Antoine Poinsot

icon indicating an email [email protected]

icon company @chaincodelabs icon location 590B 7292 695A FFA5 B672 CBB2 E13F C145 CD3F 4304 <[email protected]>

Results 549 comments of Antoine Poinsot

fuzz: a target for the block index database

Thanks for the review, i've also rebased on top of master for fresh CI.

fuzz: a target for the block index database

Thanks for the review everyone. Maintainers: there is still a determinism issue here as per Niklas, which i have yet to re-reproduce. -------- Original Message -------- On 8/7/24 4:16 PM,...

fuzz: rule-out too deep derivation paths in descriptor parsing targets

> Another (related) one? > > [clusterfuzz-testcase-miniscript_string-6556534783737856.bin.not.txt](https://github.com/bitcoin/bitcoin/files/13472836/clusterfuzz-testcase-miniscript_string-6556534783737856.bin.not.txt) > > ![Screenshot from 2023-11-27 11-14-38](https://private-user-images.githubusercontent.com/6399679/285821448-eba95f4c-52fa-494c-9c92-96fdd42de46a.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MDQwMzIyMjMsIm5iZiI6MTcwNDAzMTkyMywicGF0aCI6Ii82Mzk5Njc5LzI4NTgyMTQ0OC1lYmE5NWY0Yy01MmZhLTQ5NGMtOWM5Mi05NmZkZDQyZGU0NmEucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDIzMTIzMSUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyMzEyMzFUMTQxMjAzWiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9M2Q2YThiMzRmMDc2YjYwZmQ1MDIwNDI3YzFiODhjYTAwYWYxNDM2ZGY0NmY4YjI1MzFkNDA0Y2JkZDMzMmQ1ZSZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmYWN0b3JfaWQ9MCZrZXlfaWQ9MCZyZXBvX2lkPTAifQ.aJyQvCGIpc15hvKIomOHSBQFvG4W3w1FIkTNxSoBXXM) This one seems unrelated to the derivation paths parsing, which is part of the descriptor logic not...

fuzz: rule-out too deep derivation paths in descriptor parsing targets

> Could you add the exception for the scriptpubkeyman harness as well? Done by moving the introduced `HasDeepDerivPath` into `src/test/fuzz/util/descriptor.h` and also calling it in `scriptpubkeyman` target's `CreateWalletDescriptor` right before...

fuzz: Fix timeouts

Yeah i was looking into it. It's surprising we are spending so long inside the dup key check. Maybe we re-introduced the issue fixed by https://github.com/bitcoin/bitcoin/pull/25540.

fuzz: Fix timeouts

> Another one: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64593 cc @brunoerg I think i've fixed it in https://github.com/bitcoin/bitcoin/pull/28832#issuecomment-1872973353. @maflcko can you share the repro from oss-fuzz here so i can confirm it?

fuzz: Fix timeouts

~~I think this is due to a missing `std::move` for `j:` which makes `BuildScript` copy `subs[0]`: https://github.com/bitcoin/bitcoin/blob/063a8b83875997068b3eb506b5f30f2691d18052/src/script/miniscript.h#L762-L763.~~ EDIT: no, my bad, only the first argument to `BuildScript` can be moved....

fuzz: Fix timeouts

> [1eab7f1648dd012d8efee262a9898d2a9b044fd2.bin.txt](https://github.com/bitcoin/bitcoin/files/15429349/1eab7f1648dd012d8efee262a9898d2a9b044fd2.bin.txt) This one is just hitting the performance of our code. Some logic in the constructor of a `thresh` fragment is quadratic in the number of sub-fragments. This input...

fuzz: Fix timeouts

Alright so i think we can still pinpoint this issue to avoid having to limit the size of the input. In the same way we limit the derivation paths depth,...

PoC: fuzz chainstate and block managers

Rebased this, taking advantage of https://github.com/bitcoin/bitcoin/pull/28960. I've also been investigating alternative approaches. I first tried to move from `fmemopen` toward the more flexible `memfd_create`. It avoided the need for some...