Merge cranelift/wasmtime fuzzing

.github/workflows/main.yml

@@ -107,6 +107,16 @@ jobs:
             | shuf \
             | head -n 100 \
             | xargs cargo fuzz run differential --release --debug-assertions
+    - run: |
+        find fuzz/corpus/reader_parse_test -type f \
+            | shuf \
+            | head -n 100 \
+            | xargs cargo fuzz run reader_parse_test --release --debug-assertions
+    - run: |
+        find fuzz/corpus/translate_module -type f \
+            | shuf \
+            | head -n 100 \
+            | xargs cargo fuzz run translate_module --release --debug-assertions
 
   # Install wasm32-unknown-emscripten target, and ensure `crates/wasi-common`
   # compiles to Emscripten.

Cargo.lock

@@ -420,6 +420,14 @@ dependencies = [
  "target-lexicon",
 ]
 
+[[package]]
+name = "cranelift-reader"
+version = "0.59.0"
+dependencies = [
+ "cranelift-codegen",
+ "target-lexicon",
+]
+
 [[package]]
 name = "cranelift-wasm"
 version = "0.59.0"
@@ -2114,7 +2122,11 @@ name = "wasmtime-fuzz"
 version = "0.12.0"
 dependencies = [
  "arbitrary 0.2.0",
+ "cranelift-codegen",
+ "cranelift-reader",
+ "cranelift-wasm",
  "libfuzzer-sys",
+ "target-lexicon",
  "wasmtime",
  "wasmtime-fuzzing",
 ]

cranelift/.github/workflows/main.yml

@@ -14,17 +14,6 @@ jobs:
     - run: find ./target/doc -maxdepth 1 -type d -name "cranelift*" | xargs -I{} cargo deadlinks --dir {}
       name: Run cargo-deadlinks
 
-    # Ensure fuzzer works by running it with a single input
-    - run: cargo install cargo-fuzz
-      if: matrix.rust == 'nightly'
-    - run: |
-        fuzz_module="ffaefab69523eb11935a9b420d58826c8ea65c4c"
-        cargo fuzz run fuzz_translate_module fuzz/corpus/fuzz_translate_module/$fuzz_module
-      env:
-        RUST_BACKTRACE: 1
-      if: matrix.rust == 'nightly'
-      continue-on-error: true
-
   meta_determinist_check:
     name: Meta deterministic check
     runs-on: ubuntu-latest

cranelift/fuzz/Cargo.toml

@@ -1,30 +0,0 @@
-[package]
-name = "clif-wasm-fuzz"
-version = "0.0.1"
-authors = ["foote@fastly.com"]
-publish = false
-edition = "2018"
-
-[package.metadata]
-cargo-fuzz = true
-
-[dependencies]
-cargo-fuzz = "*"
-binaryen = { git = "https://github.com/pepyakin/binaryen-rs.git" }
-libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git" }
-cranelift-codegen = { path = "../codegen" }
-cranelift-wasm = { path = "../wasm" }
-cranelift-reader = { path = "../reader" }
-target-lexicon = "0.10"
-
-# Prevent this from interfering with workspaces
-[workspace]
-members = ["."]
-
-[[bin]]
-name = "fuzz_translate_module"
-path = "fuzz_translate_module.rs"
-
-[[bin]]
-name = "fuzz_reader_parse_test"
-path = "fuzz_reader_parse_test.rs"

cranelift/fuzz/fuzz_translate_module.rs

@@ -1,25 +0,0 @@
-#![no_main]
-
-#[macro_use]
-extern crate libfuzzer_sys;
-extern crate binaryen;
-extern crate cranelift_codegen;
-extern crate cranelift_wasm;
-#[macro_use]
-extern crate target_lexicon;
-
-use cranelift_codegen::{isa, settings};
-use cranelift_wasm::{translate_module, DummyEnvironment, ReturnMode};
-use std::str::FromStr;
-
-fuzz_target!(|data: &[u8]| {
-    let binaryen_module = binaryen::tools::translate_to_fuzz_mvp(data);
-
-    let wasm = binaryen_module.write();
-
-    let flags = settings::Flags::new(settings::builder());
-    let triple = triple!("x86_64");
-    let isa = isa::lookup(triple).unwrap().finish(flags);
-    let mut dummy_environ = DummyEnvironment::new(isa.frontend_config(), ReturnMode::NormalReturns, false);
-    translate_module(&wasm, &mut dummy_environ).unwrap();
-});

fuzz/Cargo.toml

@@ -10,9 +10,13 @@ cargo-fuzz = true
 
 [dependencies]
 arbitrary = "0.2.0"
-wasmtime-fuzzing = { path = "../crates/fuzzing" }
-wasmtime = { path = "../crates/api" }
+cranelift-codegen = { path = "../cranelift/codegen" }
+cranelift-reader = { path = "../cranelift/reader" }
+cranelift-wasm = { path = "../cranelift/wasm" }
 libfuzzer-sys = "0.2.1"
+target-lexicon = "0.10"
+wasmtime = { path = "../crates/api" }
+wasmtime-fuzzing = { path = "../crates/fuzzing" }
 
 [[bin]]
 name = "compile"
@@ -43,3 +47,15 @@ name = "differential"
 path = "fuzz_targets/differential.rs"
 test = false
 doc = false
+
+[[bin]]
+name = "translate_module"
+path = "fuzz_targets/translate_module.rs"
+test = false
+doc = false
+
+[[bin]]
+name = "reader_parse_test"
+path = "fuzz_targets/reader_parse_test.rs"
+test = false
+doc = false

fuzz/fuzz_targets/reader_parse_test.rs

@@ -1,7 +1,7 @@
 #![no_main]
-#[macro_use]
-extern crate libfuzzer_sys;
-extern crate cranelift_reader;
+
+use libfuzzer_sys::fuzz_target;
+
 use std::str;
 
 fuzz_target!(|data: &[u8]| {

fuzz/fuzz_targets/translate_module.rs

@@ -0,0 +1,17 @@
+#![no_main]
+
+use cranelift_codegen::{isa, settings};
+use cranelift_wasm::{translate_module, DummyEnvironment, ReturnMode};
+use libfuzzer_sys::fuzz_target;
+use std::str::FromStr;
+use target_lexicon::triple;
+use wasmtime_fuzzing::generators;
+
+fuzz_target!(|data: generators::WasmOptTtf| {
+    let flags = settings::Flags::new(settings::builder());
+    let triple = triple!("x86_64");
+    let isa = isa::lookup(triple).unwrap().finish(flags);
+    let mut dummy_environ =
+        DummyEnvironment::new(isa.frontend_config(), ReturnMode::NormalReturns, false);
+    translate_module(&data.wasm, &mut dummy_environ).unwrap();
+});