chore(fuzzing_avm): fuzzing avm build workflow (#19264)

defkit · web-flow · commit 481416650623 · 2025-12-29T13:27:50.000Z
For some reason worflow disappeared from https://github.com/AztecProtocol/aztec-packages/pull/19133/files
diff --git a/.github/workflows/fuzzing-docker-avm-build.yml b/.github/workflows/fuzzing-docker-avm-build.yml
@@ -0,0 +1,43 @@
+name: Build Fuzzing AVM Container
+
+on:
+  push:
+    branches:
+      - next
+  workflow_dispatch:
+    inputs:
+      commit:
+        description: "Git commit SHA to build (leave empty for latest)"
+        required: false
+        default: ""
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+
+      - name: Free up disk space on runner
+        uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be
+        with:
+          large-packages: false
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25
+        with:
+          context: container-builds/avm-fuzzing-container/src/
+          push: true
+          tags: |
+            ghcr.io/aztecprotocol/avm-fuzzing-container:latest
+            ghcr.io/aztecprotocol/avm-fuzzing-container:${{ github.sha }}
+          build-args: |
+            COMMIT=${{ github.event_name == 'workflow_dispatch' && github.event.inputs.commit || github.sha }}
diff --git a/container-builds/avm-fuzzing-container/run.sh b/container-builds/avm-fuzzing-container/run.sh
@@ -4,7 +4,7 @@ set -euo pipefail
 IFS=$'\n\t'
 
 timeout='2592000' # 1 month
-cpus='4'
+cpus='1'
 mem="8G"
 jobs_="$cpus"
 workers='1'
@@ -77,12 +77,9 @@ image_name=avm-tx-fuzzer
 
 # Get the directory where this script is located
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-# Get aztec-packages root (two levels up from container-builds/avm-fuzzing-container)
-REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
 
 echo "Building container image: $image_name"
-echo "Build context: $REPO_ROOT"
-docker build -t "$image_name":latest -f "$SCRIPT_DIR/src/Dockerfile" "$REPO_ROOT"
+docker build -t "$image_name":latest "$SCRIPT_DIR/src"
 
 mkdir -p crash-reports output corpus artifacts
 
diff --git a/container-builds/avm-fuzzing-container/src/Dockerfile b/container-builds/avm-fuzzing-container/src/Dockerfile
@@ -1,98 +1,45 @@
-# Multi-stage Dockerfile for AVM TX Fuzzer
+# AVM TX Fuzzer Container
 # Builds a container that can run the AVM transaction fuzzer
 #
-# Build from aztec-packages root:
-#   docker build -t avm-tx-fuzzer -f container-builds/avm-fuzzing-container/src/Dockerfile .
+# Build latest from 'next' branch:
+#   docker build -t avm-tx-fuzzer container-builds/avm-fuzzing-container/src/
+#
+# Build specific commit:
+#   docker build -t avm-tx-fuzzer --build-arg COMMIT=<sha> container-builds/avm-fuzzing-container/src/
 
-# =============================================================================
-# Stage 1: Build C++ fuzzer binary
-# =============================================================================
-FROM ubuntu:noble AS builder
+FROM aztecprotocol/build:3.0-amd64 AS builder
 
-# Install build dependencies and LLVM script requirements
-RUN apt-get update && apt-get install -y \
-    build-essential \
-    cmake \
-    ninja-build \
-    git \
-    curl \
-    wget \
-    libdw-dev \
-    binutils-dev \
-    libelf-dev \
-    libdwarf-dev \
-    lsb-release \
-    software-properties-common \
-    gnupg && \
-    apt-get -y autoremove && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+ARG COMMIT=""
 
-# Install clang-20 via LLVM script
-RUN wget https://apt.llvm.org/llvm.sh && \
-    chmod +x llvm.sh && \
-    ./llvm.sh 20 && \
-    rm llvm.sh
+# Install ldid (not included in build image, only in basebox)
+RUN curl -sL https://github.com/ProcursusTeam/ldid/releases/download/v2.1.5-procursus7/ldid_linux_x86_64 -o /usr/local/bin/ldid \
+    && chmod +x /usr/local/bin/ldid
 
-RUN useradd -m fuzzer -G sudo
-WORKDIR /home/fuzzer
+WORKDIR /root
 
-# Copy only the necessary directories from build context
-# barretenberg/cpp - the C++ source code
-COPY barretenberg/cpp ./aztec-packages/barretenberg/cpp/
+# Clone the repository
+RUN git clone https://github.com/AztecProtocol/aztec-packages.git --depth 1 --branch next && \
+    cd aztec-packages && \
+    if [ -n "$COMMIT" ]; then \
+        git fetch origin $COMMIT --depth 1; \
+        git checkout $COMMIT || exit 1; \
+    fi
 
-# Build the tx fuzzer only
-WORKDIR /home/fuzzer/aztec-packages/barretenberg/cpp
+WORKDIR /root/aztec-packages
 
-# Remove any local build directories that may have been copied
-RUN rm -rf build-* srs_db
+# Run bootstrap up to yarn-project (release-image needs docker which isn't available)
+RUN BOOTSTRAP_TO=yarn-project ./bootstrap.sh
 
+# Build the tx fuzzer
+WORKDIR /root/aztec-packages/barretenberg/cpp
 RUN cmake --preset fuzzing-avm
 RUN cmake --build build-fuzzing-avm --target avm_fuzzer_tx_fuzzer
 
 # =============================================================================
-# Stage 2: Build Node.js simulator
-# =============================================================================
-FROM ubuntu:noble AS simulator-builder
-
-# Install Node.js 22 and build dependencies for native modules
-RUN apt-get update && \
-    apt-get install -y curl git build-essential python3 parallel && \
-    curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
-    apt-get install -y nodejs && \
-    apt-get -y autoremove && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-# Enable corepack for yarn
-RUN corepack enable
-
-WORKDIR /home/fuzzer/aztec-packages
-
-# Copy yarn-project from build context (includes .yarnrc.yml and yarn.lock)
-COPY yarn-project ./yarn-project/
-
-# Copy barretenberg/ts (required as yarn workspace dependency via portal)
-COPY barretenberg/ts ./barretenberg/ts/
-
-# Copy noir packages (required as yarn workspace dependencies via portal/file)
-COPY noir/packages/acvm_js ./noir/packages/acvm_js/
-COPY noir/packages/types ./noir/packages/types/
-COPY noir/packages/noirc_abi ./noir/packages/noirc_abi/
-COPY noir/packages/noir_codegen ./noir/packages/noir_codegen/
-COPY noir/packages/noir_js ./noir/packages/noir_js/
-
-WORKDIR /home/fuzzer/aztec-packages/yarn-project
-
-# Install dependencies (but skip building - we'll use pre-built files from build context)
-RUN yarn install
-
-# =============================================================================
-# Stage 3: Runtime image
+# Runtime image
 # =============================================================================
 FROM ubuntu:noble AS runtime
 
-# Install runtime dependencies
 RUN apt-get update && apt-get install -y \
     libstdc++6 \
     libgcc-s1 \
@@ -104,47 +51,35 @@ RUN apt-get update && apt-get install -y \
     curl && \
     curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
     apt-get install -y nodejs && \
+    corepack enable && \
     apt-get -y autoremove && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 RUN useradd -m fuzzer -G sudo
 WORKDIR /home/fuzzer
 
-# Create directory structure that matches run_fuzzer.sh expectations
-# run_fuzzer.sh calculates paths relative to itself:
-#   SCRIPT_DIR = /home/fuzzer/aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer
-#   BARRETENBERG_ROOT = SCRIPT_DIR/../../../.. = /home/fuzzer/aztec-packages/barretenberg
-#   CPP_DIR = BARRETENBERG_ROOT/cpp
-#   BUILD_DIR = CPP_DIR/build-fuzzing-avm
-#   PROJECT_ROOT = BARRETENBERG_ROOT/.. = /home/fuzzer/aztec-packages
-#   AVM_SIMULATOR_BIN = PROJECT_ROOT/yarn-project/simulator/dest/public/fuzzing/avm_simulator_bin.js
-
-# Copy fuzzer binary to the expected location
-COPY --from=builder /home/fuzzer/aztec-packages/barretenberg/cpp/build-fuzzing-avm/bin/avm_fuzzer_tx_fuzzer \
+# Copy fuzzer binary
+COPY --from=builder /root/aztec-packages/barretenberg/cpp/build-fuzzing-avm/bin/avm_fuzzer_tx_fuzzer \
     ./aztec-packages/barretenberg/cpp/build-fuzzing-avm/bin/
 
-# Copy run_fuzzer.sh to its expected location
-COPY --from=builder /home/fuzzer/aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/run_fuzzer.sh \
+# Copy run_fuzzer.sh
+COPY --from=builder /root/aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/run_fuzzer.sh \
     ./aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/
 
-# Copy corpus
-COPY --from=builder /home/fuzzer/aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/corpus/ \
-    ./aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/corpus/
-
-# Copy entire yarn-project with built packages (includes all dest directories)
-COPY --from=simulator-builder /home/fuzzer/aztec-packages/yarn-project \
+# Copy yarn-project (fully built)
+COPY --from=builder /root/aztec-packages/yarn-project \
     ./aztec-packages/yarn-project/
 
-# Copy barretenberg/ts (needed for @aztec/bb.js symlink)
-COPY --from=simulator-builder /home/fuzzer/aztec-packages/barretenberg/ts \
+# Copy barretenberg/ts (for @aztec/bb.js)
+COPY --from=builder /root/aztec-packages/barretenberg/ts \
     ./aztec-packages/barretenberg/ts/
 
-# Copy noir packages (needed for portal symlinks)
-COPY --from=simulator-builder /home/fuzzer/aztec-packages/noir/packages \
+# Copy noir packages (for portal symlinks)
+COPY --from=builder /root/aztec-packages/noir/packages \
     ./aztec-packages/noir/packages/
 
-# Create directories for corpus, sync_corpus, and crashes
+# Create directories for corpus, crashes, etc.
 RUN mkdir -p aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/corpus/tx \
     aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/sync_corpus/tx \
     corpus output crash-reports artifacts
@@ -153,10 +88,9 @@ RUN mkdir -p aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/corpus/
 RUN chmod +x aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer/run_fuzzer.sh
 
 # Copy entrypoint script
-COPY container-builds/avm-fuzzing-container/src/entrypoint.sh .
+COPY entrypoint.sh .
 RUN chmod +x entrypoint.sh
 
-# Set working directory
 WORKDIR /home/fuzzer/aztec-packages/barretenberg/cpp/src/barretenberg/avm_fuzzer
 
 ENTRYPOINT ["/home/fuzzer/entrypoint.sh"]
diff --git a/container-builds/avm-fuzzing-container/src/entrypoint.sh b/container-builds/avm-fuzzing-container/src/entrypoint.sh
@@ -85,7 +85,7 @@ ln -sf "$CORPUS" "$FUZZER_CORPUS" 2>/dev/null || true
 
 # Build fuzzer arguments
 FUZZER_ARGS=(
-    -timeout=5
+    -timeout=1200
     -workers="$workers"
     -jobs="$jobs_"
     -entropic=1
