/* This file is part of solidity. solidity is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. solidity is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with solidity. If not, see . */ // SPDX-License-Identifier: GPL-3.0 #include #include #include #include #include #include #include #include #include #include #include #include #include using namespace std; using namespace solidity; using namespace solidity::util; using namespace solidity::langutil; using namespace solidity::yul; using namespace solidity::yul::test; using namespace solidity::yul::test::yul_fuzzer; DEFINE_PROTO_FUZZER(Program const& _input) { ProtoConverter converter; string yul_source = converter.programToString(_input); EVMVersion version = converter.version(); if (const char* dump_path = getenv("PROTO_FUZZER_DUMP_PATH")) { // With libFuzzer binary run this to generate a YUL source file x.yul: // PROTO_FUZZER_DUMP_PATH=x.yul ./a.out proto-input ofstream of(dump_path); of.write(yul_source.data(), static_cast(yul_source.size())); } YulStringRepository::reset(); // YulStack entry point YulStack stack( version, nullopt, YulStack::Language::StrictAssembly, solidity::frontend::OptimiserSettings::full(), DebugInfoSelection::All() ); // Parse protobuf mutated YUL code if ( !stack.parseAndAnalyze("source", yul_source) || !stack.parserResult()->code || !stack.parserResult()->analysisInfo || Error::containsErrors(stack.errors()) ) { SourceReferenceFormatter formatter(std::cout, stack, false, false); for (auto const& error: stack.errors()) formatter.printExceptionInformation(*error, Error::errorSeverity(error->type())); yulAssert(false, "Proto fuzzer generated malformed program"); } ostringstream os1; ostringstream os2; // Disable memory tracing to avoid false positive reports // such as unused write to memory e.g., // { mstore(0, 1) } // that would be removed by the redundant store eliminator. yulFuzzerUtil::TerminationReason termReason = yulFuzzerUtil::interpret( os1, stack.parserResult()->code, EVMDialect::strictAssemblyForEVMObjects(version), /*disableMemoryTracing=*/true ); if (yulFuzzerUtil::resourceLimitsExceeded(termReason)) return; YulOptimizerTestCommon optimizerTest( stack.parserResult(), EVMDialect::strictAssemblyForEVMObjects(version) ); optimizerTest.setStep(optimizerTest.randomOptimiserStep(_input.step())); shared_ptr astBlock = optimizerTest.run(); yulAssert(astBlock != nullptr, "Optimiser error."); termReason = yulFuzzerUtil::interpret( os2, astBlock, EVMDialect::strictAssemblyForEVMObjects(version), true ); if (yulFuzzerUtil::resourceLimitsExceeded(termReason)) return; bool isTraceEq = (os1.str() == os2.str()); if (!isTraceEq) { cout << os1.str() << endl; cout << os2.str() << endl; yulAssert(false, "Interpreted traces for optimized and unoptimized code differ."); } return; }