highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-01-20 23:29:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#31486: fuzz: Abort when using global PRNG without re-seed

Browse Source 
fae63bf130 fuzz: Clarify that only SeedRandomStateForTest(SeedRand::ZEROS) is allowed (MarcoFalke)
fa18acb457 fuzz: Abort when using global PRNG without re-seed (MarcoFalke)
fa7809aeab fuzz: Add missing SeedRandomStateForTest(SeedRand::ZEROS) (MarcoFalke)

Pull request description:

  This is the first step toward improving fuzz stability and determinism (https://github.com/bitcoin/bitcoin/issues/29018).

  A fuzz target using the global test-only PRNG will now abort if the seed is re-used across fuzz inputs.

  Also, temporarily add `SeedRandomStateForTest(SeedRand::ZEROS)` to all affected fuzz targets. This may slow down the libfuzzer leak detector, but it will disable itself after some time, or it can be disabled explicitly with `-detect_leaks=0`.

  In a follow-up, each affected fuzz target can be stripped of the global random use and a local `RandomMixin` (or similar) can be added instead.

  (Can be tested by removing any one of the re-seed calls and observing a fuzz abort)

ACKs for top commit:
  hodlinator:
    ACK fae63bf130
  dergoegge:
    utACK fae63bf130
  marcofleon:
    Tested ACK fae63bf130

Tree-SHA512: 4a0db69af7f715408edf4f8b08b44f34ce12ee2c79d33b336ad19a6e6bd079c4ff7c971af0a3efa428213407c1171f4e2837ec6a2577086c2f94cd15618a0892
This commit is contained in:
Ryan Ofsky
2024-12-17 12:33:41 -05:00
parent a95a8ba3a3 fae63bf130
commit a60d5702fd
39 changed files with 131 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/test/fuzz/package_eval.cpp
View File

@@ -192,6 +192,7 @@ std::optional<COutPoint> GetChildEvictingPrevout(const CTxMemPool& tx_pool)
FUZZ_TARGET(ephemeral_package_eval, .init = initialize_tx_pool)
{
SeedRandomStateForTest(SeedRand::ZEROS);
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
const auto& node = g_setup->m_node;
auto& chainstate{static_cast<DummyChainState&>(node.chainman->ActiveChainstate())};
@@ -346,6 +347,7 @@ FUZZ_TARGET(ephemeral_package_eval, .init = initialize_tx_pool)
FUZZ_TARGET(tx_package_eval, .init = initialize_tx_pool)
{
SeedRandomStateForTest(SeedRand::ZEROS);
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
const auto& node = g_setup->m_node;
auto& chainstate{static_cast<DummyChainState&>(node.chainman->ActiveChainstate())};