Skip to content

Commit 20b4dc8

Browse files
mohansonmohanson
authored
Backport #424 
1 parent 558ef67 commit 20b4dc8

File tree

2 files changed

+61
-0
lines changed

2 files changed

+61
-0
lines changed

fuzz/Cargo.toml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,3 +43,9 @@ name = "isa_b"
4343
path = "fuzz_targets/isa_b.rs"
4444
test = false
4545
doc = false
46+
47+
[[bin]]
48+
name = "snapshot"
49+
path = "fuzz_targets/snapshot.rs"
50+
test = false
51+
doc = false

fuzz/fuzz_targets/snapshot.rs

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
#![no_main]
2+
use ckb_vm::cost_model::constant_cycles;
3+
use ckb_vm::machine::asm::{AsmCoreMachine, AsmMachine};
4+
use ckb_vm::machine::{DefaultMachineBuilder, VERSION2};
5+
use ckb_vm::snapshot;
6+
use ckb_vm::{Bytes, Error, SupportMachine, ISA_A, ISA_B, ISA_IMC, ISA_MOP};
7+
use libfuzzer_sys::fuzz_target;
8+
9+
fuzz_target!(|data: &[u8]| {
10+
let mut machine1 = {
11+
let asm_core = AsmCoreMachine::new(ISA_IMC | ISA_A | ISA_B | ISA_MOP, VERSION2, 200_000);
12+
let machine = DefaultMachineBuilder::<Box<AsmCoreMachine>>::new(asm_core)
13+
.instruction_cycle_func(Box::new(constant_cycles))
14+
.build();
15+
AsmMachine::new(machine)
16+
};
17+
let program = Bytes::copy_from_slice(data);
18+
if machine1.load_program(&program, &[]).is_err() {
19+
return;
20+
};
21+
let result1 = machine1.run();
22+
if machine1.machine.cycles() < 4 {
23+
return;
24+
}
25+
26+
let half_cycles = machine1.machine.cycles() / 2;
27+
let mut machine2 = {
28+
let asm_core =
29+
AsmCoreMachine::new(ISA_IMC | ISA_A | ISA_B | ISA_MOP, VERSION2, half_cycles);
30+
let machine = DefaultMachineBuilder::<Box<AsmCoreMachine>>::new(asm_core)
31+
.instruction_cycle_func(Box::new(constant_cycles))
32+
.build();
33+
AsmMachine::new(machine)
34+
};
35+
machine2.load_program(&program, &[]).unwrap();
36+
let result2 = machine2.run();
37+
assert_eq!(result2.unwrap_err(), Error::CyclesExceeded);
38+
let snap = snapshot::make_snapshot(&mut machine2.machine).unwrap();
39+
40+
let mut machine3 = {
41+
let asm_core =
42+
AsmCoreMachine::new(ISA_IMC | ISA_A | ISA_B | ISA_MOP, VERSION2, half_cycles);
43+
let machine = DefaultMachineBuilder::<Box<AsmCoreMachine>>::new(asm_core)
44+
.instruction_cycle_func(Box::new(constant_cycles))
45+
.build();
46+
AsmMachine::new(machine)
47+
};
48+
snapshot::resume(&mut machine3.machine, &snap).unwrap();
49+
50+
machine3.machine.set_cycles(machine2.machine.cycles());
51+
machine3.machine.set_max_cycles(200_000);
52+
let result3 = machine3.run();
53+
assert_eq!(result1, result3);
54+
assert_eq!(machine1.machine.cycles(), machine3.machine.cycles());
55+
});

0 commit comments

Comments
 (0)