fuzz all the things

Author: aapoalas

.github/workflows/fuzz.yml

@@ -0,0 +1,53 @@
+name: Smoke-Test Fuzz Targets
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+
+jobs:
+  fuzz:
+    runs-on: ${{ matrix.os }}
+
+    env:
+      # The version of `cargo-fuzz` to install and use.
+      CARGO_FUZZ_VERSION: 0.13.1
+
+      # The number of seconds to run the fuzz target. 300 seconds = 5 minutes.
+      FUZZ_TIME: 300
+
+      # Use address sanitizer in the fuzzing.
+      RUSTFLAGS: -Zsanitizer=address
+
+    strategy:
+      matrix:
+        os: ["ubuntu-24.04-arm", "ubuntu-latest"]
+        include:
+          - fuzz_target: ecmascript_atomics_api
+
+    steps:
+      - uses: actions/checkout@v4
+
+      # Install the nightly Rust channel.
+      - run: rustup toolchain install nightly
+      - run: rustup default nightly
+
+      # Install and cache `cargo-fuzz`.
+      - uses: actions/cache@v4
+        with:
+          path: ${{ runner.tool_cache }}/cargo-fuzz
+          key: cargo-fuzz-bin-${{ env.CARGO_FUZZ_VERSION }}
+      - run: echo "${{ runner.tool_cache }}/cargo-fuzz/bin" >> $GITHUB_PATH
+      - run: cargo install --root "${{ runner.tool_cache }}/cargo-fuzz" --version ${{ env.CARGO_FUZZ_VERSION }} cargo-fuzz --locked
+
+      # Build and then run the fuzz target.
+      - run: cargo fuzz build ${{ matrix.fuzz_target }}
+      - run: cargo fuzz run ${{ matrix.fuzz_target }} -- -max_total_time=${{ env.FUZZ_TIME }}
+
+      # Upload fuzzing artifacts on failure for post-mortem debugging.
+      - uses: actions/upload-artifact@v4
+        if: failure()
+        with:
+          name: fuzzing-artifacts-${{ matrix.fuzz_target }}-${{ github.sha }}
+          path: fuzz/artifacts

Cargo.lock

@@ -1,6 +1,6 @@
 [workspace]
 resolver = "2"
-members = ["ecmascript_atomics", "gen_copy"]
+members = ["ecmascript_atomics", "fuzz", "gen_copy"]
 
 [workspace.package]
 edition = "2024"

Cargo.toml

@@ -1,11 +1,14 @@
 [package]
 name = "ecmascript_atomics"
-repository = "https://github.com/trynova/nova/tree/main/ecmascript_atomics"
+repository = "https://github.com/trynova/ecmascript_atomics/tree/main/ecmascript_atomics"
 description = "ECMAScript and Java memory model racy atomics."
 version.workspace = true
 authors.workspace = true
 edition.workspace = true
 license.workspace = true
+readme.workspace = true
+keywords.workspace = true
+categories.workspace = true
 
 [lib]
 path = "lib.rs"

ecmascript_atomics/Cargo.toml

@@ -1681,6 +1681,14 @@ pub fn atomic_pause() {
     core::hint::spin_loop();
 }
 
+/// Size of a word (pointer) on this architecture.
+pub const WORD_SIZE: usize = size_of::<usize>();
+/// Number of words in a block (~cache line) on this architecture. Known to be
+/// 8 on all supported architectures.
+pub const WORDS_IN_BLOCK: usize = 8;
+/// Size of a block (~cache line) on this architecture in bytes.
+pub const BLOCK_SIZE: usize = WORD_SIZE * WORDS_IN_BLOCK;
+
 #[inline(always)]
 #[cfg(any(
     target_arch = "x86",

ecmascript_atomics/lib.rs

@@ -0,0 +1,4 @@
+target
+corpus
+artifacts
+coverage

fuzz/.gitignore

@@ -0,0 +1,24 @@
+[package]
+name = "ecmascript_atomics_fuzz"
+version = "0.0.0"
+publish = false
+edition = "2024"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+arbitrary = { version = "1.0", features = ["derive"] }
+ecmascript_atomics = { path = "../ecmascript_atomics" }
+libfuzzer-sys = "0.4"
+memmap2 = "0.9.8"
+proc-macro2 = "1.0"
+quote = "1.0"
+syn = { version = "2.0", features = ["full"] }
+
+[[bin]]
+name = "ecmascript_atomics_api"
+path = "fuzz_targets/ecmascript_atomics_api.rs"
+test = false
+doc = false
+bench = false