fuzz: add guide to fuzzing with Eclipser v1.x #22585
Conversation
There was a problem hiding this comment.
Tested ACK d899d36a146822c0d6e90755f343ddc45904f84f modulo missing ./autogen.sh :)
Thanks for doing this: Eclipser is a very nice and interesting fuzzer, and the addition of a symbolic execution inspired fuzzer to the Bitcoin Core "fuzzing ensemble" is awesome :)
Recommended reading for other reviewers: "What Makes Eclipser Special?" (Trail of Bits) and the Eclipser paper.
This quote from the blog post referenced above describes why "the more the merrier" typically holds when it comes to choosing fuzzers:
The research literature and practical wisdom of fuzzer use repeatedly show that, even when a fuzzer is good enough to “beat” other fuzzers (and thus get a paper published at ICSE), it will always have instances where it performs worse than an “old,” “outdated” fuzzer. In fuzzing, diversity is not just helpful, it’s essential, if you really want the best chance to find every last bug. No fuzzer will be best for all programs under test, or for all bugs in a given real-world program.
|
Concept ACK will test after #22585 (comment) |
|
What I'd really like is to get tool-based ensemble fuzzing up and running, but my experiments right now are showing the tools may be not-ready-for-prime-time. The DeepState ensembler (sort of) works right now, but porting doesn't seem like a good approach. |
|
Concept ACK. I might test with Debian. |
|
Tested ACK 4f9784fc2d51843ebc05e81c31a508bee5b7e370 |
|
Please squash your commits according to https://github.com/bitcoin/bitcoin/blob/master/CONTRIBUTING.md#squashing-commits |
|
Will squash in the AM |
|
squashed & ready to go |
|
ACK 6e1150e |
6e1150e fuzz: add guide to fuzzing with Eclipser v1.x (Alex Groce) Pull request description: MarcoFalke and practicalswift here's an Eclipser guide, reconstructed from their documentation and my docker history getting it up and running. It might be good if someone confirmed it actually works for them in a fresh ubuntu 20.04. ACKs for top commit: practicalswift: ACK 6e1150e Tree-SHA512: ca855932fd7a2c1d1005d572ab5fabc26f42d779f9baf279783f08a43dd72ec60f57239135d30c2a82781e593626fec2c96bb19fb91e1b777cef2d83a54eba35
6 participants
MarcoFalke and practicalswift here's an Eclipser guide, reconstructed from their documentation and my docker history getting it up and running. It might be good if someone confirmed it actually works for them in a fresh ubuntu 20.04.