wasmtime

T0b1/wasmtime

Fork 0

Commit Graph

Author	SHA1	Message	Date
Nick Fitzgerald	d5bdce99c7	Remove executable bit from Rust source files	2020-06-01 15:09:51 -07:00
Nick Fitzgerald	84c4d8cc6c	Remove always-on logging from fuzz targets (#878 ) Now that the `cargo fuzz` tooling is better, it is easier to reproduce failures, and we don't need to be super paranoid about logging here.	2020-01-30 23:46:50 +01:00
Nick Fitzgerald	0cde30197d	fuzzing: Add initial API call fuzzer We only generate valid sequences of API calls. To do this, we keep track of what objects we've already created in earlier API calls via the `Scope` struct. To generate even-more-pathological sequences of API calls, we use [swarm testing]: > In swarm testing, the usual practice of potentially including all features > in every test case is abandoned. Rather, a large “swarm” of randomly > generated configurations, each of which omits some features, is used, with > configurations receiving equal resources. [swarm testing]: https://www.cs.utah.edu/~regehr/papers/swarm12.pdf There are more public APIs and instance introspection APIs that we have than this fuzzer exercises right now. We will need a better generator of valid Wasm than `wasm-opt -ttf` to really get the most out of those currently-unexercised APIs, since the Wasm modules generated by `wasm-opt -ttf` don't import and export a huge variety of things.	2019-12-10 15:14:12 -08:00

Author

SHA1

Message

Date

Nick Fitzgerald

d5bdce99c7

Remove executable bit from Rust source files

2020-06-01 15:09:51 -07:00

Nick Fitzgerald

84c4d8cc6c

Remove always-on logging from fuzz targets (#878 )

Now that the `cargo fuzz` tooling is better, it is easier to reproduce failures,
and we don't need to be super paranoid about logging here.

2020-01-30 23:46:50 +01:00

Nick Fitzgerald

0cde30197d

fuzzing: Add initial API call fuzzer

We only generate *valid* sequences of API calls. To do this, we keep track of
what objects we've already created in earlier API calls via the `Scope` struct.

To generate even-more-pathological sequences of API calls, we use [swarm
testing]:

> In swarm testing, the usual practice of potentially including all features
> in every test case is abandoned. Rather, a large “swarm” of randomly
> generated configurations, each of which omits some features, is used, with
> configurations receiving equal resources.

[swarm testing]: https://www.cs.utah.edu/~regehr/papers/swarm12.pdf

There are more public APIs and instance introspection APIs that we have than
this fuzzer exercises right now. We will need a better generator of valid Wasm
than `wasm-opt -ttf` to really get the most out of those currently-unexercised
APIs, since the Wasm modules generated by `wasm-opt -ttf` don't import and
export a huge variety of things.

2019-12-10 15:14:12 -08:00

3 Commits