Add solc to yul generator corpus based fuzzer

2023-10-03 13:03:40 +00:00 · 2019-09-17 14:18:30 +02:00 · 2019-09-17 14:18:30 +02:00 · b28723933f
commit b28723933f
parent 5a950908b6
8 changed files with 62 additions and 5 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -74,6 +74,7 @@ defaults:
        - test/tools/ossfuzz/const_opt_ossfuzz
        - test/tools/ossfuzz/solc_noopt_ossfuzz
        - test/tools/ossfuzz/solc_opt_ossfuzz
        - test/tools/ossfuzz/solc_yulgen_ossfuzz
        - test/tools/ossfuzz/strictasm_assembly_ossfuzz
        - test/tools/ossfuzz/strictasm_diff_ossfuzz
        - test/tools/ossfuzz/strictasm_opt_ossfuzz
--- a/test/tools/afl_fuzzer.cpp
+++ b/test/tools/afl_fuzzer.cpp
@ -123,7 +123,7 @@ Allowed options)",
 			else if (arguments.count("standard-json"))
 				FuzzerUtil::testStandardCompiler(input, quiet);
 			else
-				FuzzerUtil::testCompiler(input, optimize, quiet);
+				FuzzerUtil::testCompiler(input, optimize, quiet, false);
 		}
 		catch (...)
 		{
--- a/test/tools/fuzzer_common.cpp
+++ b/test/tools/fuzzer_common.cpp
@ -71,7 +71,12 @@ void FuzzerUtil::runCompiler(string const& _input, bool _quiet)
 		}
 }
-void FuzzerUtil::testCompiler(string const& _input, bool _optimize, bool _quiet)
+void FuzzerUtil::testCompiler(
 	string const& _input,
 	bool _optimize,
 	bool _quiet,
 	bool _yulOptimize
 )
 {
 	if (!_quiet)
 		cout << "Testing compiler " << (_optimize ? "with" : "without") << " optimizer." << endl;
@ -86,6 +91,11 @@ void FuzzerUtil::testCompiler(string const& _input, bool _optimize, bool _quiet)
 	config["settings"]["optimizer"]["enabled"] = _optimize;
 	config["settings"]["optimizer"]["runs"] = 200;
 	config["settings"]["evmVersion"] = s_evmVersions[_input.size() % s_evmVersions.size()];
 	if (_optimize && _yulOptimize)
 	{
 		config["settings"]["optimizer"]["details"] = Json::objectValue;
 		config["settings"]["optimizer"]["details"]["yul"] = true;
 	}
 	// Enable all SourceUnit-level outputs.
 	config["settings"]["outputSelection"]["*"][""][0] = "*";
--- a/test/tools/fuzzer_common.h
+++ b/test/tools/fuzzer_common.h
@ -24,7 +24,12 @@
 struct FuzzerUtil
 {
 	static void runCompiler(std::string const& _input, bool _quiet);
-	static void testCompiler(std::string const& _input, bool _optimize, bool _quiet);
+	static void testCompiler(
 		std::string const& _input,
 		bool _optimize,
 		bool _quiet,
 		bool _yulOptimize
 	);
 	static void testConstantOptimizer(std::string const& _input, bool _quiet);
 	static void testStandardCompiler(std::string const& _input, bool _quiet);
 };
--- a/test/tools/ossfuzz/CMakeLists.txt
+++ b/test/tools/ossfuzz/CMakeLists.txt
@ -2,6 +2,7 @@ add_custom_target(ossfuzz)
 add_dependencies(ossfuzz
        solc_opt_ossfuzz
        solc_noopt_ossfuzz
        solc_yulgen_ossfuzz
        const_opt_ossfuzz
        strictasm_diff_ossfuzz
        strictasm_opt_ossfuzz
@ -25,6 +26,10 @@ if (OSSFUZZ)
    target_link_libraries(solc_noopt_ossfuzz PRIVATE libsolc evmasm)
    set_target_properties(solc_noopt_ossfuzz PROPERTIES LINK_FLAGS ${LIB_FUZZING_ENGINE})
    add_executable(solc_yulgen_ossfuzz solc_yulgen_ossfuzz.cpp ../fuzzer_common.cpp)
    target_link_libraries(solc_yulgen_ossfuzz PRIVATE libsolc evmasm)
    set_target_properties(solc_yulgen_ossfuzz PROPERTIES LINK_FLAGS ${LIB_FUZZING_ENGINE})
    add_executable(const_opt_ossfuzz const_opt_ossfuzz.cpp ../fuzzer_common.cpp)
    target_link_libraries(const_opt_ossfuzz PRIVATE libsolc evmasm)
    set_target_properties(const_opt_ossfuzz PROPERTIES LINK_FLAGS ${LIB_FUZZING_ENGINE})
@ -90,6 +95,12 @@ else()
            )
    target_link_libraries(solc_noopt_ossfuzz PRIVATE libsolc evmasm)
    add_library(solc_yulgen_ossfuzz
            solc_yulgen_ossfuzz.cpp
            ../fuzzer_common.cpp
            )
    target_link_libraries(solc_yulgen_ossfuzz PRIVATE libsolc evmasm)
    add_library(const_opt_ossfuzz
            const_opt_ossfuzz.cpp
            ../fuzzer_common.cpp)
--- a/test/tools/ossfuzz/solc_noopt_ossfuzz.cpp
+++ b/test/tools/ossfuzz/solc_noopt_ossfuzz.cpp
@ -24,7 +24,7 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* _data, size_t _size)
 	if (_size <= 600)
 	{
 		string input(reinterpret_cast<char const*>(_data), _size);
-		FuzzerUtil::testCompiler(input, /*optimize=*/false, /*quiet=*/true);
+		FuzzerUtil::testCompiler(input, /*optimize=*/false, /*quiet=*/true, /*yulOptimize=*/false);
 	}
 	return 0;
 }
--- a/test/tools/ossfuzz/solc_opt_ossfuzz.cpp
+++ b/test/tools/ossfuzz/solc_opt_ossfuzz.cpp
@ -24,7 +24,7 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* _data, size_t _size)
 	if (_size <= 600)
 	{
 		string input(reinterpret_cast<char const *>(_data), _size);
-		FuzzerUtil::testCompiler(input, /*optimize=*/true, /*quiet=*/true);
+		FuzzerUtil::testCompiler(input, /*optimize=*/true, /*quiet=*/true, /*yulOptimize=*/false);
 	}
 	return 0;
 }
--- a/test/tools/ossfuzz/solc_yulgen_ossfuzz.cpp
+++ b/test/tools/ossfuzz/solc_yulgen_ossfuzz.cpp
@ -0,0 +1,30 @@
 /*
 	This file is part of solidity.
 	solidity is free software: you can redistribute it and/or modify
 	it under the terms of the GNU General Public License as published by
 	the Free Software Foundation, either version 3 of the License, or
 	(at your option) any later version.
 	solidity is distributed in the hope that it will be useful,
 	but WITHOUT ANY WARRANTY; without even the implied warranty of
 	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 	GNU General Public License for more details.
 	You should have received a copy of the GNU General Public License
 	along with solidity.  If not, see <http://www.gnu.org/licenses/>.
 */
 #include <test/tools/fuzzer_common.h>
 using namespace std;
 extern "C" int LLVMFuzzerTestOneInput(uint8_t const* _data, size_t _size)
 {
 	if (_size <= 600)
 	{
 		string input(reinterpret_cast<char const *>(_data), _size);
 		FuzzerUtil::testCompiler(input, /*optimize=*/true, /*quiet=*/true, /*yulOptimize=*/true);
 	}
 	return 0;
 }