highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-11-10 14:08:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#28178: fuzz: Generate with random libFuzzer settings

Browse Source 
fa3a4102ef fuzz: Set -rss_limit_mb=8000 for generate as well (MarcoFalke)
fa4e396e1d fuzz: Generate with random libFuzzer settings (MarcoFalke)

Pull request description:

  Sometimes a libFuzzer setting like `-use_value_profile=1` helps [0], sometimes it hurts [1].

  [0] https://github.com/bitcoin/bitcoin/pull/20789#issuecomment-752961937
  [1] https://github.com/bitcoin/bitcoin/pull/27888#issuecomment-1645976254

  By picking a random value, it is ensured that at least some of the runs will have the beneficial configuration set.

  Also, set `-max_total_time` to prevent slow fuzz targets from getting a larger time share, or possibly peg to a single core for a long time and block the python script from exiting for a long time. This can be improved in the future. For example, the python script can exit after some time (https://github.com/bitcoin/bitcoin/pull/20752#discussion_r549248791). Alternatively, it can measure if coverage progress was made and run for less time if no progress has been made recently anyway, so that more time can be spent on targets that are new or still make progress.

ACKs for top commit:
  murchandamus:
    utACK fa3a4102ef
  dergoegge:
    utACK fa3a4102ef
  brunoerg:
    light ACK fa3a4102ef

Tree-SHA512: bfd04a76ca09aec612397bae5f3f263a608faa7087697169bd4c506c8195c4d2dd84ddc7fcd3ebbc75771eab618fad840af819114968ca3668fc730092376768
This commit is contained in:
fanquake
2024-02-27 09:03:11 +00:00
parent 4d7d7fd123 fa3a4102ef
commit ee7e4b0e40
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
test/fuzz/test_runner.py
View File

@@ -11,6 +11,7 @@ import argparse
import configparser
import logging
import os
import random
import subprocess
import sys
@@ -264,9 +265,13 @@ def generate_corpus(*, fuzz_pool, src_dir, build_dir, corpus_dir, targets):
for target, t_env in targets:
target_corpus_dir = corpus_dir / target
os.makedirs(target_corpus_dir, exist_ok=True)
use_value_profile = int(random.random() < .3)
command = [
os.path.join(build_dir, 'src', 'test', 'fuzz', 'fuzz'),
"-runs=100000",
"-rss_limit_mb=8000",
"-max_total_time=6000",
"-reload=0",
f"-use_value_profile={use_value_profile}",
target_corpus_dir,
]
futures.append(fuzz_pool.submit(job, command, target, t_env))