Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash on "coverageEnabled": true #299

Closed
forkforkdog opened this issue Feb 18, 2024 · 1 comment · Fixed by #216 or #303
Closed

Crash on "coverageEnabled": true #299

forkforkdog opened this issue Feb 18, 2024 · 1 comment · Fixed by #216 or #303

Comments

@forkforkdog
Copy link

On default

"coverageEnabled": true

I got this error

⇾ Reading the configuration file at: script/echidna/medusa.json
⇾ Compiling targets with crytic-compile
⇾ Creating 10 workers...
⇾ fuzz: elapsed: 0s, calls: 0 (0/sec), seq/s: 0, coverage: 0
panic: runtime error: index out of range [11517] with length 11517

goroutine 84 [running]:
github.com/crytic/medusa/fuzzing/coverage.(*CoverageMapBytecodeData).update(...)
        /Users/user/folder/folder/medusa/fuzzing/coverage/coverage_maps.go:352
github.com/crytic/medusa/fuzzing/coverage.(*ContractCoverageMap).update(0x100935e00?, 0xc009bb1d70?)
        /Users/user/folder/folder/medusa/fuzzing/coverage/coverage_maps.go:281 +0x11c
github.com/crytic/medusa/fuzzing/coverage.(*CoverageMaps).Update(0xc009b74960, 0xc00c29b7c0?)
        /Users/user/folder/folder/medusa/fuzzing/coverage/coverage_maps.go:154 +0x351
github.com/crytic/medusa/fuzzing/corpus.(*Corpus).CheckSequenceCoverageAndUpdate(0xc000378000, {0xc00c0d8bc0?, 0x6, 0x8}, 0x1000113a8?, 0x40?)
        /Users/user/folder/folder/medusa/fuzzing/corpus/corpus.go:395 +0xf8
github.com/crytic/medusa/fuzzing.(*FuzzerWorker).testNextCallSequence.func3({0xc00c0d8bc0, 0x6, 0x8})
        /Users/user/folder/folder/medusa/fuzzing/fuzzer_worker.go:276 +0x94
github.com/crytic/medusa/fuzzing/calls.ExecuteCallSequenceIteratively(0xc00aade640, 0xc00aad1d78, 0xc00aad1dd0)
        /Users/user/folder/folder/medusa/fuzzing/calls/call_sequence_execution.go:120 +0x1f9
github.com/crytic/medusa/fuzzing.(*FuzzerWorker).testNextCallSequence(0xc0035dc000)
        /Users/user/folder/folder/medusa/fuzzing/fuzzer_worker.go:304 +0x176
github.com/crytic/medusa/fuzzing.(*FuzzerWorker).run(0xc0035dc000, 0x100b70940?)
        /Users/user/folder/folder/medusa/fuzzing/fuzzer_worker.go:570 +0x356
github.com/crytic/medusa/fuzzing.(*Fuzzer).spawnWorkersLoop.func1({0x0?, 0xc009bb1ec0?})
        /Users/user/folder/folder/medusa/fuzzing/fuzzer.go:542 +0x173
created by github.com/crytic/medusa/fuzzing.(*Fuzzer).spawnWorkersLoop
        /Users/user/folder/folder/medusa/fuzzing/fuzzer.go:525 +0x2d1

full params

  "fuzzing": {
    "workers": 10,
    "workerResetLimit": 50,
    "timeout": 0,
    "testLimit": 0,
    "callSequenceLength": 100,
    "corpusDirectory": "corpusMedusa",
    "coverageEnabled": false,
    "deploymentOrder": ["Tests"],
    "constructorArgs": {},
    "deployerAddress": "0x30000",
    "senderAddresses": ["0x10000", "0x20000"],
    "blockNumberDelayMax": 60480,
    "blockTimestampDelayMax": 604800,
    "blockGasLimit": 125000000,
    "transactionGasLimit": 12500000,
    "testing": {
      "stopOnFailedTest": true,
      "stopOnFailedContractMatching": true,
      "stopOnNoTests": true,
      "testAllContracts": false,
      "traceAll": false,
      "assertionTesting": {
        "enabled": true,
        "testViewMethods": false,
        "assertionModes": {
          "failOnCompilerInsertedPanic": false,
          "failOnAssertion": true,
          "failOnArithmeticUnderflow": false,
          "failOnDivideByZero": false,
          "failOnEnumTypeConversionOutOfBounds": false,
          "failOnIncorrectStorageAccess": false,
          "failOnPopEmptyArray": false,
          "failOnOutOfBoundsArrayAccess": false,
          "failOnAllocateTooMuchMemory": false,
          "failOnCallUninitializedVariable": false
        }
      },
      "propertyTesting": {
        "enabled": false,
        "testPrefixes": ["fuzz_"]
      },
      "optimizationTesting": {
        "enabled": false,
        "testPrefixes": ["optimize_"]
      }
    },
    "chainConfig": {
      "codeSizeCheckDisabled": true,
      "cheatCodes": {
        "cheatCodesEnabled": true,
        "enableFFI": false
      }
    }
  },
  "compilation": {
    "platform": "crytic-compile",
    "platformConfig": {
      "target": "./../../",
      "solcVersion": "",
      "exportDirectory": "",
      "args": ["--solc-remaps", "@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/"]
    }
  },
  "logging": {
    "level": "info",
    "logDirectory": ""
  }

was trying rebuilding from source, the only thing that helps is "coverageEnabled": false
@anishnaik
Copy link
Collaborator

anishnaik commented Feb 20, 2024
edited
Loading

Hey @algobotishere thanks for reporting this. We actually have this bug reported here as well #231. There is a temporary fix in the dev/no-multi-abi branch but I am still not 100% sure whether it is the best fix or not. Will keep you updated on this.

@anishnaik anishnaik mentioned this issue Feb 20, 2024
Merged
@anishnaik anishnaik reopened this Feb 21, 2024
@anishnaik anishnaik mentioned this issue Feb 21, 2024
Merged
@bohendo bohendo mentioned this issue Sep 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@anishnaik @forkforkdog