fuzz: Stop nodes in process_message* fuzzers
306b94dd6d36
Actions

Description

fuzz: Stop nodes in process_message* fuzzers

Summary:

Background is that I saw an integer overflow in net_processing

#30629113	REDUCE cov: 25793 ft: 142917 corp: 3421/2417Kb
lim: 4096exec/s: 89 rss: 614Mb L: 1719/4096 MS: 1 EraseBytes...
net_processing.cpp:977:25: runtime error: signed integer overflow:
2147483624 + 100 cannot be represented in type 'int'

UndefinedBehaviorSanitizer: undefined-behavior
net_processing.cpp:977:25 in
net_processing.cpp:985:9: runtime error: signed integer overflow:
-2147483572 - 100 cannot be represented in type 'int'
SUMMMARY: UndefinedBehaviorSanitizer: undefined-behavior
net_processing.cpp:985:9 in

Telling from the line numbers, it looks like nMisbehavior wrapped
around.

Fix that by calling StopNodes after each exec, which should clear the
node state and thus nMisbehavior.

Backport of core PR18875

Test Plan:

ninja bitcoin-fuzzers
./test/fuzz/test_runner.py <path_to_corpus>

Reviewers: #bitcoin_abc, majcosta

Reviewed By: #bitcoin_abc, majcosta

Differential Revision: https://reviews.bitcoinabc.org/D8710

Details

Provenance

MarcoFalke <falke.marco@gmail.com>	Authored on May 11 2020, 00:12
Fabien	Committed on Dec 21 2020, 15:30
Fabien	Pushed on Dec 21 2020, 15:32

Reviewer

Restricted Project

Differential Revision

D8710: fuzz: Stop nodes in process_message* fuzzers

Parents

rABC0806684f9076: Properly use TxId in txindex.cpp

Branches

Unknown

Tags

Unknown

Event Timeline

Fabien committed rABC306b94dd6d36: fuzz: Stop nodes in process_message* fuzzers (authored by MarcoFalke <falke.marco@gmail.com>).Dec 21 2020, 15:30

Fabien added an edge: D8710: fuzz: Stop nodes in process_message* fuzzers.

Changes (2)

Path

Size

src/

test/

fuzz/

process_message.cpp

process_messages.cpp

rABC306b94dd6d36

View Options

src/test/fuzz/process_message.cpp