New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add timeoffsets inputs folder #178
Add timeoffsets inputs folder #178
Conversation
For git, renaming and creating a copy is the same cost (close to zero). So I think it would be better to create a copy, to allow the old fuzz target and fuzz inputs to continue to exist for a while, as there is only one branch in this repo. Moreover, better than creating a copy of a single folder would be to pick fuzz inputs from all other folders with the coverage algorithm. This way the cost is still close to zero, but you'll likely get more coverage. Finally, the best would be to do the previous step, and then on top, let the fuzz engine run for a bit on an empty folder, as well as a the populated one, and then merge both results into a fresh folder and submit that. In any case, probably doesn't matter for this fuzz target, so lgtm. |
84c2d96
to
373778c
Compare
Rebased after #177 was merged. Thanks for your comprehensive explanation, maflcko.
Updated my approach to create a copy instead.
I'd be happy to try this but unfortunately am a bit out of my depth here and could not find relevant instructions on the documentation in this repo, or online. If you have any pointers for me to look at that would be helpful, but also I'm happy to keep it at the current approach if that's not worth the hassle. |
lgtm |
It’s possible to provide multiple source directories to the fuzzer. The first directory you provide is both a source and also the destination of newly added seeds. When you create a new target, you can scrounge up the seeds from all targets to see if any of them improve the coverage of your new target, e.g. like this:
|
On trying this, it might be better to go with |
I got |
373778c
to
b611cbc
Compare
Thanks for the guidance @murchandamus, that was very helpful. I've updated my approach to start with seeds from all targets, then run the fuzzer on an empty dir, and then finally merge both together. From the existing seeds, I got: After merging with a fresh run, I got: I've summarized my actions (and outputs) below. Starting with an empty
Then, on a fresh
And finally merging the 2 together:
|
b611cbc
to
722b5b4
Compare
One more force-push, thanks for bearing with me here. Turns out the |
Sounds like a good initial set to me. |
Thanks for offering, that'd be very helpful but I think it's probably best to wait until the underlying pull (bitcoin/bitcoin#29623) is merged? I'll take this PR out of draft once that's done. |
Yeah, let’s first get the code in, then throw CPU at increasing the fuzz coverage. :) |
@stickies-v: I saw #29623 get merged, I got a new computer that I’m itching to fuzz something with ;) |
I wouldn't want to withhold you from that pleasure - thank you very much 🥳 |
Tested this locally, has a pretty good starting coverage. LGTM. |
Draft until bitcoin/bitcoin#29623 is merged.This fuzz target is largely the same as the timedata target, but
both are kept to allow continued testing of both for now. In the
future, the timedata input folder may be removed.