cachekit 0.6.0

High-performance cache primitives with pluggable eviction policies (LRU, LFU, FIFO, 2Q, Clock-PRO, S3-FIFO) and optional metrics.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458

# Adding New Fuzz Targets

This guide shows how to add new fuzz targets to CacheKit. Thanks to dynamic target discovery, **no CI/CD updates are required** when adding new targets.

## Quick Start

### 1. Create the Fuzz Target

Create a new file in `fuzz/fuzz_targets/`:

```rust
// fuzz/fuzz_targets/my_module_arbitrary_ops.rs
#![no_main]

use libfuzzer_sys::fuzz_target;
use libfuzzer_sys::arbitrary::Arbitrary;

#[derive(Debug, Arbitrary)]
enum Operation {
    Insert(u32, u32),
    Remove(u32),
    Get(u32),
    Clear,
}

fuzz_target!(|ops: Vec<Operation>| {
    let mut my_module = MyModule::new();

    for op in ops {
        match op {
            Operation::Insert(k, v) => { my_module.insert(k, v); }
            Operation::Remove(k) => { my_module.remove(&k); }
            Operation::Get(k) => { let _ = my_module.get(&k); }
            Operation::Clear => { my_module.clear(); }
        }
    }
});
```

### 2. Register in `fuzz/Cargo.toml`

Add a `[[bin]]` section:

```toml
[[bin]]
name = "my_module_arbitrary_ops"
path = "fuzz_targets/my_module_arbitrary_ops.rs"
test = false
doc = false
```

### 3. Test Locally

```bash
cd fuzz
cargo fuzz run my_module_arbitrary_ops -- -max_total_time=60
```

### 4. Commit and Push

```bash
git add fuzz/fuzz_targets/my_module_arbitrary_ops.rs fuzz/Cargo.toml
git commit -m "Add fuzz target for my_module"
git push
```

**That's it!** 🎉 The CI/CD pipeline will automatically:
- Discover your new target
- Run it in PR smoke tests (if named `*_arbitrary_ops`)
- Run it in nightly continuous fuzzing
- Manage its corpus
- Generate coverage reports

## Target Types

Follow this naming convention for optimal CI integration:

### 1. Arbitrary Operations (`*_arbitrary_ops.rs`)

**Purpose**: Test random operation sequences
**CI**: Runs in PR smoke tests (60s) + nightly deep fuzzing (1h)
**Recommended**: Always create this for new modules

```rust
#[derive(Debug, Arbitrary)]
enum Operation {
    // All public operations
}

fuzz_target!(|ops: Vec<Operation>| {
    // Execute operations
});
```

### 2. Stress Testing (`*_stress.rs`)

**Purpose**: Heavy load with reference implementation validation
**CI**: Runs in nightly deep fuzzing only (1h)
**Recommended**: For critical data structures

```rust
fuzz_target!(|data: (Vec<(u32, u32)>, Vec<u32>)| {
    let (inserts, removes) = data;

    // System under test
    let mut sut = MyModule::new();

    // Reference implementation
    let mut reference = std::collections::HashMap::new();

    // Validate equivalence
    for (k, v) in inserts {
        sut.insert(k, v);
        reference.insert(k, v);
    }

    for k in removes {
        assert_eq!(sut.remove(&k), reference.remove(&k));
    }
});
```

### 3. Property Tests (`*_property_tests.rs`)

**Purpose**: Test specific invariants and properties
**CI**: Runs in nightly deep fuzzing only (1h)
**Recommended**: For complex invariants

```rust
fuzz_target!(|ops: Vec<Operation>| {
    let mut module = MyModule::new();

    for op in ops {
        // Execute operation
        match op {
            // ...
        }

        // Validate invariants after each operation
        assert!(module.is_consistent());
        assert_eq!(module.len(), module.count());
        assert!(module.capacity() >= module.len());
    }
});
```

## Best Practices

### 1. Use Arbitrary Types

Leverage `libfuzzer_sys::arbitrary::Arbitrary` for input generation:

```rust
use libfuzzer_sys::arbitrary::Arbitrary;

#[derive(Debug, Arbitrary)]
enum Operation {
    Insert { key: u32, value: String },
    Remove { key: u32 },
}
```

### 2. Add Preconditions

Use early returns to skip invalid inputs:

```rust
fuzz_target!(|data: (usize, Vec<u32>)| {
    let (capacity, items) = data;

    // Skip unreasonable inputs
    if capacity == 0 || capacity > 10_000 {
        return;
    }

    // Test with valid inputs
    let mut module = MyModule::with_capacity(capacity);
    // ...
});
```

### 3. Validate Invariants

Check data structure invariants after operations:

```rust
fuzz_target!(|ops: Vec<Operation>| {
    let mut list = IntrusiveList::new();

    for op in ops {
        // Execute operation
        match op {
            Operation::PushFront(val) => {
                let id = list.push_front(val);

                // Validate invariants
                assert!(list.contains(id));
                assert_eq!(list.front(), Some(id));
                assert_eq!(list.len(), list.iter().count());
            }
            // ...
        }
    }
});
```

### 4. Use Reference Implementations

Compare against standard library types:

```rust
use std::collections::VecDeque;

fuzz_target!(|ops: Vec<Operation>| {
    let mut ghost = GhostList::new(100);
    let mut reference = VecDeque::new();

    for op in ops {
        match op {
            Operation::Record(key) => {
                ghost.record(key);
                reference.push_back(key);
                if reference.len() > 100 {
                    reference.pop_front();
                }
            }
            Operation::Contains(key) => {
                assert_eq!(ghost.contains(&key), reference.contains(&key));
            }
        }
    }
});
```

### 5. Limit Resource Usage

Prevent OOM and timeouts:

```rust
fuzz_target!(|ops: Vec<Operation>| {
    // Limit input size
    if ops.len() > 10_000 {
        return;
    }

    let mut module = MyModule::new();
    let mut item_count = 0;

    for op in ops {
        match op {
            Operation::Insert(k, v) => {
                // Limit total items
                if item_count >= 1_000 {
                    continue;
                }
                module.insert(k, v);
                item_count += 1;
            }
            // ...
        }
    }
});
```

### 6. Test Concurrency (Optional)

For thread-safe data structures:

```rust
use std::sync::Arc;
use std::thread;

fuzz_target!(|data: (Vec<Vec<Operation>>, u8)| {
    let (op_lists, num_threads) = data;
    let num_threads = (num_threads as usize % 8) + 1; // 1-8 threads

    let module = Arc::new(MyThreadSafeModule::new());
    let handles: Vec<_> = op_lists
        .into_iter()
        .take(num_threads)
        .map(|ops| {
            let module = Arc::clone(&module);
            thread::spawn(move || {
                for op in ops {
                    // Execute operations concurrently
                }
            })
        })
        .collect();

    for handle in handles {
        handle.join().unwrap();
    }
});
```

## Testing Your Fuzz Target

### Quick Test (60 seconds)

```bash
cd fuzz
cargo fuzz run my_module_arbitrary_ops -- -max_total_time=60
```

### Extended Test (1 hour)

```bash
cd fuzz
cargo fuzz run my_module_arbitrary_ops -- -max_total_time=3600
```

### With Multiple Jobs

```bash
cd fuzz
cargo fuzz run my_module_arbitrary_ops -- -workers=4
```

### Reproduce a Crash

```bash
cd fuzz
cargo fuzz run my_module_arbitrary_ops fuzz/artifacts/my_module_arbitrary_ops/crash-<hash>
```

## Documenting Your Fuzz Target

Add a section to `fuzz/README.md`:

```markdown
### MyModule (3 targets)

#### `my_module_arbitrary_ops`
Tests arbitrary sequences of insert, remove, get, and clear operations.

**Run**:
```bash
cd fuzz
cargo fuzz run my_module_arbitrary_ops
```

#### `my_module_stress`
Stress tests with heavy insertion/deletion and validates against HashMap.

**Run**:
```bash
cd fuzz
cargo fuzz run my_module_stress
```

#### `my_module_property_tests`
Tests specific invariants: length tracking, capacity bounds, etc.

**Run**:
```bash
cd fuzz
cargo fuzz run my_module_property_tests
```
```

## Troubleshooting

### Target Not Discovered

**Problem**: CI doesn't run your new target

**Solution**: Ensure it's registered in `fuzz/Cargo.toml`:
```toml
[[bin]]
name = "my_target"
path = "fuzz_targets/my_target.rs"
test = false
doc = false
```

Verify locally:
```bash
cd fuzz
cargo fuzz list | grep my_target
```

### Target Crashes Immediately

**Problem**: Fuzz target panics on all inputs

**Solution**: Add input validation and early returns:
```rust
fuzz_target!(|data: Vec<u32>| {
    if data.is_empty() || data.len() > 10_000 {
        return; // Skip invalid inputs
    }
    // ... rest of fuzzing logic
});
```

### Target Runs Forever

**Problem**: Operations are too slow or allocate too much

**Solution**: Add resource limits:
```rust
fuzz_target!(|ops: Vec<Operation>| {
    if ops.len() > 1_000 {
        return; // Limit operation count
    }

    let mut module = MyModule::new();
    let mut size = 0;

    for op in ops {
        if size > 10_000 {
            break; // Limit total size
        }
        // ... execute operation
    }
});
```

### Target Finds No Bugs

**Problem**: Fuzzer isn't exploring interesting inputs

**Solution**:
1. Add more diverse operations
2. Use structured input with `Arbitrary`
3. Add assertions for invariants
4. Check coverage with `cargo fuzz coverage`

## Examples

See existing fuzz targets for complete examples:

- **Simple**: `fuzz/fuzz_targets/fixed_history_arbitrary_ops.rs`
- **With Reference**: `fuzz/fuzz_targets/interner_stress.rs`
- **Property Testing**: `fuzz/fuzz_targets/lazy_heap_property_tests.rs`
- **Complex**: `fuzz/fuzz_targets/intrusive_list_arbitrary_ops.rs`

## CI/CD Integration

Your new fuzz target will automatically be:

- ✅ Discovered by `cargo fuzz list`
- ✅ Included in nightly continuous fuzzing (1 hour)
- ✅ Included in PR smoke tests if named `*_arbitrary_ops` (60 seconds)
- ✅ Given its own corpus (cached between runs)
- ✅ Monitored for crashes (auto-creates issues)
- ✅ Included in coverage reports

**No workflow file updates needed!**

## Resources

- [libFuzzer Documentation](https://llvm.org/docs/LibFuzzer.html)
- [cargo-fuzz Book](https://rust-fuzz.github.io/book/cargo-fuzz.html)
- [Arbitrary Trait Documentation](https://docs.rs/arbitrary/latest/arbitrary/)
- [Fuzzing CI/CD Guide](fuzzing-cicd.md)
- [Fuzz Targets Documentation](../../fuzz/README.md)