Use wasm-smith to canonicalize NaN in differential fuzzing (#3195)

* Update wasm-smith to 0.7.0

* Canonicalize NaN with wasm-smith for differential fuzzing

This then also enables floating point executing in wasmi in addition to
the spec interpreter. With NaN canonicalization at the wasm level this
means that we should be producing deterministic results between Wasmtime
and these alternative implementations.

fuzz/Cargo.toml

@@ -20,7 +20,7 @@ target-lexicon = "0.12"
 peepmatic-fuzzing = { path = "../cranelift/peepmatic/crates/fuzzing", optional = true }
 wasmtime = { path = "../crates/wasmtime" }
 wasmtime-fuzzing = { path = "../crates/fuzzing" }
-wasm-smith = "0.6.0"
+wasm-smith = "0.7.0"
 
 [features]
 # Leave a stub feature with no side-effects in place for now: the OSS-Fuzz

fuzz/fuzz_targets/differential.rs

@@ -9,6 +9,6 @@ fuzz_target!(|data: (
     generators::GeneratedModule,
 )| {
     let (lhs, rhs, mut wasm) = data;
-    wasm.ensure_termination(1000);
+    wasm.module.ensure_termination(1000);
     oracles::differential_execution(&wasm, &[lhs, rhs]);
 });

fuzz/fuzz_targets/differential_spec.rs

@@ -14,9 +14,9 @@ fuzz_target!(|data: (
     wasm_smith::ConfiguredModule<oracles::SingleFunctionModuleConfig>
 )| {
     let (config, mut wasm) = data;
-    wasm.ensure_termination(1000);
+    wasm.module.ensure_termination(1000);
     let tried = TRIED.fetch_add(1, SeqCst);
-    let executed = match oracles::differential_spec_execution(&wasm.to_bytes(), &config) {
+    let executed = match oracles::differential_spec_execution(&wasm.module.to_bytes(), &config) {
         Some(_) => EXECUTED.fetch_add(1, SeqCst),
         None => EXECUTED.load(SeqCst),
     };

fuzz/fuzz_targets/differential_wasmi.rs

@@ -8,6 +8,6 @@ fuzz_target!(|data: (
     wasm_smith::ConfiguredModule<oracles::SingleFunctionModuleConfig>
 )| {
     let (config, mut wasm) = data;
-    wasm.ensure_termination(1000);
-    oracles::differential_wasmi_execution(&wasm.to_bytes()[..], &config);
+    wasm.module.ensure_termination(1000);
+    oracles::differential_wasmi_execution(&wasm.module.to_bytes(), &config);
 });

fuzz/fuzz_targets/instantiate-swarm.rs

@@ -3,7 +3,7 @@
 use libfuzzer_sys::arbitrary::{Result, Unstructured};
 use libfuzzer_sys::fuzz_target;
 use std::time::Duration;
-use wasm_smith::{ConfiguredModule, SwarmConfig};
+use wasm_smith::{Module, SwarmConfig};
 use wasmtime::Strategy;
 use wasmtime_fuzzing::oracles::{self, Timeout};
 
@@ -30,7 +30,7 @@ fn run(data: &[u8]) -> Result<()> {
     config.memory64_enabled = u.arbitrary()?;
     // Don't generate modules that allocate more than 6GB
     config.max_memory_pages = 6 << 30;
-    let module = ConfiguredModule::new(config.clone(), &mut u)?;
+    let module = Module::new(config.clone(), &mut u)?;
 
     let mut cfg = wasmtime_fuzzing::fuzz_default_config(Strategy::Auto).unwrap();
     cfg.wasm_multi_memory(config.max_memories > 1);

fuzz/fuzz_targets/instantiate-wasm-smith.rs

@@ -6,7 +6,7 @@ use wasmtime_fuzzing::{generators::GeneratedModule, oracles};
 
 fuzz_target!(|module: GeneratedModule| {
     let mut module = module;
-    module.ensure_termination(1000);
-    let wasm_bytes = module.to_bytes();
+    module.module.ensure_termination(1000);
+    let wasm_bytes = module.module.to_bytes();
     oracles::instantiate(&wasm_bytes, true, Strategy::Auto);
 });