-
Notifications
You must be signed in to change notification settings - Fork 36.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
doc: describe in fuzzing.md how to reproduce a CI crash #22056
doc: describe in fuzzing.md how to reproduce a CI crash #22056
Conversation
Concept ACK, this is definitely required information if we keep running the fuzz corpus in CI. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK
8c0d7d5
to
86f7f22
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK
(unrelated suggestion: Could move the section header "fuzzing corpora" to the line before "The project's collection of seed corpo...")
doc/fuzzing.md
Outdated
@@ -81,6 +81,17 @@ INFO: seed corpus: files: 991 min: 1b max: 1858b total: 288291b rss: 150Mb | |||
… | |||
``` | |||
|
|||
## Reproduce a fuzzer crash found by the CI |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After a private discussion. "found" might confuse some readers, as the CI currently does not search for new inputs. It is repeating the existing test inputs like the unit tests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hesitated on "found" as well..."reported"?
How about -## Fuzzing harnesses, fuzzing output and fuzzing corpora
+## Fuzzing harnesses and output
[`process_message`](https://github.com/bitcoin/bitcoin/blob/master/src/test/fuzz/process_message.cpp) is a fuzzing harness for the [`ProcessMessage(...)` function (`net_processing`)](https://github.com/bitcoin/bitcoin/blob/master/src/net_processing.cpp). The available fuzzing harnesses are found in [`src/test/fuzz/`](https://github.com/bitcoin/bitcoin/tree/master/src/test/fuzz).
@@ -64,6 +64,8 @@ block^@M-^?M-^?M-^?M-^?M-^?nM-^?M-^?
In this case the fuzzer managed to create a `block` message which when passed to `ProcessMessage(...)` increased coverage.
+## Fuzzing corpora
+
The project's collection of seed corpora is found in the [`bitcoin-core/qa-assets`](https://github.com/bitcoin-core/qa-assets) repo.
|
86f7f22
to
fdb20ea
Compare
and add/improve a few headers
fdb20ea
to
d8f1ea7
Compare
@MarcoFalke I added a bullet point from your IRC comment.
|
Concept ACK Thanks for documenting this! Will review. |
ACK d8f1ea7 |
…I crash d8f1ea7 doc: describe in fuzzing.md how to reproduce a CI crash (Jon Atack) Pull request description: Not sure if this is 100% accurate or missing any pertinent info, but I misremembered how to do this today and it seems like useful information to provide. ACKs for top commit: practicalswift: ACK d8f1ea7 Tree-SHA512: 1b74e4187e6ea13b04eb03b3c6e2615c4eb18cc38cce215ad1645f8b135c5c31a243748eb313ccec05f1f62187ba33d550119acf07088968d2d2c1c09bc4c653
Not sure if this is 100% accurate or missing any pertinent info, but I misremembered how to do this today and it seems like useful information to provide.