Split our existing fuzz targets into separate generators and oracles
Part of #611
This commit is contained in:
Nick Fitzgerald
@@ -9,14 +9,10 @@ publish = false
|
||||
cargo-fuzz = true
|
||||
|
||||
[dependencies]
|
||||
wasmtime-environ = { path = "../crates/environ" }
|
||||
arbitrary = "0.2.0"
|
||||
wasmtime-fuzzing = { path = "../crates/fuzzing" }
|
||||
wasmtime-jit = { path = "../crates/jit" }
|
||||
cranelift-codegen = "0.50"
|
||||
cranelift-wasm = "0.50"
|
||||
cranelift-native = "0.50"
|
||||
libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git" }
|
||||
wasmparser = { version = "0.39.2", default-features = false, features = ["core"] }
|
||||
binaryen = "0.8.1"
|
||||
|
||||
# Prevent this from interfering with workspaces
|
||||
[workspace]
|
||||
|
||||
@@ -2,49 +2,15 @@
|
||||
|
||||
extern crate libfuzzer_sys;
|
||||
|
||||
use cranelift_codegen::settings;
|
||||
use libfuzzer_sys::fuzz_target;
|
||||
use std::cell::RefCell;
|
||||
use std::collections::HashMap;
|
||||
use std::rc::Rc;
|
||||
use wasmparser::validate;
|
||||
use wasmtime_jit::{CompilationStrategy, CompiledModule, Compiler, NullResolver};
|
||||
use wasmtime_fuzzing::oracles;
|
||||
use wasmtime_jit::CompilationStrategy;
|
||||
|
||||
fuzz_target!(|data: &[u8]| {
|
||||
if validate(data, None).is_err() {
|
||||
return;
|
||||
}
|
||||
let flag_builder = settings::builder();
|
||||
let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
|
||||
panic!("host machine is not a supported target");
|
||||
});
|
||||
let isa = isa_builder.finish(settings::Flags::new(flag_builder));
|
||||
let mut compiler = Compiler::new(isa, CompilationStrategy::Cranelift);
|
||||
let mut resolver = NullResolver {};
|
||||
let global_exports = Rc::new(RefCell::new(HashMap::new()));
|
||||
let _compiled =
|
||||
match CompiledModule::new(&mut compiler, data, &mut resolver, global_exports, false) {
|
||||
Ok(x) => x,
|
||||
Err(_) => return,
|
||||
};
|
||||
oracles::compile(data, CompilationStrategy::Cranelift);
|
||||
});
|
||||
|
||||
#[cfg(feature = "lightbeam")]
|
||||
fuzz_target!(|data: &[u8]| {
|
||||
if validate(data, None).is_err() {
|
||||
return;
|
||||
}
|
||||
let flag_builder = settings::builder();
|
||||
let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
|
||||
panic!("host machine is not a supported target");
|
||||
});
|
||||
let isa = isa_builder.finish(settings::Flags::new(flag_builder));
|
||||
let mut compiler = Compiler::new(isa, CompilationStrategy::Lightbeam);
|
||||
let mut resolver = NullResolver {};
|
||||
let global_exports = Rc::new(RefCell::new(HashMap::new()));
|
||||
let _compiled =
|
||||
match CompiledModule::new(&mut compiler, data, &mut resolver, global_exports, false) {
|
||||
Ok(x) => x,
|
||||
Err(_) => return,
|
||||
};
|
||||
oracles::compile(data, CompilationStrategy::Lightbeam);
|
||||
});
|
||||
|
||||
@@ -2,28 +2,10 @@
|
||||
|
||||
extern crate libfuzzer_sys;
|
||||
|
||||
use cranelift_codegen::settings;
|
||||
use libfuzzer_sys::fuzz_target;
|
||||
use wasmparser::validate;
|
||||
use wasmtime_jit::{instantiate, CompilationStrategy, Compiler, NullResolver};
|
||||
use wasmtime_fuzzing::oracles;
|
||||
use wasmtime_jit::{CompilationStrategy};
|
||||
|
||||
fuzz_target!(|data: &[u8]| {
|
||||
if validate(data, None).is_err() {
|
||||
return;
|
||||
}
|
||||
let flag_builder = settings::builder();
|
||||
let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
|
||||
panic!("host machine is not a supported target");
|
||||
});
|
||||
let isa = isa_builder.finish(settings::Flags::new(flag_builder));
|
||||
let mut compiler = Compiler::new(isa, CompilationStrategy::Auto);
|
||||
let mut imports_resolver = NullResolver {};
|
||||
let _instance = instantiate(
|
||||
&mut compiler,
|
||||
data,
|
||||
&mut imports_resolver,
|
||||
Default::default(),
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
oracles::instantiate(data, CompilationStrategy::Auto);
|
||||
});
|
||||
|
||||
@@ -2,26 +2,10 @@
|
||||
|
||||
extern crate libfuzzer_sys;
|
||||
|
||||
use cranelift_codegen::settings;
|
||||
use libfuzzer_sys::fuzz_target;
|
||||
use wasmtime_jit::{instantiate, CompilationStrategy, Compiler, NullResolver};
|
||||
use wasmtime_fuzzing::{generators, oracles};
|
||||
use wasmtime_jit::CompilationStrategy;
|
||||
|
||||
fuzz_target!(|data: &[u8]| {
|
||||
let binaryen_module = binaryen::tools::translate_to_fuzz_mvp(data);
|
||||
let wasm = binaryen_module.write();
|
||||
let flag_builder = settings::builder();
|
||||
let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
|
||||
panic!("host machine is not a supported target");
|
||||
});
|
||||
let isa = isa_builder.finish(settings::Flags::new(flag_builder));
|
||||
let mut compiler = Compiler::new(isa, CompilationStrategy::Auto);
|
||||
let mut imports_resolver = NullResolver {};
|
||||
let _instance = instantiate(
|
||||
&mut compiler,
|
||||
&wasm,
|
||||
&mut imports_resolver,
|
||||
Default::default(),
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
fuzz_target!(|data: generators::WasmOptTtf| {
|
||||
oracles::instantiate(&data.wasm, CompilationStrategy::Auto);
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user