Add atheris fuzzer

[AdamKorcz]

Signed-off-by: AdamKorcz [email protected]

What I did

1. Added a fuzzer
2. Added ClusterfuzzLite

How I did it

1. Added the fuzzer in tests/ast.
2. Added the ClusterfuzzLite in .clusterfuzzlite.
3. Added a .yml workflow file.

How to verify it

1. By observing the CI jobs.

Commit message

This PR adds a fuzzer for parse_to_ast(). The fuzzer passes a pseudo-random string, to parse_to_ast() to find possible crashes and catches a few exceptions.
The PR also sets up the fuzzer to run in the CI via ClusterfuzzLite.

Description for the changelog

Cute Animal Picture

[charles-cooper]

interesting! @AdamKorcz looks like this run is reporting an AST bug https://github.com/vyperlang/vyper/runs/7560168466?check_suite_focus=true, but looking through the logs I am not able to find the actual repro. Is there some way to interpret the logs that I am missing?

[codecov-commenter]

Codecov Report

Merging #2999 (b096dbd) into master (f31f0ec) will decrease coverage by 0.07%.
The diff coverage is 90.47%.

❗ Current head b096dbd differs from pull request most recent head 97d16b0. Consider uploading reports for the commit 97d16b0 to get more accurate results

@@            Coverage Diff             @@
##           master    #2999      +/-   ##
==========================================
- Coverage   88.29%   88.22%   -0.08%     
==========================================
  Files          97       97              
  Lines       10919    10935      +16     
  Branches     2583     2585       +2     
==========================================
+ Hits         9641     9647       +6     
- Misses        830      839       +9     
- Partials      448      449       +1     

Impacted Files	Coverage Δ
vyper/cli/vyper_compile.py	68.14% <ø> (ø)
vyper/compiler/__init__.py	88.09% <ø> (ø)
vyper/builtin_functions/functions.py	89.61% <81.81%> (-0.79%)	⬇️
vyper/compiler/output.py	89.00% <100.00%> (+0.11%)	⬆️
vyper/compiler/phases.py	90.99% <100.00%> (+0.60%)	⬆️
vyper/ir/compile_ir.py	93.71% <100.00%> (+0.01%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us.

[AdamKorcz]

interesting! @AdamKorcz looks like this run is reporting an AST bug https://github.com/vyperlang/vyper/runs/7560168466?check_suite_focus=true, but looking through the logs I am not able to find the actual repro. Is there some way to interpret the logs that I am missing?

I believe the reproducer is available in the log here:
MS: 3 ChangeBinInt-ShuffleBytes-InsertRepeatedBytes-; base unit: fbd8263f043a8dbf8fe53c5cc7ab4cefb2978e9a

and the raw bytes below it:

0x65,0x61,0x6e,0x5f,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0x6c,0x2c,0x69

These bytes are the data argument in the fuzz harness.

[charles-cooper]

ah, decoding for future reference

>>> bytes([0x65,0x61,0x6e,0x5f,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0xd,0x6c,0x2c,0x69])
b'ean_\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\r\rl,i'

[charles-cooper]

@AdamKorcz i think all inputs have to be passed through a filtering step before testing them. see

vyper/tests/grammar/test_grammar.py

Line 109 in b096dbd

tree = parse_to_ast(pre_parse(code + "\n")[1])

i mean now that i think about it, parse_to_ast should probably do this (add the trailing newline) automatically, there is not really any case where we want to call parse_to_ast without doing that first