Fuzz cairo compiled programs (#1236)

* Create fuzzer * Remove cli * Update fuzzer * Change fuzzer name * Move functions to utils; Create new fuzzer * Remove file and update readme * Change filename * Fix filenames * delete extra changes * Move to fuzzing dir * update and refactor cairo compiled programs fuzzer * fmt * add cairo_programs folder * fix warnings * fix formatting * add felt arbitrary * add felt arbitrary * add info to readme * add fuzzer makefile command * fix corrections --------- Co-authored-by: Juanma <juanma@Juanmas-MacBook-Air.local> Co-authored-by: dafifynn <slimbieber@gmail.com> Co-authored-by: Pedro Fontana <fontana.pedro93@gmail.com>
lambdaclass · Jul 26, 2023 · c73b728 · c73b728 · github-actions · Jul 26, 2023
1 parent b232d69
commit c73b728
Show file tree

Hide file tree

Showing 5 changed files with 559 additions and 0 deletions.
diff --git a/Makefile b/Makefile
@@ -303,3 +303,10 @@ clean:
 	rm -rf cairo-vm-env
 	rm -rf cairo-vm-pypy-env
 	rm -rf cairo
+
+fuzzer-deps: 
+	cargo +nightly install cargo-fuzz
+
+run-cairo-compiled-fuzzer:
+	cd fuzzer
+	cargo +nightly fuzz run --fuzz-dir . cairo_compiled_programs_fuzzer
diff --git a/fuzzer/Cargo.toml b/fuzzer/Cargo.toml
@@ -5,22 +5,29 @@ edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
+[package.metadata]
+cargo-fuzz = true
+
 [workspace]
 members = ["."]
 
 [dependencies]
 arbitrary = { version = "1.3.0", features = ["derive"] }
 honggfuzz = "0.5.55"
+libfuzzer-sys = "0.4"
 bincode = { version = "2.0.0-rc.3", tag = "v2.0.0-rc.3", git = "https://github.com/bincode-org/bincode.git" }
 cairo-vm = { path = "../vm", features = ["arbitrary"] }
 mimalloc = { version = "0.1.29", default-features = false, optional = true }
 nom = "7"
 thiserror = { version = "1.0.32" }
+cairo-felt = { path = "../felt", features = ["arbitrary"] }
+proptest = "1.2.0"
 
 [dev-dependencies]
 assert_matches = "1.5.0"
 rstest = "0.17.0"
 
+
 [features]
 default = ["with_mimalloc"]
 with_mimalloc = ["cairo-vm/with_mimalloc", "mimalloc"]
@@ -29,6 +36,10 @@ with_mimalloc = ["cairo-vm/with_mimalloc", "mimalloc"]
 name = "fuzz_json"
 path = "src/fuzz_json.rs"
 
+[[bin]]
+name = "cairo_compiled_programs_fuzzer"
+path = "src/cairo_compiled_programs_fuzzer.rs"
+
 [[bin]]
 name = "fuzz_program"
 path = "src/fuzz_program.rs"
diff --git a/fuzzer/README.md b/fuzzer/README.md
@@ -1,3 +1,12 @@
 ## fuzz_json
 This fuzzer creates a json file directly from bytes.
 `HFUZZ_RUN_ARGS="--dict=json.dict" cargo hfuzz run fuzz_json`
+
+## cairo_compiled_programs_fuzzer
+To run this fuzzer you need to be able to run cairo-compile command from the fuzzer folder beforehand.
+
+To run the fuzzer you need to have installed `cargo-fuzz`. If not, use the command `cargo +nightly install cargo-fuzz`
+
+To run simply use `cargo +nightly fuzz run --fuzz-dir . cairo_compiled_programs_fuzzer`
+
+We use nightly for this fuzzer because cargo fuzz runs with the -Z flag, which only works with +nightly.
diff --git a/fuzzer/cairo_programs/.gitkeep b/fuzzer/cairo_programs/.gitkeep
Benchmark suite	Current: `c73b728`	Previous: `b232d69`	Ratio
`add_u64_with_felt/1`	`3` ns/iter (`± 0`)	`2` ns/iter (`± 0`)	`1.50`
`add_u64_with_felt/2`	`3` ns/iter (`± 0`)	`2` ns/iter (`± 0`)	`1.50`
`add_u64_with_felt/3`	`2` ns/iter (`± 0`)	`1` ns/iter (`± 0`)	`2`
`add_u64_with_felt/4`	`2` ns/iter (`± 0`)	`1` ns/iter (`± 0`)	`2`
`add_u64_with_felt/5`	`2` ns/iter (`± 0`)	`1` ns/iter (`± 0`)	`2`
`add_u64_with_felt/6`	`4` ns/iter (`± 0`)	`2` ns/iter (`± 0`)	`2`
`add_u64_with_felt/7`	`4` ns/iter (`± 0`)	`2` ns/iter (`± 0`)	`2`
`add_u64_with_felt/8`	`3` ns/iter (`± 0`)	`2` ns/iter (`± 0`)	`1.50`