Closed ekpyron closed 2 years ago
eddybuilds
commented
2 years ago Hey @ekpyron - I'd be keen to contribute to this issue, ideally with fuzzing but I'd be productive on adding unit tests too, if you're accepting outside work :)
Is there a Discord channel or something similar where I can go over the details of this task a little more, and to find some examples of existing fuzzing tests to use as a starting point?
cameel
commented
2 years ago Sorry, for a late response. Most of the team has been out for Devconnect and we're still not all back even now.
We have a Matrix channel, where you can talk to us directly about anything compiler-related: #solidity-dev. Also, the person to talk about fuzzing specifically would be @bshastry. He's managing our (pretty extensive) fuzzing setup. If you can work with him to fuzz this particular part of the compiler, it would actually be pretty great!
eddybuilds
commented
2 years ago Thanks @cameel! I've joined the channel and DM'd @bshastry.
We have comparably decent test coverage and fuzzing confirmation for data integrity on decoding valid calldata encodings. However, we have only sparse coverage for calldata validation, leading to bugs like https://github.com/ethereum/solidity/pull/12907 going unnoticed.
While it is hard to test everything (this would mean checking all combinations between static and dynamic types up to three dimensions and in each verify the bounds checks for re-encoding, index accessing, copying to memory and copying to storage, resulting in an enormous test space), and we should also try to employ fuzzing for the validation part (see https://github.com/ethereum/solidity/issues/12914), at least some more coverage in the unit tests would be good as well.