Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzz fixes #1249

Merged
merged 17 commits into from
Nov 27, 2023
Merged

Fuzz fixes #1249

merged 17 commits into from
Nov 27, 2023

Conversation

graydon
Copy link
Contributor

@graydon graydon commented Nov 24, 2023

This contains the results of a few days of both reproducing and fixing fuzz bugs and also hacking on the fuzzer:

  1. Fixes fuzz found internal error deleting from instance storage #1203 which was a somewhat subtle budget-error-escalation bug the fuzzer found.
  2. Fixes a couple other instances of that pattern.
  3. Fixes a fuzzer-found instance of a frame invariant corruption.
  4. Moves the machinery the fuzzer needs from tests/utils (which was guarded by cfg(test) so inaccessible to testutils and guards it with cfg(feature="testutils")
  5. Removes the duplicate code in the fuzzer lib and instead uses host testutils
  6. Extends testutils to record the storage map and then switch to enforcing, rather than manually building the enforcing map
  7. Removes the other non-expr fuzz case, it's redundant.
  8. Adds some scaffolding for fuzz debugging.
  9. Adds support for passing arguments to the fuzzer to enable access to storage and cross-contract calls.
  10. Fix the thing where we rebuild every time due to build.rs not being conservative enough

@graydon graydon requested review from sisuresh, dmkozh and a team as code owners November 24, 2023 06:44
@graydon
fix fuzz case
e80d8e7
@graydon
Move soroban-env-host/test/utils content to testutils, export more of…
1db920a 
… it.
@graydon
Remove a bunch of redundant fuzzer code, use exported testutils.
0c0058c
@graydon
Add soroban-env-host/fuzz/{Makefile,.vscode/launch.json}
c6218a7
@graydon
Fix fuzzer-found bug where we map a budget error to internal.
f3c6223
@graydon
Fix a fuzzer-found bug where budget errors break frame invariants.
81130da
@graydon
Fix another instance of fuzzer-found bug mapping budget errors to int…
85ee980 
…ernal.
@graydon
Fix eager error-constructions (not bugs, just add noise debugging)
e289a3f
@graydon
Add rerun-if-changed lines to build.rs files (prevent needless rebuilds)
f6624f2
@graydon
Teach func emitter to have typed arguments.
c4f4756
@graydon
More testutils fixes.
1867148
@graydon
Teach expr fuzz testcase to pass and use args.
d257887
@graydon
Slightly improve fuzz Makefile
f82f3a1
@graydon
Simplify fuzzer footprint keys, just use U32Vals
611536d
@graydon
Improve fuzzer args for cross-contract calling
c13912a
@graydon
Fix clippy issue
79b57ef
@graydon
Fix some feature-gating
dfb7af0
@graydon graydon added this pull request to the merge queue Nov 27, 2023
Merged via the queue into main with commit 8265384 Nov 27, 2023
10 checks passed
@graydon graydon deleted the fuzz-fixes branch November 27, 2023 22:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmkozh dmkozh dmkozh approved these changes

@sisuresh sisuresh Awaiting requested review from sisuresh sisuresh is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fuzz found internal error deleting from instance storage
2 participants
@graydon @dmkozh