T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove spec interpreter fuzz target temporarily (#3399)

Browse Source 
This commit removes the `differential_spec` fuzz target for now,
although this removal is intended to be temporary. We have #3251 to
track re-enabling the spec interpreter in a way that it won't time out,
and additionally the spec interpreter is also failing to build with
ocaml on oss-fuzz so that will also need to be investigated when
re-enabling.
This commit is contained in:
Alex Crichton
2021-09-30 13:09:19 -05:00
committed by GitHub
parent b695ca4f9c
commit 25d3fa4d7b
4 changed files with 6 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
crates/fuzzing/Cargo.toml
View File

@@ -32,7 +32,8 @@ rusty_v8 = "0.27"
[dev-dependencies] [dev-dependencies]
wat = "1.0.37" wat = "1.0.37"
# FIXME(#3251) should re-enable once spec interpreter won't time out
# We only build the library containing the OCaml spec interpreter if the OCaml # We only build the library containing the OCaml spec interpreter if the OCaml
# toolchain is available--which is assumed here to be the case when fuzzing. # toolchain is available--which is assumed here to be the case when fuzzing.
[target.'cfg(fuzzing)'.dependencies] # [target.'cfg(fuzzing)'.dependencies]
wasm-spec-interpreter = { path = "./wasm-spec-interpreter", features = ["build-libinterpret"] } # wasm-spec-interpreter = { path = "./wasm-spec-interpreter", features = ["build-libinterpret"] }

5
crates/fuzzing/wasm-spec-interpreter/src/lib.rs
View File

@@ -28,6 +28,7 @@ mod without_library;
#[cfg(not(feature = "has-libinterpret"))] #[cfg(not(feature = "has-libinterpret"))]
pub use without_library::*; pub use without_library::*;
// FIXME(#3251) should re-enable once spec interpreter won't time out
// If the user is fuzzing`, we expect the OCaml library to have been built. // If the user is fuzzing`, we expect the OCaml library to have been built.
#[cfg(all(fuzzing, not(feature = "has-libinterpret")))] // #[cfg(all(fuzzing, not(feature = "has-libinterpret")))]
compile_error!("The OCaml library was not built."); // compile_error!("The OCaml library was not built.");

6
fuzz/Cargo.toml
View File

@@ -52,12 +52,6 @@ path = "fuzz_targets/differential.rs"
test = false test = false
doc = false doc = false
[[bin]]
name = "differential_spec"
path = "fuzz_targets/differential_spec.rs"
test = false
doc = false
[[bin]] [[bin]]
name = "differential_wasmi" name = "differential_wasmi"
path = "fuzz_targets/differential_wasmi.rs" path = "fuzz_targets/differential_wasmi.rs"

31
fuzz/fuzz_targets/differential_spec.rs
View File

@@ -1,31 +0,0 @@
#![no_main]
use libfuzzer_sys::fuzz_target;
use std::sync::atomic::{AtomicUsize, Ordering::SeqCst};
use wasmtime_fuzzing::{generators, oracles};
// Keep track of how many WebAssembly modules we actually executed (i.e. ran to
// completion) versus how many were tried.
static TRIED: AtomicUsize = AtomicUsize::new(0);
static EXECUTED: AtomicUsize = AtomicUsize::new(0);
fuzz_target!(|data: (
generators::Config,
wasm_smith::ConfiguredModule<oracles::SingleFunctionModuleConfig<false, false>>
)| {
let (config, mut wasm) = data;
wasm.module.ensure_termination(1000);
let tried = TRIED.fetch_add(1, SeqCst);
let executed = match oracles::differential_spec_execution(&wasm.module.to_bytes(), &config) {
Some(_) => EXECUTED.fetch_add(1, SeqCst),
None => EXECUTED.load(SeqCst),
};
if tried > 0 && tried % 1000 == 0 {
println!(
"=== Execution rate ({} executed modules / {} tried modules): {}% ===",
executed,
tried,
executed as f64 / tried as f64 * 100f64
)
}
});