diff --git a/Cargo.lock b/Cargo.lock index b2acc2ea90..8460d91a26 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2296,9 +2296,9 @@ dependencies = [ [[package]] name = "wasm-smith" -version = "0.1.3" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "282c6162f6e30c663bf473bba323950eb494d7de1899e259024ffeb127cf5733" +checksum = "5ff896bbe4adf62d6a909708c34db3ad94ce2103daa9673f64fe15e60ba70dad" dependencies = [ "arbitrary", "leb128", diff --git a/crates/fuzzing/src/oracles.rs b/crates/fuzzing/src/oracles.rs index d9ce343391..7b321f0a47 100644 --- a/crates/fuzzing/src/oracles.rs +++ b/crates/fuzzing/src/oracles.rs @@ -16,6 +16,7 @@ use dummy::dummy_imports; use std::cell::Cell; use std::rc::Rc; use std::sync::atomic::{AtomicUsize, Ordering::SeqCst}; +use std::time::Duration; use wasmtime::*; use wasmtime_wast::WastContext; @@ -53,7 +54,7 @@ fn log_wat(wat: &str) { /// /// You can control which compiler is used via passing a `Strategy`. pub fn instantiate(wasm: &[u8], strategy: Strategy) { - instantiate_with_config(wasm, crate::fuzz_default_config(strategy).unwrap()); + instantiate_with_config(wasm, crate::fuzz_default_config(strategy).unwrap(), None); } /// Instantiate the Wasm buffer, and implicitly fail if we have an unexpected @@ -62,12 +63,21 @@ pub fn instantiate(wasm: &[u8], strategy: Strategy) { /// The engine will be configured using provided config. /// /// See also `instantiate` functions. -pub fn instantiate_with_config(wasm: &[u8], config: Config) { +pub fn instantiate_with_config(wasm: &[u8], mut config: Config, timeout: Option) { crate::init_fuzzing(); let engine = Engine::new(&config); let store = Store::new(&engine); + if let Some(timeout) = timeout { + config.interruptable(true); + let handle = store.interrupt_handle().unwrap(); + std::thread::spawn(move || { + std::thread::sleep(timeout); + handle.interrupt(); + }); + } + log_wasm(wasm); let module = match Module::new(&engine, wasm) { Ok(module) => module, diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml index 56d0123106..527e8f8aa1 100644 --- a/fuzz/Cargo.toml +++ b/fuzz/Cargo.toml @@ -17,7 +17,7 @@ target-lexicon = "0.10" peepmatic-fuzzing = { path = "../cranelift/peepmatic/crates/fuzzing", optional = true } wasmtime = { path = "../crates/wasmtime" } wasmtime-fuzzing = { path = "../crates/fuzzing" } -wasm-smith = "0.1.3" +wasm-smith = "0.1.5" [[bin]] name = "compile" diff --git a/fuzz/fuzz_targets/instantiate-maybe-invalid.rs b/fuzz/fuzz_targets/instantiate-maybe-invalid.rs new file mode 100644 index 0000000000..b85b57359c --- /dev/null +++ b/fuzz/fuzz_targets/instantiate-maybe-invalid.rs @@ -0,0 +1,15 @@ +#![no_main] + +use libfuzzer_sys::fuzz_target; +use std::time::Duration; +use wasm_smith::Module; +use wasmtime::Strategy; +use wasmtime_fuzzing::oracles; + +fuzz_target!(|module: MaybeInvalidModule| { + oracles::instantiate_with_config( + &module.to_bytes(), + wasmtime_fuzzing::fuzz_default_config(Strategy::Auto), + Some(Duration::from_secs(20)), + ); +}); diff --git a/tests/all/fuzzing.rs b/tests/all/fuzzing.rs index 8dbc845b58..9e71add575 100644 --- a/tests/all/fuzzing.rs +++ b/tests/all/fuzzing.rs @@ -26,5 +26,5 @@ fn instantiate_module_that_compiled_to_x64_has_register_32() { let mut config = Config::new(); config.debug_info(true); let data = wat::parse_str(include_str!("./fuzzing/issue694.wat")).unwrap(); - oracles::instantiate_with_config(&data, config); + oracles::instantiate_with_config(&data, config, None); }