Skip to content

Commit cdb1f8e

Browse files
arik-soarik-so
committed
Update documentation to reflect target-dependent local reproduction steps.
1 parent aea2971 commit cdb1f8e

File tree

1 file changed

+12
-4
lines changed

1 file changed

+12
-4
lines changed

fuzz/README.md

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,9 @@ Fuzz tests generate a ton of random parameter arguments to the program and then
66

77
Typically, Travis CI will run `travis-fuzz.sh` on one of the environments the automated tests are configured for.
88
This is the most time-consuming component of the continuous integration workflow, so it is recommended that you detect
9-
issues locally, and Travis merely acts as a sanity check.
9+
issues locally, and Travis merely acts as a sanity check. Fuzzing is further only effective with
10+
a lot of CPU time, indicating that if crash scenarios are discovered on Travis with its low
11+
runtime constraints, the crash is caused relatively easily.
1012

1113
## How do I run fuzz tests locally?
1214

@@ -19,7 +21,7 @@ To install `honggfuzz`, simply run
1921

2022
```shell
2123
cargo update
22-
cargo install honggfuzz --force
24+
cargo install --force honggfuzz
2325
```
2426

2527
### Execution
@@ -55,6 +57,7 @@ Seen a crash. Terminating all fuzzing threads
5557
5658
… # a lot of lines in between
5759
60+
<0x0000555555565559> [func:UNKNOWN file: line:0 module:/home/travis/build/rust-bitcoin/rust-lightning/fuzz/hfuzz_target/x86_64-unknown-linux-gnu/release/full_stack_target]
5861
<0x0000000000000000> [func:UNKNOWN file: line:0 module:UNKNOWN]
5962
=====================================================================
6063
2d3136383734090101010101010101010101010101010101010101010101
@@ -63,13 +66,18 @@ Seen a crash. Terminating all fuzzing threads
6366
The command "if [ "$(rustup show | grep default | grep stable)" != "" ]; then cd fuzz && cargo test --verbose && ./travis-fuzz.sh; fi" exited with 1.
6467
```
6568

66-
Simply copy the hex, and run the following from the `fuzz` directory:
69+
Note that the penultimate stack trace line ends in `release/full_stack_target]`. That indicates that
70+
the failing target was `full_stack`. To reproduce the error locally, simply copy the hex,
71+
and run the following from the `fuzz` directory:
6772

6873
```shell
74+
export TARGET="full_stack" # adjust for your output
6975
export HEX="2d3136383734090101010101010101010101010101010101010101010101\
7076
010101010100040101010101010101010101010103010101010100010101\
7177
0069d07c319a4961" # adjust for your output
72-
echo $HEX | xxd -r -p > ./test_cases/full_stack/your_test_case_name
78+
79+
mkdir -p ./test_cases/$TARGET
80+
echo $HEX | xxd -r -p > ./test_cases/$TARGET/any_filename_works
7381

7482
export RUST_BACKTRACE=1
7583
cargo test

0 commit comments

Comments
 (0)