Merge bitcoin/bitcoin#28460: fuzz: Use afl++ shared-memory fuzzing

fanquake · fanquake · commit 858d3138bbda · 2023-09-14T13:58:35.000+01:00
97e2e1d [fuzz] Use afl++ shared-memory fuzzing (dergoegge) Pull request description: Using shared-memory is faster than reading from stdin, see https://github.com/AFLplusplus/AFLplusplus/blob/7d2122e0596132f9344a5d0896020ebc79cd33db/instrumentation/README.persistent_mode.md ACKs for top commit: MarcoFalke: review ACK 97e2e1d Tree-SHA512: 7e71b5f84835e41531c19ee959be2426da245869757de8e5dd1c730ae83ead650e2ef75f4d594d7965f661821a4ffbd27be84d3ce623702991501b34a8d02fc3
diff --git a/src/test/fuzz/fuzz.cpp b/src/test/fuzz/fuzz.cpp
@@ -29,6 +29,10 @@
 #include <utility>
 #include <vector>
 
+#ifdef __AFL_FUZZ_INIT
+__AFL_FUZZ_INIT();
+#endif
+
 const std::function<void(const std::string&)> G_TEST_LOG_FUN{};
 
 /**
@@ -188,7 +192,7 @@ int main(int argc, char** argv)
 {
     initialize();
     static const auto& test_one_input = *Assert(g_test_one_input);
-#ifdef __AFL_INIT
+#ifdef __AFL_HAVE_MANUAL_CONTROL
     // Enable AFL deferred forkserver mode. Requires compilation using
     // afl-clang-fast++. See fuzzing.md for details.
     __AFL_INIT();
@@ -197,12 +201,10 @@ int main(int argc, char** argv)
 #ifdef __AFL_LOOP
     // Enable AFL persistent mode. Requires compilation using afl-clang-fast++.
     // See fuzzing.md for details.
+    const uint8_t* buffer = __AFL_FUZZ_TESTCASE_BUF;
     while (__AFL_LOOP(1000)) {
-        std::vector<uint8_t> buffer;
-        if (!read_stdin(buffer)) {
-            continue;
-        }
-        test_one_input(buffer);
+        size_t buffer_len = __AFL_FUZZ_TESTCASE_LEN;
+        test_one_input({buffer, buffer_len});
     }
 #else
     std::vector<uint8_t> buffer;
