add ser/de to CompiledModule focused fuzzers (#9787)

* add repro script * add ser/de to CompiledModule focused fuzzers
aptos-labs · Aug 29, 2023 · 23acfe1 · 23acfe1
1 parent b6557f5
commit 23acfe1
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 2 deletions.
diff --git a/testsuite/fuzzer/fuzz/fuzz_targets/move/bytecode_verifier_code_unit.rs b/testsuite/fuzzer/fuzz/fuzz_targets/move/bytecode_verifier_code_unit.rs
@@ -13,6 +13,7 @@ use move_binary_format::file_format::{
     Visibility,
 };
 use move_core_types::{account_address::AccountAddress, ident_str};
+mod utils;
 
 fuzz_target!(|code_unit: CodeUnit| {
     let mut module = empty_module();
@@ -78,5 +79,7 @@ fuzz_target!(|code_unit: CodeUnit| {
     };
 
     module.function_defs.push(fun_def);
-    let _ = move_bytecode_verifier::verify_module(&module);
+    if utils::compiled_module_serde(&module).is_ok() {
+        let _ = move_bytecode_verifier::verify_module(&module);
+    }
 });
diff --git a/testsuite/fuzzer/fuzz/fuzz_targets/move/bytecode_verifier_mixed.rs b/testsuite/fuzzer/fuzz/fuzz_targets/move/bytecode_verifier_mixed.rs
@@ -14,6 +14,7 @@ use move_binary_format::file_format::{
     Visibility,
 };
 use move_core_types::{account_address::AccountAddress, ident_str};
+mod utils;
 
 #[derive(Arbitrary, Debug)]
 struct Mixed {
@@ -92,5 +93,7 @@ fuzz_target!(|mix: Mixed| {
     };
 
     module.function_defs.push(fun_def);
-    let _ = move_bytecode_verifier::verify_module(&module);
+    if utils::compiled_module_serde(&module).is_ok() {
+        let _ = move_bytecode_verifier::verify_module(&module);
+    }
 });
diff --git a/testsuite/fuzzer/fuzz/fuzz_targets/move/utils.rs b/testsuite/fuzzer/fuzz/fuzz_targets/move/utils.rs
@@ -1,8 +1,10 @@
 // Copyright © Aptos Foundation
 // SPDX-License-Identifier: Apache-2.0
 
+use move_binary_format::file_format::CompiledModule;
 use move_core_types::value::{MoveStructLayout, MoveTypeLayout};
 
+#[allow(dead_code)]
 pub(crate) fn is_valid_layout(layout: &MoveTypeLayout) -> bool {
     use MoveTypeLayout as L;
 
@@ -21,3 +23,11 @@ pub(crate) fn is_valid_layout(layout: &MoveTypeLayout) -> bool {
         },
     }
 }
+
+#[allow(dead_code)]
+pub(crate) fn compiled_module_serde(module: &CompiledModule) -> Result<(), ()> {
+    let mut blob = vec![];
+    module.serialize(&mut blob).map_err(|_| ())?;
+    CompiledModule::deserialize(&blob).map_err(|_| ())?;
+    Ok(())
+}
diff --git a/testsuite/fuzzer/repro.sh b/testsuite/fuzzer/repro.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ "$#" -ne 2 ]; then
+  echo "Usage: $0 <fuzzer_name> <testcase>"
+  exit 1
+fi
+
+FUZZER_NAME="$1"
+TESTCASE="$2"
+
+if [ ! -f "$TESTCASE" ]; then
+  echo "Testcase not found: $TESTCASE"
+  exit 1
+fi
+
+RUSTFLAGS="--cfg tokio_unstable" cargo +nightly fuzz run $FUZZER_NAME $TESTCASE