Merge pull request #10668 from ethereum/fuzzer-always-add-smt-pragma

ossfuzz: Add option to force SMT pragma and set it in solc fuzzers
2023-10-03 13:03:40 +00:00 · 2020-12-21 12:38:44 +01:00 · 2020-12-21 12:38:44 +01:00 · beed9de7d5
commit beed9de7d5
parent a9a62e86df a6a2b58e57
4 changed files with 40 additions and 6 deletions
--- a/test/tools/fuzzer_common.cpp
+++ b/test/tools/fuzzer_common.cpp
@ -72,7 +72,16 @@ void FuzzerUtil::testCompilerJsonInterface(string const& _input, bool _optimize,
 	runCompiler(jsonCompactPrint(config), _quiet);
 }
-void FuzzerUtil::testCompiler(StringMap const& _input, bool _optimize, unsigned _rand)
+void FuzzerUtil::forceSMT(StringMap& _input)
 {
 	// Add SMT checker pragma if not already present in source
 	static const char* smtPragma = "pragma experimental SMTChecker;";
 	for (auto &sourceUnit: _input)
 		if (sourceUnit.second.find(smtPragma) == string::npos)
 			sourceUnit.second += smtPragma;
 }
 void FuzzerUtil::testCompiler(StringMap& _input, bool _optimize, unsigned _rand, bool _forceSMT)
 {
 	frontend::CompilerStack compiler;
 	EVMVersion evmVersion = s_evmVersions[_rand % s_evmVersions.size()];
@ -81,6 +90,11 @@ void FuzzerUtil::testCompiler(StringMap const& _input, bool _optimize, unsigned
 		optimiserSettings = frontend::OptimiserSettings::standard();
 	else
 		optimiserSettings = frontend::OptimiserSettings::minimal();
 	if (_forceSMT)
 	{
 		forceSMT(_input);
 		compiler.setModelCheckerSettings({frontend::ModelCheckerEngine::All(), /*timeout=*/1});
 	}
 	compiler.setSources(_input);
 	compiler.setEVMVersion(evmVersion);
 	compiler.setOptimiserSettings(optimiserSettings);
--- a/test/tools/fuzzer_common.h
+++ b/test/tools/fuzzer_common.h
@ -33,7 +33,17 @@ struct FuzzerUtil
 	static void testStandardCompiler(std::string const& _input, bool _quiet);
 	/// Compiles @param _input which is a map of input file name to source code
 	/// string with optimisation turned on if @param _optimize is true
-	/// (off otherwise) and a pseudo-random @param _rand that selects the EVM
+	/// (off otherwise), a pseudo-random @param _rand that selects the EVM
-	/// version to be compiled for.
+	/// version to be compiled for, and bool @param _forceSMT that, if true,
-	static void testCompiler(solidity::StringMap const& _input, bool _optimize, unsigned _rand);
+	/// adds the experimental SMTChecker pragma to each source file in the
 	/// source map.
 	static void testCompiler(
 		solidity::StringMap& _input,
 		bool _optimize,
 		unsigned _rand,
 		bool _forceSMT
 	);
 	/// Adds the experimental SMTChecker pragma to each source file in the
 	/// source map.
 	static void forceSMT(solidity::StringMap& _input);
 };
--- a/test/tools/ossfuzz/solc_noopt_ossfuzz.cpp
+++ b/test/tools/ossfuzz/solc_noopt_ossfuzz.cpp
@ -43,7 +43,12 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* _data, size_t _size)
 		{
 			return 0;
 		}
-		FuzzerUtil::testCompiler(sourceCode, /*optimize=*/false, /*_rand=*/static_cast<unsigned>(_size));
+		FuzzerUtil::testCompiler(
 			sourceCode,
 			/*optimize=*/false,
 			/*_rand=*/static_cast<unsigned>(_size),
 			/*forceSMT=*/true
 		);
 	}
 	return 0;
 }
--- a/test/tools/ossfuzz/solc_opt_ossfuzz.cpp
+++ b/test/tools/ossfuzz/solc_opt_ossfuzz.cpp
@ -43,7 +43,12 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* _data, size_t _size)
 		{
 			return 0;
 		}
-		FuzzerUtil::testCompiler(sourceCode, /*optimize=*/true, /*rand=*/static_cast<unsigned>(_size));
+		FuzzerUtil::testCompiler(
 			sourceCode,
 			/*optimize=*/true,
 			/*rand=*/static_cast<unsigned>(_size),
 			/*forceSMT=*/true
 		);
 	}
 	return 0;
 }