-01-20 07:09:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

fuzz: make FuzzedDataProvider usage deterministic

Browse Source 
There exist many usages of `fuzzed_data_provider` where it is evaluated directly in the function call.
Unfortunately, the order of evaluation of function arguments is unspecified. This means it can differ
between compilers/version/optimization levels etc. But when the evaluation order changes, the same
fuzzing input will produce different output, which is bad for coverage/reproducibility.

This PR fixes all these cases where by moving multiple calls to `fuzzed_data_provider` out of the
function arguments.
This commit is contained in:
Martin Leitner-Ankerl
2023-12-09 13:19:02 +01:00
parent 3e691258d8
commit 01960c53c7
18 changed files with 129 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/test/fuzz/system.cpp
View File

@@ -44,13 +44,19 @@ FUZZ_TARGET(system, .init = initialize_system)
args_manager.SelectConfigNetwork(fuzzed_data_provider.ConsumeRandomLengthString(16));
},
[&] {
args_manager.SoftSetArg(fuzzed_data_provider.ConsumeRandomLengthString(16), fuzzed_data_provider.ConsumeRandomLengthString(16));
auto str_arg = fuzzed_data_provider.ConsumeRandomLengthString(16);
auto str_value = fuzzed_data_provider.ConsumeRandomLengthString(16);
args_manager.SoftSetArg(str_arg, str_value);
},
[&] {
args_manager.ForceSetArg(fuzzed_data_provider.ConsumeRandomLengthString(16), fuzzed_data_provider.ConsumeRandomLengthString(16));
auto str_arg = fuzzed_data_provider.ConsumeRandomLengthString(16);
auto str_value = fuzzed_data_provider.ConsumeRandomLengthString(16);
args_manager.ForceSetArg(str_arg, str_value);
},
[&] {
args_manager.SoftSetBoolArg(fuzzed_data_provider.ConsumeRandomLengthString(16), fuzzed_data_provider.ConsumeBool());
auto str_arg = fuzzed_data_provider.ConsumeRandomLengthString(16);
auto f_value = fuzzed_data_provider.ConsumeBool();
args_manager.SoftSetBoolArg(str_arg, f_value);
},
[&] {
const OptionsCategory options_category = fuzzed_data_provider.PickValueInArray<OptionsCategory>({OptionsCategory::OPTIONS, OptionsCategory::CONNECTION, OptionsCategory::WALLET, OptionsCategory::WALLET_DEBUG_TEST, OptionsCategory::ZMQ, OptionsCategory::DEBUG_TEST, OptionsCategory::CHAINPARAMS, OptionsCategory::NODE_RELAY, OptionsCategory::BLOCK_CREATION, OptionsCategory::RPC, OptionsCategory::GUI, OptionsCategory::COMMANDS, OptionsCategory::REGISTER_COMMANDS, OptionsCategory::HIDDEN});
@@ -60,7 +66,9 @@ FUZZ_TARGET(system, .init = initialize_system)
if (args_manager.GetArgFlags(argument_name) != std::nullopt) {
return;
}
args_manager.AddArg(argument_name, fuzzed_data_provider.ConsumeRandomLengthString(16), fuzzed_data_provider.ConsumeIntegral<unsigned int>() & ~ArgsManager::COMMAND, options_category);
auto help = fuzzed_data_provider.ConsumeRandomLengthString(16);
auto flags = fuzzed_data_provider.ConsumeIntegral<unsigned int>() & ~ArgsManager::COMMAND;
args_manager.AddArg(argument_name, help, flags, options_category);
},
[&] {
// Avoid hitting: