Adjust fuzzing configs to match what's in QuickJS #836
Conversation
There was a problem hiding this comment.
Regarding the OOM -- I wonder if the usage of ManuallyDrop inside the runtime is at play here? Have you investigated removing its usage? What I'm getting at is that we never recycle objects that are no longer referenced inside the runtime since the context is behind a ManuallyDrop.
|
We never drop the runtime while fuzzing since they're inside mutable statics so the drops on the rquickjs runtime and context will never run during fuzzing anyway. I did try switching to building a new runtime every time and removing the manual drops and that seemed to slow down the memory growth but I was still seeing out of memory errors. |
|
Actually trying that again with this branch, I get a hard crash on |
Description of the change
Adding some parameters to the Javy library crate's
Configso we can set them to non-default values when fuzzing. Also updating the fuzzer to set those parameters. Also throwing any fuzzing inputs with more than 350{characters.Note that the fuzzer still crashes with out of memory errors with this change.
Why am I making this change?
We see out of memory errors when running the fuzzer continuously. This updates a few configs to match what's in QuickJS's fuzzer. I also don't try to run strings with more than 350
{characters because that trips the maximum stack size. We should consider investigating that further but I'd like to at least get the fuzzer running continuously.Checklist
javy-cliandjavy-plugindo not require updating CHANGELOG files.