Split our existing fuzz targets into separate generators and oracles

Part of #611
2019-11-21 14:40:25 -08:00
parent 9658d33b5c
commit 58ba066758
8 changed files with 116 additions and 85 deletions
--- a/fuzz/fuzz_targets/compile.rs
+++ b/fuzz/fuzz_targets/compile.rs
@@ -2,49 +2,15 @@

 extern crate libfuzzer_sys;

-use cranelift_codegen::settings;
 use libfuzzer_sys::fuzz_target;
-use std::cell::RefCell;
-use std::collections::HashMap;
-use std::rc::Rc;
-use wasmparser::validate;
-use wasmtime_jit::{CompilationStrategy, CompiledModule, Compiler, NullResolver};
+use wasmtime_fuzzing::oracles;
+use wasmtime_jit::CompilationStrategy;

 fuzz_target!(|data: &[u8]| {
-    if validate(data, None).is_err() {
-        return;
-    }
-    let flag_builder = settings::builder();
-    let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
-        panic!("host machine is not a supported target");
-    });
-    let isa = isa_builder.finish(settings::Flags::new(flag_builder));
-    let mut compiler = Compiler::new(isa, CompilationStrategy::Cranelift);
-    let mut resolver = NullResolver {};
-    let global_exports = Rc::new(RefCell::new(HashMap::new()));
-    let _compiled =
-        match CompiledModule::new(&mut compiler, data, &mut resolver, global_exports, false) {
-            Ok(x) => x,
-            Err(_) => return,
-        };
+    oracles::compile(data, CompilationStrategy::Cranelift);
 });

 #[cfg(feature = "lightbeam")]
 fuzz_target!(|data: &[u8]| {
-    if validate(data, None).is_err() {
-        return;
-    }
-    let flag_builder = settings::builder();
-    let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
-        panic!("host machine is not a supported target");
-    });
-    let isa = isa_builder.finish(settings::Flags::new(flag_builder));
-    let mut compiler = Compiler::new(isa, CompilationStrategy::Lightbeam);
-    let mut resolver = NullResolver {};
-    let global_exports = Rc::new(RefCell::new(HashMap::new()));
-    let _compiled =
-        match CompiledModule::new(&mut compiler, data, &mut resolver, global_exports, false) {
-            Ok(x) => x,
-            Err(_) => return,
-        };
+    oracles::compile(data, CompilationStrategy::Lightbeam);
 });
--- a/fuzz/fuzz_targets/instantiate.rs
+++ b/fuzz/fuzz_targets/instantiate.rs
@@ -2,28 +2,10 @@

 extern crate libfuzzer_sys;

-use cranelift_codegen::settings;
 use libfuzzer_sys::fuzz_target;
-use wasmparser::validate;
-use wasmtime_jit::{instantiate, CompilationStrategy, Compiler, NullResolver};
+use wasmtime_fuzzing::oracles;
+use wasmtime_jit::{CompilationStrategy};

 fuzz_target!(|data: &[u8]| {
-    if validate(data, None).is_err() {
-        return;
-    }
-    let flag_builder = settings::builder();
-    let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
-        panic!("host machine is not a supported target");
-    });
-    let isa = isa_builder.finish(settings::Flags::new(flag_builder));
-    let mut compiler = Compiler::new(isa, CompilationStrategy::Auto);
-    let mut imports_resolver = NullResolver {};
-    let _instance = instantiate(
-        &mut compiler,
-        data,
-        &mut imports_resolver,
-        Default::default(),
-        true,
-    )
-    .unwrap();
+    oracles::instantiate(data, CompilationStrategy::Auto);
 });
--- a/fuzz/fuzz_targets/instantiate_translated.rs
+++ b/fuzz/fuzz_targets/instantiate_translated.rs
@@ -2,26 +2,10 @@

 extern crate libfuzzer_sys;

-use cranelift_codegen::settings;
 use libfuzzer_sys::fuzz_target;
-use wasmtime_jit::{instantiate, CompilationStrategy, Compiler, NullResolver};
+use wasmtime_fuzzing::{generators, oracles};
+use wasmtime_jit::CompilationStrategy;

-fuzz_target!(|data: &[u8]| {
-    let binaryen_module = binaryen::tools::translate_to_fuzz_mvp(data);
-    let wasm = binaryen_module.write();
-    let flag_builder = settings::builder();
-    let isa_builder = cranelift_native::builder().unwrap_or_else(|_| {
-        panic!("host machine is not a supported target");
-    });
-    let isa = isa_builder.finish(settings::Flags::new(flag_builder));
-    let mut compiler = Compiler::new(isa, CompilationStrategy::Auto);
-    let mut imports_resolver = NullResolver {};
-    let _instance = instantiate(
-        &mut compiler,
-        &wasm,
-        &mut imports_resolver,
-        Default::default(),
-        true,
-    )
-    .unwrap();
+fuzz_target!(|data: generators::WasmOptTtf| {
+    oracles::instantiate(&data.wasm, CompilationStrategy::Auto);
 });