Skip to content

lightningdevkit/ldk-fuzzing-corpus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
.github/workflows
.github/workflows
 
 
rust-lightning
rust-lightning
 
 
scripts
scripts
 
 
README.md
README.md
 
 

Repository files navigation

LDK Fuzzing Corpus

Persistent fuzzing corpus for lightningdevkit/rust-lightning.

Each subdirectory of rust-lightning/ corresponds to one fuzz target, named after the target's fuzz/src/bin/<name>_target.rs file with the _target suffix removed. The contents of each folder are honggfuzz inputs.

Contributing

Open a pull request adding new corpus inputs to any existing fuzz-target folder under rust-lightning/. A CI check runs immediately on each PR and applies the rules below; PRs that violate any of them are closed by the check. PRs that pass are merged by a nightly automation job.

  • Only additions are accepted. Modifications and deletions of existing files will close the PR. (The nightly minimization PR opened by github-actions[bot] is exempt — it removes corpus entries that no longer add coverage.)
  • Every added file must live under an existing directory. PRs that create new top-level folders or new fuzz-target subfolders are closed. (New fuzz-target folders are created by maintainers when rust-lightning gains a new fuzz target.)
  • No file may live under a directory whose name starts with . (e.g. .github/).
  • PRs that conflict with master are closed.

Nightly minimization

Each night, after the PR-processing job has merged any pending submissions, automation:

  1. Clones the latest lightningdevkit/rust-lightning.
  2. Builds every fuzz target with the same configuration as fuzz/ci-fuzz.sh.
  3. Seeds each target's hfuzz_workspace/<t>_target/input/ from this repo's rust-lightning/<t>/.
  4. Runs cargo hfuzz run <t>_target with HFUZZ_RUN_ARGS="-M …" so honggfuzz drops inputs that don't add unique coverage.
  5. Commits the minimized inputs to a fresh branch and opens a pull request. That PR is picked up and merged by the next nightly's PR-processing job.

If the minimization run trips a crash on a corpus input, the nightly job fails loudly so the regression can be triaged. The crashing input is left in place; the cause must be fixed in rust-lightning before nightly will succeed again.

Using this corpus locally

git clone https://github.com/lightningdevkit/ldk-fuzzing-corpus.git
git clone https://github.com/lightningdevkit/rust-lightning.git
cd rust-lightning/fuzz
# (build the fuzz targets per fuzz/README.md, then for each target:)
TARGET=chanmon_consistency
mkdir -p hfuzz_workspace/${TARGET}_target/input
cp ../../ldk-fuzzing-corpus/rust-lightning/${TARGET}/* \
    hfuzz_workspace/${TARGET}_target/input/
cargo hfuzz run ${TARGET}_target

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages