1 //! Fuzzing infrastructure for Wasmtime. 2 3 #![deny(missing_docs, missing_debug_implementations)] 4 5 pub mod generators; 6 pub mod oracles; 7 8 /// One time start up initialization for fuzzing: 9 /// 10 /// * Enables `env_logger`. 11 /// 12 /// * Restricts `rayon` to a single thread in its thread pool, for more 13 /// deterministic executions. 14 /// 15 /// If a fuzz target is taking raw input bytes from the fuzzer, it is fine to 16 /// call this function in the fuzz target's oracle or in the fuzz target 17 /// itself. However, if the fuzz target takes an `Arbitrary` type, and the 18 /// `Arbitrary` implementation is not derived and does interesting things, then 19 /// the `Arbitrary` implementation should call this function, since it runs 20 /// before the fuzz target itself. 21 pub(crate) fn init_fuzzing() { 22 static INIT: std::sync::Once = std::sync::Once::new(); 23 24 INIT.call_once(|| { 25 let _ = env_logger::try_init(); 26 27 let _ = rayon::ThreadPoolBuilder::new() 28 .num_threads(1) 29 .build_global(); 30 }) 31 } 32 33 /// Create default fuzzing config with given strategy 34 pub fn fuzz_default_config(strategy: wasmtime::Strategy) -> anyhow::Result<wasmtime::Config> { 35 init_fuzzing(); 36 let mut config = wasmtime::Config::new(); 37 config 38 .cranelift_nan_canonicalization(true) 39 .wasm_bulk_memory(true) 40 .wasm_reference_types(true) 41 .wasm_module_linking(true) 42 .wasm_multi_memory(true) 43 .wasm_simd(true) 44 .strategy(strategy)?; 45 Ok(config) 46 } 47