Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

EVM fuzzing #3672

Merged
merged 1 commit into from Feb 21, 2017

Conversation

Projects
None yet
5 participants
@obscuren
Copy link
Member

obscuren commented Feb 13, 2017

core/vm, crypto: support for go-fuzz

Adds support for the go-fuzz tool, allowing fuzzing to be done on the EVM.

# Get go build
go get github.com/dvyukov/go-fuzz/go-fuzz
go get github.com/dvyukov/go-fuzz/go-fuzz-build

# Build the fuzzing env. This generates a “runtime.zip” file in the current directory.
go-fuzz-build -tags nocgo github.com/ethereum/go-ethereum/core/vm/runtime
# Run the fuzzer. The work dir preferable in a persistent directory that doesn’t get wiped. This contains the corpus.
go-fuzz -bin=./runtime.zip -workdir=$HOME/evm-fuzz

@obscuren obscuren added this to the 1.6.0 milestone Feb 13, 2017

@mention-bot

This comment has been minimized.

Copy link

mention-bot commented Feb 13, 2017

@obscuren, thanks for your PR! By analyzing the history of the files in this pull request, we identified @fjl, @karalabe and @Gustav-Simonsson to be potential reviewers.

@obscuren obscuren force-pushed the obscuren:gas64-fuzzing branch 6 times, most recently Feb 13, 2017

common/math/integer.go Outdated
if x == 0 {
return 0, false
}
return x * y, x != 0 && y != 0 && y > gmath.MaxUint64/x

This comment has been minimized.

Copy link
@holiman

holiman Feb 14, 2017

Contributor

You're already checking x==0 above, no need to check again

This comment has been minimized.

Copy link
@bas-vk

bas-vk Feb 15, 2017

Member

You can also check for y == 0 and return immediately.

core/vm/gas_table.go Outdated
}

func gasCreate(gt params.GasTable, env *EVM, contract *Contract, stack *Stack, mem *Memory, memorySize *big.Int) *big.Int {
return new(big.Int).Add(params.CreateGas, memoryGasCost(mem, memorySize))
func gasMStore(gt params.GasTable, evm *EVM, contract *Contract, stack *Stack, mem *Memory, memorySize uint64) (uint64, error) {

This comment has been minimized.

Copy link
@holiman

holiman Feb 14, 2017

Contributor

gasMload, gasMstore8 and gasMStore are identical. Would it make sense to have the three function declarations point to the same concrete method?

core/vm/instructions.go Outdated
base, exponent := stack.pop(), stack.pop()
stack.push(math.Exp(base, exponent))

evm.interpreter.intPool.put(base, exponent)

This comment has been minimized.

Copy link
@holiman

holiman Feb 14, 2017

Contributor

If Exp is ever refactored to operatie on base instead of returning a new bigint, this will be dangerous.

@obscuren obscuren force-pushed the obscuren:gas64-fuzzing branch 4 times, most recently Feb 15, 2017

@fjl

This comment has been minimized.

Copy link
Contributor

fjl commented Feb 17, 2017

See #3680 for an improved version where sign/recover actually works without cgo.

@obscuren obscuren changed the title Gas64 fuzzing EVM fuzzing Feb 17, 2017

@obscuren obscuren force-pushed the obscuren:gas64-fuzzing branch Feb 17, 2017

@obscuren

This comment has been minimized.

Copy link
Member Author

obscuren commented Feb 17, 2017

@fjl done. updated PR

@obscuren obscuren force-pushed the obscuren:gas64-fuzzing branch Feb 18, 2017

@obscuren obscuren force-pushed the obscuren:gas64-fuzzing branch to 7c9a89c Feb 21, 2017

@obscuren obscuren merged commit 4ac481b into ethereum:master Feb 21, 2017

3 of 4 checks passed

continuous-integration/travis-ci/pr The Travis CI build failed
Details
ci/circleci Your tests passed on CircleCI!
Details
commit-message-check/gitcop All commit messages are valid
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details

@obscuren obscuren deleted the obscuren:gas64-fuzzing branch Feb 21, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.