bitcoinfuzz icon indicating copy to clipboard operation
bitcoinfuzz copied to clipboard
verified publisher icon brunoerg

Add automatic build script and Docker support

Open moisesPompilio opened this issue 8 months ago • 1 comments

What was added:

Automatic Build Script (auto_build.sh):

  • Introduced a script to automate module builds using CXXFLAGS.
  • Supports optional cleaning modes (FULL, CLEAN, or selective cleaning) before building.
  • Helps reduce manual steps and avoids repetitive commands.

Docker Support:

  • Added a Dockerfile that allows running the fuzzer in an isolated environment without installing dependencies locally.
  • Supports passing environment variables like FUZZ, CXXFLAGS, FUZZ_RUNS, and FUZZ_INPUT.
  • Optionally mounts a volume to persist the generated corpus.

Docker Compose Support:

  • Added docker-compose.yml for running multiple preconfigured fuzzing scenarios easily.
  • Each service corresponds to a target, and the corpus is saved automatically in dedicated folders.
  • Supports optional input and fuzzing run configuration via environment variables.

These improvements are now documented in the README.md, making it easier for developers to choose between manual builds, automated scripts, or containerized environments.

moisesPompilio avatar Apr 13 '25 02:04 moisesPompilio

Thanks, I'm in a paternity leave and I intend to review it next week.

brunoerg avatar Apr 23 '25 12:04 brunoerg

Needs rebase

brunoerg avatar May 29 '25 17:05 brunoerg

I'll wait for the rebase to review this thoroughly. But I really like the auto_build.sh. It greatly improves the UX.

erickcestari avatar Jun 04 '25 17:06 erickcestari

Rebase completed

moisesPompilio avatar Jun 04 '25 18:06 moisesPompilio

One thing that would be nice is to have a volume to save crash files on the user's machine. Right now, when the container stops due to a bitcoinfuzz crash (after finding a discrepancy), we lose the crash file.

erickcestari avatar Jun 06 '25 12:06 erickcestari

One thing that would be nice is to have a volume to save crash files on the user's machine. Right now, when the container stops due to a bitcoinfuzz crash (after finding a discrepancy), we lose the crash file.

Yes, it's important to save the crash file to reproduce the crash.

brunoerg avatar Jun 06 '25 14:06 brunoerg

Crash files are already saved in the same directory as the corpus, both inside /app/data. When using Docker Compose, volumes are mapped automatically to ./docker/<target>. For manual docker run, the user just needs to mount a volume (e.g. -v $(pwd)/corpus:/app/data) to retain crash files.

moisesPompilio avatar Jun 06 '25 20:06 moisesPompilio

Crash files are already saved in the same directory as the corpus, both inside /app/data. When using Docker Compose, volumes are mapped automatically to ./docker/<target>. For manual docker run, the user just needs to mount a volume (e.g. -v $(pwd)/corpus:/app/data) to retain crash files.

It didn't work for me because I was running with FUZZ_INPUT that doesn't change the -artifact_prefix. I made some changes and fixed it:

  • Create folder for crashes
  • Added -artifact_prefix=/app/data/crashes/ to elif [ -n "$FUZZ_INPUT" ]; then \
# CMD requires FUZZ, but FUZZ_RUNS and FUZZ_INPUT are optional
CMD ["bash", "-c", "mkdir -p /app/data/crashes/ && \
    ./auto_build.sh && \
    if [ -z \"$FUZZ\" ]; then \
    echo \"Error: FUZZ not defined\"; \
    exit 1; \
    elif [ -n \"$FUZZ_INPUT\" ]; then \
    ./bitcoinfuzz -artifact_prefix=/app/data/crashes/ \"$FUZZ_INPUT\"; \
    elif [ -n \"$FUZZ_RUNS\" ]; then \
    ./bitcoinfuzz -runs=$FUZZ_RUNS -artifact_prefix=/app/data/crashes/ /app/data; \
    else \
    ./bitcoinfuzz -artifact_prefix=/app/data/crashes/ /app/data; \
    fi"]

erickcestari avatar Jun 09 '25 13:06 erickcestari

I had some trouble when trying to compile clightning. Probably the problem is the version of glibc. After bumping the version ubuntu 22.04 to -> 24.04 fixed the problem. Obs: I changed the python dependencies too, since it works different in 24.04

# Uses Ubuntu as base
FROM ubuntu:24.04

# Sets environment variables for installation
ENV DEBIAN_FRONTEND=noninteractive

# Installs basic tools
RUN apt-get update && apt-get install -y \
    wget curl git build-essential sudo \
    libc6-dev libgcc-11-dev libasan6 \
    cmake \
    && rm -rf /var/lib/apt/lists/*

# Installs Rust
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
ENV PATH="/root/.cargo/bin:${PATH}"
RUN rustup install stable && rustup install nightly

# Installs Go
RUN wget https://golang.org/dl/go1.22.2.linux-amd64.tar.gz && \
    tar -C /usr/local -xzf go1.22.2.linux-amd64.tar.gz && \
    rm go1.22.2.linux-amd64.tar.gz
ENV PATH="/usr/local/go/bin:${PATH}"

# Installs .NET SDK 8.0
RUN wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb && \
    dpkg -i packages-microsoft-prod.deb && \
    rm packages-microsoft-prod.deb && \
    apt-get update && apt-get install -y dotnet-sdk-8.0 && \
    rm -rf /var/lib/apt/lists/*

# Installs Python 3.11 and pip
RUN apt-get update && apt-get install -y python3 python3-pip python3-venv && \
    rm -rf /var/lib/apt/lists/*

# Installs LLVM and Clang 18
RUN apt-get update && apt-get install -y \
    lsb-release wget software-properties-common gnupg && \
    wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - && \
    add-apt-repository "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" && \
    apt-get update && apt-get install -y \
    clang-18 clang++-18 && \
    ln -sfT /usr/bin/clang++-18 /usr/bin/clang++ && \
    ln -sfT /usr/bin/clang-18 /usr/bin/clang && \
    rm -rf /var/lib/apt/lists/*

# Installs Boost
RUN apt-get update && apt-get install -y libboost-all-dev && \
    rm -rf /var/lib/apt/lists/*

# Configures environment variables
ENV CC=/usr/bin/clang
ENV CXX=/usr/bin/clang++
ENV BOOST_LIB_DIR=/usr/lib/x86_64-linux-gnu/
ENV LDFLAGS="-lsodium"

# Working directory
WORKDIR /app

# Copies the repository
COPY . .

# Creates a virtual environment
RUN python3 -m venv /venv
ENV PATH="/venv/bin:$PATH"

# Installs dependencies for embit
RUN pip install -r modules/embit/requirements.txt

# Installs dependencies for C-lightning
RUN python3 -m pip install --upgrade pip && \
    python3 -m pip install mako
RUN git submodule update --init --recursive external/lightning
RUN apt-get update && apt-get install -y \
    libsqlite3-dev \
    libsodium-dev \
    jq \
    && rm -rf /var/lib/apt/lists/*

# Clean cache bitcoin core
RUN rm -rf /app/modules/bitcoin/univalue/build && \
    mkdir -p /app/modules/bitcoin/univalue/build && \
    cd /app/modules/bitcoin/univalue && \
    CXXFLAGS="-fsanitize=address" cmake -B build && \
    cmake --build build && \
    cd build && \
    make univalue

# Copies and gives permission to auto_build.sh
COPY auto_build.sh .
RUN chmod +x auto_build.sh

# CMD requires FUZZ, but FUZZ_RUNS and FUZZ_INPUT are optional
CMD ["bash", "-c", "mkdir -p /app/data/crash && \
    ./auto_build.sh && \
    if [ -z \"$FUZZ\" ]; then \
    echo \"Error: FUZZ not defined\"; \
    exit 1; \
    elif [ -n \"$FUZZ_INPUT\" ]; then \
    ./bitcoinfuzz -artifact_prefix=/app/data/crash/ \"$FUZZ_INPUT\"; \
    elif [ -n \"$FUZZ_RUNS\" ]; then \
    ./bitcoinfuzz -runs=$FUZZ_RUNS -artifact_prefix=/app/data/crash/ /app/data; \
    else \
    ./bitcoinfuzz -artifact_prefix=/app/data/crash/ /app/data; \
    fi"]

erickcestari avatar Jun 09 '25 14:06 erickcestari