wazero icon indicating copy to clipboard operation
wazero copied to clipboard

Published 20 hours ago verified publisher icon tetratelabs

fuzz: implement random function body generator

Open mathetake opened this issue 2 years ago • 1 comments

This is the left TODO in #481. https://github.com/tetratelabs/wazero/blob/043f67ab8419d639a7911a3dbf4d57520de383d8/internal/modgen/modgen.go#L409

Generating the function body randomly is a bit trickier than others in the sense that function body is stateful -- this means that the set of usable opcodes at any point of generation vary depending on what's generated so far (the contents of value stacks, control blocks, existing functions, signatures, globals, etc), and only a subset of opcodes can be chosen to make the generated function valid.

Not only that, we should have an option like ensureTermination bool which makes it possible for functions to terminate execution in finite time so that we can fuzz not only the compiler but also the compiled machine code by actually running it (maybe exposing it in the start section)

mathetake avatar Apr 20 '22 05:04 mathetake

luckily we have function validation already implemented in Go https://github.com/tetratelabs/wazero/blob/main/internal/wasm/func_validation.go

so the impl would look like similar to the validation code so that the generated opcode should pass the validation :D

mathetake avatar Apr 20 '22 05:04 mathetake

superseded by https://github.com/tetratelabs/wazero-fuzz -- revive this issue once we prioritize the pure-Go fuzzing infra in wazero. Closing for now!

mathetake avatar Aug 30 '22 02:08 mathetake