feat(avm_fuzzing): external calls (#19055)

1) avm.fuzzer.cpp -> avm_differential.fuzzer.cpp
2) Added singletone-proxy class to ContractDB to register contracts
3) Implemented CALL/STATICALL RETURNDATACOPY RETURNDATASIZE

More predefined functions and tests will be in followups

Author: defkit

…c/barretenberg/avm_fuzzer/avm.fuzzer.cpp …g/avm_fuzzer/avm_differential.fuzzer.cppbarretenberg/cpp/src/barretenberg/avm_fuzzer/avm.fuzzer.cpp renamed to barretenberg/cpp/src/barretenberg/avm_fuzzer/avm_differential.fuzzer.cpp barretenberg/cpp/src/barretenberg/avm_fuzzer/avm.fuzzer.cpp renamed to barretenberg/cpp/src/barretenberg/avm_fuzzer/avm_differential.fuzzer.cpp

@@ -5,6 +5,8 @@
 #include <vector>
 
 #include "barretenberg/avm_fuzzer/common/interfaces/dbs.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/constants.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/contract_db_proxy.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/control_flow.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/fuzz.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/fuzzer_data.hpp"
@@ -40,7 +42,7 @@ SimulatorResult fuzz(const uint8_t* buffer, size_t size)
 
     FuzzerWorldStateManager* ws_mgr = FuzzerWorldStateManager::getInstance();
     ws_mgr->fork();
-    auto res = fuzz(deserialized_data);
+    auto res = fuzz_against_ts_simulator(deserialized_data);
     ws_mgr->reset_world_state();
 
     return res;

barretenberg/cpp/src/barretenberg/avm_fuzzer/common/interfaces/dbs.cpp

@@ -237,11 +237,13 @@ void FuzzerContractDB::add_contracts(const ContractDeploymentData& contract_depl
 void FuzzerContractDB::add_contract_class(const ContractClassId& class_id, const ContractClass& contract_class)
 {
     contract_classes[class_id] = contract_class;
+    contract_classes_vector.push_back(contract_class);
 }
 
 void FuzzerContractDB::add_contract_instance(const AztecAddress& address, const ContractInstance& contract_instance)
 {
     contract_instances[address] = contract_instance;
+    contract_instances_vector.push_back({ address, contract_instance });
 }
 
 // Based on fromLogs in yarn-project/protocol-contracts/src/class-registry/contract_class_published_event.ts

barretenberg/cpp/src/barretenberg/avm_fuzzer/common/interfaces/dbs.hpp

@@ -83,10 +83,10 @@ class FuzzerContractDB : public simulation::ContractDBInterface {
     void revert_checkpoint() override;
 
     // Getters for serialization
-    const std::unordered_map<ContractClassId, ContractClass>& get_contract_classes() const { return contract_classes; }
-    const std::unordered_map<AztecAddress, ContractInstance>& get_contract_instances() const
+    const std::vector<ContractClass>& get_contract_classes() const { return contract_classes_vector; }
+    const std::vector<std::pair<AztecAddress, ContractInstance>>& get_contract_instances() const
     {
-        return contract_instances;
+        return contract_instances_vector;
     }
 
   private:
@@ -96,6 +96,10 @@ class FuzzerContractDB : public simulation::ContractDBInterface {
     std::unordered_map<ContractClassId, ContractClass> contract_classes;
     std::unordered_map<AztecAddress, ContractInstance> contract_instances;
 
+    // Used for serialization keeping track of the order of the contracts and instances
+    std::vector<ContractClass> contract_classes_vector;
+    std::vector<std::pair<AztecAddress, ContractInstance>> contract_instances_vector;
+
     struct Checkpoint {
         std::unordered_map<ContractClassId, ContractClass> contract_classes;
         std::unordered_map<AztecAddress, ContractInstance> contract_instances;

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/constants.hpp

@@ -49,3 +49,10 @@ inline void fuzz_info_(std::function<std::string()> func)
 }
 
 #define fuzz_info(...) fuzz_info_([&]() { return format(__VA_ARGS__); })
+
+// =========== Pre defined functions ===========
+// Taken from ADD_8 test in fuzz.test.cpp
+const std::vector<uint8_t> ADD_8_BYTECODE = { 39, 0,  0, 2, 5, 39, 0, 1, 2,  2, 0, 0, 0, 1,
+                                              2,  40, 0, 0, 5, 4,  0, 1, 59, 0, 0, 5, 0, 2 };
+
+const std::vector<std::vector<uint8_t>> PREDEFINED_FUNCTIONS = { ADD_8_BYTECODE };

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/contract_db_proxy.cpp

@@ -0,0 +1,145 @@
+#include "barretenberg/avm_fuzzer/fuzz_lib/contract_db_proxy.hpp"
+
+#include "barretenberg/avm_fuzzer/common/interfaces/dbs.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/constants.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/control_flow.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/fuzzer_data.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/simulator.hpp"
+#include "barretenberg/common/log.hpp"
+#include "barretenberg/vm2/simulation/lib/contract_crypto.hpp"
+
+using namespace bb::avm2::fuzzer;
+
+// Temp Helper function to create a default contract class from bytecode
+ContractClass create_default_class(const std::vector<uint8_t>& bytecode)
+{
+    // This isn't strictly needed for pure simulation, but if we want to re-use inputs in proving we need valid
+    // commitment
+    auto bytecode_commitment = simulation::compute_public_bytecode_commitment(bytecode);
+    auto class_id =
+        simulation::compute_contract_class_id(/*artifact_hash=*/0, /*private_fn_root=*/0, bytecode_commitment);
+    return ContractClass{
+        .id = class_id,
+        .artifact_hash = 0,
+        .private_functions_root = 0,
+        .packed_bytecode = bytecode,
+    };
+}
+
+// Temp Helper function to create a default contract instance from a class ID
+ContractInstance create_default_instance(const ContractClassId& class_id)
+{
+    return ContractInstance{
+        .salt = 0,
+        .deployer = MSG_SENDER,
+        .current_contract_class_id = class_id,
+        .original_contract_class_id = class_id,
+        .initialization_hash = 0,
+        .public_keys = PublicKeys{},
+    };
+}
+
+// Temp Helper function to compute contract address from instance
+AztecAddress compute_contract_address(const ContractInstance& instance)
+{
+    // This isn't strictly needed for pure simulation, but if we want to re-use inputs in proving we need valid
+    // addresses
+    return simulation::compute_contract_address(instance);
+}
+
+// Creates a default transaction that the single app logic enqueued call can be inserted into
+Tx create_default_tx(const AztecAddress& contract_address,
+                     const AztecAddress& sender_address,
+                     const std::vector<FF>& calldata,
+                     [[maybe_unused]] const FF& transaction_fee,
+                     bool is_static_call,
+                     const Gas& gas_limit)
+{
+    return Tx{
+        .hash = TRANSACTION_HASH,
+        .gas_settings = GasSettings{
+            .gas_limits = gas_limit,
+            .max_fees_per_gas = GasFees{ .fee_per_da_gas = FEE_PER_DA_GAS, .fee_per_l2_gas = FEE_PER_L2_GAS },
+        },
+        .effective_gas_fees = EFFECTIVE_GAS_FEES,
+        .non_revertible_accumulated_data = AccumulatedData{
+            .note_hashes = NON_REVERTIBLE_ACCUMULATED_DATA_NOTE_HASHES,
+            // This nullifier is needed to make the nonces for note hashes and expected by simulation_helper
+            .nullifiers = NON_REVERTIBLE_ACCUMULATED_DATA_NULLIFIERS,
+            .l2_to_l1_messages = NON_REVERTIBLE_ACCUMULATED_DATA_L2_TO_L1_MESSAGES,
+        },
+        .revertible_accumulated_data = AccumulatedData{
+            .note_hashes = REVERTIBLE_ACCUMULATED_DATA_NOTE_HASHES,
+            .nullifiers = REVERTIBLE_ACCUMULATED_DATA_NULLIFIERS,
+            .l2_to_l1_messages = REVERTIBLE_ACCUMULATED_DATA_L2_TO_L1_MESSAGES,
+        },
+        .setup_enqueued_calls = SETUP_ENQUEUED_CALLS,
+        .app_logic_enqueued_calls = {
+            PublicCallRequestWithCalldata{
+                .request = PublicCallRequest{
+                    .msg_sender = MSG_SENDER,
+                    .contract_address = contract_address,
+                    .is_static_call = is_static_call,
+                    .calldata_hash = 0,
+                },
+                .calldata = calldata,
+            },
+        },
+        .teardown_enqueued_call = TEARDOWN_ENQUEUED_CALLS,
+        .gas_used_by_private = GAS_USED_BY_PRIVATE,
+        .fee_payer = sender_address,
+    };
+}
+
+namespace bb::avm2::fuzzer {
+
+ContractDBProxy* ContractDBProxy::instance = nullptr;
+
+ContractDBProxy::ContractDBProxy()
+{
+    contract_db = new FuzzerContractDB();
+}
+
+ContractDBProxy* ContractDBProxy::get_instance()
+{
+    if (instance == nullptr) {
+        instance = new ContractDBProxy();
+    }
+    return instance;
+}
+
+FF ContractDBProxy::register_contract_from_bytecode(const std::vector<uint8_t>& bytecode)
+{
+    if (instance == nullptr) {
+        instance = new ContractDBProxy();
+    }
+    auto default_class = create_default_class(bytecode);
+    auto default_instance = create_default_instance(default_class.id);
+    auto contract_address = simulation::compute_contract_address(default_instance);
+    instance->contract_db->add_contract_class(default_class.id, default_class);
+    instance->contract_db->add_contract_instance(contract_address, default_instance);
+    instance->registered_contract_addresses.push_back(contract_address);
+
+    FuzzerWorldStateManager::getInstance()->register_contract_address(contract_address);
+    return contract_address;
+}
+
+FF ContractDBProxy::get_function_address(size_t index)
+{
+    if (instance == nullptr) {
+        instance = new ContractDBProxy();
+    }
+    if (instance->registered_contract_addresses.size() < 1) {
+        return FF::zero();
+    }
+    return instance->registered_contract_addresses[index % (instance->registered_contract_addresses.size())];
+}
+
+void ContractDBProxy::reset_instance()
+{
+    if (instance != nullptr) {
+        delete instance;
+        instance = new ContractDBProxy();
+    }
+}
+} // namespace bb::avm2::fuzzer

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/contract_db_proxy.hpp

@@ -0,0 +1,35 @@
+/// Singleton proxy class for FuzzerContractDB
+#pragma once
+
+#include "barretenberg/avm_fuzzer/common/interfaces/dbs.hpp"
+#include "barretenberg/vm2/common/field.hpp"
+
+namespace bb::avm2::fuzzer {
+
+class ContractDBProxy {
+  private:
+    static ContractDBProxy* instance;
+    ContractDBProxy();
+
+    FuzzerContractDB* contract_db;
+    std::vector<FF> registered_contract_addresses;
+
+  public:
+    static ContractDBProxy* get_instance();
+
+    /// @brief Register a contract from its bytecode
+    /// @param bytecode The bytecode of the contract
+    /// @return The address of the registered contract
+    /// @note This function will also register the contract address in the world state
+    /// Adds the contract address to the registered_contract_addresses vector
+    static FF register_contract_from_bytecode(const std::vector<uint8_t>& bytecode);
+
+    static void reset_instance();
+
+    FuzzerContractDB* get_contract_db() const { return contract_db; }
+
+    /// @brief Get the address of a function by index
+    /// @return registered_contract_addresses[index % (registered_contract_addresses.size())]
+    FF get_function_address(size_t index);
+};
+} // namespace bb::avm2::fuzzer

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.cpp

@@ -2,6 +2,7 @@
 
 #include "barretenberg/avm_fuzzer/common/interfaces/dbs.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/constants.hpp"
+#include "barretenberg/avm_fuzzer/fuzz_lib/contract_db_proxy.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/control_flow.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/fuzzer_data.hpp"
 #include "barretenberg/avm_fuzzer/fuzz_lib/simulator.hpp"
@@ -10,88 +11,7 @@
 
 using namespace bb::avm2::fuzzer;
 
-// Temp Helper function to create a default contract class from bytecode
-ContractClass create_default_class(const std::vector<uint8_t>& bytecode)
-{
-    // This isn't strictly needed for pure simulation, but if we want to re-use inputs in proving we need valid
-    // commitment
-    auto bytecode_commitment = simulation::compute_public_bytecode_commitment(bytecode);
-    auto class_id =
-        simulation::compute_contract_class_id(/*artifact_hash=*/0, /*private_fn_root=*/0, bytecode_commitment);
-    return ContractClass{
-        .id = class_id,
-        .artifact_hash = 0,
-        .private_functions_root = 0,
-        .packed_bytecode = bytecode,
-    };
-}
-
-// Temp Helper function to create a default contract instance from a class ID
-ContractInstance create_default_instance(const ContractClassId& class_id)
-{
-    return ContractInstance{
-        .salt = 0,
-        .deployer = MSG_SENDER,
-        .current_contract_class_id = class_id,
-        .original_contract_class_id = class_id,
-        .initialization_hash = 0,
-        .public_keys = PublicKeys{},
-    };
-}
-
-// Temp Helper function to compute contract address from instance
-AztecAddress compute_contract_address(const ContractInstance& instance)
-{
-    // This isn't strictly needed for pure simulation, but if we want to re-use inputs in proving we need valid
-    // addresses
-    return simulation::compute_contract_address(instance);
-}
-
-// Creates a default transaction that the single app logic enqueued call can be inserted into
-Tx create_default_tx(const AztecAddress& contract_address,
-                     const AztecAddress& sender_address,
-                     const std::vector<FF>& calldata,
-                     [[maybe_unused]] const FF& transaction_fee,
-                     bool is_static_call,
-                     const Gas& gas_limit)
-{
-    return Tx{
-        .hash = TRANSACTION_HASH,
-        .gas_settings = GasSettings{
-            .gas_limits = gas_limit,
-            .max_fees_per_gas = GasFees{ .fee_per_da_gas = 10000, .fee_per_l2_gas = 10000 },
-        },
-        .effective_gas_fees = EFFECTIVE_GAS_FEES,
-        .non_revertible_accumulated_data = AccumulatedData{
-            .note_hashes = NON_REVERTIBLE_ACCUMULATED_DATA_NOTE_HASHES,
-            // This nullifier is needed to make the nonces for note hashes and expected by simulation_helper
-            .nullifiers = NON_REVERTIBLE_ACCUMULATED_DATA_NULLIFIERS,
-            .l2_to_l1_messages = NON_REVERTIBLE_ACCUMULATED_DATA_L2_TO_L1_MESSAGES,
-        },
-        .revertible_accumulated_data = AccumulatedData{
-            .note_hashes = REVERTIBLE_ACCUMULATED_DATA_NOTE_HASHES,
-            .nullifiers = REVERTIBLE_ACCUMULATED_DATA_NULLIFIERS,
-            .l2_to_l1_messages = REVERTIBLE_ACCUMULATED_DATA_L2_TO_L1_MESSAGES,
-        },
-        .setup_enqueued_calls = SETUP_ENQUEUED_CALLS,
-        .app_logic_enqueued_calls = {
-            PublicCallRequestWithCalldata{
-                .request = PublicCallRequest{
-                    .msg_sender = MSG_SENDER,
-                    .contract_address = contract_address,
-                    .is_static_call = is_static_call,
-                    .calldata_hash = 0,
-                },
-                .calldata = calldata,
-            },
-        },
-        .teardown_enqueued_call = TEARDOWN_ENQUEUED_CALLS,
-        .gas_used_by_private = GAS_USED_BY_PRIVATE,
-        .fee_payer = sender_address,
-    };
-}
-
-SimulatorResult fuzz(FuzzerData& fuzzer_data)
+SimulatorResult fuzz_against_ts_simulator(FuzzerData& fuzzer_data)
 {
     auto control_flow = ControlFlow(fuzzer_data.instruction_blocks);
     for (const auto& cfg_instruction : fuzzer_data.cfg_instructions) {
@@ -107,17 +27,12 @@ SimulatorResult fuzz(FuzzerData& fuzzer_data)
     SimulatorResult cpp_result;
 
     FuzzerWorldStateManager* ws_mgr = FuzzerWorldStateManager::getInstance();
-
-    // Create contract DB and populate with default class and instance
-    // todo(ilyas): extend to support multiple contracts via FuzzerData
-    FuzzerContractDB contract_db;
-    auto default_class = create_default_class(bytecode);
-    auto default_instance = create_default_instance(default_class.id);
-    auto contract_address = simulation::compute_contract_address(default_instance);
-    contract_db.add_contract_class(default_class.id, default_class);
-    contract_db.add_contract_instance(contract_address, default_instance);
-
-    ws_mgr->register_contract_address(contract_address);
+    ContractDBProxy* contract_db_proxy = ContractDBProxy::get_instance();
+    for (const auto& function : PREDEFINED_FUNCTIONS) {
+        ContractDBProxy::register_contract_from_bytecode(function);
+    }
+    auto contract_address = ContractDBProxy::register_contract_from_bytecode(bytecode);
+    FuzzerContractDB contract_db = *contract_db_proxy->get_contract_db();
 
     // Create the transaction
     auto tx = create_default_tx(
@@ -134,6 +49,8 @@ SimulatorResult fuzz(FuzzerData& fuzzer_data)
     ws_mgr->checkpoint();
     auto js_result = js_simulator->simulate(*ws_mgr, contract_db, tx);
 
+    ContractDBProxy::reset_instance();
+
     // If the results does not match
     if (!compare_simulator_results(cpp_result, js_result)) {
         fuzz_info("CppSimulator ", cpp_result);

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.hpp

@@ -7,7 +7,7 @@
 /// @param fuzzer_data the fuzzer data to use for fuzzing
 /// @returns the simulator result if the results are the same
 /// @throws an exception if the simulator results are different
-SimulatorResult fuzz(FuzzerData& fuzzer_data);
+SimulatorResult fuzz_against_ts_simulator(FuzzerData& fuzzer_data);
 
 // Helper functions to create default contract class, instance, and tx
 ContractClass create_default_class(const std::vector<uint8_t>& bytecode);