diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.cpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.cpp index 4ab5b2ce0a44..38b098d71fe8 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.cpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.cpp @@ -40,16 +40,20 @@ SimulatorResult fuzz_against_ts_simulator(FuzzerData& fuzzer_data, FuzzerContext FF fee_required_l2 = FF(tx.effective_gas_fees.fee_per_l2_gas) * FF(tx.gas_settings.gas_limits.l2_gas); ws_mgr->write_fee_payer_balance(tx.fee_payer, fee_required_da + fee_required_l2); + auto globals = create_default_globals(); + try { ws_mgr->checkpoint(); - cpp_result = cpp_simulator.simulate(*ws_mgr, contract_db, tx, /*public_data_writes=*/{}, /*note_hashes=*/{}); + cpp_result = + cpp_simulator.simulate(*ws_mgr, contract_db, tx, globals, /*public_data_writes=*/{}, /*note_hashes=*/{}); ws_mgr->revert(); } catch (const std::exception& e) { throw std::runtime_error(std::string("CppSimulator threw an exception: ") + e.what()); } ws_mgr->checkpoint(); - auto js_result = js_simulator->simulate(*ws_mgr, contract_db, tx, /*public_data_writes=*/{}, /*note_hashes=*/{}); + auto js_result = + js_simulator->simulate(*ws_mgr, contract_db, tx, globals, /*public_data_writes=*/{}, /*note_hashes=*/{}); context.reset(); diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.test.cpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.test.cpp index 6eb296962ba9..cab37e206251 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.test.cpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/fuzz.test.cpp @@ -63,8 +63,9 @@ class FuzzTest : public ::testing::Test { FF fee_required_l2 = FF(tx.effective_gas_fees.fee_per_l2_gas) * FF(tx.gas_settings.gas_limits.l2_gas); ws_mgr->write_fee_payer_balance(tx.fee_payer, fee_required_da + fee_required_l2); auto cpp_simulator = CppSimulator(); + auto globals = create_default_globals(); - auto result = cpp_simulator.simulate(*ws_mgr, contract_db, tx, {}, {}); + auto result = cpp_simulator.simulate(*ws_mgr, contract_db, tx, globals, /*public_data_writes=*/{}, {}); ws_mgr->revert(); diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.cpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.cpp index cb8386b8eb62..010aa2cc35d6 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.cpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.cpp @@ -81,6 +81,7 @@ SimulatorResult CppSimulator::simulate( fuzzer::FuzzerWorldStateManager& ws_mgr, fuzzer::FuzzerContractDB& contract_db, const Tx& tx, + const GlobalVariables& globals, [[maybe_unused]] const std::vector& public_data_writes, [[maybe_unused]] const std::vector& note_hashes) { @@ -97,8 +98,6 @@ SimulatorResult CppSimulator::simulate( ProtocolContracts protocol_contracts{}; - auto globals = create_default_globals(); - WorldState& ws = ws_mgr.get_world_state(); WorldStateRevision ws_rev = ws_mgr.get_current_revision(); @@ -156,11 +155,10 @@ SimulatorResult JsSimulator::simulate( [[maybe_unused]] fuzzer::FuzzerWorldStateManager& ws_mgr, fuzzer::FuzzerContractDB& contract_db, const Tx& tx, + const GlobalVariables& globals, const std::vector& public_data_writes, const std::vector& note_hashes) { - auto globals = create_default_globals(); - std::string serialized = serialize_simulation_request(tx, globals, contract_db, public_data_writes, note_hashes); // Send the request diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.hpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.hpp index 540fffcd6ee9..d9cd3c3bfd2e 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.hpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/simulator.hpp @@ -61,6 +61,7 @@ class Simulator { fuzzer::FuzzerWorldStateManager& ws_mgr, fuzzer::FuzzerContractDB& contract_db, const Tx& tx, + const GlobalVariables& globals, const std::vector& public_data_writes, const std::vector& note_hashes) = 0; }; @@ -71,6 +72,7 @@ class CppSimulator : public Simulator { SimulatorResult simulate(fuzzer::FuzzerWorldStateManager& ws_mgr, fuzzer::FuzzerContractDB& contract_db, const Tx& tx, + const GlobalVariables& globals, const std::vector& public_data_writes, const std::vector& note_hashes) override; }; @@ -97,6 +99,7 @@ class JsSimulator : public Simulator { SimulatorResult simulate(fuzzer::FuzzerWorldStateManager& ws_mgr, fuzzer::FuzzerContractDB& contract_db, const Tx& tx, + const GlobalVariables& globals, const std::vector& public_data_writes, const std::vector& note_hashes) override; }; @@ -111,5 +114,3 @@ Tx create_default_tx(const AztecAddress& contract_address, const Gas& gas_limit); bool compare_simulator_results(SimulatorResult& result1, SimulatorResult& result2); - -GlobalVariables create_default_globals(); diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.cpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.cpp index 35dc4cb8cc89..12d2d292d25e 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.cpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.cpp @@ -12,6 +12,8 @@ #include "barretenberg/avm_fuzzer/fuzz_lib/fuzz.hpp" #include "barretenberg/avm_fuzzer/fuzzer_comparison_helper.hpp" #include "barretenberg/avm_fuzzer/mutations/basic_types/field.hpp" +#include "barretenberg/avm_fuzzer/mutations/basic_types/uint64_t.hpp" +#include "barretenberg/avm_fuzzer/mutations/configuration.hpp" #include "barretenberg/avm_fuzzer/mutations/fuzzer_data.hpp" #include "barretenberg/avm_fuzzer/mutations/tx_data.hpp" #include "barretenberg/avm_fuzzer/mutations/tx_types/gas.hpp" @@ -83,8 +85,8 @@ SimulatorResult fuzz_tx(FuzzerWorldStateManager& ws_mgr, FuzzerContractDB& contr try { ws_mgr.checkpoint(); - cpp_result = - cpp_simulator.simulate(ws_mgr, contract_db, tx_data.tx, tx_data.public_data_writes, tx_data.note_hashes); + cpp_result = cpp_simulator.simulate( + ws_mgr, contract_db, tx_data.tx, tx_data.global_variables, tx_data.public_data_writes, tx_data.note_hashes); fuzz_info("CppSimulator completed without exception"); fuzz_info("CppSimulator result: ", cpp_result); ws_mgr.revert(); @@ -100,8 +102,8 @@ SimulatorResult fuzz_tx(FuzzerWorldStateManager& ws_mgr, FuzzerContractDB& contr } ws_mgr.checkpoint(); - auto js_result = - js_simulator->simulate(ws_mgr, contract_db, tx_data.tx, tx_data.public_data_writes, tx_data.note_hashes); + auto js_result = js_simulator->simulate( + ws_mgr, contract_db, tx_data.tx, tx_data.global_variables, tx_data.public_data_writes, tx_data.note_hashes); // If the results do not match if (!compare_simulator_results(cpp_result, js_result)) { @@ -363,8 +365,16 @@ size_t mutate_tx_data(FuzzerContext& context, case FuzzerTxDataMutationType::ContractInstanceMutation: mutate_contract_instances(tx_data.contract_instances, tx_data.contract_addresses, rng); break; - // case TxDataMutationType::GlobalVariablesMutation: - // break; + case FuzzerTxDataMutationType::GlobalVariablesMutation: + // This is just mutating the gas values and timestamp + mutate_uint64_t(tx_data.global_variables.timestamp, rng, BASIC_UINT64_T_MUTATION_CONFIGURATION); + mutate_gas_fees(tx_data.global_variables.gas_fees, rng); + // This must be less than or equal to the tx max fees per gas + tx_data.global_variables.gas_fees.fee_per_da_gas = std::min( + tx_data.global_variables.gas_fees.fee_per_da_gas, tx_data.tx.gas_settings.max_fees_per_gas.fee_per_da_gas); + tx_data.global_variables.gas_fees.fee_per_l2_gas = std::min( + tx_data.global_variables.gas_fees.fee_per_l2_gas, tx_data.tx.gas_settings.max_fees_per_gas.fee_per_l2_gas); + break; // case TxDataMutationType::ProtocolContractsMutation: // break; } diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.hpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.hpp index 08c6cf3abd16..f78e40e05bb7 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.hpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzzer_lib.hpp @@ -65,17 +65,18 @@ enum class FuzzerTxDataMutationType : uint8_t { BytecodeMutation, ContractClassMutation, ContractInstanceMutation, - // GlobalVariablesMutation, + GlobalVariablesMutation, // ProtocolContractsMutation }; -using FuzzerTxDataMutationConfig = WeightedSelectionConfig; +using FuzzerTxDataMutationConfig = WeightedSelectionConfig; constexpr FuzzerTxDataMutationConfig FUZZER_TX_DATA_MUTATION_CONFIGURATION = FuzzerTxDataMutationConfig({ { FuzzerTxDataMutationType::TxMutation, 10 }, { FuzzerTxDataMutationType::BytecodeMutation, 1 }, { FuzzerTxDataMutationType::ContractClassMutation, 1 }, { FuzzerTxDataMutationType::ContractInstanceMutation, 1 }, + { FuzzerTxDataMutationType::GlobalVariablesMutation, 4 }, }); // Build bytecode and contract artifacts from fuzzer data diff --git a/barretenberg/cpp/src/barretenberg/avm_fuzzer/mutations/bytecode.cpp b/barretenberg/cpp/src/barretenberg/avm_fuzzer/mutations/bytecode.cpp index 98b5e3c06c9e..9d1e413280a7 100644 --- a/barretenberg/cpp/src/barretenberg/avm_fuzzer/mutations/bytecode.cpp +++ b/barretenberg/cpp/src/barretenberg/avm_fuzzer/mutations/bytecode.cpp @@ -98,6 +98,7 @@ void mutate_bytecode(std::vector& contract_classes, FF delayed_public_mutable_slot = Poseidon2::hash({ FF(UPDATED_CLASS_IDS_SLOT), address }); // Build preimage + // todo(ilyas): make this somewhat random but also take into account the mutation on global variables.timestamp FF metadata = 0; // The lower 32 bits are the timestamp_of_change, we set to 0 so it has "taken effect" FF hash = Poseidon2::hash({ metadata, original_class_id, new_class_id });