This repository has been archived by the owner on Mar 24, 2022. It is now read-only.
Add differential fuzzing between old and new Cranelift backends. #617
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cfallin
force-pushed
the
cfallin/fuzz-new-backend
branch
6 times, most recently
from
616d2e3
to
fb6912e
Compare
This PR adds a fuzz target runnable via `cargo-fuzz` (with `libFuzzer`) that builds an arbitrary Wasm module, produced by `wasm-smith`, with `lucetc` using both the old and new Cranelift x86-64 backends. It then instantiates both and invokes the start function in both, comparing the return values and heap contents after the call returns. The intent of this differential fuzzing is to validate that the new backend works as well as the old one for the purposes of Lucet. This change pulls in a new version of wasmtime and fixes a few small issues (panics that should be errors) that the fuzzing immediately discovered.
cfallin
force-pushed
the
cfallin/fuzz-new-backend
branch
from
fb6912e
to
8dc5036
Compare
|
Should be ready for review now (sorry for churn) -- verified that this is doing interesting things locally, with coverage across old/new backend. |
pchickey
approved these changes
Dec 17, 2020
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a fuzz target runnable via
cargo-fuzz(withlibFuzzer)that builds an arbitrary Wasm module, produced by
wasm-smith, withlucetcusing both the old and new Cranelift x86-64 backends. It theninstantiates both and invokes the start function in both, comparing the
global values and heap contents after the call returns.
The intent of this differential fuzzing is to validate that the new
backend works as well as the old one for the purposes of Lucet.
This change pulls in a new version of wasmtime and fixes a few small
issues (panics that should be errors) that the fuzzing immediately
discovered.