We are currently (bytecodealliance/wasmtime#3989) switching over to a
new register allocator in Cranelift/wasmtime. This PR switches our
fuzzing setup to start fuzzing the new allocator instead of the old one.
Our coverage build for Wasmtime has been broken for a bit so this is a
bit of a shot in the dark to try and fix that. The broken build comes
from OCaml sources not being available and I couldn't figure out how to
get the coverage to not ask for the OCaml sources so this attempts to
copy the OCaml sources to the output directory for the coverage code to
use. We're not really interested in the coverage of OCaml itself, but
this should hopefully serve to appease the coverage gods.
This commit takes an alternative approach to #7358 where instead of
specifically ignoring leaks we use a build of OCaml that doesn't have
the leak to begin with. It looks like the leak was introduced in the
4.12 -> 4.13 update (and Wasmtime is currently using the latest of
4.13). This should also help improve reproducibility by always using the
same OCaml version on oss-fuzz runs. We're mostly interested in fuzzing
Rust code, not OCaml code, so our goal is to just get a working OCaml
reference somehow.
This uses an OCaml backend and we're getting leak messages from OCaml
which we don't have control over so suppress them for now for this
specific fuzzer.
It looks like Wasmtime's fuzzers are failing to run due to them being to
large, so this is a quick band-aid fix to reduce the size of the
binaries. It looks like Rust's `cargo fuzz` tool by default links in
dead code for code coverage purposes (ish, I'm not 100% sure on this),
so the size of fuzzers are reduced by stripping dead code. In a local
build this reduces the size of Wasmtime's output directory from 6.8G to
3.4G and should buy us some time to implement deeper fixes (such as
having one shared library that all of the fuzzers call into instead of
duplicating statically-linked Wasmtime amongst all the fuzzer binaries).
* wasmtime: provide OCaml packages for build
In order to build the WebAssembly spec interpreter, these packages are needed.
* wasmtime: remove ocamlbuild as a dependency
The oss-fuzz-base image is using Ubuntu 16.04.7 and the `ocaml-nox` package at this version contains `ocamlbuild`.
In bytecodealliance/rfcs#10, we have outlined a process by which we're
switching to a new compiler backend by default. The first step in this
process is to switch our fuzzing targets to use the new backend and wait
for any issues.
This PR adds the Cargo feature that enables the new backend in all
fuzzing targets.
In [Wasmtime](https://github.com/bytecodealliance/wasmtime), we're
planning to transition eventually to a new x86 backend. We recently
added a fuzz target for this backend that differentially fuzzes against
a Wasm interpreter.
This PR adds the new backend's fuzz target and adds a contact (me) to
the notification list.
Wasmtime uses
[regalloc.rs](https://github.com/bytecodealliance/regalloc.rs), a
register allocator written in Rust that was developed for use in
Cranelift (but is also an independently-usable crate). While it will be
indirectly fuzzed by wasmtime itself once we start fuzzing the new
backends that use it, we should also fuzz it directly, since it exposes
targets just for this. The regalloc fuzzing makes use of a symbolic
checker as an oracle for allocation results, so should be relatively
high-quality. This PR enables the `bt` (backtracking) allocator's fuzz
target, as this is the default allocator.
* Add wasm-tools repository to wasmtime project
This commit expands the fuzzers run under the Wasmtime project to
include those in the https://github.com/bytecodealliance/wasm-tools
repository. This includes various parsing for utilities used by Wasmtime
itself but also generally useful for other Rust projects! The
maintainers of the wasm-tools repository are also all currently all on
the notification list for Wasmtime fuzz bugs as well.
* Load all corpuses from wasmtime-libfuzzer-corpus
* Simplify rust project setup.
- Add rust and cargo-fuzz in base builder.
- Set RUSTC_BOOSTRAP to make ASan available.
- Set RUSTFLAGS and C,CXXFLAGS properly.
I had used a site-specific alias for @tschneidereit in my last commit; he is unable to login to monorail with it. This corrects to an alias that should work. Apologies for the oversight.
This is an attempt to apply the suggestions from #3316 to the fuzzing
infrastructure for the `wasmtime` target. This will hopefully allow the
delivery of SIGSEGV and SIGILL signals to the `wasmtime` program itself.
These are expected signals when executing wasm code so we don't want the
fuzzer to treat all forms of the signal as a fatal error.
Following up on internal bytecodealliance/wasmtime discussion, this removes the security@bytecodealliance.org alias from the wasmtime notification list and adds @tschneidereit.
This commit does for Rust code what the `CFLAGS` are configured to do
for C++ code, which is to enable debuginfo (but line tables only) as
well as forcing frame pointer generation to all assist in generating
stack traces.
This is an attempt to fixup the errors found on #3292. Although I'm not
certain where the error was coming from this switches the Rust
installation to being in `PATH` by default so there's no need to
`source` any scripts to get access to the Rust compiler.
Alex Crichton