From c1c837d4b6a5f493760c0daf14b3785107326811 Mon Sep 17 00:00:00 2001 From: CJentzsch Date: Wed, 18 Mar 2015 13:14:21 +0100 Subject: [PATCH 1/3] improve sampling in fuzz testing --- createRandomStateTest.cpp | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/createRandomStateTest.cpp b/createRandomStateTest.cpp index 13b622bb1..6cfad5095 100644 --- a/createRandomStateTest.cpp +++ b/createRandomStateTest.cpp @@ -55,20 +55,36 @@ int main(int argc, char *argv[]) auto now = chrono::steady_clock::now().time_since_epoch(); auto timeSinceEpoch = chrono::duration_cast(now).count(); gen.seed(static_cast(timeSinceEpoch)); - boost::random::uniform_int_distribution<> lengthOfCodeDist(2, 16); + boost::random::uniform_int_distribution<> lengthOfCodeDist(8, 24); + boost::random::uniform_int_distribution<> reasonableInputValuesSize(0, 7); boost::random::uniform_int_distribution<> opcodeDist(0, 255); boost::random::uniform_int_distribution<> BlockInfoOpcodeDist(0x40, 0x45); + boost::random::uniform_int_distribution<> uniformInt(0, 2147483647); + boost::random::variate_generator > randGenInputValue(gen, reasonableInputValuesSize); + boost::random::variate_generator > randGenUniformInt(gen, uniformInt); boost::random::variate_generator > randGen(gen, opcodeDist); boost::random::variate_generator > randGenBlockInfoOpcode(gen, BlockInfoOpcodeDist); + std::vector reasonableInputValues; + reasonableInputValues.push_back(0); + reasonableInputValues.push_back(1); + reasonableInputValues.push_back(50000); + reasonableInputValues.push_back(u256("0x10000000000000000000000000000000000000000")); + reasonableInputValues.push_back(u256("0xffffffffffffffffffffffffffffffffffffffff")); + reasonableInputValues.push_back(u256("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe")); + reasonableInputValues.push_back(u256("0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")); + reasonableInputValues.push_back(u256("0x945304eb96065b2a98b57a48a06ae28d285a71b5")); + reasonableInputValues.push_back(randGenUniformInt()); + int lengthOfCode = lengthOfCodeDist(gen); string randomCode; for (int i = 0; i < lengthOfCode; ++i) { + // pre-fill stack to avoid that most of the test fail with a stackunderflow if (i < 8 && (randGen() < 192)) { - randomCode += toHex(toCompactBigEndian((uint8_t)randGenBlockInfoOpcode())); + randomCode += randGen() < 32 ? toHex(toCompactBigEndian((uint8_t)randGenBlockInfoOpcode())) : "7f" + toHex(reasonableInputValues[randGenInputValue()]); continue; } @@ -93,7 +109,7 @@ int main(int argc, char *argv[]) }, "pre" : { "095e7baea6a6c7c4c2dfeb977efac326af552d87" : { - "balance" : "1000000000000000000", + "balance" : "0", "code" : "0x6001600101600055", "nonce" : "0", "storage" : { @@ -130,7 +146,16 @@ int main(int argc, char *argv[]) read_string(s, v); // insert new random code - v.get_obj().find("randomStatetest")->second.get_obj().find("pre")->second.get_obj().begin()->second.get_obj()["code"] = "0x" + randomCode + (randGen() > 128 ? "55" : ""); + v.get_obj().find("randomStatetest")->second.get_obj().find("pre")->second.get_obj().begin()->second.get_obj()["code"] = "0x" + randomCode + (randGen() > 128 ? "55" : "") + (randGen() > 128 ? "60005155" : ""); + + // insert new data in tx + v.get_obj().find("randomStatetest")->second.get_obj().find("transaction")->second.get_obj()["data"] = "0x" + randomCode; + + // insert new value in tx + v.get_obj().find("randomStatetest")->second.get_obj().find("transaction")->second.get_obj()["value"] = toString(randGenUniformInt()); + + // insert new gasLimit in tx + v.get_obj().find("randomStatetest")->second.get_obj().find("transaction")->second.get_obj()["gasLimit"] = "0x" + toHex(toCompactBigEndian((int)randGenUniformInt())); // fill test doStateTests(v); From 9c33d18711b4c79aa0b013271a440b67cee8a3ec Mon Sep 17 00:00:00 2001 From: CJentzsch Date: Wed, 18 Mar 2015 13:14:46 +0100 Subject: [PATCH 2/3] update gasLimits --- stCallCreateCallCodeTestFiller.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/stCallCreateCallCodeTestFiller.json b/stCallCreateCallCodeTestFiller.json index b0245ee72..659ea7ccc 100644 --- a/stCallCreateCallCodeTestFiller.json +++ b/stCallCreateCallCodeTestFiller.json @@ -211,7 +211,7 @@ "transaction" : { "data" : "", - "gasLimit" : "0xffffffffffffffffffffffffffffff", + "gasLimit" : "15720826", "gasPrice" : "1", "nonce" : "", "secretKey" : "45a915e4d060149eb4365960e6a7a45f334393093061116b197e3240065ff2d8", @@ -260,7 +260,7 @@ "transaction" : { "data" : "", - "gasLimit" : "0xffffffffffffffffffffffffffffff", + "gasLimit" : "166262", "gasPrice" : "1", "nonce" : "", "secretKey" : "45a915e4d060149eb4365960e6a7a45f334393093061116b197e3240065ff2d8", @@ -308,7 +308,7 @@ "transaction" : { "data" : "", - "gasLimit" : "0xffffffffffffffffffffffffffffff", + "gasLimit" : "17592186099592", "gasPrice" : "1", "nonce" : "", "secretKey" : "45a915e4d060149eb4365960e6a7a45f334393093061116b197e3240065ff2d8", @@ -355,7 +355,7 @@ "transaction" : { "data" : "", - "gasLimit" : "0xffffffffffffffffffffffffffffff", + "gasLimit" : "15720826", "gasPrice" : "1", "nonce" : "", "secretKey" : "45a915e4d060149eb4365960e6a7a45f334393093061116b197e3240065ff2d8", From 4dbb6b67d6796bfec1e2396470fe926a77b490f5 Mon Sep 17 00:00:00 2001 From: CJentzsch Date: Wed, 18 Mar 2015 16:32:33 +0100 Subject: [PATCH 3/3] less magic --- createRandomStateTest.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/createRandomStateTest.cpp b/createRandomStateTest.cpp index 6cfad5095..5a3719f2b 100644 --- a/createRandomStateTest.cpp +++ b/createRandomStateTest.cpp @@ -55,11 +55,12 @@ int main(int argc, char *argv[]) auto now = chrono::steady_clock::now().time_since_epoch(); auto timeSinceEpoch = chrono::duration_cast(now).count(); gen.seed(static_cast(timeSinceEpoch)); + // set min and max length of the random evm code boost::random::uniform_int_distribution<> lengthOfCodeDist(8, 24); boost::random::uniform_int_distribution<> reasonableInputValuesSize(0, 7); boost::random::uniform_int_distribution<> opcodeDist(0, 255); boost::random::uniform_int_distribution<> BlockInfoOpcodeDist(0x40, 0x45); - boost::random::uniform_int_distribution<> uniformInt(0, 2147483647); + boost::random::uniform_int_distribution<> uniformInt(0, 0x7fffffff); boost::random::variate_generator > randGenInputValue(gen, reasonableInputValuesSize); boost::random::variate_generator > randGenUniformInt(gen, uniformInt); boost::random::variate_generator > randGen(gen, opcodeDist);