Remove proptest from fuzzed tests

grandizzy · grandizzy · commit bff439381917 · 2025-07-22T09:46:06.000+03:00
diff --git a/crates/evm/core/src/constants.rs b/crates/evm/core/src/constants.rs
@@ -37,9 +37,6 @@ pub const MAGIC_ASSUME: &[u8] = b"FOUNDRY::ASSUME";
 /// Magic return value returned by the `skip` cheatcode. Optionally appended with a reason.
 pub const MAGIC_SKIP: &[u8] = b"FOUNDRY::SKIP";
 
-/// Test timeout return value.
-pub const TEST_TIMEOUT: &str = "FOUNDRY::TEST_TIMEOUT";
-
 /// The address that deploys the default CREATE2 deployer contract.
 pub const DEFAULT_CREATE2_DEPLOYER_DEPLOYER: Address =
     address!("0x3fAB184622Dc19b6109349B94811493BF2a45362");
diff --git a/crates/evm/evm/src/executors/fuzz/mod.rs b/crates/evm/evm/src/executors/fuzz/mod.rs
@@ -6,7 +6,7 @@ use eyre::Result;
 use foundry_common::evm::Breakpoints;
 use foundry_config::FuzzConfig;
 use foundry_evm_core::{
-    constants::{CHEATCODE_ADDRESS, MAGIC_ASSUME, TEST_TIMEOUT},
+    constants::{CHEATCODE_ADDRESS, MAGIC_ASSUME},
     decode::{RevertDecoder, SkipReason},
 };
 use foundry_evm_coverage::HitMaps;
@@ -16,7 +16,10 @@ use foundry_evm_fuzz::{
 };
 use foundry_evm_traces::SparsedTraceArena;
 use indicatif::ProgressBar;
-use proptest::test_runner::{TestCaseError, TestError, TestRunner};
+use proptest::{
+    strategy::{Strategy, ValueTree},
+    test_runner::{TestCaseError, TestRunner},
+};
 use std::{cell::RefCell, collections::BTreeMap};
 
 mod types;
@@ -78,7 +81,7 @@ impl FuzzedExecutor {
     ///
     /// Returns a list of all the consumed gas and calldata of every fuzz case
     pub fn fuzz(
-        &self,
+        &mut self,
         func: &Function,
         fuzz_fixtures: &FuzzFixtures,
         deployed_libs: &[Address],
@@ -101,69 +104,99 @@ impl FuzzedExecutor {
         // Start timer for this fuzz test.
         let timer = FuzzTestTimer::new(self.config.timeout);
 
-        let run_result = self.runner.clone().run(&strategy, |calldata| {
-            // Check if the timeout has been reached.
-            if timer.is_timed_out() {
-                return Err(TestCaseError::fail(TEST_TIMEOUT));
+        let continue_campaign = |runs: u32| {
+            // If timeout is configured, then perform invariant runs until expires.
+            if self.config.timeout.is_some() {
+                return !timer.is_timed_out();
             }
+            // If no timeout configured then loop until configured runs.
+            runs < self.config.runs
+        };
 
-            let fuzz_res = self.single_fuzz(address, calldata)?;
+        let mut runs = 0;
+        let mut rejects = 0;
+        let mut run_failure = None;
+        'stop: while continue_campaign(runs) {
+            let Ok(strategy) = strategy.new_tree(&mut self.runner) else {
+                run_failure = Some(TestCaseError::fail("no input generated to call fuzzed target"));
+                break 'stop;
+            };
 
             // If running with progress then increment current run.
             if let Some(progress) = progress {
                 progress.inc(1);
             };
 
-            match fuzz_res {
-                FuzzOutcome::Case(case) => {
-                    let mut data = execution_data.borrow_mut();
-                    data.gas_by_case.push((case.case.gas, case.case.stipend));
+            match self.single_fuzz(address, strategy.current()) {
+                Ok(fuzz_outcome) => {
+                    match fuzz_outcome {
+                        FuzzOutcome::Case(case) => {
+                            let mut data = execution_data.borrow_mut();
+                            data.gas_by_case.push((case.case.gas, case.case.stipend));
 
-                    if data.first_case.is_none() {
-                        data.first_case.replace(case.case);
-                    }
+                            if data.first_case.is_none() {
+                                data.first_case.replace(case.case);
+                            }
 
-                    if let Some(call_traces) = case.traces {
-                        if data.traces.len() == max_traces_to_collect {
-                            data.traces.pop();
-                        }
-                        data.traces.push(call_traces);
-                        data.breakpoints.replace(case.breakpoints);
-                    }
-
-                    if show_logs {
-                        data.logs.extend(case.logs);
-                    }
+                            if let Some(call_traces) = case.traces {
+                                if data.traces.len() == max_traces_to_collect {
+                                    data.traces.pop();
+                                }
+                                data.traces.push(call_traces);
+                                data.breakpoints.replace(case.breakpoints);
+                            }
 
-                    HitMaps::merge_opt(&mut data.coverage, case.coverage);
+                            if show_logs {
+                                data.logs.extend(case.logs);
+                            }
 
-                    data.deprecated_cheatcodes = case.deprecated_cheatcodes;
-
-                    Ok(())
+                            HitMaps::merge_opt(&mut data.coverage, case.coverage);
+                            data.deprecated_cheatcodes = case.deprecated_cheatcodes;
+                        }
+                        FuzzOutcome::CounterExample(CounterExampleOutcome {
+                            exit_reason: status,
+                            counterexample: outcome,
+                            ..
+                        }) => {
+                            let reason = rd.maybe_decode(&outcome.1.result, status);
+                            execution_data.borrow_mut().logs.extend(outcome.1.logs.clone());
+                            execution_data.borrow_mut().counterexample = outcome;
+                            // HACK: we have to use an empty string here to denote `None`.
+                            run_failure = Some(TestCaseError::fail(reason.unwrap_or_default()));
+                            break 'stop;
+                        }
+                    }
                 }
-                FuzzOutcome::CounterExample(CounterExampleOutcome {
-                    exit_reason: status,
-                    counterexample: outcome,
-                    ..
-                }) => {
-                    // We cannot use the calldata returned by the test runner in `TestError::Fail`,
-                    // since that input represents the last run case, which may not correspond with
-                    // our failure - when a fuzz case fails, proptest will try to run at least one
-                    // more case to find a minimal failure case.
-                    let reason = rd.maybe_decode(&outcome.1.result, status);
-                    execution_data.borrow_mut().logs.extend(outcome.1.logs.clone());
-                    execution_data.borrow_mut().counterexample = outcome;
-                    // HACK: we have to use an empty string here to denote `None`.
-                    Err(TestCaseError::fail(reason.unwrap_or_default()))
+                Err(err) => {
+                    match err {
+                        TestCaseError::Fail(_) => {
+                            run_failure = Some(err);
+                            break 'stop;
+                        }
+                        TestCaseError::Reject(_) => {
+                            // Apply max rejects only if configured, otherwise silently discard run.
+                            if self.config.max_test_rejects > 0 {
+                                rejects += 1;
+                                if rejects >= self.config.max_test_rejects {
+                                    run_failure = Some(err);
+                                    break 'stop;
+                                }
+                            } else {
+                                continue 'stop;
+                            }
+                        }
+                    }
                 }
             }
-        });
+
+            runs += 1;
+        }
 
         let fuzz_result = execution_data.into_inner();
         let (calldata, call) = fuzz_result.counterexample;
 
         let mut traces = fuzz_result.traces;
-        let (last_run_traces, last_run_breakpoints) = if run_result.is_ok() {
+        let (last_run_traces, last_run_breakpoints) = if run_failure.is_none() {
             (traces.pop(), fuzz_result.breakpoints)
         } else {
             (call.traces.clone(), call.cheatcodes.map(|c| c.breakpoints))
@@ -172,7 +205,7 @@ impl FuzzedExecutor {
         let mut result = FuzzTestResult {
             first_case: fuzz_result.first_case.unwrap_or_default(),
             gas_by_case: fuzz_result.gas_by_case,
-            success: run_result.is_ok(),
+            success: run_failure.is_none(),
             skipped: false,
             reason: None,
             counterexample: None,
@@ -185,38 +218,24 @@ impl FuzzedExecutor {
             deprecated_cheatcodes: fuzz_result.deprecated_cheatcodes,
         };
 
-        match run_result {
-            Ok(()) => {}
-            Err(TestError::Abort(reason)) => {
-                let msg = reason.message();
-                // Currently the only operation that can trigger proptest global rejects is the
-                // `vm.assume` cheatcode, thus we surface this info to the user when the fuzz test
-                // aborts due to too many global rejects, making the error message more actionable.
-                result.reason = if msg == "Too many global rejects" {
-                    let error = FuzzError::TooManyRejects(self.runner.config().max_global_rejects);
-                    Some(error.to_string())
+        match run_failure {
+            Some(TestCaseError::Fail(reason)) => {
+                let reason = reason.to_string();
+                result.reason = (!reason.is_empty()).then_some(reason);
+                let args = if let Some(data) = calldata.get(4..) {
+                    func.abi_decode_input(data).unwrap_or_default()
                 } else {
-                    Some(msg.to_string())
+                    vec![]
                 };
+                result.counterexample = Some(CounterExample::Single(
+                    BaseCounterExample::from_fuzz_call(calldata, args, call.traces),
+                ));
             }
-            Err(TestError::Fail(reason, _)) => {
+            Some(TestCaseError::Reject(reason)) => {
                 let reason = reason.to_string();
-                if reason == TEST_TIMEOUT {
-                    // If the reason is a timeout, we consider the fuzz test successful.
-                    result.success = true;
-                } else {
-                    result.reason = (!reason.is_empty()).then_some(reason);
-                    let args = if let Some(data) = calldata.get(4..) {
-                        func.abi_decode_input(data).unwrap_or_default()
-                    } else {
-                        vec![]
-                    };
-
-                    result.counterexample = Some(CounterExample::Single(
-                        BaseCounterExample::from_fuzz_call(calldata, args, call.traces),
-                    ));
-                }
+                result.reason = (!reason.is_empty()).then_some(reason);
             }
+            None => {}
         }
 
         if let Some(reason) = &result.reason
@@ -245,7 +264,9 @@ impl FuzzedExecutor {
 
         // Handle `vm.assume`.
         if call.result.as_ref() == MAGIC_ASSUME {
-            return Err(TestCaseError::reject(FuzzError::AssumeReject));
+            return Err(TestCaseError::reject(FuzzError::TooManyRejects(
+                self.config.max_test_rejects,
+            )));
         }
 
         let (breakpoints, deprecated_cheatcodes) =
diff --git a/crates/forge/src/runner.rs b/crates/forge/src/runner.rs
@@ -930,7 +930,7 @@ impl<'a> FunctionRunner<'a> {
         );
 
         // Run fuzz test.
-        let fuzzed_executor =
+        let mut fuzzed_executor =
             FuzzedExecutor::new(self.executor.into_owned(), runner, self.tcfg.sender, fuzz_config);
         let result = fuzzed_executor.fuzz(
             func,
diff --git a/crates/forge/tests/cli/test_cmd.rs b/crates/forge/tests/cli/test_cmd.rs
@@ -793,14 +793,14 @@ contract CounterTest is Test {
 Compiler run successful!
 
 Ran 1 test for test/CounterFuzz.t.sol:CounterTest
-[FAIL: panic: arithmetic underflow or overflow (0x11); counterexample: calldata=0xa76d58f5fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd args=[115792089237316195423570985008687907853269984665640564039457584007913129639933 [1.157e77]]] testAddOne(uint256) (runs: 84, [AVG_GAS])
+[FAIL: panic: arithmetic underflow or overflow (0x11); counterexample: calldata=0xa76d58f5fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe args=[115792089237316195423570985008687907853269984665640564039457584007913129639934 [1.157e77]]] testAddOne(uint256) (runs: 27, [AVG_GAS])
 Suite result: FAILED. 0 passed; 1 failed; 0 skipped; [ELAPSED]
 
 Ran 1 test suite [ELAPSED]: 0 tests passed, 1 failed, 0 skipped (1 total tests)
 
 Failing tests:
 Encountered 1 failing test in test/CounterFuzz.t.sol:CounterTest
-[FAIL: panic: arithmetic underflow or overflow (0x11); counterexample: calldata=0xa76d58f5fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd args=[115792089237316195423570985008687907853269984665640564039457584007913129639933 [1.157e77]]] testAddOne(uint256) (runs: 84, [AVG_GAS])
+[FAIL: panic: arithmetic underflow or overflow (0x11); counterexample: calldata=0xa76d58f5fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe args=[115792089237316195423570985008687907853269984665640564039457584007913129639934 [1.157e77]]] testAddOne(uint256) (runs: 27, [AVG_GAS])
 
 Encountered a total of 1 failing tests, 0 tests succeeded
 
