Merge pull request #432 from ckormanyos/more_fuzzing

Clean up and add more fuzzing and fix #433
ckormanyos · Sep 29, 2024 · 3704f7a · 3704f7a
2 parents b6a8463 + ea6326d
commit 3704f7a
Show file tree

Hide file tree

Showing 13 changed files with 281 additions and 39 deletions.
diff --git a/.github/workflows/wide_integer.yml b/.github/workflows/wide_integer.yml
@@ -12,7 +12,7 @@ on:
       - '**'
   pull_request:
   schedule:
-    - cron: '0 2 * * *' # run at 2 AM UTC
+    - cron: '5 2 * * *' # run at 2:05 AM UTC
 jobs:
   cmake-linux:
     runs-on: ubuntu-latest
@@ -66,7 +66,7 @@ jobs:
           git submodule update --init libs/multiprecision
       - uses: ilammy/msvc-dev-cmd@v1
         with:
-          toolset: 14.2
+          toolset: 14.4
       - name: bootstrap-boost
         working-directory: ${{runner.workspace}}/boost-root
         run: |

diff --git a/.github/workflows/wide_integer_fuzzing.yml b/.github/workflows/wide_integer_fuzzing.yml
@@ -12,7 +12,7 @@ on:
       - '**'
   pull_request:
   schedule:
-    - cron: '15 2 * * *' # run at 2:15 AM UTC
+    - cron: '0 2 * * *' # run at 2:00 AM UTC
 jobs:
   clang-fuzzing:
     runs-on: ubuntu-latest
@@ -22,7 +22,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        tcase: [ add, sub, mul, div, prime, sdiv, sqrt ]
+        compiler: [ clang++ ]
     steps:
       - uses: actions/checkout@v4
         with:
@@ -41,9 +41,6 @@ jobs:
       - name: clang-fuzzing
         run: |
           grep BOOST_VERSION ../boost-root/boost/version.hpp
-          echo "compile and instrument fuzzing test"
-          clang++ -v
-          clang++ -std=c++20 -g -O2 -fsanitize=fuzzer -I. -I../boost-root test/fuzzing/test_fuzzing_${{ matrix.tcase }}.cpp -o test_fuzzing_${{ matrix.tcase }}
-          echo "ls test_fuzzing_${{ matrix.tcase }}"
-          ls -la test_fuzzing_${{ matrix.tcase }}
-          ./test_fuzzing_${{ matrix.tcase }} -max_total_time=360
+          ${{ matrix.compiler }} -v
+          echo "run fuzzing test"
+          ./run_fuzzing.sh
diff --git a/run_fuzzing.sh b/run_fuzzing.sh
@@ -0,0 +1,84 @@
+#!/bin/bash
+
+if [[ "$1" != "" ]]; then
+    MY_BOOST="$1"
+else
+    MY_BOOST=../boost-root
+fi
+
+
+echo 'compiling test/fuzzing/test_fuzzing_add.cpp'   && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_add.cpp   -o test_fuzzing_add
+echo 'compiling test/fuzzing/test_fuzzing_sub.cpp'   && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_sub.cpp   -o test_fuzzing_sub
+echo 'compiling test/fuzzing/test_fuzzing_mul.cpp'   && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_mul.cpp   -o test_fuzzing_mul
+echo 'compiling test/fuzzing/test_fuzzing_div.cpp'   && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_div.cpp   -o test_fuzzing_div
+echo 'compiling test/fuzzing/test_fuzzing_sdiv.cpp'  && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_sdiv.cpp  -o test_fuzzing_sdiv
+echo 'compiling test/fuzzing/test_fuzzing_sqrt.cpp'  && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_sqrt.cpp  -o test_fuzzing_sqrt
+echo 'compiling test/fuzzing/test_fuzzing_powm.cpp'  && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_powm.cpp  -o test_fuzzing_powm
+echo 'compiling test/fuzzing/test_fuzzing_prime.cpp' && clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I$MY_BOOST test/fuzzing/test_fuzzing_prime.cpp -o test_fuzzing_prime
+
+
+ls -la test_fuzzing_add test_fuzzing_sub test_fuzzing_mul test_fuzzing_div test_fuzzing_sdiv test_fuzzing_sqrt test_fuzzing_powm test_fuzzing_prime
+exit_compile=$?
+
+
+# Start each executable in the background and save their process IDs
+./test_fuzzing_add -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_add=$!
+
+./test_fuzzing_sub -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_sub=$!
+
+./test_fuzzing_mul -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_mul=$!
+
+./test_fuzzing_div -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_div=$!
+
+./test_fuzzing_sdiv -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_sdiv=$!
+
+./test_fuzzing_sqrt -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_sqrt=$!
+
+./test_fuzzing_powm -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_powm=$!
+
+./test_fuzzing_prime -max_total_time=900 -max_len=34 -verbosity=0 -close_fd_mask=3 &
+pid_prime=$!
+
+
+# Wait for each job and capture its exit status
+wait $pid_add
+exit_add=$?
+wait $pid_sub
+exit_sub=$?
+wait $pid_mul
+exit_mul=$?
+wait $pid_div
+exit_div=$?
+wait $pid_sdiv
+exit_sdiv=$?
+wait $pid_sqrt
+exit_sqrt=$?
+wait $pid_powm
+exit_powm=$?
+wait $pid_prime
+exit_prime=$?
+
+# Check the status of compilation and of each executable
+
+echo "exit_compile         : "  "$exit_compile"
+echo "exit_add             : "  "$exit_add"
+echo "exit_sub             : "  "$exit_sub"
+echo "exit_mul             : "  "$exit_mul"
+echo "exit_div             : "  "$exit_div"
+echo "exit_sdiv            : "  "$exit_sdiv"
+echo "exit_sqrt            : "  "$exit_sqrt"
+echo "exit_powm            : "  "$exit_powm"
+echo "exit_prime           : "  "$exit_prime"
+
+result_total=$((exit_compile+exit_add+exit_sub+exit_mul+exit_div+exit_sdiv+exit_sqrt+exit_powm+exit_prime))
+
+echo "result_total         : "  "$result_total"
+
+exit $result_total
diff --git a/test/fuzzing/test_fuzzing_add.cpp b/test/fuzzing/test_fuzzing_add.cpp
@@ -6,7 +6,7 @@
 //
 
 // cd /mnt/c/Users/ckorm/Documents/Ks/PC_Software/NumericalPrograms/ExtendedNumberTypes/wide_integer
-// clang++ -std=c++20 -g -O2 -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_add.cpp -o test_fuzzing_add
+// clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_add.cpp -o test_fuzzing_add
 // ./test_fuzzing_add -max_total_time=300
 
 #include <math/wide_integer/uintwide_t.h>
@@ -55,7 +55,7 @@ auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
     boost_uint_type a_boost { 0U };
     boost_uint_type b_boost { 0U };
 
-    // Import data into their respective uintwide_t a and b values.
+    // Import data into the uintwide_t values.
     import_bits
     (
       a_local,
@@ -72,7 +72,7 @@ auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
       8U
     );
 
-    // Import data into their respective boost-based a and b values.
+    // Import data into the boost values.
     import_bits
     (
       a_boost,

diff --git a/test/fuzzing/test_fuzzing_div.cpp b/test/fuzzing/test_fuzzing_div.cpp
@@ -6,7 +6,7 @@
 //
 
 // cd /mnt/c/Users/ckorm/Documents/Ks/PC_Software/NumericalPrograms/ExtendedNumberTypes/wide_integer
-// clang++ -std=c++20 -g -O2 -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_div.cpp -o test_fuzzing_div
+// clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_div.cpp -o test_fuzzing_div
 // ./test_fuzzing_div -max_total_time=300
 
 #include <math/wide_integer/uintwide_t.h>
@@ -55,7 +55,7 @@ auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
     boost_uint_type a_boost { 0U };
     boost_uint_type b_boost { 0U };
 
-    // Import data into their respective uintwide_t a and b values.
+    // Import data into the uintwide_t values.
     import_bits
     (
       a_local,
@@ -72,7 +72,7 @@ auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
       8U
     );
 
-    // Import data into their respective boost-based a and b values.
+    // Import data into the boost values.
     import_bits
     (
       a_boost,

diff --git a/test/fuzzing/test_fuzzing_mul.cpp b/test/fuzzing/test_fuzzing_mul.cpp
@@ -6,7 +6,7 @@
 //
 
 // cd /mnt/c/Users/ckorm/Documents/Ks/PC_Software/NumericalPrograms/ExtendedNumberTypes/wide_integer
-// clang++ -std=c++20 -g -O2 -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_mul.cpp -o test_fuzzing_mul
+// clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_mul.cpp -o test_fuzzing_mul
 // ./test_fuzzing_mul -max_total_time=300
 
 #include <math/wide_integer/uintwide_t.h>
@@ -55,7 +55,7 @@ auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
     boost_uint_type a_boost { 0U };
     boost_uint_type b_boost { 0U };
 
-    // Import data into their respective uintwide_t a and b values.
+    // Import data into the uintwide_t values.
     import_bits
     (
       a_local,
@@ -72,7 +72,7 @@ auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
       8U
     );
 
-    // Import data into their respective boost-based a and b values.
+    // Import data into the boost values.
     import_bits
     (
       a_boost,

diff --git a/test/fuzzing/test_fuzzing_powm.cpp b/test/fuzzing/test_fuzzing_powm.cpp
@@ -0,0 +1,148 @@
+///////////////////////////////////////////////////////////////////////////////
+//  Copyright Christopher Kormanyos 2024.
+//  Distributed under the Boost Software License,
+//  Version 1.0. (See accompanying file LICENSE_1_0.txt
+//  or copy at http://www.boost.org/LICENSE_1_0.txt)
+//
+
+// cd /mnt/c/Users/ckorm/Documents/Ks/PC_Software/NumericalPrograms/ExtendedNumberTypes/wide_integer
+// clang++ -std=c++20 -g -O2 -Wall -Wextra -fsanitize=fuzzer -I. -I/mnt/c/boost/boost_1_85_0 test/fuzzing/test_fuzzing_powm.cpp -o test_fuzzing_powm
+// ./test_fuzzing_powm -max_total_time=300
+
+#include <math/wide_integer/uintwide_t.h>
+
+#include <boost/multiprecision/cpp_int.hpp>
+
+#include <algorithm>
+#include <cassert>
+#include <cstddef>
+#include <cstdint>
+#include <vector>
+
+namespace fuzzing
+{
+  using boost_uint_backend_type =
+    boost::multiprecision::cpp_int_backend<static_cast<unsigned>(UINT32_C(256)),
+                                           static_cast<unsigned>(UINT32_C(256)),
+                                           boost::multiprecision::unsigned_magnitude>;
+
+  using boost_uint_type = boost::multiprecision::number<boost_uint_backend_type,
+                                                        boost::multiprecision::et_off>;
+
+  using local_uint_type = ::math::wide_integer::uint256_t;
+
+  auto eval_op(const std::uint8_t* data, std::size_t size) -> bool;
+}
+
+auto fuzzing::eval_op(const std::uint8_t* data, std::size_t size) -> bool
+{
+  const std::size_t
+    max_size
+    {
+      static_cast<std::size_t>
+      (
+        std::numeric_limits<fuzzing::local_uint_type>::digits / 8
+      )
+    };
+
+  bool result_is_ok { true };
+
+  if((size > std::size_t { UINT8_C(6) }) && (size <= std::size_t { max_size * 3U }))
+  {
+    local_uint_type b_local { 0U };
+    local_uint_type p_local { 0U };
+    local_uint_type m_local { 0U };
+
+    boost_uint_type b_boost { 0U };
+    boost_uint_type p_boost { 0U };
+    boost_uint_type m_boost { 0U };
+
+    // Import data into the uintwide_t values.
+    import_bits
+    (
+      b_local,
+      data,
+      data + std::size_t { size / 3U },
+      8U
+    );
+
+    import_bits
+    (
+      p_local,
+      data + std::size_t { size / 3U },
+      data + std::size_t { std::size_t { size * 2U } / 3U },
+      8U
+    );
+
+    import_bits
+    (
+      m_local,
+      data + std::size_t { std::size_t { size * 2U } / 3U },
+      data + size,
+      8U
+    );
+
+    // Import data into the boost values.
+    import_bits
+    (
+      b_boost,
+      data,
+      data + std::size_t { size / 3U },
+      8U
+    );
+
+    import_bits
+    (
+      p_boost,
+      data + std::size_t { size / 3U },
+      data + std::size_t { std::size_t { size * 2U } / 3U },
+      8U
+    );
+
+    import_bits
+    (
+      m_boost,
+      data + std::size_t { std::size_t { size * 2U } / 3U },
+      data + size,
+      8U
+    );
+
+    if(m_local != 0U)
+    {
+      local_uint_type result_local { powm(b_local, p_local, m_local) };
+      boost_uint_type result_boost { powm(b_boost, p_boost, m_boost) };
+
+      std::vector<std::uint8_t> result_data_local(max_size, UINT8_C(0));
+      std::vector<std::uint8_t> result_data_boost(result_data_local.size(), UINT8_C(0));
+
+      export_bits(result_local, result_data_local.data(), 8U);
+      export_bits(result_boost, result_data_boost.data(), 8U);
+
+      // Verify that both uintwide_t as well as boost obtain the same result.
+      const bool result_op_is_ok =
+        std::equal
+        (
+          result_data_local.cbegin(),
+          result_data_local.cend(),
+          result_data_boost.cbegin(),
+          result_data_boost.cend()
+        );
+
+      result_is_ok = (result_op_is_ok && result_is_ok);
+    }
+  }
+
+  // Assert the correct result.
+  assert(result_is_ok);
+
+  return result_is_ok;
+}
+
+// The fuzzing entry point.
+extern "C"
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+  const bool result_one_div_is_ok { fuzzing::eval_op(data, size) };
+
+  return (result_one_div_is_ok ? 0 : -1);
+}