Skip to content

Commit a4dab6b

Browse files
mohansonmohanson
authored
Checking cycles in fuzz (#441)
1 parent 468f52c commit a4dab6b

File tree

2 files changed

+26
-14
lines changed

2 files changed

+26
-14
lines changed

fuzz/fuzz_targets/asm.rs

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,37 +1,44 @@
11
#![no_main]
22
use ckb_vm::cost_model::constant_cycles;
33
use ckb_vm::machine::asm::{AsmCoreMachine, AsmMachine};
4-
use ckb_vm::machine::{DefaultCoreMachine, DefaultMachineBuilder, VERSION2};
4+
use ckb_vm::machine::trace::TraceMachine;
5+
use ckb_vm::machine::{DefaultCoreMachine, DefaultMachineBuilder, SupportMachine, VERSION2};
56
use ckb_vm::memory::sparse::SparseMemory;
67
use ckb_vm::memory::wxorx::WXorXMemory;
78
use ckb_vm::{Bytes, Error, ISA_A, ISA_B, ISA_IMC, ISA_MOP};
89
use libfuzzer_sys::fuzz_target;
910

10-
fn run_asm(data: &[u8]) -> Result<i8, Error> {
11+
fn run_asm(data: &[u8]) -> Result<(i8, u64), Error> {
1112
let asm_core = AsmCoreMachine::new(ISA_IMC | ISA_A | ISA_B | ISA_MOP, VERSION2, 200_000);
1213
let core = DefaultMachineBuilder::<Box<AsmCoreMachine>>::new(asm_core)
1314
.instruction_cycle_func(Box::new(constant_cycles))
1415
.build();
1516
let mut machine = AsmMachine::new(core);
1617
let program = Bytes::copy_from_slice(data);
1718
machine.load_program(&program, &[])?;
18-
machine.run()
19+
let exit_code = machine.run()?;
20+
let cycles = machine.machine.cycles();
21+
Ok((exit_code, cycles))
1922
}
2023

21-
fn run_int(data: &[u8]) -> Result<i8, Error> {
24+
fn run_int(data: &[u8]) -> Result<(i8, u64), Error> {
2225
let machine_memory = WXorXMemory::new(SparseMemory::<u64>::default());
2326
let machine_core = DefaultCoreMachine::new_with_memory(
2427
ISA_IMC | ISA_A | ISA_B | ISA_MOP,
2528
VERSION2,
2629
200_000,
2730
machine_memory,
2831
);
29-
let mut machine = DefaultMachineBuilder::new(machine_core)
30-
.instruction_cycle_func(Box::new(constant_cycles))
31-
.build();
32+
let mut machine = TraceMachine::new(
33+
DefaultMachineBuilder::new(machine_core)
34+
.instruction_cycle_func(Box::new(constant_cycles))
35+
.build(),
36+
);
3237
let program = Bytes::copy_from_slice(data);
3338
machine.load_program(&program, &[])?;
34-
machine.run()
39+
let exit_code = machine.run()?;
40+
let cycles = machine.machine.cycles();
41+
Ok((exit_code, cycles))
3542
}
3643

3744
fuzz_target!(|data: &[u8]| {

fuzz/fuzz_targets/interpreter.rs

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,30 @@
11
#![no_main]
22
use ckb_vm::cost_model::constant_cycles;
3-
use ckb_vm::machine::{DefaultCoreMachine, DefaultMachineBuilder, VERSION2};
3+
use ckb_vm::machine::trace::TraceMachine;
4+
use ckb_vm::machine::{DefaultCoreMachine, DefaultMachineBuilder, SupportMachine, VERSION2};
45
use ckb_vm::memory::sparse::SparseMemory;
56
use ckb_vm::memory::wxorx::WXorXMemory;
67
use ckb_vm::{Bytes, Error, ISA_A, ISA_B, ISA_IMC, ISA_MOP};
78
use libfuzzer_sys::fuzz_target;
89

9-
fn run(data: &[u8]) -> Result<i8, Error> {
10+
fn run(data: &[u8]) -> Result<(i8, u64), Error> {
1011
let machine_memory = WXorXMemory::new(SparseMemory::<u64>::default());
1112
let machine_core = DefaultCoreMachine::new_with_memory(
1213
ISA_IMC | ISA_A | ISA_B | ISA_MOP,
1314
VERSION2,
1415
200_000,
1516
machine_memory,
1617
);
17-
let mut machine = DefaultMachineBuilder::new(machine_core)
18-
.instruction_cycle_func(Box::new(constant_cycles))
19-
.build();
18+
let mut machine = TraceMachine::new(
19+
DefaultMachineBuilder::new(machine_core)
20+
.instruction_cycle_func(Box::new(constant_cycles))
21+
.build(),
22+
);
2023
let program = Bytes::copy_from_slice(data);
2124
machine.load_program(&program, &[])?;
22-
machine.run()
25+
let exit_code = machine.run()?;
26+
let cycles = machine.machine.cycles();
27+
Ok((exit_code, cycles))
2328
}
2429

2530
fuzz_target!(|data: &[u8]| {

0 commit comments

Comments
 (0)