From 45d41147933078e4c992847c1e0f01725a8431b1 Mon Sep 17 00:00:00 2001 From: Korrrba Date: Mon, 21 Aug 2023 16:46:18 +0200 Subject: [PATCH 1/6] chore: add deep fuzz Foundry config for contracts Resolves: #515 --- packages/contracts/foundry.toml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/contracts/foundry.toml b/packages/contracts/foundry.toml index f6a0b34f3..bdaf3edb5 100644 --- a/packages/contracts/foundry.toml +++ b/packages/contracts/foundry.toml @@ -39,3 +39,6 @@ targets = [ [profile.docs] src = 'src/dollar' + +[profile.intense.fuzz] +runs = 10000 From dc7f74b4d8f71dae2918cd8f0d518e3659662f73 Mon Sep 17 00:00:00 2001 From: Korrrba Date: Mon, 21 Aug 2023 16:47:55 +0200 Subject: [PATCH 2/6] chore: add deep fuzz GitHub workflow Resolves: #515 --- .github/workflows/deep-fuzz.yml | 59 +++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 .github/workflows/deep-fuzz.yml diff --git a/.github/workflows/deep-fuzz.yml b/.github/workflows/deep-fuzz.yml new file mode 100644 index 000000000..7a0bbcf94 --- /dev/null +++ b/.github/workflows/deep-fuzz.yml @@ -0,0 +1,59 @@ +name: Deep Fuzz +on: + push: + pull_request: + +jobs: + deep-fuzz: + name: Deep Fuzz + runs-on: ubuntu-22.04 + env: + FOUNDRY_PROFILE: intense + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: "18.14.1" + + - name: Setup Foundry + uses: foundry-rs/foundry-toolchain@v1 + with: + version: nightly-d369d2486f85576eec4ca41d277391dfdae21ba7 + + - name: Get changed Solidity contracts + id: changed-files + uses: tj-actions/changed-files@v37 + with: + files: packages/contracts/src/** + + - name: Forge install + working-directory: packages/contracts + run: forge install + + - name: Deep Fuzz Solidity Contracts + working-directory: packages/contracts + run: | + if ${{ github.event_name == 'pull_request' }}; then + forge test + fi + if ${{ github.event_name == 'push' }}; then + if [ -z "${{ steps.changed-files.outputs.all_changed_files }}" ]; then + echo "No Solidity contracts were modified, skipping deep fuzzing..." + exit 0 + fi + touch fuzz.txt + for file in ${{ steps.changed-files.outputs.all_changed_files }}; do + echo "${file} was changed" + f=$(basename -- $file) + forge tree | grep -E "^test|^src|${f}" | grep -B1 ${f} | grep ^test | cut -d' ' -f1 >> fuzz.txt + done + echo "Deep fuzzing tests:" + cat fuzz.txt | sort | uniq -u + cat fuzz.txt | sort | uniq -u | xargs -I{} forge test --match-path {} + fi From cfd27ede08ca45b992b3c8b3c0b5bbd886bac624 Mon Sep 17 00:00:00 2001 From: Korrrba Date: Tue, 22 Aug 2023 08:30:46 +0200 Subject: [PATCH 3/6] chore: fuzz whole protocol only after push to development branch Incorporate pull request review feedback: - trigger deep fuzzing only on push to development if *.sol files were changed - execute fuzzing on the whole protocol Resolves: #515 --- .github/workflows/deep-fuzz.yml | 31 +++++-------------------------- 1 file changed, 5 insertions(+), 26 deletions(-) diff --git a/.github/workflows/deep-fuzz.yml b/.github/workflows/deep-fuzz.yml index 7a0bbcf94..1805af935 100644 --- a/.github/workflows/deep-fuzz.yml +++ b/.github/workflows/deep-fuzz.yml @@ -1,7 +1,10 @@ name: Deep Fuzz on: push: - pull_request: + branches: + - development + paths: + - '**.sol' jobs: deep-fuzz: @@ -26,34 +29,10 @@ jobs: with: version: nightly-d369d2486f85576eec4ca41d277391dfdae21ba7 - - name: Get changed Solidity contracts - id: changed-files - uses: tj-actions/changed-files@v37 - with: - files: packages/contracts/src/** - - name: Forge install working-directory: packages/contracts run: forge install - name: Deep Fuzz Solidity Contracts working-directory: packages/contracts - run: | - if ${{ github.event_name == 'pull_request' }}; then - forge test - fi - if ${{ github.event_name == 'push' }}; then - if [ -z "${{ steps.changed-files.outputs.all_changed_files }}" ]; then - echo "No Solidity contracts were modified, skipping deep fuzzing..." - exit 0 - fi - touch fuzz.txt - for file in ${{ steps.changed-files.outputs.all_changed_files }}; do - echo "${file} was changed" - f=$(basename -- $file) - forge tree | grep -E "^test|^src|${f}" | grep -B1 ${f} | grep ^test | cut -d' ' -f1 >> fuzz.txt - done - echo "Deep fuzzing tests:" - cat fuzz.txt | sort | uniq -u - cat fuzz.txt | sort | uniq -u | xargs -I{} forge test --match-path {} - fi + run: forge test From 2390afa9ab9a75b209435a76f6fd8d24081967b5 Mon Sep 17 00:00:00 2001 From: Korrrba Date: Wed, 23 Aug 2023 15:19:30 +0200 Subject: [PATCH 4/6] chore: increase deep fuzz to 100 000 000 iterations Resolves: #515 --- packages/contracts/foundry.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/contracts/foundry.toml b/packages/contracts/foundry.toml index bdaf3edb5..cd3103be3 100644 --- a/packages/contracts/foundry.toml +++ b/packages/contracts/foundry.toml @@ -41,4 +41,4 @@ targets = [ src = 'src/dollar' [profile.intense.fuzz] -runs = 10000 +runs = 100000000 From a1ac686daf4976b0620f06c19d0f1d81a1adfde8 Mon Sep 17 00:00:00 2001 From: Korrrba Date: Fri, 25 Aug 2023 08:19:45 +0200 Subject: [PATCH 5/6] chore: remove unnecessary steps in deep-fuzz.yml Resolves: #515 --- .github/workflows/deep-fuzz.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/deep-fuzz.yml b/.github/workflows/deep-fuzz.yml index 1805af935..9c3a1df9d 100644 --- a/.github/workflows/deep-fuzz.yml +++ b/.github/workflows/deep-fuzz.yml @@ -12,18 +12,11 @@ jobs: runs-on: ubuntu-22.04 env: FOUNDRY_PROFILE: intense - permissions: - contents: read steps: - name: Checkout repository uses: actions/checkout@v3 - - name: Setup Node - uses: actions/setup-node@v3 - with: - node-version: "18.14.1" - - name: Setup Foundry uses: foundry-rs/foundry-toolchain@v1 with: From 0e19fc4faf1f82facd21a543dd571bc2127b6a16 Mon Sep 17 00:00:00 2001 From: Korrrba Date: Fri, 25 Aug 2023 21:21:21 +0200 Subject: [PATCH 6/6] chore: set deep fuzz to 100 000 iterations As decided during PR review. Resolves: #515 --- packages/contracts/foundry.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/contracts/foundry.toml b/packages/contracts/foundry.toml index cd3103be3..8c5721de8 100644 --- a/packages/contracts/foundry.toml +++ b/packages/contracts/foundry.toml @@ -41,4 +41,4 @@ targets = [ src = 'src/dollar' [profile.intense.fuzz] -runs = 100000000 +runs = 100000