Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial skeleton for fuzzing infrastructure #699

Merged
merged 18 commits into from
Jul 9, 2024

Conversation

saulecabrera
Copy link
Member

@saulecabrera saulecabrera commented Jul 8, 2024

This set of commits introduce the initial skeleton for Javy's fuzzing
infrastructure.

This commit focuses on the json-differential target, to check Javy's
SIMD-based, custom JSON.parse and JSON.stringify implementations.

The implementation aims to take full advantage of libfuzzer's coverage
capabilities and that's the reason why it uses the native version of
QuickJS instead of the Wasm version.

Checklist

  • I've updated the relevant CHANGELOG files if necessary. Changes to javy-cli and javy-core do not require updating CHANGELOG files.
  • I've updated the relevant crate versions if necessary. Versioning policy for library crates
  • I've updated documentation including crate documentation if necessary.

This commit introduces the initial skeleton for Javy's fuzzing
infrastructure.

This commit focuses on the `json-differential` target, to check Javy's
SIMD-based, custom `JSON.parse` and `JSON.stringify` implementations.

The implementation aims to take full advantage of libfuzzer's coverage
capabilities and that's the reason why it uses the native version of
QuickJS instead of the Wasm version.
@@ -9,6 +9,7 @@ members = [
"crates/test-macros",
"crates/config",
"crates/runner",
"fuzz",
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is intentional. Added it outside of the crates directory, given the infrastructure nature of this crate.

- uses: actions/checkout@v4
- name: Install nightly

run: rustup install nightly-2024-07-07
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pinning to the most recent nightly version, and the one that I used locally for testing.


run: rustup install nightly-2024-07-07
- name: Install cargo fuzz
run: cargo install cargo-fuzz --version=0.12.0
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here.

@saulecabrera saulecabrera requested a review from jeffcharles July 8, 2024 20:22
@saulecabrera
Copy link
Member Author

Decided to drop clippy lints for fuzz targets in 7d94ba8. Originally I wanted to use clippy + nightly to ensure that fuzz targets are linted correctly, but I was not able to figure out a clean way to have clippy only lint the package and not its dependencies. I don't want to spend too much cycles on this, we can revisit if we think that linting the fuzz targets is crucial. See rust-lang/rust-clippy#3837 (comment) for more details.

Copy link
Collaborator

@jeffcharles jeffcharles left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just have the one question but it's pretty minor

id: nightly_version
shell: bash
run: |
NIGHTLY_VERSION=$(cat pinned-nightly-version)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What was the reason for putting this and the cargo fuzz version in a file instead of using a top-level env for both? I don't see them referenced outside this file.

Copy link
Member Author

@saulecabrera saulecabrera Jul 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The reason is very subjective: I feel that's easier to update the version when it's defined at the root rather than having to modify the action itself.

@saulecabrera saulecabrera merged commit de8431f into bytecodealliance:main Jul 9, 2024
16 checks passed
@saulecabrera saulecabrera deleted the javy-fuzz branch July 9, 2024 15:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants