Merge pull request #2162 from fitzgen/wasm-smith-fuzzing

fitzgen · web-flow · commit 237a3ac7d9c4 · 2020-08-25T13:55:06.000-07:00
Add a fuzz target for instantiating `wasm-smith` modules
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -17,6 +17,7 @@ target-lexicon = "0.10"
 peepmatic-fuzzing = { path = "../cranelift/peepmatic/crates/fuzzing", optional = true }
 wasmtime = { path = "../crates/wasmtime" }
 wasmtime-fuzzing = { path = "../crates/fuzzing" }
+wasm-smith = "0.1.1"
 
 [[bin]]
 name = "compile"
@@ -100,3 +101,9 @@ required-features = ["peepmatic-fuzzing"]
 
 [features]
 binaryen = ["wasmtime-fuzzing/binaryen"]
+
+[[bin]]
+name = "instantiate-wasm-smith"
+path = "fuzz_targets/instantiate-wasm-smith.rs"
+test = false
+doc = false
diff --git a/fuzz/fuzz_targets/instantiate-wasm-smith.rs b/fuzz/fuzz_targets/instantiate-wasm-smith.rs
@@ -0,0 +1,13 @@
+#![no_main]
+
+use libfuzzer_sys::fuzz_target;
+use wasm_smith::Module;
+use wasmtime::Strategy;
+use wasmtime_fuzzing::oracles;
+
+fuzz_target!(|module: Module| {
+    let mut module = module;
+    module.ensure_termination(1000);
+    let wasm_bytes = module.to_bytes();
+    oracles::instantiate(&wasm_bytes, Strategy::Auto);
+});
