Cradicle Explorer
bitcoin
/ src / test / fuzz / process_messages.cpp
process_messages.cpp
  1  // Copyright (c) 2020-present The Bitcoin Core developers
  2  // Distributed under the MIT software license, see the accompanying
  3  // file COPYING or http://www.opensource.org/licenses/mit-license.php.
  4  
  5  #include <banman.h>
  6  #include <consensus/consensus.h>
  7  #include <net.h>
  8  #include <net_processing.h>
  9  #include <node/warnings.h>
 10  #include <protocol.h>
 11  #include <script/script.h>
 12  #include <sync.h>
 13  #include <test/fuzz/FuzzedDataProvider.h>
 14  #include <test/fuzz/fuzz.h>
 15  #include <test/fuzz/util.h>
 16  #include <test/fuzz/util/net.h>
 17  #include <test/util/mining.h>
 18  #include <test/util/net.h>
 19  #include <test/util/setup_common.h>
 20  #include <test/util/time.h>
 21  #include <test/util/validation.h>
 22  #include <util/time.h>
 23  #include <validationinterface.h>
 24  
 25  #include <ios>
 26  #include <string>
 27  #include <utility>
 28  #include <vector>
 29  
 30  namespace {
 31  TestingSetup* g_setup;
 32  
 33  void ResetChainman(TestingSetup& setup)
 34  {
 35      SetMockTime(setup.m_node.chainman->GetParams().GenesisBlock().Time());
 36      setup.m_node.chainman.reset();
 37      setup.m_make_chainman();
 38      setup.LoadVerifyActivateChainstate();
 39      node::BlockAssembler::Options options;
 40      options.include_dummy_extranonce = true;
 41      for (int i = 0; i < 2 * COINBASE_MATURITY; i++) {
 42          MineBlock(setup.m_node, options);
 43      }
 44  }
 45  } // namespace
 46  
 47  void initialize_process_messages()
 48  {
 49      static const auto testing_setup{
 50          MakeNoLogFileContext<TestingSetup>(
 51              /*chain_type=*/ChainType::REGTEST,
 52              {}),
 53      };
 54      g_setup = testing_setup.get();
 55      ResetChainman(*g_setup);
 56  }
 57  
 58  FUZZ_TARGET(process_messages, .init = initialize_process_messages)
 59  {
 60      SeedRandomStateForTest(SeedRand::ZEROS);
 61      FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
 62  
 63      auto& node{g_setup->m_node};
 64      auto& connman{static_cast<ConnmanTestMsg&>(*node.connman)};
 65      connman.Reset();
 66      auto& chainman{static_cast<TestChainstateManager&>(*node.chainman)};
 67      const auto block_index_size{WITH_LOCK(chainman.GetMutex(), return chainman.BlockIndex().size())};
 68      NodeClockContext clock_ctx{1610000000s}; // any time to successfully reset ibd
 69      chainman.ResetIbd();
 70      chainman.DisableNextWrite();
 71  
 72      // Reset, so that dangling pointers can be detected by sanitizers.
 73      node.banman.reset();
 74      node.addrman.reset();
 75      node.peerman.reset();
 76      node.addrman = std::make_unique<AddrMan>(*node.netgroupman, /*deterministic=*/true, /*consistency_check_ratio=*/0);
 77      node.peerman = PeerManager::make(connman, *node.addrman,
 78                                       /*banman=*/nullptr, chainman,
 79                                       *node.mempool, *node.warnings,
 80                                       PeerManager::Options{
 81                                           .reconcile_txs = true,
 82                                           .deterministic_rng = true,
 83                                       });
 84      connman.SetMsgProc(node.peerman.get());
 85      connman.SetAddrman(*node.addrman);
 86  
 87      node.validation_signals->RegisterValidationInterface(node.peerman.get());
 88  
 89      LOCK(NetEventsInterface::g_msgproc_mutex);
 90  
 91      std::vector<CNode*> peers;
 92      const auto num_peers_to_add = fuzzed_data_provider.ConsumeIntegralInRange(1, 3);
 93      for (int i = 0; i < num_peers_to_add; ++i) {
 94          peers.push_back(ConsumeNodeAsUniquePtr(fuzzed_data_provider, i).release());
 95          CNode& p2p_node = *peers.back();
 96  
 97          FillNode(fuzzed_data_provider, connman, p2p_node);
 98  
 99          connman.AddTestNode(p2p_node);
100      }
101  
102      LIMITED_WHILE(fuzzed_data_provider.ConsumeBool(), 30)
103      {
104          const std::string random_message_type{fuzzed_data_provider.ConsumeBytesAsString(CMessageHeader::MESSAGE_TYPE_SIZE).c_str()};
105  
106          clock_ctx.set(ConsumeTime(fuzzed_data_provider));
107  
108          CSerializedNetMsg net_msg;
109          net_msg.m_type = random_message_type;
110          net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH);
111  
112          CNode& random_node = *PickValue(fuzzed_data_provider, peers);
113  
114          connman.FlushSendBuffer(random_node);
115          (void)connman.ReceiveMsgFrom(random_node, std::move(net_msg));
116  
117          bool more_work{true};
118          while (more_work) { // Ensure that every message is eventually processed in some way or another
119              random_node.fPauseSend = false;
120  
121              try {
122                  more_work = connman.ProcessMessagesOnce(random_node);
123              } catch (const std::ios_base::failure&) {
124              }
125              node.peerman->SendMessages(random_node);
126          }
127      }
128      node.validation_signals->SyncWithValidationInterfaceQueue();
129      node.validation_signals->UnregisterValidationInterface(node.peerman.get());
130      node.connman->StopNodes();
131      if (block_index_size != WITH_LOCK(chainman.GetMutex(), return chainman.BlockIndex().size())) {
132          // Reuse the global chainman, but reset it when it is dirty
133          ResetChainman(*g_setup);
134      }
135  }