Add fuzzing for the rust parser

This adds a fuzzing task for the rust parser. This is run as release to avoid various debug assertions in the project. I've had this running on my workstation and it hasn't found anything, but it is useful to keep in CI to catch regressions. I recongize that fuzzing adds extra time to the pipeline, so I did a few things to try and minimize the impact. * First, it is a seperate, parallel workflow. Since the main build and test is a debug build and fuzz is a release build there is very little wasted work in rebuilding. * Second, I added caches for both tasks. This should help keep build time town in general. * The time the fuzzing task will run is capped at 2 minutes. This is pretty short. This was picked to not be too much longer than previous runs. This is a bit of a trade off. The longer this value is, the better the coverage. Later I will take a look at having it excercise more parser configuration options to get better coverage. At first I just wanted to try and cover the default case well.
cooklang · Jan 31, 2024 · dd50c70 · dd50c70
1 parent 0402305
commit dd50c70
Show file tree

Hide file tree

Showing 7 changed files with 94 additions and 4 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -11,12 +11,41 @@ env:
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
-
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
+    - name: Setup cache
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.cargo/bin/
+          ~/.cargo/registry/index/
+          ~/.cargo/registry/cache/
+          ~/.cargo/git/db/
+          build-md/target/
+        key: ${{ runner.os }}-cargo-stable-${{ hashFiles('**/Cargo.lock') }}
     - name: Build
       run: cargo build --verbose
     - name: Run tests
       run: cargo test --verbose
+
+  fuzz:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup cache
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.cargo/bin/
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+            build-md/target/
+          key: ${{ runner.os }}-cargo-nightly-${{ hashFiles('**/Cargo.lock') }}
+      - name: Use nightly toolchain
+        run: rustup default nightly
+      - name: Install cargo fuzz
+        run: cargo install -f --locked cargo-fuzz
+      - name: Fuzz parser
+        run: cargo fuzz run --release fuzz_parser -- -max_total_time=120 -jobs=2
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 target/
 .DS_Store
 out/
+.idea
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -52,4 +52,4 @@ name = "convert"
 harness = false
 
 [workspace]
-members = [".", "playground", "bindings"]
+members = [".", "playground", "bindings", "fuzz"]
diff --git a/fuzz/.gitignore b/fuzz/.gitignore
@@ -0,0 +1,4 @@
+target
+corpus
+artifacts
+coverage
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -0,0 +1,21 @@
+[package]
+name = "cooklang-fuzz"
+version = "0.0.0"
+publish = false
+edition = "2021"
+
+[package.metadata]
+cargo-fuzz = true
+
+[dependencies]
+libfuzzer-sys = "0.4"
+
+[dependencies.cooklang]
+path = ".."
+
+[[bin]]
+name = "fuzz_parser"
+path = "fuzz_targets/fuzz_parser.rs"
+test = false
+doc = false
+bench = false
diff --git a/fuzz/fuzz_targets/fuzz_parser.rs b/fuzz/fuzz_targets/fuzz_parser.rs
@@ -0,0 +1,10 @@
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+
+use cooklang::{CooklangParser, Extensions, Converter};
+
+fuzz_target!(|contents: &str| {
+    let parser = CooklangParser::new(Extensions::all(), Converter::default());
+    let _ = parser.parse(&contents);
+});