highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-01-21 15:50:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

fuzz: Restore SendMessages coverage in process_message(s) fuzz targets

Browse Source
This commit is contained in:
MarcoFalke
2026-01-15 12:50:46 +01:00
parent fac7fed397
commit fabf8d1c5b
3 changed files with 34 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/test/fuzz/process_message.cpp
View File

@@ -2,6 +2,7 @@
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include <banman.h>
#include <consensus/consensus.h>
#include <net.h>
#include <net_processing.h>
@@ -67,27 +68,31 @@ FUZZ_TARGET(process_message, .init = initialize_process_message)
SeedRandomStateForTest(SeedRand::ZEROS);
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
auto& connman = static_cast<ConnmanTestMsg&>(*g_setup->m_node.connman);
auto& node{g_setup->m_node};
auto& connman{static_cast<ConnmanTestMsg&>(*node.connman)};
connman.ResetAddrCache();
connman.ResetMaxOutboundCycle();
auto& chainman = static_cast<TestChainstateManager&>(*g_setup->m_node.chainman);
auto& chainman{static_cast<TestChainstateManager&>(*node.chainman)};
const auto block_index_size{WITH_LOCK(chainman.GetMutex(), return chainman.BlockIndex().size())};
SetMockTime(1610000000); // any time to successfully reset ibd
chainman.ResetIbd();
chainman.DisableNextWrite();
node::Warnings warnings{};
NetGroupManager netgroupman{{}};
AddrMan addrman{netgroupman, /*deterministic=*/true, /*consistency_check_ratio=*/0};
auto peerman = PeerManager::make(connman, addrman,
// Reset, so that dangling pointers can be detected by sanitizers.
node.banman.reset();
node.addrman.reset();
node.peerman.reset();
node.addrman = std::make_unique<AddrMan>(*node.netgroupman, /*deterministic=*/true, /*consistency_check_ratio=*/0);
node.peerman = PeerManager::make(connman, *node.addrman,
/*banman=*/nullptr, chainman,
*g_setup->m_node.mempool, warnings,
*node.mempool, *node.warnings,
PeerManager::Options{
.reconcile_txs = true,
.deterministic_rng = true,
});
connman.SetMsgProc(peerman.get());
connman.SetMsgProc(node.peerman.get());
connman.SetAddrman(*node.addrman);
LOCK(NetEventsInterface::g_msgproc_mutex);
const std::string random_message_type{fuzzed_data_provider.ConsumeBytesAsString(CMessageHeader::MESSAGE_TYPE_SIZE).c_str()};
@@ -116,10 +121,10 @@ FUZZ_TARGET(process_message, .init = initialize_process_message)
more_work = connman.ProcessMessagesOnce(p2p_node);
} catch (const std::ios_base::failure&) {
}
g_setup->m_node.peerman->SendMessages(&p2p_node);
node.peerman->SendMessages(&p2p_node);
}
g_setup->m_node.validation_signals->SyncWithValidationInterfaceQueue();
g_setup->m_node.connman->StopNodes();
node.validation_signals->SyncWithValidationInterfaceQueue();
node.connman->StopNodes();
if (block_index_size != WITH_LOCK(chainman.GetMutex(), return chainman.BlockIndex().size())) {
// Reuse the global chainman, but reset it when it is dirty
ResetChainman(*g_setup);

27
src/test/fuzz/process_messages.cpp
View File

@@ -2,6 +2,7 @@
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include <banman.h>
#include <consensus/consensus.h>
#include <net.h>
#include <net_processing.h>
@@ -57,26 +58,30 @@ FUZZ_TARGET(process_messages, .init = initialize_process_messages)
SeedRandomStateForTest(SeedRand::ZEROS);
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
auto& connman = static_cast<ConnmanTestMsg&>(*g_setup->m_node.connman);
auto& node{g_setup->m_node};
auto& connman{static_cast<ConnmanTestMsg&>(*node.connman)};
connman.ResetAddrCache();
connman.ResetMaxOutboundCycle();
auto& chainman = static_cast<TestChainstateManager&>(*g_setup->m_node.chainman);
auto& chainman{static_cast<TestChainstateManager&>(*node.chainman)};
const auto block_index_size{WITH_LOCK(chainman.GetMutex(), return chainman.BlockIndex().size())};
SetMockTime(1610000000); // any time to successfully reset ibd
chainman.ResetIbd();
chainman.DisableNextWrite();
node::Warnings warnings{};
NetGroupManager netgroupman{{}};
AddrMan addrman{netgroupman, /*deterministic=*/true, /*consistency_check_ratio=*/0};
auto peerman = PeerManager::make(connman, addrman,
// Reset, so that dangling pointers can be detected by sanitizers.
node.banman.reset();
node.addrman.reset();
node.peerman.reset();
node.addrman = std::make_unique<AddrMan>(*node.netgroupman, /*deterministic=*/true, /*consistency_check_ratio=*/0);
node.peerman = PeerManager::make(connman, *node.addrman,
/*banman=*/nullptr, chainman,
*g_setup->m_node.mempool, warnings,
*node.mempool, *node.warnings,
PeerManager::Options{
.reconcile_txs = true,
.deterministic_rng = true,
});
connman.SetMsgProc(peerman.get());
connman.SetMsgProc(node.peerman.get());
connman.SetAddrman(*node.addrman);
LOCK(NetEventsInterface::g_msgproc_mutex);
@@ -115,11 +120,11 @@ FUZZ_TARGET(process_messages, .init = initialize_process_messages)
more_work = connman.ProcessMessagesOnce(random_node);
} catch (const std::ios_base::failure&) {
}
g_setup->m_node.peerman->SendMessages(&random_node);
node.peerman->SendMessages(&random_node);
}
}
g_setup->m_node.validation_signals->SyncWithValidationInterfaceQueue();
g_setup->m_node.connman->StopNodes();
node.validation_signals->SyncWithValidationInterfaceQueue();
node.connman->StopNodes();
if (block_index_size != WITH_LOCK(chainman.GetMutex(), return chainman.BlockIndex().size())) {
// Reuse the global chainman, but reset it when it is dirty
ResetChainman(*g_setup);

2
src/test/util/net.h
View File

@@ -40,6 +40,8 @@ struct ConnmanTestMsg : public CConnman {
m_msgproc = msgproc;
}
void SetAddrman(AddrMan& in) { addrman = in; }
void SetPeerConnectTimeout(std::chrono::seconds timeout)
{
m_peer_connect_timeout = timeout;