p2p: Refactor sock to add I2P fuzz and unit tests #21387

vasild · 2021-03-08T11:17:22Z

Change the networking code and the I2P code to be fully mockable and use FuzzedSocket to fuzz the I2P methods Listen(), Accept() and Connect().

Add a mocked Sock implementation that returns a predefined data on reads and use it for a regression unit test for the bug fixed in #21407.

jonatack · 2021-03-08T11:20:05Z

Concept ACK

vasild · 2021-03-08T11:23:56Z

src/netbase.cpp

Note to reviewers: this old code was inconsistent with the events it requested depending on which function was used - it requested "in" or "out" (POLLIN | POLLOUT) when using poll() but only "out" when using select() (did not pass fdset as 2'nd arg to select()).

This is now replaced by Sock::Wait(..., requested Sock::RECV | Sock::SEND) which, if ends up calling select(), will ask it for both "in" and "out".

I think this is ok.

it might be good to split the non-fuzz "refactors" out into their own pull

Lets see which are the non-fuzz refactors:

[7] i2p: add fuzz tests on the I2P Session public interface [6] i2p: use pointers to Sock to accommodate mocking [5] net: change ConnectSocketDirectly() to take a Sock argument [4] net: add connect() and getsockopt() wrappers to Sock [3] fuzz: avoid FuzzedSock::Recv() repeated errors with EAGAIN [2] fuzz: extend FuzzedSock::Recv() to support MSG_PEEK [1] fuzz: implement unimplemented FuzzedSock methods

1-3 are obviously fuzz. 4 touches FuzzedSocket. 7 adds fuzz tests. So only 5 and 6 remain. 5 depends on the previous commits. 6 is non-fuzz, does not depend on the previous commits and can be extracted, but 7 depends on it.
So a split can be:
PR-A: 6
PR-B: 1-5, 7

I think it is not worth to split, given that 6 is a small mechanical change.

src/util/sock.h

maflcko · 2021-03-08T11:41:33Z

src/netbase.cpp

it might be good to split the non-fuzz "refactors" out into their own pull

src/test/fuzz/util.h

practicalswift · 2021-03-08T17:46:12Z

Concept ACK

Thanks for improving FuzzedSock with connect, getsockopt and MSG_PEEK (recv) support! :)

Very happy to see the I2P code being thoroughly fuzzed before landing in a release! "Fuzz before release" is a nice high bar I think we should try to aim for going forward for new features :)

src/test/fuzz/util.h

DrahtBot · 2021-03-08T19:23:21Z

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

p2p, refactor: make NetPermissionFlags an enum class #21506 (p2p, refactor: make NetPermissionFlags an enum class by jonatack)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

vasild · 2021-03-09T09:53:22Z

a6c20d2b8...933d181a8: avoid calling memcpy() with NULL argument even if size is 0

jonatack · 2021-03-10T12:17:48Z

Saw this OOM error three times, but only with ../qa-assets/fuzz_seed_corpus/ (git pulled the latest head)

fuzz output

$ FUZZ=i2p src/test/fuzz/fuzz ../qa-assets/fuzz_seed_corpus/
INFO: Seed: 2309095707
INFO: Loaded 1 modules   (642728 inline 8-bit counters): 642728 [0x55bbf8e17668, 0x55bbf8eb4510), 
INFO: Loaded 1 PC tables (642728 PCs): 642728 [0x55bbf8eb4510,0x55bbf9882f90), 
INFO:   237105 files found in ../qa-assets/fuzz_seed_corpus/
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
INFO: seed corpus: files: 237105 min: 1b max: 3986616b total: 4147898382b rss: 359Mb
#4096	pulse  cov: 1461 ft: 1820 corp: 8/29b exec/s: 2048 rss: 445Mb
#8192	pulse  cov: 1862 ft: 2571 corp: 23/136b exec/s: 2048 rss: 520Mb
#16384	pulse  cov: 2655 ft: 4120 corp: 38/278b exec/s: 2340 rss: 659Mb
#32768	pulse  cov: 2749 ft: 5425 corp: 81/926b exec/s: 2730 rss: 722Mb
#65536	pulse  cov: 2813 ft: 6711 corp: 132/2841b exec/s: 2849 rss: 722Mb
#131072	pulse  cov: 2911 ft: 8428 corp: 169/7173b exec/s: 2730 rss: 722Mb
==16390== ERROR: libFuzzer: out-of-memory (used: 2191Mb; limit: 2048Mb)
   To change the out-of-memory limit use -rss_limit_mb=<N>

Live Heap Allocations: 89301481 bytes in 242997 chunks; quarantined: 245829231 bytes in 30252 chunks; 1909049 other chunks; total chunks: 2182298; showing top 95% (at most 8 unique contexts)
22746576 byte(s) (25%) in 237105 allocation(s)
    #0 0x55bbf4cf94fd in malloc (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2d444fd)
    #1 0x55bbf4c0bde7 in operator new(unsigned long) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c56de7)
    #2 0x55bbf4c23aac in fuzzer::ReadCorpora(std::Fuzzer::vector<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> >, fuzzer::fuzzer_allocator<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> > > > const&, std::Fuzzer::vector<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> >, fuzzer::fuzzer_allocator<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> > > > const&) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c6eaac)
    #3 0x55bbf4c23672 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c6e672)
    #4 0x55bbf4c4cb12 in main (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c97b12)
    #5 0x7f929ca83d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26d09)

21499328 byte(s) (24%) in 12 allocation(s)
    #0 0x55bbf4cf94fd in malloc (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2d444fd)
    #1 0x55bbf4c0bde7 in operator new(unsigned long) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c56de7)
    #2 0x55bbf4c4cb12 in main (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c97b12)
    #3 0x7f929ca83d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26d09)

16777216 byte(s) (18%) in 1 allocation(s)
    #0 0x55bbf4d28c3d in operator new(unsigned long) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2d73c3d)
    #1 0x55bbf4e228c5 in __gnu_cxx::new_allocator<uint256>::allocate(unsigned long, void const*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/ext/new_allocator.h:115:27
    #2 0x55bbf4e228c5 in std::allocator_traits<std::allocator<uint256> >::allocate(std::allocator<uint256>&, unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/alloc_traits.h:460:20
    #3 0x55bbf4e228c5 in std::_Vector_base<uint256, std::allocator<uint256> >::_M_allocate(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_vector.h:346:20
    #4 0x55bbf575d27a in std::vector<uint256, std::allocator<uint256> >::_M_default_append(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/vector.tcc:635:34
    #5 0x55bbf575cdd2 in std::vector<uint256, std::allocator<uint256> >::resize(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_vector.h:940:4
    #6 0x55bbf575c623 in CuckooCache::cache<uint256, SignatureCacheHasher>::setup(unsigned int) /home/jon/projects/bitcoin/bitcoin/src/./cuckoocache.h:344:15
    #7 0x55bbf59809e6 in CuckooCache::cache<uint256, SignatureCacheHasher>::setup_bytes(unsigned long) /home/jon/projects/bitcoin/bitcoin/src/./cuckoocache.h:368:16
    #8 0x55bbf59809e6 in InitScriptExecutionCache() /home/jon/projects/bitcoin/bitcoin/src/validation.cpp:1468:44
    #9 0x55bbf607ba7f in BasicTestingSetup::BasicTestingSetup(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) /home/jon/projects/bitcoin/bitcoin/src/test/util/setup_common.cpp:110:5
    #10 0x55bbf4dc2187 in std::_MakeUniq<BasicTestingSetup const>::__single_object std::make_unique<BasicTestingSetup const, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:962:34
    #11 0x55bbf4dbe382 in std::unique_ptr<BasicTestingSetup const, std::default_delete<BasicTestingSetup const> > MakeNoLogFileContext<BasicTestingSetup const>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) /home/jon/projects/bitcoin/bitcoin/src/./test/util/setup_common.h:170:12
    #12 0x55bbf4fe4723 in initialize_i2p() /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/i2p.cpp:17:39
    #13 0x55bbf4d2f80c in void std::__invoke_impl<void, void (*&)()>(std::__invoke_other, void (*&)()) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/invoke.h:60:14
    #14 0x55bbf4d2f80c in std::enable_if<is_invocable_r_v<void, void (*&)()>, void>::type std::__invoke_r<void, void (*&)()>(void (*&)()) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/invoke.h:110:2
    #15 0x55bbf4d2f80c in std::_Function_handler<void (), void (*)()>::_M_invoke(std::_Any_data const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/std_function.h:291:9
    #16 0x55bbf531c54c in std::function<void ()>::operator()() const /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/std_function.h:622:14
    #17 0x55bbf66a3c92 in initialize() /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz.cpp:44:5
    #18 0x55bbf66a51cd in LLVMFuzzerInitialize /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz.cpp:70:5
    #19 0x55bbf4c218ac in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c6c8ac)
    #20 0x55bbf4c4cb12 in main (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c97b12)
    #21 0x7f929ca83d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26d09)

16777216 byte(s) (18%) in 1 allocation(s)
    #0 0x55bbf4d28c3d in operator new(unsigned long) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2d73c3d)
    #1 0x55bbf4e228c5 in __gnu_cxx::new_allocator<uint256>::allocate(unsigned long, void const*) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/ext/new_allocator.h:115:27
    #2 0x55bbf4e228c5 in std::allocator_traits<std::allocator<uint256> >::allocate(std::allocator<uint256>&, unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/alloc_traits.h:460:20
    #3 0x55bbf4e228c5 in std::_Vector_base<uint256, std::allocator<uint256> >::_M_allocate(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_vector.h:346:20
    #4 0x55bbf575d27a in std::vector<uint256, std::allocator<uint256> >::_M_default_append(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/vector.tcc:635:34
    #5 0x55bbf575cdd2 in std::vector<uint256, std::allocator<uint256> >::resize(unsigned long) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_vector.h:940:4
    #6 0x55bbf575c623 in CuckooCache::cache<uint256, SignatureCacheHasher>::setup(unsigned int) /home/jon/projects/bitcoin/bitcoin/src/./cuckoocache.h:344:15
    #7 0x55bbf5759dc2 in CuckooCache::cache<uint256, SignatureCacheHasher>::setup_bytes(unsigned long) /home/jon/projects/bitcoin/bitcoin/src/./cuckoocache.h:368:16
    #8 0x55bbf5759dc2 in (anonymous namespace)::CSignatureCache::setup_bytes(unsigned long) /home/jon/projects/bitcoin/bitcoin/src/script/sigcache.cpp:80:25
    #9 0x55bbf5759dc2 in InitSignatureCache() /home/jon/projects/bitcoin/bitcoin/src/script/sigcache.cpp:100:36
    #10 0x55bbf607ba6f in BasicTestingSetup::BasicTestingSetup(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) /home/jon/projects/bitcoin/bitcoin/src/test/util/setup_common.cpp:109:5
    #11 0x55bbf4dc2187 in std::_MakeUniq<BasicTestingSetup const>::__single_object std::make_unique<BasicTestingSetup const, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:962:34
    #12 0x55bbf4dbe382 in std::unique_ptr<BasicTestingSetup const, std::default_delete<BasicTestingSetup const> > MakeNoLogFileContext<BasicTestingSetup const>(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) /home/jon/projects/bitcoin/bitcoin/src/./test/util/setup_common.h:170:12
    #13 0x55bbf4fe4723 in initialize_i2p() /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/i2p.cpp:17:39
    #14 0x55bbf4d2f80c in void std::__invoke_impl<void, void (*&)()>(std::__invoke_other, void (*&)()) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/invoke.h:60:14
    #15 0x55bbf4d2f80c in std::enable_if<is_invocable_r_v<void, void (*&)()>, void>::type std::__invoke_r<void, void (*&)()>(void (*&)()) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/invoke.h:110:2
    #16 0x55bbf4d2f80c in std::_Function_handler<void (), void (*)()>::_M_invoke(std::_Any_data const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/std_function.h:291:9
    #17 0x55bbf531c54c in std::function<void ()>::operator()() const /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/std_function.h:622:14
    #18 0x55bbf66a3c92 in initialize() /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz.cpp:44:5
    #19 0x55bbf66a51cd in LLVMFuzzerInitialize /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz.cpp:70:5
    #20 0x55bbf4c218ac in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c6c8ac)
    #21 0x55bbf4c4cb12 in main (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c97b12)
    #22 0x7f929ca83d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26d09)

8388608 byte(s) (9%) in 1 allocation(s)
    #0 0x55bbf4cf94fd in malloc (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2d444fd)
    #1 0x55bbf4c0bde7 in operator new(unsigned long) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c56de7)
    #2 0x55bbf4c2f807 in fuzzer::GetSizedFilesFromDir(std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> > const&, std::Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >*) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c7a807)
    #3 0x55bbf4c23aac in fuzzer::ReadCorpora(std::Fuzzer::vector<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> >, fuzzer::fuzzer_allocator<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> > > > const&, std::Fuzzer::vector<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> >, fuzzer::fuzzer_allocator<std::Fuzzer::basic_string<char, std::Fuzzer::char_traits<char>, std::Fuzzer::allocator<char> > > > const&) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c6eaac)
    #4 0x55bbf4c23672 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c6e672)
    #5 0x55bbf4c4cb12 in main (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz+0x2c97b12)
    #6 0x7f929ca83d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26d09)

MS: 0 ; base unit: 0000000000000000000000000000000000000000


artifact_prefix='./'; Test unit written to ./oom-da39a3ee5e6b4b0d3255bfef95601890afd80709
Base64: 
SUMMARY: libFuzzer: out-of-memory

jonatack · 2021-03-11T19:23:50Z

Had the same OOM issue today with another fuzz PR, so I'm proceeding on the assumption that it's a regression that is not related to this PR.

jonatack

Built and reviewed each commit up to 34c199db11b36eee91e56cdd046c090f62da18d6.

In the 3rd commit, "avoid repeated errors," it looks like the commit message should be "to retry the operation." e.g. s/to/the/

src/test/fuzz/util.h

src/util/sock.h

src/test/fuzz/util.h

src/netbase.cpp

vasild · 2021-03-12T08:12:20Z

Had the same OOM issue today with another fuzz PR

Can you reproduce it? E.g. FUZZ=i2p src/test/fuzz/fuzz ./oom-da39a3ee5e6b4b0d3255bfef95601890afd80709

jonatack · 2021-03-12T13:32:24Z

INFO: Seed: 3949145381
INFO: Loaded 1 modules   (643885 inline 8-bit counters): 643885 [0x56188117c288, 0x5618812195b5), 
INFO: Loaded 1 PC tables (643885 PCs): 643885 [0x5618812195b8,0x561881bec888), 
src/test/fuzz/fuzz: Running 1 inputs 1 time(s) each.
Running: oom-da39a3ee5e6b4b0d3255bfef95601890afd80709
Executed oom-da39a3ee5e6b4b0d3255bfef95601890afd80709 in 0 ms
***
*** NOTE: fuzzing was not performed, you have only
***       executed the target code on a fixed set of inputs.
***

jonatack

ACK 933d181a8c0c41318204b1657765d582418a80a1 modulo a few thoughts/questions above

src/i2p.cpp

src/test/fuzz/i2p.cpp

vasild · 2021-03-12T17:07:25Z

933d181a8...7c6fc2de5: address suggestions and also fuzz the IsConnected() method of Sock / FuzzedSock.

vasild · 2021-03-12T17:20:58Z

7c6fc2de5...23c861d6f: fix Windows CI

jonatack · 2021-03-12T18:50:54Z

re-ACK 23c861d6ff995b7e6034d4bec6af2f6a3d595dca

We want `Get()` to always return the same value, otherwise it will look like the `FuzzedSock` implementation itself is broken. So assign `m_socket` a random number in the `FuzzedSock` constructor. There is nothing to fuzz about the `Get()` and `Release()` methods, so use the ones from the base class `Sock`. `Reset()` is just setting our socket to `INVALID_SOCKET`. We don't want to use the base `Reset()` because it will close `m_socket` and given that our `m_socket` is just a random number it may end up closing a real opened file descriptor if it coincides with our random `m_socket`.

A conforming `recv(2)` call is supposed to return the same data on a call following `recv(..., MSG_PEEK)`. Extend `FuzzedSock::Recv()` to do that. For simplicity we only return 1 byte when `MSG_PEEK` is used. If we would return a buffer of N bytes, then we would have to keep track how many of them were consumed on subsequent non-`MSG_PEEK` calls.

practicalswift · 2021-03-20T23:31:16Z

Tested ACK 40316a3

Great fuzzing work @vasild!

maflcko · 2021-03-22T06:55:36Z

(Changed title, because this is not test-only)

maflcko · 2021-03-22T06:55:42Z

Concept ACK 40316a3

laanwj

Code review ACK 40316a3

I like how this gets rid of a #ifdef USE_POLL in the connect logic.

Summary: > net: add connect() and getsockopt() wrappers to Sock > > Extend the `Sock` class with wrappers to `connect()` and `getsockopt()`. > > This will make it possible to mock code which uses those. bitcoin/bitcoin@b586110 > net: change ConnectSocketDirectly() to take a Sock argument > > Change `ConnectSocketDirectly()` to take a `Sock` argument instead of a > bare `SOCKET`. With this, use the `Sock`'s (possibly mocked) methods > `Connect()`, `Wait()` and `GetSockOpt()` instead of calling the OS > functions directly. bitcoin/bitcoin@82d360b > i2p: use pointers to Sock to accommodate mocking > > Change the types of `i2p::Connection::sock` and > `i2p::sam::Session::m_control_sock` from `Sock` to > `std::unique_ptr<Sock>`. > > Using pointers would allow us to sneak `FuzzedSock` instead of `Sock` > and have the methods of the former called. > > After this change a test only needs to replace `CreateSock()` with > a function that returns `FuzzedSock`. bitcoin/bitcoin@9947e44 > test: add I2P test for a runaway SAM proxy > > Add a regression test for bitcoin/bitcoin#21407. > > The test creates a socket that, upon read, returns some data, but never > the expected terminator `\n`, injects that socket into the I2P code and > expects `i2p::sam::Session::Connect()` to fail, printing a specific > error message to the log. bitcoin/bitcoin@40316a3 This is a partial backport of [[bitcoin/bitcoin#21387 | core#21387]], without the fuzzer changes. Depends on D11037 Test Plan: `ninja all check-all` Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Subscribers: Fabien Differential Revision: https://reviews.bitcoinabc.org/D11042

maflcko · 2022-06-09T09:42:49Z

src/test/fuzz/i2p.cpp

+
+    if (sess.Connect(to, conn, proxy_error)) {
+        try {
+            conn.sock->SendComplete("verack\n", 10ms, interrupt);


Looks like this is never reached?

https://marcofalke.github.io/btc_cov/fuzz.coverage/src/test/fuzz/i2p.cpp.gcov.html

Well, it would be executed, but for Connect() to return true the fuzzed sock must return some meaningful data, which I guess has a very very low chance of happening.

Edit: now I remember I was considering crafting a custom fuzz-corpus data input which would contain the meaningful data at the right offsets so that Connect() will succeed. I gave up because that would be difficult to maintain because the binary "magic" corpus data would have to be adjusted every time this test is modified to add or remove calls that consume fuzz data before Connect() is called. Also, that would not be fuzzing so much, but rather some kind of unit testing.

There'd also be a middle way to teach the fuzz engine a meaningful format or snippets. This can be achieved with a dict, a custom mutator, or with some code in the fuzz target (CallOneOf(...))

fanquake added Tests P2P labels Mar 8, 2021

vasild commented Mar 8, 2021

View reviewed changes

maflcko reviewed Mar 8, 2021

View reviewed changes

vasild force-pushed the i2p_tests branch from d59cb9b to a6c20d2 Compare March 8, 2021 12:41

vasild commented Mar 8, 2021

View reviewed changes

src/test/fuzz/util.h Outdated Show resolved Hide resolved

vasild mentioned this pull request Mar 8, 2021

Add I2P support using I2P SAM #20685

Merged

jonatack reviewed Mar 8, 2021

View reviewed changes

src/test/fuzz/util.h Outdated Show resolved Hide resolved

DrahtBot mentioned this pull request Mar 8, 2021

net, refactor: pass uint16 CService::port as uint16 #21328

Merged

vasild force-pushed the i2p_tests branch from a6c20d2 to 933d181 Compare March 9, 2021 09:35

vasild mentioned this pull request Mar 10, 2021

i2p: limit the size of incoming messages #21407

Merged

jonatack reviewed Mar 11, 2021

View reviewed changes

jonatack reviewed Mar 12, 2021

View reviewed changes

src/i2p.cpp Outdated Show resolved Hide resolved

src/test/fuzz/i2p.cpp Outdated Show resolved Hide resolved

vasild force-pushed the i2p_tests branch from 933d181 to 7c6fc2d Compare March 12, 2021 16:59

vasild force-pushed the i2p_tests branch from 7c6fc2d to 23c861d Compare March 12, 2021 17:19

DrahtBot mentioned this pull request Mar 15, 2021

net, doc: Doxygen updates and fixes in netbase.{h,cpp} #21444

Merged

DrahtBot added the Needs rebase label Mar 16, 2021

vasild added 2 commits March 16, 2021 13:53

maflcko removed the Tests label Mar 18, 2021

DrahtBot added Build system P2P Utils/log/libs labels Mar 18, 2021

maflcko added Tests and removed Build system Utils/log/libs labels Mar 18, 2021

maflcko changed the title ~~test: add I2P fuzz and unit tests~~ p2p: Refactor sock to add I2P fuzz and unit tests Mar 22, 2021

DrahtBot mentioned this pull request Mar 22, 2021

p2p, refactor: make NetPermissionFlags an enum class #21506

Merged

maflcko requested a review from laanwj March 30, 2021 11:01

laanwj approved these changes Mar 30, 2021

View reviewed changes

laanwj merged commit f9e86d8 into bitcoin:master Mar 30, 2021

vasild deleted the i2p_tests branch March 30, 2021 15:43

sidhujag pushed a commit to syscoin/syscoin that referenced this pull request Mar 30, 2021

Merge bitcoin#21387: p2p: Refactor sock to add I2P fuzz and unit tests

47d2859

maflcko reviewed Jun 9, 2022

View reviewed changes

kwvg added a commit to kwvg/dash that referenced this pull request Apr 17, 2023

merge bitcoin#21387: Refactor sock to add I2P fuzz and unit tests

6d012ce

Empact mentioned this pull request Apr 25, 2023

Remove now-unnecessary poll, fcntl includes from net(base).cpp #27530

Merged

bitcoin locked and limited conversation to collaborators Jun 9, 2023

p2p: Refactor sock to add I2P fuzz and unit tests #21387

p2p: Refactor sock to add I2P fuzz and unit tests #21387

Uh oh!

Conversation

vasild commented Mar 8, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jonatack commented Mar 8, 2021

Uh oh!

vasild Mar 8, 2021

Choose a reason for hiding this comment

Uh oh!

maflcko Mar 8, 2021

Choose a reason for hiding this comment

Uh oh!

vasild Mar 8, 2021

Choose a reason for hiding this comment

Uh oh!

Uh oh!

maflcko Mar 8, 2021

Choose a reason for hiding this comment

Uh oh!

Uh oh!

practicalswift commented Mar 8, 2021

Uh oh!

Uh oh!

DrahtBot commented Mar 8, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Conflicts

Uh oh!

vasild commented Mar 9, 2021

Uh oh!

jonatack commented Mar 10, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jonatack commented Mar 11, 2021

Uh oh!

jonatack left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

vasild commented Mar 12, 2021

Uh oh!

jonatack commented Mar 12, 2021

Uh oh!

jonatack left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

vasild commented Mar 12, 2021

Uh oh!

vasild commented Mar 12, 2021

Uh oh!

jonatack commented Mar 12, 2021

Uh oh!

practicalswift commented Mar 20, 2021

Uh oh!

maflcko commented Mar 22, 2021

Uh oh!

maflcko commented Mar 22, 2021

Uh oh!

laanwj left a comment

Choose a reason for hiding this comment

Uh oh!

maflcko Jun 9, 2022

Choose a reason for hiding this comment

Uh oh!

vasild Jun 9, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

maflcko Jun 9, 2022

Choose a reason for hiding this comment

vasild commented Mar 8, 2021 •

edited

Loading

DrahtBot commented Mar 8, 2021 •

edited

Loading

jonatack commented Mar 10, 2021 •

edited

Loading

jonatack left a comment •

edited

Loading

vasild Jun 9, 2022 •

edited

Loading