Skip to content

fuzz: Test headers pre-sync through p2p interface #28043

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

fuzz: Test headers pre-sync through p2p interface #28043

wants to merge 3 commits into from

Conversation

dergoegge
Copy link
Member

@dergoegge dergoegge commented Jul 7, 2023
edited
Loading

This PR adds a regression fuzz test for #26355 and some of the bugs found during review of #25717.

Should give us more confidence in doing #25725.

@DrahtBot
Copy link
Contributor

DrahtBot commented Jul 7, 2023
edited
Loading

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage

For detailed information about the code coverage, see the test coverage report.

Reviews

See the guideline for information on the review process.

Type Reviewers
Concept ACK darosior

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #26812 (test: add end-to-end tests for CConnman and PeerManager by vasild)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@DrahtBot DrahtBot added the Tests label Jul 7, 2023
@dergoegge dergoegge marked this pull request as draft July 7, 2023 12:06
@dergoegge
Copy link
Member Author

Draft until #27499 is in.

This was referenced Jul 7, 2023
Closed
Closed
Closed
Open
Closed
Closed
Closed
maflcko
maflcko reviewed Jul 8, 2023
View reviewed changes
@DrahtBot DrahtBot mentioned this pull request Jul 19, 2023
Merged
darosior
darosior reviewed Jul 24, 2023
View reviewed changes
@dergoegge dergoegge marked this pull request as ready for review July 25, 2023 12:20
@dergoegge
Copy link
Member Author

Rebased and un-drafted, ready for review!

maflcko
maflcko reviewed Jul 28, 2023
View reviewed changes
@DrahtBot DrahtBot mentioned this pull request Jul 30, 2023
Closed
5 tasks
@dergoegge dergoegge force-pushed the 2023-07-fuzz-pow branch 3 times, most recently from 6b4edf3 to 6bac3ba Compare September 12, 2023 10:26
@laanwj laanwj added this to the 27.0 milestone Oct 26, 2023
@maflcko
Copy link
Member

maflcko commented Nov 17, 2023 

test/fuzz/p2p_headers_sync.cpp:187:96:   required from here
./primitives/transaction.h:327:42: error: ‘class CVectorWriter’ has no member named ‘GetParams’
  327 |         SerializeTransaction(*this, s, s.GetParams());
      |                                        ~~^~~~~~~~~
make[2]: *** [Makefile:17531: test/fuzz/fuzz-p2p_headers_sync.o] Error 1
make[2]: Leaving directory '/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src'
make[1]: *** [Makefile:20246: install-recursive] Error 1
make[1]: Leaving directory '/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src'
make: *** [Makefile:811: install-recursive] Error 1

Exit status: 2������������������������������������������������������������������������������������������������������������������������

@dergoegge
Copy link
Member Author

Thanks! rebased.

@darosior
Copy link
Member

Concept ACK. Planning on reviewing soon.

@mzumsande
Copy link
Contributor

Needs rebase (silent merge conflict).

@dergoegge
Copy link
Member Author

Needs rebase (silent merge conflict).

Thanks, rebased

@DrahtBot DrahtBot removed the CI failed label Dec 6, 2023
@DrahtBot DrahtBot mentioned this pull request Dec 11, 2023
Merged
@darosior darosior mentioned this pull request Dec 30, 2023
Closed
jamesob
jamesob reviewed Jan 9, 2024
View reviewed changes
src/pow.cpp
bool CheckProofOfWork(uint256 hash, unsigned int nBits, const Consensus::Params& params)
{
if (g_check_pow_mock) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably have some belt-and-suspenders check that we're 100% not running on mainnet, maybe based on the contents of params and whatever applicable global.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An alternative to the mocking would be to use FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in all places that call CheckProofOfWork (i.e. validation, mining) since there is literally zero benefit in having this be a blocker for fuzzing.

Copy link
Member Author

@dergoegge dergoegge Jan 24, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/dergoegge/bitcoin/tree/2024-01-fuzz-unsafe-pow

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Opened #29305 to discuss, I think it actually makes more sense than the mocking

@dergoegge dergoegge mentioned this pull request Jan 24, 2024
Closed
@dergoegge
Copy link
Member Author

It's been more than 6 months since I opened this without substantial review, so closing. Let me know if anyone is actually interested in reviewing and I'll reopen.

@dergoegge dergoegge closed this Jan 26, 2024
mzumsande
mzumsande reviewed Jan 26, 2024
View reviewed changes
Copy link
Contributor

@mzumsande mzumsande left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just fyi, I started reviewing at some point, my problem was that I don't like test-specific / mocking code in production code (especially the consensus-critical parts), so I wasn't really comfortable (concept)-acking it.
On the other hand, I didn't see a better way to do it and fuzzing is great obviously...

As a result, I was undecided and didn't write anything. Maybe it'd be worth to have a general discussion about the extent of mocking / test-specific production code we want as a project, since there are obviously both advantages and disadvantages to it. If there was a general consensus that these kind of mocks are fine I'd be happy to review/ack the actual fuzz target.

@maflcko
Copy link
Member

maflcko commented Jan 29, 2024

I'd say they are fine, if there is no better way. With global functions and variables, I think the only way to mock them is also via a global approach. Here, adding the assert(params!=main) (#28043 (comment)) should be fine.

@marcofleon marcofleon mentioned this pull request Aug 15, 2024
Merged
glozow added a commit that referenced this pull request Sep 16, 2024
@glozow
Merge #30661: fuzz: Test headers pre-sync through p2p
2bf721e 
a97f43d fuzz: Add harness for p2p headers sync (marcofleon)
a0eaa47 Add FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in PoW check (marcofleon)
a3f6f5a build: Automatically define FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION for fuzz builds (marcofleon)
0c02d4b net_processing: Make MAX_HEADERS_RESULTS a PeerManager option (marcofleon)

Pull request description:

  This PR reopens #28043. It's a regression fuzz test for #26355 and [a couple bugs](ed6cddd) that were addressed in #25717. This should help us move forward with the [removal of mainnet checkpoints](#25725).

  It seems like the main concern in #28043 was the global mock function for proof of work. This PR aims to be an improvement by replacing the previous approach with a fuzz build configured using `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION`. This ensures that the simplified test code will never be in a release binary. If we agree this is the way to go, there are some other places (for future targets) where this method could be used.

  In this target, PoW isn't being tested, so the goal is to bypass the check and let the fuzzer do its thing. In the other harnesses where PoW is actually being fuzzed, `CheckProofOfWork` is now `CheckProofOfWorkImpl`. So, the only change to that function is in the name.

  More about `FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION` can be found at https://llvm.org/docs/LibFuzzer.html#fuzzer-friendly-build-mode and https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/fuzzing_in_depth.md#d-modifying-the-target.

ACKs for top commit:
  naumenkogs:
    ACK a97f43d
  dergoegge:
    reACK a97f43d
  instagibbs:
    tested ACK a97f43d
  brunoerg:
    ACK a97f43d

Tree-SHA512: 60b0bc6aadd8ca4c39db9cbba2da2debaaf68afcb6a8dd75c1ce48ca9e3996948fda8020930b6771a424e0f7c41b0b1068db4aa7dbe517f8fc152f1f712058ad
@bitcoin bitcoin locked and limited conversation to collaborators Jan 28, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
4 more reviewers

@jamesob jamesob jamesob left review comments

@maflcko maflcko maflcko left review comments

@darosior darosior darosior left review comments

@mzumsande mzumsande mzumsande left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
Tests
Projects
None yet
Milestone
27.0
Development

Successfully merging this pull request may close these issues.
7 participants
@dergoegge @DrahtBot @maflcko @darosior @mzumsande @jamesob @laanwj