cmake: Add fuzzing options

hebasto · hebasto · commit 3d853795707c · 2024-08-16T19:27:41.000+01:00
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -141,6 +141,8 @@ endif()
 cmake_dependent_option(ENABLE_EXTERNAL_SIGNER "Enable external signer support." ON "NOT WIN32" OFF)
 
 option(BUILD_BENCH "Build bench_bitcoin executable." OFF)
+option(BUILD_FUZZ_BINARY "Build fuzz binary." OFF)
+cmake_dependent_option(BUILD_FOR_FUZZING "Build for fuzzing. Enabling this will disable all other targets and override BUILD_FUZZ_BINARY." OFF "NOT MSVC" OFF)
 
 set(configure_warnings)
 
@@ -166,6 +168,26 @@ target_link_libraries(core_interface INTERFACE
   $<$<CONFIG:Debug>:core_interface_debug>
 )
 
+if(BUILD_FOR_FUZZING)
+  message(WARNING "BUILD_FOR_FUZZING=ON will disable all other targets and force BUILD_FUZZ_BINARY=ON.")
+  set(BUILD_DAEMON OFF)
+  set(BUILD_CLI OFF)
+  set(BUILD_TX OFF)
+  set(BUILD_UTIL OFF)
+  set(BUILD_WALLET_TOOL OFF)
+  set(ENABLE_EXTERNAL_SIGNER OFF)
+  set(WITH_NATPMP OFF)
+  set(WITH_MINIUPNPC OFF)
+  set(WITH_ZMQ OFF)
+  set(BUILD_TESTS OFF)
+  set(BUILD_BENCH OFF)
+  set(BUILD_FUZZ_BINARY ON)
+
+  target_compile_definitions(core_interface INTERFACE
+    ABORT_ON_FAILED_ASSUME
+  )
+endif()
+
 include(ProcessConfigurations)
 
 include(TryAppendCXXFlags)
@@ -298,10 +320,21 @@ if(SANITIZERS)
 endif()
 target_link_options(sanitize_interface INTERFACE ${SANITIZER_LDFLAGS})
 
+if(BUILD_FUZZ_BINARY)
+  include(CheckSourceCompilesAndLinks)
+  check_cxx_source_links_with_flags("${SANITIZER_LDFLAGS}" "
+      #include <cstdint>
+      #include <cstddef>
+      extern \"C\" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { return 0; }
+      // No main() function.
+    " FUZZ_BINARY_LINKS_WITHOUT_MAIN_FUNCTION
+  )
+endif()
+
 include(AddBoostIfNeeded)
 add_boost_if_needed()
 
-if(BUILD_DAEMON OR BUILD_CLI OR BUILD_TESTS OR BUILD_BENCH)
+if(BUILD_DAEMON OR BUILD_CLI OR BUILD_TESTS OR BUILD_BENCH OR BUILD_FUZZ_BINARY)
   find_package(Libevent 2.1.8 MODULE REQUIRED)
 endif()
 
@@ -358,6 +391,7 @@ message("  USDT tracing ........................ ${WITH_USDT}")
 message("Tests:")
 message("  test_bitcoin ........................ ${BUILD_TESTS}")
 message("  bench_bitcoin ....................... ${BUILD_BENCH}")
+message("  fuzz binary ......................... ${BUILD_FUZZ_BINARY}")
 message("")
 message("C++ compiler .......................... ${CMAKE_CXX_COMPILER_ID} ${CMAKE_CXX_COMPILER_VERSION}, ${CMAKE_CXX_COMPILER}")
 include(FlagsSummary)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -352,3 +352,7 @@ endif()
 if(BUILD_TESTS)
   add_subdirectory(test)
 endif()
+
+if(BUILD_FUZZ_BINARY)
+  add_subdirectory(test/fuzz)
+endif()
diff --git a/src/test/fuzz/CMakeLists.txt b/src/test/fuzz/CMakeLists.txt
@@ -0,0 +1,144 @@
+# Copyright (c) 2023-present The Bitcoin Core developers
+# Distributed under the MIT software license, see the accompanying
+# file COPYING or https://opensource.org/license/mit/.
+
+add_subdirectory(util)
+
+add_executable(fuzz
+  addition_overflow.cpp
+  addrman.cpp
+  asmap.cpp
+  asmap_direct.cpp
+  autofile.cpp
+  banman.cpp
+  base_encode_decode.cpp
+  bech32.cpp
+  bip324.cpp
+  bitdeque.cpp
+  bitset.cpp
+  block.cpp
+  block_header.cpp
+  block_index.cpp
+  blockfilter.cpp
+  bloom_filter.cpp
+  buffered_file.cpp
+  chain.cpp
+  checkqueue.cpp
+  cluster_linearize.cpp
+  coins_view.cpp
+  coinscache_sim.cpp
+  connman.cpp
+  crypto.cpp
+  crypto_aes256.cpp
+  crypto_aes256cbc.cpp
+  crypto_chacha20.cpp
+  crypto_chacha20poly1305.cpp
+  crypto_common.cpp
+  crypto_diff_fuzz_chacha20.cpp
+  crypto_hkdf_hmac_sha256_l32.cpp
+  crypto_poly1305.cpp
+  cuckoocache.cpp
+  decode_tx.cpp
+  descriptor_parse.cpp
+  deserialize.cpp
+  eval_script.cpp
+  feefrac.cpp
+  fee_rate.cpp
+  feeratediagram.cpp
+  fees.cpp
+  flatfile.cpp
+  float.cpp
+  golomb_rice.cpp
+  headerssync.cpp
+  hex.cpp
+  http_request.cpp
+  integer.cpp
+  key.cpp
+  key_io.cpp
+  kitchen_sink.cpp
+  load_external_block_file.cpp
+  locale.cpp
+  merkleblock.cpp
+  message.cpp
+  miniscript.cpp
+  minisketch.cpp
+  mini_miner.cpp
+  muhash.cpp
+  multiplication_overflow.cpp
+  net.cpp
+  net_permissions.cpp
+  netaddress.cpp
+  netbase_dns_lookup.cpp
+  node_eviction.cpp
+  p2p_handshake.cpp
+  p2p_transport_serialization.cpp
+  package_eval.cpp
+  parse_hd_keypath.cpp
+  parse_numbers.cpp
+  parse_script.cpp
+  parse_univalue.cpp
+  partially_downloaded_block.cpp
+  policy_estimator.cpp
+  policy_estimator_io.cpp
+  poolresource.cpp
+  pow.cpp
+  prevector.cpp
+  primitives_transaction.cpp
+  process_message.cpp
+  process_messages.cpp
+  protocol.cpp
+  psbt.cpp
+  random.cpp
+  rbf.cpp
+  rolling_bloom_filter.cpp
+  rpc.cpp
+  script.cpp
+  script_assets_test_minimizer.cpp
+  script_descriptor_cache.cpp
+  script_flags.cpp
+  script_format.cpp
+  script_interpreter.cpp
+  script_ops.cpp
+  script_parsing.cpp
+  script_sigcache.cpp
+  script_sign.cpp
+  scriptnum_ops.cpp
+  secp256k1_ec_seckey_import_export_der.cpp
+  secp256k1_ecdsa_signature_parse_der_lax.cpp
+  signature_checker.cpp
+  signet.cpp
+  socks5.cpp
+  span.cpp
+  string.cpp
+  strprintf.cpp
+  system.cpp
+  timeoffsets.cpp
+  torcontrol.cpp
+  transaction.cpp
+  tx_in.cpp
+  tx_out.cpp
+  tx_pool.cpp
+  txorphan.cpp
+  txrequest.cpp
+  utxo_snapshot.cpp
+  utxo_total_supply.cpp
+  validation_load_mempool.cpp
+  vecdeque.cpp
+  versionbits.cpp
+)
+target_link_libraries(fuzz
+  core_interface
+  test_fuzz
+  bitcoin_cli
+  bitcoin_common
+  minisketch
+  leveldb
+  univalue
+  secp256k1
+  Boost::headers
+  $<TARGET_NAME_IF_EXISTS:libevent::libevent>
+)
+
+if(ENABLE_WALLET)
+  add_subdirectory(${PROJECT_SOURCE_DIR}/src/wallet/test/fuzz wallet)
+endif()
diff --git a/src/test/fuzz/util/CMakeLists.txt b/src/test/fuzz/util/CMakeLists.txt
@@ -0,0 +1,23 @@
+# Copyright (c) 2023-present The Bitcoin Core developers
+# Distributed under the MIT software license, see the accompanying
+# file COPYING or https://opensource.org/license/mit/.
+
+add_library(test_fuzz STATIC EXCLUDE_FROM_ALL
+  descriptor.cpp
+  mempool.cpp
+  net.cpp
+  ../fuzz.cpp
+  ../util.cpp
+)
+
+target_link_libraries(test_fuzz
+  PRIVATE
+    core_interface
+    test_util
+    bitcoin_node
+    Boost::headers
+)
+
+if(NOT FUZZ_BINARY_LINKS_WITHOUT_MAIN_FUNCTION)
+  target_compile_definitions(test_fuzz PRIVATE PROVIDE_FUZZ_MAIN_FUNCTION)
+endif()
diff --git a/src/wallet/test/fuzz/CMakeLists.txt b/src/wallet/test/fuzz/CMakeLists.txt
@@ -0,0 +1,15 @@
+# Copyright (c) 2023-present The Bitcoin Core developers
+# Distributed under the MIT software license, see the accompanying
+# file COPYING or https://opensource.org/license/mit/.
+
+target_sources(fuzz
+  PRIVATE
+    coincontrol.cpp
+    coinselection.cpp
+    fees.cpp
+    $<$<BOOL:${USE_SQLITE}>:${CMAKE_CURRENT_LIST_DIR}/notifications.cpp>
+    parse_iso8601.cpp
+    $<$<BOOL:${USE_SQLITE}>:${CMAKE_CURRENT_LIST_DIR}/scriptpubkeyman.cpp>
+    wallet_bdb_parser.cpp
+)
+target_link_libraries(fuzz bitcoin_wallet)
