Trident Manifest#
You can pass supported parameters via the Trident.toml configuration file:
[fuzz]#
programs#
-
Trident allows you to specify genesis programs (SBF targets) that will be included in the fuzzing environment in order to perform all desired Cross-Program-Invocations.
-
Including these types of programs will lead to performance decline of Trident.
[[fuzz.programs]]
address = "metaqbxxUerdq28cj1RbAWkYQm3ybzjb6a8bt518x1s"
program = "metaplex-program/metaplex-token-metadata.so"
accounts#
- Trident allwos you to specify genesis accounts to inlcude in the fuzzing environment. In most cases it is helpful to dump some accounts from mainnet and use then during testing.
[[fuzz.accounts]]
address = "6YG3J7PaxyMnnbU67ifyrgF3BzNzc7cD8hPkqK6ATweE"
filename = "tests/accounts/core_bridge_mainnet/guardian_set_5_mock.json"
allow_duplicate_txs#
- Allow processing of duplicate transactions. Setting to true might speed up fuzzing but can cause false positive crashes (default: false)
[fuzz]
# Allow processing of duplicate transactions.
# Setting to true might speed up fuzzing but can cause
# false positive crashes (default: false)
allow_duplicate_txs = false
fuzzing_with_stats#
- Trident will show statistics after the fuzzing session. This option forces use of honggfuzz parameter
keep_output
as true in order to be able to catch fuzzer stdout. (default: false)
[fuzz]
# Trident will show statistics after the fuzzing session.
# This option forces use of honggfuzz parameter
# `keep_output` as true in order to be able to catch fuzzer stdout.
# (default: false)
fuzzing_with_stats = true
[honggfuzz]#
timeout#
- Timeout in seconds (default: 10)
iterations#
- Number of fuzzing iterations (default: 0 [no limit])
threads#
- Number of concurrent fuzzing threads (default: 0 [number of CPUs / 2])
keep_output#
- Don't close children's stdin, stdout, stderr; can be noisy (default: false)
[honggfuzz]
# Don't close children's stdin, stdout, stderr; can be noisy (default: false)
keep_output = false
verbose#
- Disable ANSI console; use simple log output (default: false)
exit_upon_crash#
- Exit upon seeing the first crash (default: false)
mutations_per_run#
- Maximal number of mutations per one run (default: 6)
cargo_target_dir#
- Target compilation directory, (default: "" ["trident-tests/fuzz_tests/fuzzing/honggfuzz/hfuzz_target"]).
- To not clash with cargo build's default target directory.
[honggfuzz]
# Target compilation directory,
# (default: "" ["trident-tests/fuzz_tests/fuzzing/honggfuzz/hfuzz_target"]).
# To not clash with cargo build's default target directory.
cargo_target_dir = ""
hfuzz_workspace#
- Honggfuzz working directory, (default: "" ["trident-tests/fuzz_tests/fuzzing/honggfuzz/hfuzz_workspace"]).
[honggfuzz]
# Honggfuzz working directory,
# (default: "" ["trident-tests/fuzz_tests/fuzzing/honggfuzz/hfuzz_workspace"]).
hfuzz_workspace = ""
crashdir#
- Directory where crashes are saved to (default: "" [workspace directory])
[honggfuzz]
# Directory where crashes are saved to (default: "" [workspace directory])
crashdir = ""
extension#
- Input file extension (e.g. 'swf'), (default: "" ['fuzz'])
run_time#
- Number of seconds this fuzzing session will last (default: 0 [no limit])
max_file_size#
- Maximal size of files processed by the fuzzer in bytes (default: 1048576 = 1MB)
[honggfuzz]
# Maximal size of files processed by the fuzzer in bytes
# (default: 1048576 = 1MB)
max_file_size = 1048576
save_all#
- Save all test-cases (not only the unique ones) by appending the current time-stamp to the filenames (default: false)
[honggfuzz]
# Save all test-cases
# (not only the unique ones) by appending the current
# time-stamp to the filename (default: false)
save_all = false
Tip
Consider checking the Examples section for more tips.