Skip to content

tests: Add fuzzing harness for Bech32 encoding/decoding #17357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 5, 2019
Merged

tests: Add fuzzing harness for Bech32 encoding/decoding #17357

merged 2 commits into from
Nov 5, 2019

Conversation

practicalswift
Copy link
Contributor

@practicalswift practicalswift commented Nov 3, 2019
edited
Loading

Add fuzzing harness for Bech32 encoding/decoding.

Testing this PR

Run:

$ make distclean
$ ./autogen.sh
$ CC=clang CXX=clang++ ./configure --enable-fuzz \
      --with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/bech32 -max_total_time=60
…

@fanquake fanquake added the Tests label Nov 3, 2019
@DrahtBot
Copy link
Contributor

DrahtBot commented Nov 3, 2019
edited
Loading

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #17229 (tests: Add fuzzing harnesses for various Base{32,58,64} and hex related functions by practicalswift)
  • #17071 (tests: Add fuzzing harness for CheckBlock(...) and other CBlock related functions by practicalswift)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@practicalswift practicalswift force-pushed the fuzzers-bech32 branch 2 times, most recently from 78f224b to c089b42 Compare November 3, 2019 06:16
@jonatack
Copy link
Member

jonatack commented Nov 4, 2019

When I try to test this, make fails with:

CXXLD    test/fuzz/address_deserialize
/usr/bin/ld: libbitcoin_util.a(libbitcoin_util_a-threadinterrupt.o): in function `UniqueLock<AnnotatedMixin<std::mutex>, std::unique_lock<std::mutex> >::~UniqueLock()':
/home/jon/projects/bitcoin/bitcoin/src/./sync.h:168: undefined reference to `LeaveCritical()'
clang: error: linker command failed with exit code 1 (use -v to see invocation)

Full configure/make gist here.

I have never been able to get the fuzzing to run when following the info in doc/fuzzing.md, so this may be unrelated to the PR. Any tips would be welcome.

@maflcko
Copy link
Member

maflcko commented Nov 4, 2019

Have you tried a make distclean before ./configure?

@practicalswift
Copy link
Contributor Author

@jonatack What @MarcoFalke said :)

I've now updated OP with make distclean; ./autogen.sh. Will use that in the "how to test this PR template" in future OP:s for fuzzing PR:s.

$ make distclean
$ ./autogen.sh
$ CC=clang CXX=clang++ ./configure --enable-fuzz \
      --with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/bech32
…

@jonatack
Copy link
Member

jonatack commented Nov 4, 2019

It looks like that solved it. Thanks!

How long does the test run -- until it's interrupted?

$ src/test/fuzz/bech32
INFO: Seed: 2164764235
INFO: Loaded 1 modules   (506453 inline 8-bit counters): 506453 [0x559733d74988, 0x559733df03dd), 
INFO: Loaded 1 PC tables (506453 PCs): 506453 [0x559733df03e0,0x5597345aa930), 
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: A corpus is not provided, starting from an empty corpus
#2	INITED cov: 740 ft: 741 corp: 1/1b lim: 4 exec/s: 0 rss: 107Mb
#4	NEW    cov: 743 ft: 853 corp: 2/3b lim: 4 exec/s: 0 rss: 107Mb L: 2/2 MS: 2 ShuffleBytes-CopyPart-
...
#4005097	REDUCE cov: 829 ft: 2420 corp: 213/17Kb lim: 3381 exec/s: 2673 rss: 734Mb L: 44/641 MS: 3 CopyPart-EraseBytes-CopyPart-
#4132416	REDUCE cov: 829 ft: 2420 corp: 213/17Kb lim: 3502 exec/s: 2640 rss: 734Mb L: 7/641 MS: 4 ChangeBit-ChangeBit-ShuffleBytes-EraseBytes-

Concept ACK, initial code review looks good.

@practicalswift
Copy link
Contributor Author

@jonasnick Yes, libFuzzer runs until interrupted :)

Pass -max_total_time=60 to run the fuzzer during 60 seconds, and -help=1 to list all other libFuzzer options.

Recommended setup:

$ mkdir -p generated-test-corpus/
$ src/test/fuzz/bech32 -max_total_time=60 generated-test-corpus/
$ # now go into generated-test-corpus/ and investigate the generated test corpus :)

You might want to look at the libFuzzer documentation too if you haven't done that already :)

@jonasnick
Copy link
Contributor

Thank you @practicalswift, I almost lost my mind trying to figure out libFuzzer today.

@practicalswift
Copy link
Contributor Author

practicalswift commented Nov 4, 2019
edited
Loading

Sorry - wrong Jonas/Jon. Was meaning to mention @jonatack :)

maflcko
maflcko reviewed Nov 4, 2019
View reviewed changes
@practicalswift
Copy link
Contributor Author

@MarcoFalke Feedback addressed! Please re-review :)

jonatack
jonatack reviewed Nov 5, 2019
View reviewed changes
Copy link
Member

@jonatack jonatack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK b754170

This fuzz test afaict verifies round-trip through bech32 Decode + Encode, comparing the initial random_string with the reencoded value, then Encode + Decode and asserts the correct values for the hrp (human-readable part as a string) and data.

Tested as per PR description, read code, ran tests.

((HEAD detached at origin/pr/17357))$ src/test/fuzz/bech32 -max_total_time=60
INFO: Seed: 3403448425
INFO: Loaded 1 modules   (506466 inline 8-bit counters): 506466 [0x5606fb3bc9e8, 0x5606fb43844a), 
INFO: Loaded 1 PC tables (506466 PCs): 506466 [0x5606fb438450,0x5606fbbf2a70), 
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: A corpus is not provided, starting from an empty corpus
#2	INITED cov: 746 ft: 747 corp: 1/1b lim: 4 exec/s: 0 rss: 106Mb
.../...
#316157	DONE   cov: 835 ft: 2274 corp: 152/4114b lim: 122 exec/s: 5182 rss: 587Mb
###### Recommended dictionary. ######
"\xfd\xff\xff\xff" # Uses: 22198
"\x00\x00\x00\x00\x00\x00\x00\x00" # Uses: 3159
###### End of recommended dictionary. ######
Done 316157 runs in 61 second(s)

maflcko pushed a commit that referenced this pull request Nov 5, 2019
Merge #17357: tests: Add fuzzing harness for Bech32 encoding/decoding
50591f6 
b754170 tests: Add fuzzing harness for Bech32 encoding/decoding (practicalswift)
85a34b1 tests: Move CaseInsensitiveEqual to test/util/str (practicalswift)

Pull request description:

  Add fuzzing harness for Bech32 encoding/decoding.

  **Testing this PR**

  Run:

  ```
  $ make distclean
  $ ./autogen.sh
  $ CC=clang CXX=clang++ ./configure --enable-fuzz \
        --with-sanitizers=address,fuzzer,undefined
  $ make
  $ src/test/fuzz/bech32 -max_total_time=60
  …
  ```

ACKs for top commit:
  jonatack:
    ACK b754170

Tree-SHA512: ade01d30c6886a083b806dbfff08999cc0d08e687701c670c895e261ed242c789e8a0062d4ebbe8f82676b8f168dc37e83351a88822c9c0eab478572a9e1ec02
@maflcko maflcko merged commit b754170 into bitcoin:master Nov 5, 2019
@jonatack
Copy link
Member

jonatack commented Nov 6, 2019

I'm seeing appveyor failures:

bech32_tests.obj : error LNK2001: unresolved external symbol "bool __cdecl CaseInsensitiveEqual

@maflcko maflcko mentioned this pull request Nov 6, 2019
Merged
@ryanofsky
Copy link
Contributor

I'm seeing appveyor failures:

Appveyor error is presumably caused by this PR and fixed by #17384 (comment)

sidhujag pushed a commit to syscoin/syscoin that referenced this pull request Nov 7, 2019
Merge bitcoin#17357: tests: Add fuzzing harness for Bech32 encoding/d…
c41a998 
…ecoding

b754170 tests: Add fuzzing harness for Bech32 encoding/decoding (practicalswift)
85a34b1 tests: Move CaseInsensitiveEqual to test/util/str (practicalswift)

Pull request description:

  Add fuzzing harness for Bech32 encoding/decoding.

  **Testing this PR**

  Run:

  ```
  $ make distclean
  $ ./autogen.sh
  $ CC=clang CXX=clang++ ./configure --enable-fuzz \
        --with-sanitizers=address,fuzzer,undefined
  $ make
  $ src/test/fuzz/bech32 -max_total_time=60
  …
  ```

ACKs for top commit:
  jonatack:
    ACK b754170

Tree-SHA512: ade01d30c6886a083b806dbfff08999cc0d08e687701c670c895e261ed242c789e8a0062d4ebbe8f82676b8f168dc37e83351a88822c9c0eab478572a9e1ec02
@jonatack jonatack mentioned this pull request Nov 7, 2019
Merged
@MarkLTZ MarkLTZ mentioned this pull request Apr 4, 2020
Closed
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this pull request Jul 20, 2020
@practicalswift @majcosta
[backport#17357 1/2] tests: Move CaseInsensitiveEqual to test/util/str
842263b 
Summary:
bitcoin/bitcoin@85a34b1

---

Partial backport of Core [[bitcoin/bitcoin#17357 | PR17357]]

Test Plan:
  ninja check

  make check

Reviewers: #bitcoin_abc, deadalnix

Reviewed By: #bitcoin_abc, deadalnix

Differential Revision: https://reviews.bitcoinabc.org/D6904
jasonbcox pushed a commit to Bitcoin-ABC/bitcoin-abc that referenced this pull request Jul 20, 2020
@practicalswift @majcosta
[backport#17357 2/2] tests: Add fuzzing harness for Bech32 encoding/d…
bd65ad0 
…ecoding

Summary:
This ended up a bit different from Core's for obvious reasons

bitcoin/bitcoin@b754170

---

Depends on D6904

Concludes backport of Core [[bitcoin/bitcoin#17357 | PR17357]]

Test Plan:
  cmake -GNinja .. -DENABLE_SANITIZERS="address;fuzzer" -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++
  ninja bitcoin-fuzzers
  ./src/test/fuzz/cashaddr

Reviewers: #bitcoin_abc, deadalnix

Reviewed By: #bitcoin_abc, deadalnix

Subscribers: deadalnix

Differential Revision: https://reviews.bitcoinabc.org/D6906
sidhujag pushed a commit to syscoin-core/syscoin that referenced this pull request Nov 10, 2020
Merge bitcoin#17357: tests: Add fuzzing harness for Bech32 encoding/d…
f9a2c3f 
…ecoding

b754170 tests: Add fuzzing harness for Bech32 encoding/decoding (practicalswift)
85a34b1 tests: Move CaseInsensitiveEqual to test/util/str (practicalswift)

Pull request description:

  Add fuzzing harness for Bech32 encoding/decoding.

  **Testing this PR**

  Run:

  ```
  $ make distclean
  $ ./autogen.sh
  $ CC=clang CXX=clang++ ./configure --enable-fuzz \
        --with-sanitizers=address,fuzzer,undefined
  $ make
  $ src/test/fuzz/bech32 -max_total_time=60
  …
  ```

ACKs for top commit:
  jonatack:
    ACK b754170

Tree-SHA512: ade01d30c6886a083b806dbfff08999cc0d08e687701c670c895e261ed242c789e8a0062d4ebbe8f82676b8f168dc37e83351a88822c9c0eab478572a9e1ec02
@practicalswift practicalswift deleted the fuzzers-bech32 branch April 10, 2021 19:39
kwvg added a commit to kwvg/dash that referenced this pull request Feb 25, 2022
@kwvg
merge bitcoin#17357: Add fuzzing harness for Bech32 encoding/decoding
6cea477
kwvg added a commit to kwvg/dash that referenced this pull request Feb 26, 2022
@kwvg
merge bitcoin#17357: Add fuzzing harness for Bech32 encoding/decoding
52e62b6
PastaPastaPasta pushed a commit to PastaPastaPasta/dash that referenced this pull request Feb 26, 2022
@kwvg @PastaPastaPasta
merge bitcoin#17357: Add fuzzing harness for Bech32 encoding/decoding
6af24e8
PastaPastaPasta pushed a commit to PastaPastaPasta/dash that referenced this pull request Mar 3, 2022
@kwvg @PastaPastaPasta
merge bitcoin#17357: Add fuzzing harness for Bech32 encoding/decoding
fde9e3f
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Aug 16, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
2 more reviewers

@jonatack jonatack jonatack left review comments

@maflcko maflcko maflcko left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
Tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@practicalswift @DrahtBot @jonatack @maflcko @jonasnick @ryanofsky @fanquake