-
Notifications
You must be signed in to change notification settings - Fork 182
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Compiling the compilers/tests/fixtures/demos/uniswap.fe file can crash with /solidity/libyul/backends/evm/EVMObjectCompiler.cpp(66): Throw in function void solidity::yul::EVMObjectCompiler::run(solidity::yul::Object &, bool) #319
Comments
Seems to be the only test that this happens for. I'm going to just pull it from the corpus and start up a fuzzer, for now, but something odd going on here. Also, when afl refused to start up, it was running with
|
Good catch! This is somewhat embarrassing.. This is happening because the Yul optimizer will sort out most Lines 78 to 79 in 7b9ef12
|
heh! |
hmm, wait, without |
ah right, just the solc Yul optimizer, so we may get "fuzzing" of solc rather than Fe here, and most Fe bugs will be caught without it being on. hmm. Still think I'll crank up with it on, no reason not to do so. also, I guess since I do --overwrite, I get --optimize for free right now :) |
of course this gets exposed only when not --optimize, hrm |
The downside with running the optimizer is of course time. Maybe this isn't a big deal? Let me look into this a bit more. I suspect |
The downside with running the optimizer is of course time. Maybe this isn't a big deal? well, throughput is king in fuzzing. OTOH I imagine we only pay the price when we actually make it to the Yul optimizer, which is probably vanishingly few inputs, so I think it is not a real cost here |
ok, I don't imagine; we clearly only pay when it makes it all the way to Yul codegen, which probably basically never happens in fuzzing runs, which is why we need millions to find stuff |
Compiling the compilers/tests/fixtures/demos/uniswap.fe file can crash! But if you add
--overwrite
it doesn't do so.but note:
On latest github master, built with
for fuzzing. Found this one when preparing new corpus for starting a new fuzzer run, I crawl the directories for the .fe files. This is the first version this has happened on, so something's changed (maybe on solc's end?)
The text was updated successfully, but these errors were encountered: