You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
Alex Crichton b759514124
Allow wasmtime/v8 to differ on errors slightly (#3348)
3 years ago
..
src Allow wasmtime/v8 to differ on errors slightly (#3348) 3 years ago
wasm-spec-interpreter Spec-interpreter fuzzing: check out `fuzzing` branch of our mirror. (#3222) 3 years ago
Cargo.toml Add differential fuzzing against V8 (#3264) 3 years ago
README.md Create a new `wasmtime-fuzzing` crate 5 years ago
build.rs Actually make spectest fuzzing deterministic 4 years ago

README.md

Fuzzing Infrastructure for Wasmtime

This crate provides test case generators and oracles for use with fuzzing.

These generators and oracles are generally independent of the fuzzing engine that might be using them and driving the whole fuzzing process (e.g. libFuzzer or AFL). As such, this crate does not contain any actual fuzz targets itself. Those are generally just a couple lines of glue code that plug raw input from (for example) libFuzzer into a generator, and then run one or more oracles on the generated test case.

If you're looking for the actual fuzz target definitions we currently have, they live in wasmtime/fuzz/fuzz_targets/* and are driven by cargo fuzz and libFuzzer.