fuzz/README.md: fuzzing explicitly requires nightly now

While we've moving (almost) everything stable by default now, fuzzing still requires nightly. Since stable is now the default we need to add "+nightly" to various fuzzing commands.
2026-01-06 21:34:00 -05:00 · 2025-04-14 16:10:28 -04:00
parent 0a240bea37
commit be2ced6543
2 changed files with 16 additions and 11 deletions
--- a/doc/src/dev/contrib/contrib.md
+++ b/doc/src/dev/contrib/contrib.md
@@ -79,16 +79,16 @@ Run the following from the DarkFi repo folder:

 ```
 $ cd fuzz/
-$ cargo fuzz list
+$ cargo +nightly fuzz list
 ```

 This will list the available fuzzing targets. Choose one and run it with:

 ### Run
 ```
-# format: cargo fuzz run TARGET
+# format: cargo +nightly fuzz run TARGET
 # e.g. if `serial` is your target:
-$ cargo fuzz run --all-features -s none --jobs $(nproc) serial 
+$ cargo +nightly fuzz run --all-features -s none --jobs $(nproc) serial 
 ```

 This process will run infinitely until a crash occurs or until it is cancelled by the user.
--- a/fuzz/README.md
+++ b/fuzz/README.md
@@ -11,14 +11,19 @@ tool `honggfuzz` and its related files are located in `fuzz/honggfuzz`.
 cargo install cargo-fuzz
 ```

+You will also need Rust's nightly toolchain installed.
+```sh
+rustup toolchain install nightly
+```
+
 ## Usage
 ```sh
 # List available targets
-$ cargo fuzz list
+$ cargo +nightly fuzz list
 # Run fuzzer on a target
-# format: cargo fuzz run TARGET
+# format: cargo +nightly fuzz run TARGET
 # e.g. if `serial` is your target:
-$ cargo fuzz run serial 
+$ cargo +nightly fuzz run serial
 ```

 This process will run infinitely until a crash occurs or until it is cancelled by the user.
@@ -55,7 +60,7 @@ We store dictionaries in the `dictionaries/` directory.
 A more efficient way to fuzz safe Rust code is the following:

 ```sh
-cargo fuzz run --jobs $(nproc) -s none --all-features TARGET -- -dict=dictionaries/SOMEDICT.dict
+cargo +nightly fuzz run --jobs $(nproc) -s none --all-features TARGET -- -dict=dictionaries/SOMEDICT.dict
 ```

 ## Fuzzing Corpora 
@@ -82,8 +87,8 @@ easier to share corpora between libfuzzer and honggfuzz.)
 e.g. scenario: while testing ZkBinary's decode() function, you find
 that an empty input causes a panic.

-* Identify your fuzz target (`cargo fuzz list` or whatever you used
-for `cargo fuzz run TARGET`
+* Identify your fuzz target (`cargo +nightly fuzz list` or whatever
+you used for `cargo +nightly fuzz run TARGET`)
 * Examine the fuzzing artifacts: `ls artifacts/TARGET/`
 * `cat` the file and check that it matches the error message from
 the fuzzer. The filename's prefix will match the kind of error
@@ -124,7 +129,7 @@ It is possible to increase the amount of memory libFuzzer is allowed to use by p
 to it via libFuzzer like so:

 ```sh
-cargo fuzz run --all-features zkas-decoder -- "-rss_limit_mb=4096"
+cargo +nightly fuzz run --all-features zkas-decoder -- "-rss_limit_mb=4096"
 ```

 To disable memory limits entirely, pass the argument:
@@ -165,7 +170,7 @@ rustup component add llvm-tools-preview

 # Generate coverage files. Run this from fuzz/
 # This step will be faster if you minimize the corpus first.
-cargo fuzz coverage zkas-compile
+cargo +nightly fuzz coverage zkas-compile

 # Manually create a .profdata file. (One is generated by the above command, but it appears to be broken)
 llvm-profdata merge -sparse coverage/zkas-compile/raw/* -o zkas-compile.profdata